pablovarela / terraform-provider-slack Goto Github PK

Describe the bug
Hello, when trying to create a Slack channel with adopt_existing_channel = true
the code fail if a channel already exist and is archived

I believe it's because of this line
Introduce in this pull request

If you can just confirm my understanding is correct, I will happily provide a pr to fix the issue

ps: I think the code is clear enough to not provide reproduce steps, but if you disagree I can provide some code

I am using terraform to create and archive channels via terraform. If the channel does not initially exist, it is created via terraform on 'apply', and when 'destroy' is called the channel is archived.

However, when I try to 'apply' the terraform again, I get either a 'name_taken' error or a 'not_in_channel' error when trying to re-create the channel.

The 'name_taken' error happens by default, as though the terraform state has forgotten about the fact that the channel is archived. If I import the existing archived channel into the remote state and re-run, I get the 'not_in_channel' error. It is as though the provider is failing to add itself to the channel before calling unarchive, and thus failing to be able to unarchive. I can manually unarchive the channel via the slack UI, and all is well. But the provider itself seems unable to do so.

So, something seems amiss with this provider w.r.t. being able to actually manage slack channels as resources.

Note that I tried 'action_on_destroy' = 'none' and that has the same problem as 'name_taken' since it can't figure out it's the same channel, as though it forgot it made it already.

Hello,

Is it possible to have an option for the slack_conversation resource to disable the feature that kicks users not present in the permanent_members list? I'd like to use your provider to create conversations with a predefined set of default users, but if new users want to join the conversation, they can and a new run of Terraform won't try to remove them of the conversation.

Thank you very much,

Describe the bug
When using this to manage a large amount of slack groups and syncing them with Okta Groups, the slack provider will time out with rate limit exceeded issues.

Error: not found [email protected]: slack rate limit exceeded, retry after 10s 
  with module.groups["datagroup"].data.slack_user.target["11ucwk49f1As8SrDZ297"],

To Reproduce
Steps to reproduce the behavior:

1. Create a bunch of groups using slack provider
2. Run the terraform
3. Exceed the rate limits for your account

Expected behavior
Terraform listens to the 429 response codes and slows down accordingly to complete even if it means it takes a while to finish.
Terraform could spit out warning messages saying "rate limit exceeded, waiting recommended time"

Additional context

Terraform version: 1.5.5
Slack Provider: v1.2.2

The documentation does not specify which OAuth Bot Scopes are required for the this provider to perform all its tasks. Could that be added to the documentation?

Hi,
It will be good to add creation Incoming WebHooks

Thanks in advance,
Evgeniy

Is your feature request related to a problem? Please describe.
I would like to be able to independently create usergroups and add users to that group from different states or sources within terraform.

Describe the solution you'd like
A new resource slack_usergroup_membership would take a single user id and group id and add that member to the group. Deleting the resource would remove that member from that group.

Additional context

• Similar to IAM membership in most cloud providers, this is non-authoritative. Possibly a different resource slack_usergroup_binding could be created as an authoritative version.
• The slack_usergroup resource is always authoritative so any members directly defined in the slack_usergroup resource would override any additional members. So slack_usergroup_membership and slack_usergroup_binding would require users to be null in slack_usergroup

Hello! We are using the provider for mapping the owners of our repositories to Slack groups. Since we have a good amount of repositories, we run into rate limits often.

This is the error we get:

╷
│ Error: couldn't get usergroups: slack rate limit exceeded, retry after 3s
│
│   with module.slack.slack_usergroup.prps["android-app"],
│   on ../modules/slack/terraform.tf line 48, in resource "slack_usergroup" "prps":
│   48: resource "slack_usergroup" "prps" {
│
╵

We are currently on version 1.1.6 and are managing about 150 groups.

I guess some sort of retry would be an option and we are willing to contribute, but want to discuss this issue first.

Relevant docs:

• https://api.slack.com/docs/rate-limits#headers
• https://pkg.go.dev/github.com/slack-go/slack#RateLimitedError

Is your feature request related to a problem? Please describe.
Several non patch based features have been added to the provider, but the minor version has not been incremented

Describe the solution you'd like
Release new features in minor version updates, not patch version updates (which should be for bug fixes, not api additions)

Additional context
I would like to put version constraints on the provider using the ~> operator to make sure the version is use meets some minimum version, but prevent unexpected major version changes that might break the api. Currently, I need later than version 1.1.24, but putting ~> 1.1.24 would prevent a minor version update in the future to 1.2 which, per SemVer, should not break the existing api compatibility. I only want to prevent updates to 2.x which could break backwards compatibility of the api, e.g. by using ~> 1.2

Describe the bug
It's slow or sometime hit the rate limit when just simply use slack_conversation Data Source to check the id of a conversation. By reading the code here, seems the users in conversation was read from API but not really used in following updateChannelData(), is that possible not reading it in the data resource?

API: https://api.slack.com/methods/users.profile.set

It will be great if we add support for custom profile fields

Describe the bug
The following:

# tzif.io
resource "slack_conversation" "log-tzif" {
  name    = "log-tzif"
  purpose = "Automated monitoring of tzif organization-level events"
  adopt_existing_channel = true
  is_private = false
}

Produces this error:

│ Error: couldn't set conversation purpose Automated monitoring of tzif organization-level events: not_in_channel
│
│ with slack_conversation.log-tzif,
│ on slack.tf line 2, in resource "slack_conversation" "log-tzif":
│ 2: resource "slack_conversation" "log-tzif" {

Expected behavior

No error

Screenshots

Bot token scopes

Error

In many organizations only slack admins can archive a channel, hence having an app token I can successfully create a channel but terraform code fails on channel deletion. Would it make sense to add 'action_on_destroy' parameter to the conversation resource (like it's done in here )?

This would really help in using the provider in our project.
I can create a pull request if it would be acceptable to go with that option.

Hi @pablovarela !

We use the datasource like below for a number of users who signin via SSO and we maintain a list of them with terraform that can do other things like below:

data "slack_user" "by_email" {
  for_each = toset(flatten([
    [var.users_in_teams["team_x"]],
    [var.users_in_teams["team_y"]],
    [var.users_in_teams["team_z"]],
    [var.users_in_teams["team_a"]],
    [var.users_in_teams["team_b"]]
  ]))
  email = each.key
}

Sometimes people leave our org and their email is no longer valid in slack. The provider currently returns the below:

Error: users_not_found

  on users-slack-info.tf line 1, in data "slack_user" "by_email":
   1: data "slack_user" "by_email" {

Without the detail into which user left. making it hard for us to figure it out quickly. I can make a PR to output which user it was that left (either their name or email)

As per title.

I ask cos I'm always seeing new resources to be created, even when I'm making changes to an existing resources already managed by Terraform state like changing channel name, topic, description.

Is this a known issue? Or is it just me and my Terraform/Terragrunt project that's poorly coded?

I can't create a simple slack_usergroup:

data "slack_user" "test_user_00" {
  email = "[email protected]"
}

resource "slack_usergroup" "my_group3" {
  name        = "test3"
  handle      = "test3"
  description = "Test user group"
  users       = [data.slack_user.test_user_00.id]
}

slack_usergroup.my_group3: Creating...
 Error: could not find usergroup test3: could not find usergroup test3

   with slack_usergroup.my_group3,
   on test.tf line 5, in resource "slack_usergroup" "my_group3":
    5: resource "slack_usergroup" "my_group3" {

$ t providers

Providers required by configuration:
.
└── provider[registry.terraform.io/pablovarela/slack] ~> 1.0

Providers required by state:

    provider[registry.terraform.io/pablovarela/slack]

It seems more useful to have this as a managed resource than a datasource which is only supposed to fetch data, not manage anything.

Is your feature request related to a problem? Please describe.
No

Describe the solution you'd like
It would be good if we could manage channel bookmarks using the Bookmark API.
Provisioning new channels could include adding relevant bookmarks for the project we're working on for example.

Additional context
N/A

Currently, my testing shows permanent_members only accepts a list of user ids, but slack now supports inviting usergroups to slack conversations/channel. Adding support for usergroups would eliminate the need for passing an array of user names to the datasource which for large organizations can get quite unwieldy.

Is your feature request related to a problem? Please describe.
Similar to slack_user data call but loads all slack users at once into a map. The objective here is to reduce the likelihood of being rate limited by the slack API when loading all slack users at once.

Describe the solution you'd like
slack_users data call loads all slack users into a map with name, ID, and email for further processing

Describe alternatives you've considered

data "slack_user" "by_email" {
  # flatten the grouplist to just emails becasue the groups have duplicate emails
  for_each = { for user in local.grouplist : user.email_address => user... }
  email    = each.key
}

This is rate limited almost immediately by the slack API as the number of users is ~>100

• An alternative would be to implement a purposeful rate limit into the existing provider somehow to stop terraform from bombing out
• A different alternative would be to update slack_usergroup to accept email addresses as an alternative in the users list

The provider seems to be unable to make any GRPC calls:

Stack trace from the terraform-provider-slack_v1.1.11 plugin:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x12ddba4]

goroutine 195 [running]:
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ReadDataSource(0xc00000d3c8, {0x18ddeb8, 0xc000700f00}, 0xc000118560)
        github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/grpc_provider.go:1126 +0x304
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadDataSource(0xc000089740, {0x18ddf60, 0xc000281bf0}, 0xc0000955e0)
        github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:247 +0x1db
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadDataSource_Handler({0x17a4360, 0xc000089740}, {0x18ddf60, 0xc000281bf0}, 0xc000690f60, 0x0)
        github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:416 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0xc000250a80, {0x18eaf30, 0xc000174000}, 0xc0004bc900, 0xc00027dfb0, 0x1da6f50, 0x0)
        google.golang.org/[email protected]/server.go:1292 +0xc6f
google.golang.org/grpc.(*Server).handleStream(0xc000250a80, {0x18eaf30, 0xc000174000}, 0xc0004bc900, 0x0)
        google.golang.org/[email protected]/server.go:1617 +0xa2a
google.golang.org/grpc.(*Server).serveStreams.func1.2()
        google.golang.org/[email protected]/server.go:940 +0x98
created by google.golang.org/grpc.(*Server).serveStreams.func1
        google.golang.org/[email protected]/server.go:938 +0x294

Error: The terraform-provider-slack_v1.1.11 plugin crashed!

│   with slack_conversation.dev_thing,
│   on test.tf line 18, in resource "slack_conversation" "dev_thing":
│   18: resource "slack_conversation" "dev_thingn" {
│
│ The plugin.(*GRPCProvider).ValidateResourceConfig request was cancelled.

The plugin.(*GRPCProvider).ValidateDataResourceConfig request was cancelled.

etc.

I've also tried with the latest 1.1.12 version - there is no difference.

I'm running terraform 1.0.8 on an M1 mac

I think it would make more sense.

I though that it can also manage a private direct chat conversation, but it seems that this is not the case: https://registry.terraform.io/providers/pablovarela/slack/latest/docs/resources/conversation which makes the naming even more confusing.

What do you think?

Describe the bug

When slack_conversation.permanent_members leave a channel, the provider does not detect and resolve the drift.

To Reproduce
Steps to reproduce the behavior:

1. Setup slack_conversation with permanent_members
2. Have one of the members leave the channel
3. Run terraform apply and notice that the drift isn't detected

Expected behavior

Drift is detected and members are re-added to channel if they manually leave.

Additional context

permanent_members is not updated:

Thus, the update does not see the drift and does not re-add members:

Hi there!

slack_user supports name and email arguments for searching and doesn't support searching by user id,
it would be nice to have this feature so we could get a list of user ids from the slack user group and then fetch a list of emails for given user ids.

Is it difficult to add users management, i.e. inviting/removing from workspace?