fix(tcr): [123875920]support reset_password

.changelog/3346.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/tencentcloud_tcr_service_account: support update password
+```

go.mod

@@ -86,7 +86,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tat v1.0.634
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcaplusdb v1.0.199
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcm v1.0.547
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcr v1.0.696
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcr v1.0.1142
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdcpg v1.0.533
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq v1.0.955
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tem v1.0.578

go.sum

@@ -1085,6 +1085,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcm v1.0.547 h1:6bukohy
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcm v1.0.547/go.mod h1:C7b++Lr8Xh+2KtTUMBjbb+/BrBhfFhAxDMjXzT2GLhY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcr v1.0.696 h1:hTfJtxk5WDj84SfOFKg5Mk+DVtSmjVtkyj3gvVKAYkk=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcr v1.0.696/go.mod h1:DgY9Kgh9093fBl2M/vEFGJZwytDIrPQlYoxoT4rE7O0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcr v1.0.1142 h1:X5eKYvyDNA69jXB2AtsLIoa8lwZ3haUZymSHHk4JUiI=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcr v1.0.1142/go.mod h1:GLR0nyoKy8qfcWpfDeA8wgRDY+pqq5UE/SLbB2l9NzU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcss v1.0.1031 h1:3OgSLiQAfgjQ3kH+lu5WBXRtE6JaZ+FY1Yr+LUv1JEw=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tcss v1.0.1031/go.mod h1:e5FteF6ukTKsD6wergqmPn/jww3oPwi/QJYtTfYbFuY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdcpg v1.0.533 h1:r6HQhmHzPp1oSGhwkNzUzIRlpnpb8Jhtcn1yKhg9ml4=

tencentcloud/services/tcr/resource_tc_tcr_service_account.go

@@ -87,7 +87,9 @@ func ResourceTencentCloudTcrServiceAccount() *schema.Resource {
 			},
 
 			"password": {
+				Optional:    true,
 				Computed:    true,
+				Sensitive:   true,
 				Type:        schema.TypeString,
 				Description: "Password of the service account.",
 			},
@@ -195,6 +197,15 @@ func resourceTencentCloudTcrServiceAccountCreate(d *schema.ResourceData, meta in
 		}
 	}
 
+	service := TCRService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
+	if v, ok := d.GetOk("password"); ok {
+		password, err := service.ModifyServiceAccountPassword(ctx, registryId, name, v.(string))
+		if err != nil {
+			return err
+		}
+		_ = d.Set("password", password)
+	}
+
 	return resourceTencentCloudTcrServiceAccountRead(d, meta)
 }
 
@@ -277,6 +288,8 @@ func resourceTencentCloudTcrServiceAccountUpdate(d *schema.ResourceData, meta in
 	defer tccommon.InconsistentCheck(d, meta)()
 
 	logId := tccommon.GetLogId(tccommon.ContextNil)
+	ctx := context.WithValue(context.TODO(), tccommon.LogIdKey, logId)
+	service := TCRService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()}
 
 	request := tcr.NewModifyServiceAccountRequest()
 
@@ -370,6 +383,15 @@ func resourceTencentCloudTcrServiceAccountUpdate(d *schema.ResourceData, meta in
 		}
 	}
 
+	if d.HasChange("password") {
+		if v, ok := d.GetOk("password"); ok {
+			password, err := service.ModifyServiceAccountPassword(ctx, registryId, name, v.(string))
+			if err != nil {
+				return err
+			}
+			_ = d.Set("password", password)
+		}
+	}
 	return resourceTencentCloudTcrServiceAccountRead(d, meta)
 }
 

tencentcloud/services/tcr/resource_tc_tcr_service_account_test.go

@@ -55,6 +55,17 @@ func TestAccTencentCloudTcrServiceAccountResource_basic(t *testing.T) {
 					// resource.TestCheckResourceAttr("tencentcloud_tcr_service_account.example", "disable", "true"),
 				),
 			},
+			{
+				Config: fmt.Sprintf(testAccTcrServiceAccount_updatePassword, expireTime),
+				PreConfig: func() {
+					tcacctest.AccStepSetRegion(t, "ap-shanghai")
+					tcacctest.AccPreCheckCommon(t, tcacctest.ACCOUNT_TYPE_COMMON)
+				},
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("tencentcloud_tcr_service_account.example", "id"),
+					resource.TestCheckResourceAttr("tencentcloud_tcr_service_account.example", "password", "passwordTest1"),
+				),
+			},
 			{
 				ResourceName:            "tencentcloud_tcr_service_account.example",
 				ImportState:             true,
@@ -68,7 +79,7 @@ func TestAccTencentCloudTcrServiceAccountResource_basic(t *testing.T) {
 const testAccTcrServiceAccount = `
 
 resource "tencentcloud_tcr_instance" "example" {
-	name          = "tf-example-tcr-instance"
+	name          = "tf-example-tcr-instance3"
 	instance_type = "premium"
 	delete_bucket = true
 	tags = {
@@ -83,9 +94,6 @@ resource "tencentcloud_tcr_instance" "example" {
 	is_auto_scan   = true
 	is_prevent_vul = true
 	severity       = "medium"
-	cve_whitelist_items {
-	  cve_id = "tf_example_cve_id"
-	}
   }
 
   resource "tencentcloud_tcr_service_account" "example" {
@@ -108,7 +116,7 @@ resource "tencentcloud_tcr_instance" "example" {
 const testAccTcrServiceAccount_Update = `
 
 resource "tencentcloud_tcr_instance" "example" {
-	name          = "tf-example-tcr-instance"
+	name          = "tf-example-tcr-instance3"
 	instance_type = "premium"
 	delete_bucket = true
 	tags = {
@@ -123,11 +131,45 @@ resource "tencentcloud_tcr_instance" "example" {
 	is_auto_scan   = true
 	is_prevent_vul = true
 	severity       = "medium"
-	cve_whitelist_items {
-	  cve_id = "tf_example_cve_id"
+  }
+
+  resource "tencentcloud_tcr_service_account" "example" {
+	registry_id = tencentcloud_tcr_instance.example.id
+	name        = "tf_example_account"
+	permissions {
+	  resource = tencentcloud_tcr_namespace.example.name
+	  actions  = ["tcr:PushRepository"]
+	}
+	description = "CHANGED tf example for tcr service account"
+	expires_at  = %d
+	disable     = false
+	tags = {
+	  "createdBy" = "terraform"
+	}
+  }
+
+`
+
+const testAccTcrServiceAccount_updatePassword = `
+
+resource "tencentcloud_tcr_instance" "example" {
+	name          = "tf-example-tcr-instance3"
+	instance_type = "premium"
+	delete_bucket = true
+	tags = {
+	  "createdBy" = "terraform"
 	}
   }
 
+  resource "tencentcloud_tcr_namespace" "example" {
+	instance_id    = tencentcloud_tcr_instance.example.id
+	name           = "tf_test_tcr_namespace"
+	is_public      = true
+	is_auto_scan   = true
+	is_prevent_vul = true
+	severity       = "medium"
+  }
+
   resource "tencentcloud_tcr_service_account" "example" {
 	registry_id = tencentcloud_tcr_instance.example.id
 	name        = "tf_example_account"
@@ -141,6 +183,7 @@ resource "tencentcloud_tcr_instance" "example" {
 	tags = {
 	  "createdBy" = "terraform"
 	}
+	password = "passwordTest1"
   }
 
 `

tencentcloud/services/tcr/service_tencentcloud_tcr.go

@@ -1801,3 +1801,33 @@ func (me *TCRService) DeleteTcrServiceAccountById(ctx context.Context, registryI
 
 	return
 }
+
+func (me *TCRService) ModifyServiceAccountPassword(ctx context.Context, registryId string, name string, password string) (passwordResp string, errRet error) {
+	logId := tccommon.GetLogId(ctx)
+
+	request := tcr.NewModifyServiceAccountPasswordRequest()
+	request.RegistryId = &registryId
+	request.Name = &name
+	request.Random = helper.Bool(false)
+	request.Password = helper.String(password)
+
+	defer func() {
+		if errRet != nil {
+			log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n", logId, request.GetAction(), request.ToJsonString(), errRet.Error())
+		}
+	}()
+
+	ratelimit.Check(request.GetAction())
+
+	response, err := me.client.UseTCRClient().ModifyServiceAccountPassword(request)
+	if err != nil {
+		errRet = err
+		return
+	}
+	log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), response.ToJsonString())
+
+	if response.Response.Password != nil {
+		passwordResp = *response.Response.Password
+	}
+	return
+}