Skip to content

Topic ocir user edit #350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
preethignanesh wants to merge 5 commits into
base: development
Choose a base branch
from
Open

Topic ocir user edit #350

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
9acc897
Changing the logic of adding the namespace to ocir_user
preethignanesh Dec 11, 2025
6117ba1
Delete remove_resources.py
preethignanesh Dec 11, 2025
2a6c88c
Delete verify.py
preethignanesh Dec 11, 2025
cbe0a18
Updating the description of the ocir_user in schema.yaml
preethignanesh Dec 12, 2025
1f29d46
Merge branch 'topic_ocir_user_edit' of https://github.com/oracle-quic…
preethignanesh Dec 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions terraform/locals.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,8 +160,7 @@ locals {
ocir_namespace = data.oci_objectstorage_namespace.object_namespace.namespace

ocir_namespace_with_slash = format("%s/", local.ocir_namespace)
ocir_user_starts_with = substr(var.ocir_user, 0, length(local.ocir_namespace_with_slash))
ocir_user = local.ocir_user_starts_with == local.ocir_namespace_with_slash ? var.ocir_user : "${format("%s%s", local.ocir_namespace_with_slash, var.ocir_user)}"
ocir_user = length(regexall("/", var.ocir_user)) > 0 ? var.ocir_user : "${format("%s%s", local.ocir_namespace_with_slash, var.ocir_user)}"
Copy link
Member

@roberto-sanchez-herrera roberto-sanchez-herrera Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we merge this change, I think we will likely modify the description in

oci-weblogic-server/terraform/schema.yaml

Line 2596 in 2a6c88c

ocir_user:
because if the person creating the stack specifies a user in an identity domain that is not default, he will need to specify something like "mydomain/myuser" and then length(regexall("/", var.ocir_user)) > 0 will be true and the namespace will not be prefixed to the user, so he will need to specify the namespace

I think we can make that change in a separate PR, because that description needs to change anyways, because this part is not correct:
If your tenancy is using Oracle Identity Cloud Service, use the format oracleidentitycloudservice/{username}.
Because the identity domain name can be different from oracleidentitycloudservice

But also, this could be a change in behavior. If a user is already specifying the ocir user as mydomain/myuser, and we introduce this change, then provisioning will fail,

Copy link
Contributor Author

@preethignanesh preethignanesh Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have discussed with Adrian on this and had raised the same topic. This change is being done according to his proposal that if we the customer is entering anything with a '/', then he has to enter all the details including the tenancy_namespace, domain name and the username.
We will have to make changes to our documentation as well accordingly for which I will be filing a doc bug.
This was discussed in the standup and I did get consensus from Abhi on the same.


region_keys = data.oci_identity_regions.all_regions.regions.*.key
region_names = data.oci_identity_regions.all_regions.regions.*.name
Expand Down
2 changes: 1 addition & 1 deletion terraform/schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2601,7 +2601,7 @@ variables:
- ${use_autoscaling}
type: string
title: "Registry User Name"
description: "The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions, which has the format {identity domain name}/{username}. If your tenancy is using Oracle Identity Cloud Service, use the format oracleidentitycloudservice/{username}."
description: "The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions, which has the format either {username} or {tenancy_namespace}/{identity domain name}/{username}. If your tenancy is using Oracle Identity Cloud Service, use the format {tenancy_namespace}/oracleidentitycloudservice/{username}."
Copy link
Member

@roberto-sanchez-herrera roberto-sanchez-herrera Dec 12, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest something like this:

"The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions. If the user is in an identity domain, use the format {tenancy_namespace}/{identity domain name}/{username}, otherwise use the format {username}.  If your tenancy is using Oracle Identity Cloud Service, use the format {tenancy_namespace}/oracleidentitycloudservice/{username}."

required: true

ocir_auth_token_compartment_id:
Expand Down
2 changes: 1 addition & 1 deletion terraform/schema_14110.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2138,7 +2138,7 @@ variables:
- ${use_autoscaling}
type: string
title: "Registry User Name"
description: "The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions, which has the format {identity domain name}/{username}. If your tenancy is using Oracle Identity Cloud Service, use the format oracleidentitycloudservice/{username}."
description: "The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions, which has the format either {username} or {tenancy_namespace}/{identity domain name}/{username}. If your tenancy is using Oracle Identity Cloud Service, use the format {tenancy_namespace}/oracleidentitycloudservice/{username}."
required: true

ocir_auth_token_compartment_id:
Expand Down
2 changes: 1 addition & 1 deletion terraform/schema_14120.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2610,7 +2610,7 @@ variables:
- ${use_autoscaling}
type: string
title: "Registry User Name"
description: "The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions, which has the format {identity domain name}/{username}. If your tenancy is using Oracle Identity Cloud Service, use the format oracleidentitycloudservice/{username}."
description: "The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions, which has the format either {username} or {tenancy_namespace}/{identity domain name}/{username}. If your tenancy is using Oracle Identity Cloud Service, use the format {tenancy_namespace}/oracleidentitycloudservice/{username}."
required: true

ocir_auth_token_compartment_id:
Expand Down
2 changes: 1 addition & 1 deletion terraform/schema_15110.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2138,7 +2138,7 @@ variables:
- ${use_autoscaling}
type: string
title: "Registry User Name"
description: "The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions, which has the format {identity domain name}/{username}. If your tenancy is using Oracle Identity Cloud Service, use the format oracleidentitycloudservice/{username}."
description: "The user name to access the Oracle Cloud Infrastructure Registry (OCIR) for deploying autoscaling OCI functions, which has the format either {username} or {tenancy_namespace}/{identity domain name}/{username}. If your tenancy is using Oracle Identity Cloud Service, use the format {tenancy_namespace}/oracleidentitycloudservice/{username}."
required: true

ocir_auth_token_compartment_id:
Expand Down