Skip to content

Add dynamic references and fix group membership issues in Microsoft Graph function #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ytsarev merged 11 commits into from
Apr 30, 2025
Merged

Add dynamic references and fix group membership issues in Microsoft Graph function #2

ytsarev merged 11 commits into from
Apr 30, 2025

Conversation

@ytsarev
Copy link
Member

@ytsarev ytsarev commented Apr 29, 2025
edited
Loading

Description of your changes

Summary

  • Implemented dynamic reference capabilities for all query types, allowing references to values in XR spec, status or function context
  • Fixed group membership retrieval to properly include service principals using the expand workaround
  • Corrected user type identification in group membership results
  • Simplified debug API logging for better observability
  • Enhanced reference resolution to support spec fields using spec.* syntax
  • Improved propagation of spec from observed to desired XR
  • Added example compositions that demonstrate spec reference usage
  • Updated XR example to include spec fields that can be referenced
  • Refactored code to reduce complexity and improve maintainability
  • Added comprehensive tests for spec reference functionality

Group Membership Fixes

  • Fixed issues with group membership queries not including service principals by implementing the recommended expand workaround in
    the Microsoft Graph API
  • Corrected user type identification by properly checking properties and interfaces
  • Improved extraction of service principal and user properties from API responses
  • Simplified logging to reduce noise while maintaining essential debug information

Dynamic Reference Capabilities

Added support for four new reference types:

  1. groupRef: References a single group name for GroupMembership queries
  2. groupsRef: References an array of group names for GroupObjectIDs queries
  3. usersRef: References an array of user names for UserValidation queries
  4. servicePrincipalsRef: References an array of service principal names for ServicePrincipalDetails queries

These references allow users to dynamically source values from:

  • XR status fields (e.g., status.groups)
  • Function context, including environment variables (e.g., context.[apiextensions.crossplane.io/environment].users)

Code Improvements

  • Refactored string array resolution to use common code paths
  • Modularized reference processing to reduce cyclomatic complexity
  • Added consistent error handling and logging
  • Created example compositions showing how to use each reference type
  • Implemented comprehensive test coverage for all reference types and edge cases

Example Usage

  # Dynamic references in function inputs
  queryType: GroupMembership
  groupRef: status.selectedGroup

  queryType: GroupObjectIDs
  groupsRef: context.[apiextensions.crossplane.io/environment].groups

  queryType: UserValidation
  usersRef: status.users

  queryType: ServicePrincipalDetails
  servicePrincipalsRef: context.[apiextensions.crossplane.io/environment].servicePrincipalNames

All these improvements make the function more flexible and maintainable while fixing critical issues with group membership retrieval.

Testing

crossplane render xr.yaml group-membership-example.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc
---
apiVersion: example.crossplane.io/v1
kind: XR
metadata:
 name: example-xr
status:
 conditions:
 - lastTransitionTime: "2024-01-01T00:00:00Z"
   reason: Available
   status: "True"
   type: Ready
 groupMembers:
 - displayName: Yury Tsarev
   id: <redacted>
   type: user
 - displayName: yury-upbound-oidc-provider
   id: <redacted>
   type: servicePrincipal
---

Both User and servicePrincipal group members are in the list 👍

Dynamic usersRef variations:

crossplane render xr.yaml user-validation-example-status-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc
crossplane render xr.yaml user-validation-example-context-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc --extra-resources=envconfig.yaml

Dynamic groupRef variations:

crossplane render xr.yaml group-membership-example-status-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc
crossplane render xr.yaml group-membership-example-context-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc --extra-resources=envconfig.yaml

Dynamic groupsRef variations:

crossplane render xr.yaml group-objectids-example-status-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc
crossplane render xr.yaml group-objectids-example-context-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc --extra-resources=envconfig.yaml

Dynamic servicePrinicpalsRef variations:

crossplane render xr.yaml service-principal-example-status-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc
crossplane render xr.yaml service-principal-example-context-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc --extra-resources=envconfig.yaml

specRef tests

crossplane render xr.yaml user-validation-example-spec-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc
crossplane render xr.yaml group-membership-example-spec-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc
crossplane render xr.yaml group-objectids-example-spec-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc
crossplane render xr.yaml service-principal-example-spec-ref.yaml functions.yaml --function-credentials=./secrets/azure-creds.yaml -rc

All examples are documented and working as expected.

I have:

ytsarev added 3 commits April 29, 2025 13:14
@ytsarev
Fix user type issue
c308f92 
Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Force including servicePrincipals into the list by using expand
1faacad 
workaround

Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Simplify debug api logging and update examples
a2611cc 
Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev ytsarev requested a review from a team April 29, 2025 13:19
ytsarev added 2 commits April 30, 2025 00:15
@ytsarev
Implement dynamic groupRef capability
535dc7d 
* Tests
* Implementation
* Examples

Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Add dynamic groupsRef for GroupObjectIDs query
ac5ad53 
* Tests
* Implementation
* Examples

Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev ytsarev force-pushed the group-member-fixes branch from 0ade4c6 to ac5ad53 Compare April 29, 2025 22:49
ytsarev added 2 commits April 30, 2025 01:14
@ytsarev
Dynamic usersRef implementation
d271aef 
* Tests
* Implementation
* Examples

Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Dynamic 'servicePrincipalRef` implementation
66f94a2 
* Tests
* Implementation
* Examples

Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev ytsarev force-pushed the group-member-fixes branch from 30bef97 to 66f94a2 Compare April 29, 2025 23:37
@ytsarev ytsarev changed the title Fix service principal detection in Microsoft Graph API Add dynamic references and fix group membership issues in Microsoft Graph function Apr 29, 2025
ytsarev added 3 commits April 30, 2025 02:12
@ytsarev
Update XRD status definition to handle e2e testing
5847027 
Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Implement spec reference capability
305a77e 
* Tests
* Implementation
* Examples

Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev
Extend XRD for e2e testing for spec refs
28c026c 
Signed-off-by: Yury Tsarev <yury@upbound.io>
stevendborrelli
stevendborrelli approved these changes Apr 30, 2025
View reviewed changes
example/functions.yaml
render.crossplane.io/runtime: Development
spec:
package: xpkg.upbound.io/upbound/function-msgraph:v0.1.0
---
Copy link
Member

@stevendborrelli stevendborrelli Apr 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

duplicate ---

Copy link
Member Author

@ytsarev ytsarev Apr 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the catch, amended 👍

@ytsarev
Remove typo in functions.yaml and extend README with Ref fields
95a083f 
Signed-off-by: Yury Tsarev <yury@upbound.io>
@ytsarev ytsarev merged commit 51b7ecd into main Apr 30, 2025
5 checks passed
@ytsarev ytsarev deleted the group-member-fixes branch April 30, 2025 14:02
@ytsarev ytsarev mentioned this pull request Apr 30, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stevendborrelli stevendborrelli stevendborrelli approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ytsarev @stevendborrelli