feat: Support OIDC configs in mongodbatlas_stream_connection

[LijieZhang1998]

Description

Please include a summary of the fix/feature/change, including any relevant motivation and context.

Link to any related issue(s): https://jira.mongodb.org/browse/CLOUDP-338207

This PR is very similar to this PR we've reviewed and merged. But it was reverted in the master for the last release.

This PR has the two failed tests that Oriol and I looked into in the test run. We'll revert one change from our side to fix the test about stream processor states transition. I'm still checking the other failed test. And, neither of them are related to this change.

Type of change:

• Bug fix (non-breaking change which fixes an issue). Please, add the "bug" label to the PR.
• New feature (non-breaking change which adds functionality). Please, add the "enhancement" label to the PR. A migration guide must be created or updated if the new feature will go in a major version.
• Breaking change (fix or feature that would cause existing functionality to not work as expected). Please, add the "breaking change" label to the PR. A migration guide must be created or updated.
• This change requires a documentation update
• Documentation fix/enhancement

Required Checklist:

• I have signed the MongoDB CLA
• I have read the contributing guides
• I have checked that this change does not generate any credentials and that they are NOT accidentally logged anywhere.
• I have added tests that prove my fix is effective or that my feature works per HashiCorp requirements
• I have added any necessary documentation (if appropriate)
• I have run make fmt and formatted my code
• If changes include deprecations or removals I have added appropriate changelog entries.
• If changes include removal or addition of 3rd party GitHub actions, I updated our internal document. Reach out to the APIx Integration slack channel to get access to the internal document.

Further comments

[github-actions]

APIx bot: a message has been sent to Docs Slack channel

[marcosuma]

what's vendor and why do we need to ignore it? is it needed for development?

[LijieZhang1998]

I usually run go mod vendor locally to get the dependencies, which generates this folder. I accidentally merged the files the day before yesterday that triggered a secret leak alert.

[lantoli]

in this repo you just need to run the first time: make link-git-hooks tools, and I recommend with any change: make build && golangci-lint run
nothing else needed

[marcosuma]

is there a README.md for this example? should we add more information there about this new resource?

[LijieZhang1998]

We have this README.md file. Do you mean by adding some information to the file? I don't see we add any information about the example resources?

[marcosuma]

is there any Altas docs link we could add here?

[LijieZhang1998]

can you show me an example of adding an atlas doc link to the docs? The atlas doc is WIP. But I think I can get the link for it. I followed the pattern in this file to add this example. But I'd like to add extra information if needed.

[marcosuma]

can you show me an example of adding an atlas doc link to the docs

you should be able to find it in the advanced_cluster.md file. We usually link the public external link of the docs if there is any other further explanation of how things work.

[jwilliams-mongo]

@LijieZhang1998 please reach out to @jvincent-mongodb he can create a dochub link (our redirect layer) so you can add a link that we can redirect to a different location on our end when the docs are live

[marcosuma]

@LijieZhang1998 your tests are failing, I haven't looked into why but as a general rule would you mind asking for review only when all your tests are succeeding? if they are flaky, please add this information in the ticket summary to show they're also failing in master for some time

[LijieZhang1998]

@LijieZhang1998 your tests are failing, I haven't looked into why but as a general rule would you mind asking for review only when all your tests are succeeding? if they are flaky, please add this information in the ticket summary to show they're also failing in master for some time

The failed tests are still the two ones Oriol and I looked into. We'll revert one change from our side to fix the test about stream processor states transition. I'm still checking the other failed test. And, neither of them are related to this change. I updated the description of the PR with the content.

[LijieZhang1998]

Hi @kanchana-mongodb @marcosuma, can you review it again? We have a task depending on its release. Thanks.

[LijieZhang1998]

The failed tests TestAccStreamRSStreamConnection_kafkaOAuthBearer and TestAccStreamRSStreamConnection_kafkaPlaintext passed on my local. I'll rerun it to see if it's flaky.

[marcosuma]

can you show me an example of adding an atlas doc link to the docs

you should be able to find it in the advanced_cluster.md file. We usually link the public external link of the docs if there is any other further explanation of how things work.

[jwilliams-mongo]

few minor comments but LGTM overall

[jwilliams-mongo]

Suggested change

	data-source/mongodbatlas_stream_connection: Adds new authentication mechanism (OIDC) to the Kafka connection
	data-source/mongodbatlas_stream_connection: Adds new authentication mechanism (OIDC) to the Kafka connection.

[jwilliams-mongo]

can this be either an HTTP or HTTPS URI? or more than one HTTP URI? might be useful to clarify

[LijieZhang1998]

Just one HTTP(S) URI.

[jwilliams-mongo]

@LijieZhang1998 please reach out to @jvincent-mongodb he can create a dochub link (our redirect layer) so you can add a link that we can redirect to a different location on our end when the docs are live

[jwilliams-mongo]

if this value must be OIDC does the user really need to specify it here? or could it be implicit whenever mechanism = OAUTHBEARER

[LijieZhang1998]

It's just for now. We may add more method value in the future. Should I say Value must be OIDC currently