Merge pull request #1 from michaelkrupp/main

Implement data source and allow custom request headers

go.mod

@@ -3,11 +3,7 @@ module github.com/rickardgranberg/terraform-provider-vaultoperator
 go 1.16
 
 require (
-	github.com/go-ldap/ldap v3.0.2+incompatible // indirect
-	github.com/hashicorp/go-getter v1.5.0 // indirect
-	github.com/hashicorp/terraform-exec v0.13.0 // indirect
-	github.com/hashicorp/terraform-plugin-docs v0.4.0
-	github.com/hashicorp/terraform-plugin-sdk/v2 v2.6.0
-	github.com/hashicorp/vault/api v1.1.0 // indirect
-	gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
+	github.com/hashicorp/terraform-plugin-docs v0.5.0
+	github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0
+	github.com/hashicorp/vault/api v1.2.0
 )

internal/provider/data_source.go

@@ -0,0 +1,49 @@
+package provider
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+const (
+	argInitialized = "initialized"
+)
+
+func providerDatasource() *schema.Resource {
+	return &schema.Resource{
+		// This description is used by the documentation generator and the language server.
+		Description: "Resource for vault operator init",
+
+		ReadContext: providerDatasourceRead,
+
+		Schema: map[string]*schema.Schema{
+			argInitialized: {
+				Description: "The current initialization state of Vault.",
+				Type: schema.TypeBool,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func providerDatasourceRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*apiClient)
+
+	d.SetId(client.url)
+
+	res, err := client.client.Sys().InitStatus()
+	if err != nil {
+		logError("failed to read init status from Vault: %v", err)
+		return diag.FromErr(err)
+	}
+
+	logDebug("response: %v", res)
+
+	if err := d.Set(argInitialized, res); err != nil {
+		return diag.FromErr(err)
+	}
+
+	return diag.Diagnostics{}
+}

internal/provider/data_source_test.go

@@ -0,0 +1,32 @@
+package provider
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+var testAccDataSourceInitVar = fmt.Sprintf("data.%[1]s.test", resInit)
+var testAccDataSourceInit = fmt.Sprintf(`
+provider "%[1]s" {
+}
+
+data "%[2]s" "test" {
+}
+`, provider, resInit)
+
+func TestAccDataSourceInit(t *testing.T) {
+	resource.UnitTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: providerFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceInit,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet(testAccDataSourceInitVar, argInitialized),
+				),
+			},
+		},
+	})
+}

internal/provider/provider.go

@@ -2,6 +2,7 @@ package provider
 
 import (
 	"context"
+	"fmt"
 	"log"
 	"os"
 
@@ -11,10 +12,12 @@ import (
 )
 
 const (
-	envVaultAddr = "VAULT_ADDR"
-	provider     = "vaultoperator"
-	resInit      = provider + "_init"
-	argVaultUrl  = "vault_url"
+	envVaultAddr      = "VAULT_ADDR"
+	provider          = "vaultoperator"
+	resInit           = provider + "_init"
+	argVaultUrl       = "vault_url"
+	argVaultAddr      = "vault_addr"
+	argRequestHeaders = "request_headers"
 )
 
 func init() {
@@ -40,6 +43,9 @@ func New(version string) func() *schema.Provider {
 			ResourcesMap: map[string]*schema.Resource{
 				resInit: resourceInit(),
 			},
+			DataSourcesMap: map[string]*schema.Resource{
+				resInit: providerDatasource(),
+			},
 		}
 
 		p.ConfigureContextFunc = configure(version, p)
@@ -62,36 +68,46 @@ func providerSchema() map[string]*schema.Schema {
 			Type:        schema.TypeString,
 			Optional:    true,
 			Description: "Vault instance URL",
+			Deprecated:  fmt.Sprintf("%q is deprecated, please use %q instead", argVaultUrl, argVaultAddr),
+		},
+		argVaultAddr: {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "Vault instance URL",
+		},
+		argRequestHeaders: {
+			Type:     schema.TypeMap,
+			Optional: true,
+			Elem: &schema.Schema{
+				Type: schema.TypeString,
+			},
 		},
 	}
 }
 
 func configure(version string, p *schema.Provider) func(context.Context, *schema.ResourceData) (interface{}, diag.Diagnostics) {
 	return func(ctx context.Context, d *schema.ResourceData) (interface{}, diag.Diagnostics) {
 		a := &apiClient{}
-		a.url = os.Getenv(envVaultAddr)
-
-		u := d.Get(argVaultUrl).(string)
 
-		if u != "" {
+		if u := d.Get(argVaultAddr).(string); u != "" {
+			a.url = u
+		} else if u := d.Get(argVaultUrl).(string); u != "" {
 			a.url = u
+		} else {
+			a.url = os.Getenv(envVaultAddr)
 		}
 
 		if a.url == "" {
 			return nil, diag.Errorf("argument '%s' is required, or set VAULT_ADDR environment variable", argVaultUrl)
 		}
 
-		c, err := api.NewClient(&api.Config{
-			Address: a.url,
-		})
-
-		if err != nil {
+		if c, err := api.NewClient(&api.Config{Address: a.url}); err != nil {
 			logError("failed to create Vault API client: %v", err)
 			return nil, diag.FromErr(err)
+		} else {
+			a.client = c
 		}
 
-		a.client = c
-
 		return a, nil
 	}
 }

internal/provider/resource_init.go

@@ -167,7 +167,6 @@ func resourceInitImporter(c context.Context, d *schema.ResourceData, meta interf
 	}
 
 	fc, err := ioutil.ReadFile(filepath.Join(u.Host, u.Path))
-
 	if err != nil {
 		logError("failed reading file %v", err)
 		return nil, err
@@ -189,6 +188,7 @@ func resourceInitImporter(c context.Context, d *schema.ResourceData, meta interf
 
 func updateState(d *schema.ResourceData, id string, res *api.InitResponse) error {
 	d.SetId(id)
+
 	if err := d.Set(argRootToken, res.RootToken); err != nil {
 		return err
 	}
@@ -198,5 +198,6 @@ func updateState(d *schema.ResourceData, id string, res *api.InitResponse) error
 	if err := d.Set(argKeysBase64, res.KeysB64); err != nil {
 		return err
 	}
+
 	return nil
 }

internal/provider/resource_init_test.go

@@ -1,12 +1,24 @@
 package provider
 
 import (
+	"fmt"
 	"regexp"
 	"testing"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 )
 
+var testAccResourceInitVar = fmt.Sprintf("%[1]s.test", resInit)
+var testAccResourceInit = fmt.Sprintf(`
+provider "%[1]s" {
+}
+
+resource "%[2]s" "test" {
+	secret_shares    = 5
+	secret_threshold = 3
+}
+`, provider, resInit)
+
 func TestAccResourceInit(t *testing.T) {
 	resource.UnitTest(t, resource.TestCase{
 		PreCheck:          func() { testAccPreCheck(t) },
@@ -15,29 +27,16 @@ func TestAccResourceInit(t *testing.T) {
 			{
 				Config: testAccResourceInit,
 				Check: resource.ComposeTestCheckFunc(
-					resource.TestMatchResourceAttr(
-						"vaultoperator_init.foo", argSecretShares, regexp.MustCompile("5")),
-					resource.TestMatchResourceAttr(
-						"vaultoperator_init.foo", argSecretThreshold, regexp.MustCompile("3")),
-					resource.TestMatchResourceAttr(
-						"vaultoperator_init.foo", argRootToken, regexp.MustCompile(`s\.[A-Za-z0-9]+`)),
-					resource.TestCheckResourceAttrSet("vaultoperator_init.foo", argRootToken),
-					resource.TestMatchResourceAttr("vaultoperator_init.foo", argKeys+".#", regexp.MustCompile("5")),
-					resource.TestMatchResourceAttr("vaultoperator_init.foo", argKeys+".1", regexp.MustCompile("[a-z0-9]+")),
-					resource.TestMatchResourceAttr("vaultoperator_init.foo", argKeysBase64+".#", regexp.MustCompile("5")),
-					resource.TestMatchResourceAttr("vaultoperator_init.foo", argKeysBase64+".1", regexp.MustCompile("[A-Za-z0-9]+")),
+					resource.TestMatchResourceAttr(testAccResourceInitVar, argSecretShares, regexp.MustCompile("5")),
+					resource.TestMatchResourceAttr(testAccResourceInitVar, argSecretThreshold, regexp.MustCompile("3")),
+					resource.TestCheckResourceAttrSet(testAccResourceInitVar, argRootToken),
+					resource.TestMatchResourceAttr(testAccResourceInitVar, argRootToken, regexp.MustCompile(`s\.[A-Za-z0-9]+`)),
+					resource.TestMatchResourceAttr(testAccResourceInitVar, argKeys+".#", regexp.MustCompile("5")),
+					resource.TestMatchResourceAttr(testAccResourceInitVar, argKeys+".1", regexp.MustCompile("[a-z0-9]+")),
+					resource.TestMatchResourceAttr(testAccResourceInitVar, argKeysBase64+".#", regexp.MustCompile("5")),
+					resource.TestMatchResourceAttr(testAccResourceInitVar, argKeysBase64+".1", regexp.MustCompile("[A-Za-z0-9]+")),
 				),
 			},
 		},
 	})
 }
-
-const testAccResourceInit = `
-provider "vaultoperator" {
-}
-
-resource "vaultoperator_init" "foo" {
-	secret_shares    = 5
-	secret_threshold = 3
-}
-`