bug(kms): Add support for all Boundary supported KMSes

After moving to go-kms-wrapping V2, the Boundary Terraform Provider
did not load all KMS plugins resulting in an error when trying to
create a wrapper for any type other than aead:

    Error: error reading wrappers from "recovery_kms_hcl":
    Error configuring kms: plugin is nil

.gitignore

@@ -33,3 +33,6 @@ website/vendor
 
 # Keep windows files with windows line endings
 *.winfile eol=crlf
+
+# Compilation outputs
+/plugins/kms/assets/boundary-plugin*

CHANGELOG.md

@@ -1,3 +1,17 @@
+## Next
+
+### Bug Fixes
+
+* After moving to go-kms-wrapping V2, the Boundary Terraform Provider
+  did not load all KMS plugins resulting in an error when trying to
+  create a wrapper for any type other than 'aead':
+
+            Error: error reading wrappers from "recovery_kms_hcl":
+            Error configuring kms: plugin is nil
+  ([Issue](https://github.com/hashicorp/terraform-provider-boundary/issues/209)),
+  ([PR](https://github.com/hashicorp/terraform-provider-boundary/pull/70)).
+
+
 ## 1.0.7 (May 16, 2022)
 
 ### Deprecations/Changes

Makefile

@@ -44,6 +44,11 @@ install-go: ~/.go/bin/go
 	./ci/goinstall.sh
 
 dev:
+	./scripts/plugins.sh
+	mkdir -p $(INSTALL_PATH)
+	go build -o $(INSTALL_PATH)/terraform-provider-boundary main.go
+
+dev-no-plugins:
 	mkdir -p $(INSTALL_PATH)
 	go build -o $(INSTALL_PATH)/terraform-provider-boundary main.go
 

internal/provider/provider.go

@@ -8,13 +8,13 @@ import (
 
 	"github.com/hashicorp/boundary/api"
 	"github.com/hashicorp/boundary/api/authmethods"
-	kms_plugin_assets "github.com/hashicorp/boundary/plugins/kms"
 	"github.com/hashicorp/boundary/sdk/wrapper"
 	wrapping "github.com/hashicorp/go-kms-wrapping/v2"
 	"github.com/hashicorp/go-secure-stdlib/configutil/v2"
 	"github.com/hashicorp/go-secure-stdlib/pluginutil/v2"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-provider-boundary/plugins/kms"
 )
 
 func init() {

plugins/README.md

@@ -0,0 +1,6 @@
+# Boundary External Plugins Modules
+
+The Go modules under `plugins` are not intended to be used directly. They are
+here purely to allow compilation of the various plugins Boundary supports
+without pulling the dependencies (and any clashes, and any init behavior)
+directly into Boundary.

plugins/kms/assets.go

@@ -0,0 +1,21 @@
+package kms_plugin_assets
+
+import (
+	"embed"
+	"io/fs"
+)
+
+const contentDir = "assets"
+
+// content is our static web server content.
+//go:embed assets
+var content embed.FS
+
+func FileSystem() fs.FS {
+	// Remove the root
+	f, err := fs.Sub(content, contentDir)
+	if err != nil {
+		panic(err)
+	}
+	return f
+}

plugins/kms/assets/README.md

@@ -0,0 +1,3 @@
+This directory contains assets for kms plugins. This file in particular exists
+so that the Go embed package does not throw errors when importing this module
+outside of the main tree.

plugins/kms/builtin.go

@@ -0,0 +1,14 @@
+package kms_plugin_assets
+
+import (
+	"github.com/hashicorp/go-kms-wrapping/v2/aead"
+	"github.com/hashicorp/go-secure-stdlib/pluginutil/v2"
+)
+
+func BuiltinKmsPlugins() map[string]pluginutil.InmemCreationFunc {
+	return map[string]pluginutil.InmemCreationFunc{
+		"aead": func() (interface{}, error) {
+			return aead.NewWrapper(), nil
+		},
+	}
+}

plugins/kms/const.go

@@ -0,0 +1,3 @@
+package kms_plugin_assets
+
+const KmsPluginPrefix = "boundary-plugin-kms-"

plugins/kms/mains/alicloudkms/go.mod

@@ -0,0 +1,40 @@
+module github.com/hashicorp/boundary/plugins/kms/mains/alicloudkms
+
+go 1.17
+
+require (
+	github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.0
+	github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.1
+)
+
+require (
+	github.com/aliyun/alibaba-cloud-sdk-go v1.61.1499 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/fatih/color v1.7.0 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/hashicorp/go-hclog v1.1.0 // indirect
+	github.com/hashicorp/go-kms-wrapping/v2 v2.0.0 // indirect
+	github.com/hashicorp/go-plugin v1.4.3 // indirect
+	github.com/hashicorp/go-uuid v1.0.2 // indirect
+	github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/json-iterator/go v1.1.9 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/mattn/go-colorable v0.1.6 // indirect
+	github.com/mattn/go-isatty v0.0.12 // indirect
+	github.com/mitchellh/go-testing-interface v1.0.0 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.1 // indirect
+	github.com/oklog/run v1.0.0 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/rogpeppe/go-internal v1.8.1 // indirect
+	github.com/stretchr/testify v1.7.0 // indirect
+	golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd // indirect
+	golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a // indirect
+	golang.org/x/text v0.3.7 // indirect
+	google.golang.org/genproto v0.0.0-20220114231437-d2e6a121cae0 // indirect
+	google.golang.org/grpc v1.44.0 // indirect
+	google.golang.org/protobuf v1.27.1 // indirect
+	gopkg.in/ini.v1 v1.66.2 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+)