Updates

hashicorp · Jun 12, 2021 · 6a9bdb1 · 6a9bdb1
1 parent 4bdaa55
commit 6a9bdb1
Show file tree

Hide file tree

Showing 9 changed files with 273 additions and 309 deletions.
diff --git a/go.mod b/go.mod
@@ -13,14 +13,11 @@ require (
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/aliyun/alibaba-cloud-sdk-go v1.61.545 // indirect
 	github.com/aws/aws-sdk-go v1.35.4 // indirect
-	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
 	github.com/circonus-labs/circonusllhist v0.1.4 // indirect
 	github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe // indirect
-	github.com/coreos/go-oidc v2.2.1+incompatible // indirect
-	github.com/go-bindata/go-bindata/v3 v3.1.3 // indirect
 	github.com/golang/snappy v0.0.2 // indirect
-	github.com/hashicorp/boundary v0.3.1-0.20210610203214-162be318f08f
-	github.com/hashicorp/boundary/api v0.0.12-0.20210610203214-162be318f08f
+	github.com/hashicorp/boundary v0.3.1-0.20210612223955-f1a3b414a8ef
+	github.com/hashicorp/boundary/api v0.0.12-0.20210612223955-f1a3b414a8ef
 	github.com/hashicorp/boundary/sdk v0.0.4
 	github.com/hashicorp/cap v0.0.0-20210518163718-e72205e8eaae
 	github.com/hashicorp/go-immutable-radix v1.3.0 // indirect
@@ -34,11 +31,10 @@ require (
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
 	github.com/oklog/run v1.1.0 // indirect
 	github.com/oracle/oci-go-sdk v24.3.0+incompatible // indirect
-	github.com/pquerna/cachecontrol v0.0.0-20201205024021-ac21108117ac // indirect
 	github.com/prometheus/common v0.14.0 // indirect
 	github.com/prometheus/procfs v0.2.0 // indirect
 	github.com/tv42/httpunix v0.0.0-20191220191345-2ba4b9c3382c // indirect
+	golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a
 	google.golang.org/appengine v1.6.7 // indirect
 	gopkg.in/ini.v1 v1.62.0 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
 )
diff --git a/go.sum b/go.sum
diff --git a/internal/provider/const.go b/internal/provider/const.go
@@ -1,18 +1,18 @@
 package provider
 
 const (
-	// Key used for common SDK ID resource attribute
+	// IDKey used for common SDK ID resource attribute
 	IDKey = "id"
-	// Key used for common "name" resource attribute
+	// NameKey used for common "name" resource attribute
 	NameKey = "name"
-	// Key used for common "description" resource attribute
+	// DescriptionKey used for common "description" resource attribute
 	DescriptionKey = "description"
-	// Key used for common "scope_id" resource attribute
+	// ScopeIdKey used for common "scope_id" resource attribute
 	ScopeIdKey = "scope_id"
-	// Key used for common "type" resource attribute
+	// TypeKey used for common "type" resource attribute
 	TypeKey = "type"
-	// Key used for common "host_catalog_id" resource attribute
+	// HostCatalogIdKey used for common "host_catalog_id" resource attribute
 	HostCatalogIdKey = "host_catalog_id"
-	// Key used for common "auth_method_id" resource attribute
+	// AuthMethodIdKey used for common "auth_method_id" resource attribute
 	AuthMethodIdKey = "auth_method_id"
 )
diff --git a/internal/provider/provider_test.go b/internal/provider/provider_test.go
@@ -19,7 +19,7 @@ var (
 	tcPassword  = "passpass"
 	tcPAUM      = "ampw_0000000000"
 	tcConfig    = []controller.Option{
-		controller.WithDefaultAuthMethodId(tcPAUM),
+		controller.WithDefaultPasswordAuthMethodId(tcPAUM),
 		controller.WithDefaultLoginName(tcLoginName),
 		controller.WithDefaultPassword(tcPassword),
 	}

diff --git a/internal/provider/resource_credential_library_vault.go b/internal/provider/resource_credential_library_vault.go
@@ -13,11 +13,17 @@ import (
 
 const (
 	credentialStoreIdKey                     = "credential_store_id"
-	credentialLibraryVaultHttpMethodKey      = "vault_http_method"
-	credentialLibraryVaultHttpRequestBodyKey = "vault_http_request_body"
+	credentialLibraryVaultHttpMethodKey      = "http_method"
+	credentialLibraryVaultHttpRequestBodyKey = "http_request_body"
 	credentialLibraryVaultPathKey            = "vault_path"
 )
 
+var libraryVaultAttrs = []string{
+	credentialLibraryVaultHttpMethodKey,
+	credentialLibraryVaultHttpRequestBodyKey,
+	credentialLibraryVaultPathKey,
+}
+
 func resourceCredentialLibraryVault() *schema.Resource {
 	return &schema.Resource{
 		Description: "The credential library for Vault resource allows you to configure a Boundary credential library for Vault.",
@@ -65,7 +71,7 @@ func resourceCredentialLibraryVault() *schema.Resource {
 			credentialLibraryVaultPathKey: {
 				Description: "The Vault path to query",
 				Type:        schema.TypeString,
-				Optional:    true,
+				Required:    true,
 			},
 		},
 	}
@@ -81,14 +87,14 @@ func setFromVaultCredentialLibraryResponseMap(d *schema.ResourceData, raw map[st
 	if err := d.Set(credentialStoreIdKey, raw[credentialStoreIdKey]); err != nil {
 		return err
 	}
-	if err := d.Set(credentialLibraryVaultHttpMethodKey, raw[credentialLibraryVaultHttpMethodKey]); err != nil {
-		return err
-	}
-	if err := d.Set(credentialLibraryVaultHttpRequestBodyKey, raw[credentialLibraryVaultHttpRequestBodyKey]); err != nil {
-		return err
-	}
-	if err := d.Set(credentialLibraryVaultPathKey, raw[credentialLibraryVaultPathKey]); err != nil {
-		return err
+
+	if attrsVal, ok := raw["attributes"]; ok {
+		attrs := attrsVal.(map[string]interface{})
+		for _, v := range libraryVaultAttrs {
+			if err := d.Set(v, attrs[v]); err != nil {
+				return err
+			}
+		}
 	}
 
 	d.SetId(raw["id"].(string))
@@ -99,39 +105,33 @@ func setFromVaultCredentialLibraryResponseMap(d *schema.ResourceData, raw map[st
 func resourceCredentialLibraryCreateVault(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	md := meta.(*metaData)
 
-	opts := []credentiallibraries.Option{}
-
+	var opts []credentiallibraries.Option
 	if v, ok := d.GetOk(NameKey); ok {
 		opts = append(opts, credentiallibraries.WithName(v.(string)))
 	}
-
 	if v, ok := d.GetOk(DescriptionKey); ok {
 		opts = append(opts, credentiallibraries.WithDescription(v.(string)))
 	}
-
 	if v, ok := d.GetOk(credentialLibraryVaultHttpMethodKey); ok {
 		opts = append(opts, credentiallibraries.WithVaultCredentialLibraryHttpMethod(v.(string)))
 	}
-
 	if v, ok := d.GetOk(credentialLibraryVaultHttpRequestBodyKey); ok {
 		opts = append(opts, credentiallibraries.WithVaultCredentialLibraryHttpRequestBody(v.(string)))
 	}
-
 	if v, ok := d.GetOk(credentialLibraryVaultPathKey); ok {
 		opts = append(opts, credentiallibraries.WithVaultCredentialLibraryVaultPath(v.(string)))
 	}
 
-	var credentialstoreid string
+	var credentialStoreId string
 	cid, ok := d.GetOk(credentialStoreIdKey)
 	if ok {
-		credentialstoreid = cid.(string)
+		credentialStoreId = cid.(string)
 	} else {
 		return diag.Errorf("no credential store ID is set")
 	}
 
 	client := credentiallibraries.NewClient(md.client)
-
-	cr, err := client.Create(ctx, credentialstoreid, opts...)
+	cr, err := client.Create(ctx, credentialStoreId, opts...)
 	if err != nil {
 		return diag.Errorf("error creating credential library: %v", err)
 	}
@@ -173,40 +173,35 @@ func resourceCredentialLibraryUpdateVault(ctx context.Context, d *schema.Resourc
 	md := meta.(*metaData)
 	client := credentiallibraries.NewClient(md.client)
 
-	opts := []credentiallibraries.Option{}
-
+	var opts []credentiallibraries.Option
 	if d.HasChange(NameKey) {
 		opts = append(opts, credentiallibraries.DefaultName())
 		nameVal, ok := d.GetOk(NameKey)
 		if ok {
 			opts = append(opts, credentiallibraries.WithName(nameVal.(string)))
 		}
 	}
-
 	if d.HasChange(DescriptionKey) {
 		opts = append(opts, credentiallibraries.DefaultDescription())
 		descVal, ok := d.GetOk(DescriptionKey)
 		if ok {
 			opts = append(opts, credentiallibraries.WithDescription(descVal.(string)))
 		}
 	}
-
 	if d.HasChange(credentialLibraryVaultHttpMethodKey) {
 		opts = append(opts, credentiallibraries.DefaultVaultCredentialLibraryHttpMethod())
 		v, ok := d.GetOk(credentialLibraryVaultHttpMethodKey)
 		if ok {
 			opts = append(opts, credentiallibraries.WithVaultCredentialLibraryHttpMethod(v.(string)))
 		}
 	}
-
 	if d.HasChange(credentialLibraryVaultHttpRequestBodyKey) {
 		opts = append(opts, credentiallibraries.DefaultVaultCredentialLibraryHttpRequestBody())
 		v, ok := d.GetOk(credentialLibraryVaultHttpRequestBodyKey)
 		if ok {
 			opts = append(opts, credentiallibraries.WithVaultCredentialLibraryHttpRequestBody(v.(string)))
 		}
 	}
-
 	if d.HasChange(credentialLibraryVaultPathKey) {
 		opts = append(opts, credentiallibraries.DefaultVaultCredentialLibraryVaultPath())
 		v, ok := d.GetOk(credentialLibraryVaultPathKey)
@@ -222,7 +217,9 @@ func resourceCredentialLibraryUpdateVault(ctx context.Context, d *schema.Resourc
 			return diag.Errorf("error updating credential library: %v", err)
 		}
 
-		setFromVaultCredentialLibraryResponseMap(d, aur.GetResponse().Map)
+		if err := setFromVaultCredentialLibraryResponseMap(d, aur.GetResponse().Map); err != nil {
+			return diag.Errorf("error setting credential library from response: %v", err)
+		}
 	}
 
 	return nil

diff --git a/internal/provider/resource_credential_library_vault_test.go b/internal/provider/resource_credential_library_vault_test.go
@@ -9,6 +9,7 @@ import (
 	"github.com/hashicorp/boundary/api"
 	"github.com/hashicorp/boundary/api/credentiallibraries"
 	"github.com/hashicorp/boundary/testing/controller"
+	"github.com/hashicorp/boundary/testing/vault"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
@@ -18,62 +19,68 @@ const (
 	vaultCredResc            = "boundary_credential_library_vault.example"
 	vaultCredLibName         = "foo"
 	vaultCredLibDesc         = "the foo"
-	vaultCredLibStoreId      = ""
 	vaultCredLibPath         = "/foo/bar"
-	vaultCredLibMethod       = "POST"
-	vaultCredLibRequestBody  = ""
+	vaultCredLibMethodGet    = "GET"
+	vaultCredLibMethodPost   = "POST"
+	vaultCredLibRequestBody  = "foobar"
 	vaultCredLibStringUpdate = "_random"
 )
 
 var vaultCredLibResource = fmt.Sprintf(`
 resource "boundary_credential_library_vault" "example" {
-  name  = "%s"
+	name  = "%s"
 	description = "%s"
-	credential_store_id = boundary_credential_store_vault.example.id 
-  vault_path = "%s"
-  vault_http_method = "%s"
-  vault_http_request_body = "%s"
+	credential_store_id = boundary_credential_store_vault.example.id
+  	vault_path = "%s"
+  	http_method = "%s"
 }`, vaultCredLibName,
 	vaultCredLibDesc,
-	vaultCredLibStoreId,
 	vaultCredLibPath,
-	vaultCredLibMethod,
-	vaultCredLibRequestBody)
+	vaultCredLibMethodGet)
 
 var vaultCredLibResourceUpdate = fmt.Sprintf(`
 resource "boundary_credential_library_vault" "example" {
-  name  = "%s"
+  	name  = "%s"
 	description = "%s"
-  credential_store_id = boundary_credential_store_vault.example.id
-  vault_path = "%s"
-  vault_http_method = "%s"
-  vault_http_request_body = "%s"
+  	credential_store_id = boundary_credential_store_vault.example.id
+  	vault_path = "%s"
+  	http_method = "%s"
+  	http_request_body = "%s"
 }`, vaultCredLibName+vaultCredLibStringUpdate,
 	vaultCredLibDesc+vaultCredLibStringUpdate,
-	vaultCredLibStoreId,
-	vaultCredLibPath,
-	vaultCredLibMethod,
+	vaultCredLibPath+vaultCredLibStringUpdate,
+	vaultCredLibMethodPost,
 	vaultCredLibRequestBody)
 
 func TestAccCredentialLibraryVault(t *testing.T) {
 	tc := controller.NewTestController(t, tcConfig...)
 	defer tc.Shutdown()
 	url := tc.ApiAddrs()[0]
 
+	vc := vault.NewTestVaultServer(t)
+	_, token := vc.CreateToken(t)
+	credStoreRes := vaultCredStoreResource(vc,
+		vaultCredStoreName,
+		vaultCredStoreDesc,
+		vaultCredStoreNamespace,
+		"www.original.com",
+		token,
+		true)
+
 	var provider *schema.Provider
 	resource.Test(t, resource.TestCase{
 		ProviderFactories: providerFactories(&provider),
 		CheckDestroy:      testAccCheckAuthMethodResourceDestroy(t, provider),
 		Steps: []resource.TestStep{
 			{
 				// create
-				Config: testConfig(url, fooOrg, firstProjectFoo, vaultCredStoreResource, vaultCredLibResource),
+				Config: testConfig(url, fooOrg, firstProjectFoo, credStoreRes, vaultCredLibResource),
 				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr(vaultCredResc, "name", vaultCredLibName),
-					resource.TestCheckResourceAttr(vaultCredResc, "description", vaultCredLibDesc),
-					resource.TestCheckResourceAttr(vaultCredResc, "vault_path", vaultCredLibPath),
-					resource.TestCheckResourceAttr(vaultCredResc, "vault_http_method", vaultCredLibMethod),
-					resource.TestCheckResourceAttr(vaultCredResc, "vault_http_request_body", vaultCredLibRequestBody),
+					resource.TestCheckResourceAttr(vaultCredResc, NameKey, vaultCredLibName),
+					resource.TestCheckResourceAttr(vaultCredResc, DescriptionKey, vaultCredLibDesc),
+					resource.TestCheckResourceAttr(vaultCredResc, credentialLibraryVaultPathKey, vaultCredLibPath),
+					resource.TestCheckResourceAttr(vaultCredResc, credentialLibraryVaultHttpMethodKey, vaultCredLibMethodGet),
+					resource.TestCheckResourceAttr(vaultCredResc, credentialLibraryVaultHttpRequestBodyKey, ""),
 
 					testAccCheckCredentialLibraryVaultResourceExists(provider, vaultCredResc),
 				),
@@ -82,13 +89,13 @@ func TestAccCredentialLibraryVault(t *testing.T) {
 
 			{
 				// update
-				Config: testConfig(url, fooOrg, firstProjectFoo, vaultCredStoreResource, vaultCredLibResource),
+				Config: testConfig(url, fooOrg, firstProjectFoo, credStoreRes, vaultCredLibResourceUpdate),
 				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr(vaultCredResc, "name", vaultCredLibName+vaultCredLibStringUpdate),
-					resource.TestCheckResourceAttr(vaultCredResc, "description", vaultCredLibDesc+vaultCredLibStringUpdate),
-					resource.TestCheckResourceAttr(vaultCredResc, "vault_path", vaultCredLibPath),
-					resource.TestCheckResourceAttr(vaultCredResc, "vault_http_method", vaultCredLibMethod),
-					resource.TestCheckResourceAttr(vaultCredResc, "vault_http_request_body", vaultCredLibRequestBody),
+					resource.TestCheckResourceAttr(vaultCredResc, NameKey, vaultCredLibName+vaultCredLibStringUpdate),
+					resource.TestCheckResourceAttr(vaultCredResc, DescriptionKey, vaultCredLibDesc+vaultCredLibStringUpdate),
+					resource.TestCheckResourceAttr(vaultCredResc, credentialLibraryVaultPathKey, vaultCredLibPath+vaultCredLibStringUpdate),
+					resource.TestCheckResourceAttr(vaultCredResc, credentialLibraryVaultHttpMethodKey, vaultCredLibMethodPost),
+					resource.TestCheckResourceAttr(vaultCredResc, credentialLibraryVaultHttpRequestBodyKey, vaultCredLibRequestBody),
 
 					testAccCheckCredentialLibraryVaultResourceExists(provider, vaultCredResc),
 				),
@@ -102,20 +109,18 @@ func testAccCheckCredentialLibraryVaultResourceExists(testProvider *schema.Provi
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[name]
 		if !ok {
-			return fmt.Errorf("Not found: %s", name)
+			return fmt.Errorf("not found: %s", name)
 		}
 
 		id := rs.Primary.ID
 		if id == "" {
-			return fmt.Errorf("No ID is set")
+			return fmt.Errorf("no ID is set")
 		}
 
 		md := testProvider.Meta().(*metaData)
-
 		c := credentiallibraries.NewClient(md.client)
-
 		if _, err := c.Read(context.Background(), id); err != nil {
-			return fmt.Errorf("Got an error reading %q: %w", id, err)
+			return fmt.Errorf("got an error reading %q: %w", id, err)
 		}
 
 		return nil
@@ -135,7 +140,6 @@ func testAccCheckCredentialLibraryVaultResourceDestroy(t *testing.T, testProvide
 				id := rs.Primary.ID
 
 				c := credentiallibraries.NewClient(md.client)
-
 				_, err := c.Read(context.Background(), id)
 				if apiErr := api.AsServerError(err); apiErr == nil || apiErr.Response().StatusCode() != http.StatusNotFound {
 					return fmt.Errorf("didn't get a 404 when reading destroyed vault credential library %q: %v", id, err)