provider/triton: New provider for Joyent Triton

builtin/bins/provider-triton/main.go

@@ -0,0 +1,12 @@
+package main
+
+import (
+	"github.com/hashicorp/terraform/builtin/providers/triton"
+	"github.com/hashicorp/terraform/plugin"
+)
+
+func main() {
+	plugin.Serve(&plugin.ServeOpts{
+		ProviderFunc: triton.Provider,
+	})
+}

builtin/providers/triton/provider.go

@@ -0,0 +1,120 @@
+package triton
+
+import (
+	"fmt"
+	"log"
+	"os"
+
+	"github.com/hashicorp/go-multierror"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/terraform"
+	"github.com/joyent/gocommon/client"
+	"github.com/joyent/gosdc/cloudapi"
+	"github.com/joyent/gosign/auth"
+)
+
+// Provider returns a terraform.ResourceProvider.
+func Provider() terraform.ResourceProvider {
+	return &schema.Provider{
+		Schema: map[string]*schema.Schema{
+			"account": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("SDC_ACCOUNT", ""),
+			},
+
+			"url": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("SDC_URL", "https://us-west-1.api.joyentcloud.com"),
+			},
+
+			"key_material": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("SDC_KEY_MATERIAL", ""),
+			},
+
+			"key_id": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("SDC_KEY_ID", ""),
+			},
+		},
+
+		ResourcesMap: map[string]*schema.Resource{
+			"triton_firewall_rule": resourceFirewallRule(),
+			"triton_machine":       resourceMachine(),
+			"triton_key":           resourceKey(),
+		},
+		ConfigureFunc: providerConfigure,
+	}
+}
+
+type SDCConfig struct {
+	Account     string
+	KeyMaterial string
+	KeyID       string
+	URL         string
+}
+
+func (c SDCConfig) validate() error {
+	var err *multierror.Error
+
+	if c.URL == "" {
+		err = multierror.Append(err, fmt.Errorf("URL must be configured for the Triton provider"))
+	}
+	if c.KeyMaterial == "" {
+		err = multierror.Append(err, fmt.Errorf("Key Material must be configured for the Triton provider"))
+	}
+	if c.KeyID == "" {
+		err = multierror.Append(err, fmt.Errorf("Key ID must be configured for the Triton provider"))
+	}
+	if c.Account == "" {
+		err = multierror.Append(err, fmt.Errorf("Account must be configured for the Triton provider"))
+	}
+
+	return err.ErrorOrNil()
+}
+
+func (c SDCConfig) getSDCClient() (*cloudapi.Client, error) {
+	userauth, err := auth.NewAuth(c.Account, c.KeyMaterial, "rsa-sha256")
+	if err != nil {
+		return nil, err
+	}
+
+	creds := &auth.Credentials{
+		UserAuthentication: userauth,
+		SdcKeyId:           c.KeyID,
+		SdcEndpoint:        auth.Endpoint{URL: c.URL},
+	}
+
+	client := cloudapi.New(client.NewClient(
+		c.URL,
+		cloudapi.DefaultAPIVersion,
+		creds,
+		log.New(os.Stderr, "", log.LstdFlags),
+	))
+
+	return client, nil
+}
+
+func providerConfigure(d *schema.ResourceData) (interface{}, error) {
+	config := SDCConfig{
+		Account:     d.Get("account").(string),
+		URL:         d.Get("url").(string),
+		KeyMaterial: d.Get("key_material").(string),
+		KeyID:       d.Get("key_id").(string),
+	}
+
+	if err := config.validate(); err != nil {
+		return nil, err
+	}
+
+	client, err := config.getSDCClient()
+	if err != nil {
+		return nil, err
+	}
+
+	return client, nil
+}

builtin/providers/triton/provider_test.go

@@ -0,0 +1,44 @@
+package triton
+
+import (
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+var testAccProviders map[string]terraform.ResourceProvider
+var testAccProvider *schema.Provider
+
+func init() {
+	testAccProvider = Provider().(*schema.Provider)
+	testAccProviders = map[string]terraform.ResourceProvider{
+		"triton": testAccProvider,
+	}
+}
+
+func TestProvider(t *testing.T) {
+	if err := Provider().(*schema.Provider).InternalValidate(); err != nil {
+		t.Fatalf("err: %s", err)
+	}
+}
+
+func TestProvider_impl(t *testing.T) {
+	var _ terraform.ResourceProvider = Provider()
+}
+
+func testAccPreCheck(t *testing.T) {
+	sdcURL := os.Getenv("SDC_URL")
+	account := os.Getenv("SDC_ACCOUNT")
+	keyID := os.Getenv("SDC_KEY_ID")
+	keyMaterial := os.Getenv("SDC_KEY_MATERIAL")
+
+	if sdcURL == "" {
+		sdcURL = "https://us-west-1.api.joyentcloud.com"
+	}
+
+	if sdcURL == "" || account == "" || keyID == "" || keyMaterial == "" {
+		t.Fatal("SDC_ACCOUNT, SDC_KEY_ID and SDC_KEY_MATERIAL must be set for acceptance tests")
+	}
+}

builtin/providers/triton/resource_firewall_rule.go

@@ -0,0 +1,101 @@
+package triton
+
+import (
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/joyent/gosdc/cloudapi"
+)
+
+func resourceFirewallRule() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceFirewallRuleCreate,
+		Exists: resourceFirewallRuleExists,
+		Read:   resourceFirewallRuleRead,
+		Update: resourceFirewallRuleUpdate,
+		Delete: resourceFirewallRuleDelete,
+
+		Schema: map[string]*schema.Schema{
+			"rule": {
+				Description: "firewall rule text",
+				Type:        schema.TypeString,
+				Required:    true,
+			},
+			"enabled": {
+				Description: "Indicates if the rule is enabled",
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+			},
+		},
+	}
+}
+
+func resourceFirewallRuleCreate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*cloudapi.Client)
+
+	rule, err := client.CreateFirewallRule(cloudapi.CreateFwRuleOpts{
+		Rule:    d.Get("rule").(string),
+		Enabled: d.Get("enabled").(bool),
+	})
+	if err != nil {
+		return err
+	}
+
+	d.SetId(rule.Id)
+
+	err = resourceFirewallRuleRead(d, meta)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func resourceFirewallRuleExists(d *schema.ResourceData, meta interface{}) (bool, error) {
+	client := meta.(*cloudapi.Client)
+
+	rule, err := client.GetFirewallRule(d.Id())
+
+	return rule != nil && err == nil, err
+}
+
+func resourceFirewallRuleRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*cloudapi.Client)
+
+	rule, err := client.GetFirewallRule(d.Id())
+	if err != nil {
+		return err
+	}
+
+	d.SetId(rule.Id)
+	d.Set("rule", rule.Rule)
+	d.Set("enabled", rule.Enabled)
+
+	return nil
+}
+
+func resourceFirewallRuleUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*cloudapi.Client)
+
+	_, err := client.UpdateFirewallRule(
+		d.Id(),
+		cloudapi.CreateFwRuleOpts{
+			Rule:    d.Get("rule").(string),
+			Enabled: d.Get("enabled").(bool),
+		},
+	)
+	if err != nil {
+		return err
+	}
+
+	return resourceFirewallRuleRead(d, meta)
+}
+
+func resourceFirewallRuleDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*cloudapi.Client)
+
+	if err := client.DeleteFirewallRule(d.Id()); err != nil {
+		return err
+	}
+
+	return nil
+}