More TF best practices. Add functionality to update bucket and read b…

…ucket metadata (#1) * More TF best practices. Add functionality to update bucket and read bucket metadata * Add more resources to manage public access, shadow bucket, and custom domain * Update README * Review comments
tigrisdata · Aug 21, 2024 · 0e49b0a · 0e49b0a
1 parent d485a35
commit 0e49b0a
Show file tree

Hide file tree

Showing 12 changed files with 1,390 additions and 65 deletions.
diff --git a/Makefile b/Makefile
@@ -5,6 +5,9 @@ INCLUDE_VERSION_IN_FILENAME?=false
 
 default: build
 
+install: vet fmtcheck
+	go install -ldflags="-X github.com/tigrisdata/terraform-provider-tigris/main.version=$(VERSION)"
+
 build: vet
 	@if $(INCLUDE_VERSION_IN_FILENAME); then \
 	    go build -ldflags="-X github.com/tigrisdata/terraform-provider-tigris/main.version=$(VERSION)" -o terraform-provider-tigris_$(VERSION); \
@@ -21,6 +24,7 @@ terraform-provider-lint: tools
 	 -R001=false \
 	 -R003=false \
 	 -R012=false \
+	 -R018=false \
 	 -S006=false \
 	 -S014=false \
 	 -S020=false \
@@ -59,4 +63,4 @@ tools:
 	@echo "==> Installing development tooling..."
 	go generate -tags tools tools/tools.go
 
-.PHONY: build lint terraform-provider-lint vet fmt golangci-lint tools
+.PHONY: build install lint terraform-provider-lint vet fmt golangci-lint tools
diff --git a/README.md b/README.md
@@ -20,8 +20,29 @@ provider "tigris" {
   secret_key = "your-secret-key"
 }
 
-resource "tigris_bucket" "example" {
-  bucket_name = "my-custom-bucket"
+resource "tigris_bucket" "example_bucket" {
+  bucket = "my-custom-bucket"
+}
+
+resource "tigris_bucket_public_access" "example_bucket_public_access" {
+  bucket              = tigris_bucket.example_bucket.bucket
+  acl                 = "private"
+  public_list_objects = false
+}
+
+resource "tigris_bucket_website_config" "example_website_config" {
+  bucket      = tigris_bucket.example_bucket.bucket
+  domain_name = tigris_bucket.example_bucket.bucket
+}
+
+resource "tigris_bucket_shadow_config" "example_shadow_config" {
+  bucket                = tigris_bucket.example_bucket.bucket
+  shadow_bucket         = "my-custom-bucket-shadow"
+  shadow_access_key     = "your-shadow-bucket-access-key"
+  shadow_secret_key     = "your-shadow-bucket-secret-key"
+  shadow_region         = "us-west-2"
+  shadown_endpoint      = "https://s3.us-west-2.amazonaws.com"
+  shadow_write_through  = true
 }
 ```
 
@@ -39,19 +60,17 @@ terraform init
 terraform apply
 ```
 
-## Configuration
+## Provider
 
-### Provider Configuration
+The Tigris provider allows you to manage Tigris buckets.
+
+### Configuration
 
 The provider can be configured with the following parameters:
 
 - access_key: (Optional) The access key. Can also be sourced from the AWS_ACCESS_KEY_ID environment variable.
 - secret_key: (Optional) The secret key. Can also be sourced from the AWS_SECRET_ACCESS_KEY environment variable.
 
-### Resource Configuration
-
-- bucket_name: (Required) The name of the Tigris bucket.
-
 ## Resources
 
 ### tigris_bucket
@@ -64,6 +83,99 @@ The tigris_bucket resource creates and manages a Tigris bucket. This resource su
 - Delete: Deletes the Tigris bucket.
 - Import: Imports an existing Tigris bucket into Terraform’s state.
 
+#### Configuration
+
+- bucket: (Required) The name of the Tigris bucket.
+
+```hcl
+resource "tigris_bucket" "example_bucket" {
+  bucket = "my-custom-bucket"
+}
+```
+
+### tigris_bucket_public_access
+
+The tigris_bucket_public_access resource creates and manages a Tigris bucket public access configuration. This resource supports the following actions:
+
+- Create: Creates a new Tigris bucket public access configuration.
+- Read: Retrieves information about the existing Tigris bucket public access configuration.
+- Update: Updates the bucket public access configuration.
+- Delete: Deletes the Tigris bucket public access configuration.
+- Import: Imports an existing Tigris bucket public access configuration into Terraform’s state.
+
+#### Configuration
+
+- bucket: (Required) The name of the Tigris bucket.
+- acl: (Optional) The access control list for the bucket. Defaults to "private". Possible values are "private", and "public-read".
+
+```hcl
+resource "tigris_bucket_public_access" "example_bucket_public_access" {
+  bucket              = "my-custom-bucket"
+  acl                 = "private"
+  public_list_objects = false
+}
+```
+
+### tigris_bucket_website_config
+
+The tigris_bucket_website_config resource creates and manages a Tigris bucket website configuration. This is used to configure custom domain name for the bucket.
+
+This resource supports the following actions:
+
+- Create: Creates a new Tigris bucket website configuration.
+- Read: Retrieves information about the existing Tigris bucket website configuration.
+- Update: Updates the bucket website configuration.
+- Delete: Deletes the Tigris bucket website configuration.
+- Import: Imports an existing Tigris bucket website configuration into Terraform’s state.
+
+#### Configuration
+
+- bucket: (Required) The name of the Tigris bucket.
+- domain_name: (Required) The domain name for the bucket website.
+
+```hcl
+resource "tigris_bucket_website_config" "example_website_config" {
+  bucket      = images.example.com
+  domain_name = images.example.com
+}
+```
+
+Before using this resource, you must have a bucket created using the tigris_bucket resource. The domain_name must match the bucket name and there must be a CNAME DNS record setup. The CNAME record should point to the Tigris bucket endpoint (e.g., images.example.com CNAME images.example.com.fly.storage.tigris.dev).
+
+### tigris_bucket_shadow_config
+
+The tigris_bucket_shadow_config resource creates and manages a Tigris bucket shadow configuration. The shadow configuration is used to setup a source bucket (shadow bucket) that will be used to migrate data to the Tigris bucket. You can read more about how this migration works [here](https://www.tigrisdata.com/docs/migration/).
+
+This resource supports the following actions:
+
+- Create: Creates a new Tigris bucket shadow configuration.
+- Read: Retrieves information about the existing Tigris bucket shadow configuration.
+- Update: Updates the bucket shadow configuration.
+- Delete: Deletes the Tigris bucket shadow configuration.
+- Import: Imports an existing Tigris bucket shadow configuration into Terraform’s state.
+
+#### Configuration
+
+- bucket: (Required) The name of the Tigris bucket.
+- shadow_bucket: (Required) The name of the shadow bucket.
+- shadow_access_key: (Required) The access key for the shadow bucket.
+- shadow_secret_key: (Required) The secret key for the shadow bucket.
+- shadow_region: (Optional) The region for the shadow bucket. Defaults to "us-east-1".
+- shadow_endpoint: (Optional) The endpoint for the shadow bucket. Defaults to "https://s3.us-east-1.amazonaws.com".
+- shadow_write_through: (Optional) Whether to write through to the shadow bucket. Defaults to true.
+
+```hcl
+resource "tigris_bucket_shadow_config" "example_shadow_config" {
+  bucket                = "my-custom-bucket"
+  shadow_bucket         = "my-custom-bucket-shadow"
+  shadow_access_key     = "your-shadow-bucket-access-key"
+  shadow_secret_key     = "your-shadow-bucket-secret-key"
+  shadow_region         = "us-west-2"
+  shadown_endpoint      = "https://s3.us-west-2.amazonaws.com"
+  shadow_write_through  = true
+}
+```
+
 ## Contributing
 
 Contributions are welcome! Please feel free to submit a Pull Request.
diff --git a/go.mod b/go.mod
@@ -20,9 +20,11 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.30.4 // indirect
 	github.com/aws/smithy-go v1.20.4 // indirect
+	github.com/google/uuid v1.6.0 // indirect
 )
 
 require (
+	github.com/YakDriver/regexache v0.24.0
 	github.com/agext/levenshtein v1.2.2 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
 	github.com/aws/aws-sdk-go-v2 v1.30.4

diff --git a/go.sum b/go.sum
@@ -1,3 +1,5 @@
+github.com/YakDriver/regexache v0.24.0 h1:zUKaixelkswzdqsqPc2sveiV//Mi/msJn0teG8zBDiA=
+github.com/YakDriver/regexache v0.24.0/go.mod h1:awcd8uBj614F3ScW06JqlfSGqq2/7vdJHy+RiKzVC+g=
 github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE=
 github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
 github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec=
@@ -53,6 +55,8 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI=
 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs=
 github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=