Skip to content

Commit

Permalink
Merge branch 'main' of https://github.com/dynatrace-oss/terraform-pro…
Browse files Browse the repository at this point in the history 
…vider-dynatrace
  • Loading branch information
@kishikawa12
kishikawa12 committed Sep 18, 2024
2 parents e2665a3 + 1fcf63f commit a70e486
Show file tree
Hide file tree
Showing 20 changed files with 495 additions and 397 deletions.
4 changes: 2 additions & 2 deletions dynatrace/api/iam/account_policy_service_client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ type AccountPolicyServiceClient struct {
PolicyClient *BasePolicyServiceClient
}

func NewAccountPolicyService(clientID string, accountID string, clientSecret string) *AccountPolicyServiceClient {
return &AccountPolicyServiceClient{PolicyClient: NewBasePolicyService(clientID, accountID, clientSecret)}
func NewAccountPolicyService(clientID string, accountID string, clientSecret string, tokenURL string, endpointURL string) *AccountPolicyServiceClient {
return &AccountPolicyServiceClient{PolicyClient: NewBasePolicyService(clientID, accountID, clientSecret, tokenURL, endpointURL)}
}

func (me *AccountPolicyServiceClient) CREATE(policy *Policy) (string, error) {
Expand Down
24 changes: 17 additions & 7 deletions dynatrace/api/iam/base_policy_service_client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ type BasePolicyServiceClient struct {
clientID string
accountID string
clientSecret string
tokenURL string
endpointURL string
}

func (me *BasePolicyServiceClient) ClientID() string {
Expand All @@ -23,16 +25,24 @@ func (me *BasePolicyServiceClient) ClientSecret() string {
return me.clientSecret
}

func NewBasePolicyService(clientID string, accountID string, clientSecret string) *BasePolicyServiceClient {
return &BasePolicyServiceClient{clientID: clientID, accountID: accountID, clientSecret: clientSecret}
func (me *BasePolicyServiceClient) TokenURL() string {
return me.tokenURL
}

func (me *BasePolicyServiceClient) EndpointURL() string {
return me.endpointURL
}

func NewBasePolicyService(clientID string, accountID string, clientSecret string, tokenURL string, endpointURL string) *BasePolicyServiceClient {
return &BasePolicyServiceClient{clientID: clientID, accountID: accountID, clientSecret: clientSecret, tokenURL: tokenURL, endpointURL: endpointURL}
}

func (me *BasePolicyServiceClient) CREATE(level PolicyLevel, levelID string, policy *Policy) (string, error) {
var err error
var responseBytes []byte

client := NewIAMClient(me)
if responseBytes, err = client.POST(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/%s/%s/policies", level, levelID), policy, 201, false); err != nil {
if responseBytes, err = client.POST(fmt.Sprintf("%s/iam/v1/repo/%s/%s/policies", me.endpointURL, level, levelID), policy, 201, false); err != nil {
return "", err
}

Expand All @@ -49,7 +59,7 @@ func (me *BasePolicyServiceClient) GET(level PolicyLevel, levelID string, uuid s

client := NewIAMClient(me)

if responseBytes, err = client.GET(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/%s/%s/policies/%s", level, levelID, uuid), 200, false); err != nil {
if responseBytes, err = client.GET(fmt.Sprintf("%s/iam/v1/repo/%s/%s/policies/%s", me.endpointURL, level, levelID, uuid), 200, false); err != nil {
return nil, err
}

Expand All @@ -65,7 +75,7 @@ func (me *BasePolicyServiceClient) UPDATE(level PolicyLevel, levelID string, pol

client := NewIAMClient(me)

if _, err = client.PUT(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/%s/%s/policies/%s", level, levelID, uuid), policy, 200, false); err != nil {
if _, err = client.PUT(fmt.Sprintf("%s/iam/v1/repo/%s/%s/policies/%s", me.endpointURL, level, levelID, uuid), policy, 200, false); err != nil {
return err
}
return nil
Expand All @@ -85,7 +95,7 @@ func (me *BasePolicyServiceClient) List(level PolicyLevel, levelID string) ([]Po
var err error
var responseBytes []byte

if responseBytes, err = NewIAMClient(me).GET(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/%s/%s/policies", level, levelID), 200, false); err != nil {
if responseBytes, err = NewIAMClient(me).GET(fmt.Sprintf("%s/iam/v1/repo/%s/%s/policies", me.endpointURL, level, levelID), 200, false); err != nil {
return nil, err
}

Expand All @@ -111,6 +121,6 @@ func (me *BasePolicyServiceClient) LIST(level PolicyLevel, levelID string) ([]st
}

func (me *BasePolicyServiceClient) DELETE(level PolicyLevel, levelID string, uuid string) error {
_, err := NewIAMClient(me).DELETE(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/%s/%s/policies/%s", level, levelID, uuid), 204, false)
_, err := NewIAMClient(me).DELETE(fmt.Sprintf("%s/iam/v1/repo/%s/%s/policies/%s", me.endpointURL, level, levelID, uuid), 204, false)
return err
}
28 changes: 19 additions & 9 deletions dynatrace/api/iam/bindings/service.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ type BindingServiceClient struct {
clientID string
accountID string
clientSecret string
tokenURL string
endpointURL string
}

func (me *BindingServiceClient) ClientID() string {
Expand All @@ -31,12 +33,20 @@ func (me *BindingServiceClient) ClientSecret() string {
return me.clientSecret
}

func NewPolicyService(clientID string, accountID string, clientSecret string) *BindingServiceClient {
return &BindingServiceClient{clientID: clientID, accountID: accountID, clientSecret: clientSecret}
func (me *BindingServiceClient) TokenURL() string {
return me.tokenURL
}

func (me *BindingServiceClient) EndpointURL() string {
return me.endpointURL
}

func NewPolicyService(clientID string, accountID string, clientSecret string, tokenURL string, endpointURL string) *BindingServiceClient {
return &BindingServiceClient{clientID: clientID, accountID: accountID, clientSecret: clientSecret, tokenURL: tokenURL, endpointURL: endpointURL}
}

func Service(credentials *settings.Credentials) settings.CRUDService[*bindings.PolicyBinding] {
return &BindingServiceClient{clientID: credentials.IAM.ClientID, accountID: credentials.IAM.AccountID, clientSecret: credentials.IAM.ClientSecret}
return &BindingServiceClient{clientID: credentials.IAM.ClientID, accountID: credentials.IAM.AccountID, clientSecret: credentials.IAM.ClientSecret, tokenURL: credentials.IAM.TokenURL, endpointURL: credentials.IAM.EndpointURL}
}

func (me *BindingServiceClient) SchemaID() string {
Expand Down Expand Up @@ -69,7 +79,7 @@ func (me *BindingServiceClient) Get(ctx context.Context, id string, v *bindings.

client := iam.NewIAMClient(me)

if responseBytes, err = client.GET(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/%s/%s/bindings/groups/%s", levelType, levelID, groupID), 200, false); err != nil {
if responseBytes, err = client.GET(fmt.Sprintf("%s/iam/v1/repo/%s/%s/bindings/groups/%s", me.endpointURL, levelType, levelID, groupID), 200, false); err != nil {
return err
}
if err = json.Unmarshal(responseBytes, &v); err != nil {
Expand Down Expand Up @@ -109,7 +119,7 @@ func (me *BindingServiceClient) Update(ctx context.Context, id string, bindings
}
bindings.PolicyIDs = policyIDs

if _, err = client.PUT(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/%s/%s/bindings/groups/%s", levelType, levelID, groupID), bindings, 204, false); err != nil {
if _, err = client.PUT(fmt.Sprintf("%s/iam/v1/repo/%s/%s/bindings/groups/%s", me.endpointURL, levelType, levelID, groupID), bindings, 204, false); err != nil {
return err
}
return nil
Expand All @@ -136,7 +146,7 @@ func (me *BindingServiceClient) List(ctx context.Context) (api.Stubs, error) {
var responseBytes []byte
client := iam.NewIAMClient(me)

if responseBytes, err = client.GET(fmt.Sprintf("https://api.dynatrace.com/env/v2/accounts/%s/environments", strings.TrimPrefix(me.AccountID(), "urn:dtaccount:")), 200, false); err != nil {
if responseBytes, err = client.GET(fmt.Sprintf("%s/env/v2/accounts/%s/environments", me.endpointURL, strings.TrimPrefix(me.AccountID(), "urn:dtaccount:")), 200, false); err != nil {
return nil, err
}

Expand All @@ -145,7 +155,7 @@ func (me *BindingServiceClient) List(ctx context.Context) (api.Stubs, error) {
return nil, err
}

if responseBytes, err = client.GET(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/account/%s/bindings", strings.TrimPrefix(me.AccountID(), "urn:dtaccount:")), 200, false); err != nil {
if responseBytes, err = client.GET(fmt.Sprintf("%s/iam/v1/repo/account/%s/bindings", me.endpointURL, strings.TrimPrefix(me.AccountID(), "urn:dtaccount:")), 200, false); err != nil {
return nil, err
}

Expand All @@ -167,7 +177,7 @@ func (me *BindingServiceClient) List(ctx context.Context) (api.Stubs, error) {
}

for _, environment := range envResponse.Data {
if responseBytes, err = client.GET(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/environment/%s/bindings", environment.ID), 200, false); err != nil {
if responseBytes, err = client.GET(fmt.Sprintf("%s/iam/v1/repo/environment/%s/bindings", me.endpointURL, environment.ID), 200, false); err != nil {
return nil, err
}

Expand Down Expand Up @@ -200,7 +210,7 @@ func (me *BindingServiceClient) Delete(ctx context.Context, id string) error {
return err
}
for _, policyID := range binding.PolicyIDs {
if _, err = iam.NewIAMClient(me).DELETE(fmt.Sprintf("https://api.dynatrace.com/iam/v1/repo/%s/%s/bindings/%s/%s", levelType, levelID, policyID, groupID), 204, false); err != nil {
if _, err = iam.NewIAMClient(me).DELETE(fmt.Sprintf("%s/iam/v1/repo/%s/%s/bindings/%s/%s", me.endpointURL, levelType, levelID, policyID, groupID), 204, false); err != nil {
return err
}
}
Expand Down
4 changes: 2 additions & 2 deletions dynatrace/api/iam/environment_policy_service_client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ type EnvironmentPolicyServiceClient struct {
PolicyClient *BasePolicyServiceClient
}

func NewEnvironmentPolicyService(clientID string, accountID string, clientSecret string) *EnvironmentPolicyServiceClient {
return &EnvironmentPolicyServiceClient{PolicyClient: NewBasePolicyService(clientID, accountID, clientSecret)}
func NewEnvironmentPolicyService(clientID string, accountID string, clientSecret string, tokenURL string, endpointURL string) *EnvironmentPolicyServiceClient {
return &EnvironmentPolicyServiceClient{PolicyClient: NewBasePolicyService(clientID, accountID, clientSecret, tokenURL, endpointURL)}
}

func (me *EnvironmentPolicyServiceClient) CREATE(policy *Policy) (string, error) {
Expand Down
4 changes: 2 additions & 2 deletions dynatrace/api/iam/global_policy_service_client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ type GlobalPolicyServiceClient struct {
PolicyClient *BasePolicyServiceClient
}

func NewGlobalPolicyService(clientID string, accountID string, clientSecret string) *GlobalPolicyServiceClient {
return &GlobalPolicyServiceClient{PolicyClient: NewBasePolicyService(clientID, accountID, clientSecret)}
func NewGlobalPolicyService(clientID string, accountID string, clientSecret string, tokenURL string, endpointURL string) *GlobalPolicyServiceClient {
return &GlobalPolicyServiceClient{PolicyClient: NewBasePolicyService(clientID, accountID, clientSecret, tokenURL, endpointURL)}
}

func (me *GlobalPolicyServiceClient) GET(levelID string, uuid string) (*Policy, error) {
Expand Down
30 changes: 20 additions & 10 deletions dynatrace/api/iam/groups/service.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ type GroupServiceClient struct {
clientID string
accountID string
clientSecret string
tokenURL string
endpointURL string
}

func (me *GroupServiceClient) ClientID() string {
Expand All @@ -43,12 +45,20 @@ func (me *GroupServiceClient) ClientSecret() string {
return me.clientSecret
}

func NewGroupService(clientID string, accountID string, clientSecret string) settings.CRUDService[*groups.Group] {
return &GroupServiceClient{clientID: clientID, accountID: accountID, clientSecret: clientSecret}
func (me *GroupServiceClient) TokenURL() string {
return me.tokenURL
}

func (me *GroupServiceClient) EndpointURL() string {
return me.endpointURL
}

func NewGroupService(clientID string, accountID string, clientSecret string, tokenURL string, endpointURL string) settings.CRUDService[*groups.Group] {
return &GroupServiceClient{clientID: clientID, accountID: accountID, clientSecret: clientSecret, tokenURL: tokenURL, endpointURL: endpointURL}
}

func Service(credentials *settings.Credentials) settings.CRUDService[*groups.Group] {
return &GroupServiceClient{clientID: credentials.IAM.ClientID, accountID: credentials.IAM.AccountID, clientSecret: credentials.IAM.ClientSecret}
return &GroupServiceClient{clientID: credentials.IAM.ClientID, accountID: credentials.IAM.AccountID, clientSecret: credentials.IAM.ClientSecret, tokenURL: credentials.IAM.TokenURL, endpointURL: credentials.IAM.EndpointURL}
}

func (me *GroupServiceClient) SchemaID() string {
Expand All @@ -70,7 +80,7 @@ func (me *GroupServiceClient) Create(ctx context.Context, group *groups.Group) (
var responseBytes []byte

client := iam.NewIAMClient(me)
if responseBytes, err = client.POST(fmt.Sprintf("https://api.dynatrace.com/iam/v1/accounts/%s/groups", strings.TrimPrefix(me.AccountID(), "urn:dtaccount:")), []*groups.Group{group}, 201, false); err != nil {
if responseBytes, err = client.POST(fmt.Sprintf("%s/iam/v1/accounts/%s/groups", me.endpointURL, strings.TrimPrefix(me.AccountID(), "urn:dtaccount:")), []*groups.Group{group}, 201, false); err != nil {
return nil, err
}

Expand All @@ -82,7 +92,7 @@ func (me *GroupServiceClient) Create(ctx context.Context, group *groups.Group) (
groupName := responseGroups[0].Name

if len(group.Permissions) > 0 {
if _, err = client.PUT(fmt.Sprintf("https://api.dynatrace.com/iam/v1/accounts/%s/groups/%s/permissions", strings.TrimPrefix(me.AccountID(), "urn:dtaccount:"), groupID), group.Permissions, 200, false); err != nil {
if _, err = client.PUT(fmt.Sprintf("%s/iam/v1/accounts/%s/groups/%s/permissions", me.endpointURL, strings.TrimPrefix(me.AccountID(), "urn:dtaccount:"), groupID), group.Permissions, 200, false); err != nil {
return nil, err
}
}
Expand All @@ -100,7 +110,7 @@ func (me *GroupServiceClient) Update(ctx context.Context, uuid string, group *gr
var err error

client := iam.NewIAMClient(me)
if _, err = client.PUT(fmt.Sprintf("https://api.dynatrace.com/iam/v1/accounts/%s/groups/%s", strings.TrimPrefix(me.AccountID(), "urn:dtaccount:"), uuid), group, 200, false); err != nil {
if _, err = client.PUT(fmt.Sprintf("%s/iam/v1/accounts/%s/groups/%s", me.endpointURL, strings.TrimPrefix(me.AccountID(), "urn:dtaccount:"), uuid), group, 200, false); err != nil {
return err
}

Expand All @@ -109,7 +119,7 @@ func (me *GroupServiceClient) Update(ctx context.Context, uuid string, group *gr
if len(group.Permissions) > 0 {
permissions = group.Permissions
}
if _, err = client.PUT(fmt.Sprintf("https://api.dynatrace.com/iam/v1/accounts/%s/groups/%s/permissions", strings.TrimPrefix(me.AccountID(), "urn:dtaccount:"), uuid), permissions, 200, false); err != nil {
if _, err = client.PUT(fmt.Sprintf("%s/iam/v1/accounts/%s/groups/%s/permissions", me.endpointURL, strings.TrimPrefix(me.AccountID(), "urn:dtaccount:"), uuid), permissions, 200, false); err != nil {
return err
}

Expand Down Expand Up @@ -176,7 +186,7 @@ func (me *GroupServiceClient) listUnguarded() ([]*ListGroup, error) {
client := iam.NewIAMClient(me)
var response ListGroupsResponse
accountID := strings.TrimPrefix(me.AccountID(), "urn:dtaccount:")
if err = iam.GET(client, fmt.Sprintf("https://api.dynatrace.com/iam/v1/accounts/%s/groups", accountID), 200, false, &response); err != nil {
if err = iam.GET(client, fmt.Sprintf("%s/iam/v1/accounts/%s/groups", me.endpointURL, accountID), 200, false, &response); err != nil {
return nil, err
}
return response.Items, nil
Expand All @@ -192,7 +202,7 @@ func (me *GroupServiceClient) Get(ctx context.Context, id string, v *groups.Grou
accountID := strings.TrimPrefix(me.AccountID(), "urn:dtaccount:")
client := iam.NewIAMClient(me)
var groupStub ListGroup
if err = iam.GET(client, fmt.Sprintf("https://api.dynatrace.com/iam/v1/accounts/%s/groups/%s/permissions", accountID, id), 200, false, &groupStub); err != nil {
if err = iam.GET(client, fmt.Sprintf("%s/iam/v1/accounts/%s/groups/%s/permissions", me.endpointURL, accountID, id), 200, false, &groupStub); err != nil {
return err
}

Expand All @@ -209,7 +219,7 @@ func (me *GroupServiceClient) Get(ctx context.Context, id string, v *groups.Grou
}

func (me *GroupServiceClient) Delete(ctx context.Context, id string) error {
_, err := iam.NewIAMClient(me).DELETE(fmt.Sprintf("https://api.dynatrace.com/iam/v1/accounts/%s/groups/%s", strings.TrimPrefix(me.AccountID(), "urn:dtaccount:"), id), 200, false)
_, err := iam.NewIAMClient(me).DELETE(fmt.Sprintf("%s/iam/v1/accounts/%s/groups/%s", me.endpointURL, strings.TrimPrefix(me.AccountID(), "urn:dtaccount:"), id), 200, false)

// data sources MAY have cached a list of group IDs
// Updating the (publicly available) revision signals to them that either a CREATE or DELETE has happened since
Expand Down
11 changes: 9 additions & 2 deletions dynatrace/api/iam/oauth_client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ type Authenticator interface {
ClientID() string
AccountID() string
ClientSecret() string
TokenURL() string
EndpointURL() string
}

var tokens = map[string]string{}
Expand All @@ -36,6 +38,7 @@ var msgInvalidOAuthCredentials = "Invalid OAuth credentials"
const errMsgClientIDMissing = ` No OAuth Client configured. Please specify either one of these environment variables: IAM_CLIENT_ID, DYNATRACE_IAM_CLIENT_ID, DT_IAM_CLIENT_ID, DT_CLIENT_ID, DYNATRACE_CLIENT_ID`
const errMsgAccountIDMissing = ` No Account ID configured. Please specify either one of these environment variables: IAM_ACCOUNT_ID, DYNATRACE_IAM_ACCOUNT_ID, DT_IAM_ACCOUNT_ID, DT_ACCOUNT_ID, DYNATRACE_ACCOUNT_ID`
const errMsgClientSecretMissing = ` No OAuth Client Secret configured. Please specify either one of these environment variables: IAM_CLIENT_SECRET, DYNATRACE_IAM_CLIENT_SECRET, DT_IAM_CLIENT_SECRET, DYNATRACE_CLIENT_SECRET, DT_CLIENT_SECRET`
const errMsgTokenURLMissing = ` No OAuth Token URL configured. Please specify either one of these environment variables: IAM_TOKEN_URL, DYNATRACE_IAM_TOKEN_URL, DT_IAM_TOKEN_URL, DYNATRACE_TOKEN_URL, DT_TOKEN_URL`

func getBearer(auth Authenticator, forceNew bool) (string, error) {
mutex.Lock()
Expand All @@ -53,6 +56,10 @@ func getBearer(auth Authenticator, forceNew bool) (string, error) {
if len(strings.TrimSpace(clientSecret)) == 0 {
return "", errors.New(errMsgClientSecretMissing)
}
tokenURL := auth.TokenURL()
if len(strings.TrimSpace(tokenURL)) == 0 {
return "", errors.New(errMsgTokenURLMissing)
}

var httpReq *http.Request
var httpRes *http.Response
Expand All @@ -74,7 +81,7 @@ func getBearer(auth Authenticator, forceNew bool) (string, error) {
)
payload := strings.NewReader(payloadStr)

if httpReq, err = http.NewRequest(http.MethodPost, "https://sso.dynatrace.com/sso/oauth2/token", payload); err != nil {
if httpReq, err = http.NewRequest(http.MethodPost, tokenURL, payload); err != nil {
return "", err
}
httpReq.Header.Set("Content-Type", "application/x-www-form-urlencoded")
Expand All @@ -91,7 +98,7 @@ func getBearer(auth Authenticator, forceNew bool) (string, error) {
url.QueryEscape(auth.ClientID()),
url.QueryEscape("<hidden>"),
)
rest.Logger.Println("POST https://sso.dynatrace.com/sso/oauth2/token")
rest.Logger.Println("POST", tokenURL)
rest.Logger.Println(" " + debugPayloadStr)
rest.Logger.Println(" -> " + string(body))
}
Expand Down
Loading

0 comments on commit a70e486

Please sign in to comment.