diff --git a/go.mod b/go.mod index dc2b211..0cf591a 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/ebu/terraform-provider-mcma go 1.18 require ( - github.com/ebu/mcma-libraries-go v0.0.16 + github.com/ebu/mcma-libraries-go v0.0.19 github.com/hashicorp/terraform-plugin-docs v0.7.0 github.com/hashicorp/terraform-plugin-sdk/v2 v2.13.0 ) diff --git a/go.sum b/go.sum index 0844fdc..37545c5 100644 --- a/go.sum +++ b/go.sum @@ -53,6 +53,12 @@ github.com/ebu/mcma-libraries-go v0.0.15 h1:+ruk6fGFtK6byTdLJLxnnqHz+mUp5Fgooepu github.com/ebu/mcma-libraries-go v0.0.15/go.mod h1:RnT/sTbg7ICp6NHDxyj/xX9xI+bqbcm9SUkPTIJnqs4= github.com/ebu/mcma-libraries-go v0.0.16 h1:NKmqnMlqGGrhhktzZ9/5coYVqp1kjnSRNXy00zccSZc= github.com/ebu/mcma-libraries-go v0.0.16/go.mod h1:RnT/sTbg7ICp6NHDxyj/xX9xI+bqbcm9SUkPTIJnqs4= +github.com/ebu/mcma-libraries-go v0.0.17 h1:dX7AFX1nIPkoM/CYXGb9fXNBFtY/TayJv69FvEjRIgA= +github.com/ebu/mcma-libraries-go v0.0.17/go.mod h1:RnT/sTbg7ICp6NHDxyj/xX9xI+bqbcm9SUkPTIJnqs4= +github.com/ebu/mcma-libraries-go v0.0.18 h1:Bji40o9TY62lOCbOnhBwVnUKL8r8y+uP071m1ao0EaQ= +github.com/ebu/mcma-libraries-go v0.0.18/go.mod h1:RnT/sTbg7ICp6NHDxyj/xX9xI+bqbcm9SUkPTIJnqs4= +github.com/ebu/mcma-libraries-go v0.0.19 h1:O1lhCj1eFLbwUOOIO9sR8JUZ2SsXUFEgvXtl0n+WKfw= +github.com/ebu/mcma-libraries-go v0.0.19/go.mod h1:RnT/sTbg7ICp6NHDxyj/xX9xI+bqbcm9SUkPTIJnqs4= github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg= github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= diff --git a/mcma/mcma_api_key_auth.go b/mcma/mcma_api_key_auth.go new file mode 100644 index 0000000..689c93e --- /dev/null +++ b/mcma/mcma_api_key_auth.go @@ -0,0 +1,16 @@ +package mcma + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + + mcmaclient "github.com/ebu/mcma-libraries-go/client" +) + +func GetMcmaApiKeyAuthenticator(authData map[string]interface{}) (mcmaclient.Authenticator, diag.Diagnostics) { + apiKey, d := GetAuthDataString(authData, "api_key", true) + if d != nil { + return nil, d + } + + return mcmaclient.NewMcmaApiKeyAuthenticator(apiKey), nil +} diff --git a/mcma/provider.go b/mcma/provider.go index 645adcd..a902c4f 100644 --- a/mcma/provider.go +++ b/mcma/provider.go @@ -54,6 +54,19 @@ func Provider() *schema.Provider { }, }, }, + "mcma_api_key_auth": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "api_key": { + Type: schema.TypeString, + Description: "The MCMA API key (header = 'x-mcma-api-key') to use for authentication", + Required: true, + }, + }, + }, + }, }, ResourcesMap: map[string]*schema.Resource{ "mcma_service": resourceService(), @@ -71,9 +84,10 @@ func addAuthToMap( authMap map[string]mcmaclient.Authenticator, resourceData *schema.ResourceData, authType string, + authKey string, authFactory func(map[string]interface{}) (mcmaclient.Authenticator, diag.Diagnostics), ) diag.Diagnostics { - blocks := resourceData.Get(authType + "_auth").(*schema.Set).List() + blocks := resourceData.Get(authKey + "_auth").(*schema.Set).List() switch len(blocks) { case 0: return nil @@ -97,7 +111,8 @@ func configure(d *schema.ResourceData) (interface{}, diag.Diagnostics) { serviceRegistryAuthType := d.Get("service_registry_auth_type").(string) authMap := make(map[string]mcmaclient.Authenticator) - addAuthToMap(authMap, d, "aws4", GetAWS4Authenticator) + addAuthToMap(authMap, d, "AWS4", "aws4", GetAWS4Authenticator) + addAuthToMap(authMap, d, "McmaApiKey", "mcma_api_key", GetMcmaApiKeyAuthenticator) if len(authMap) == 1 && serviceRegistryAuthType == "" { for s := range authMap { diff --git a/mcma/provider_test.go b/mcma/provider_test.go index 5c355fa..f478f6a 100644 --- a/mcma/provider_test.go +++ b/mcma/provider_test.go @@ -16,6 +16,10 @@ func init() { } } +type authBlock interface { + GetText() string +} + type aws4AuthBlock struct { region string profile string @@ -23,7 +27,38 @@ type aws4AuthBlock struct { secretKey string } -func getProviderConfig(serviceRegistryUrl string, serviceRegistryAuthType string, authBlocks []aws4AuthBlock) string { +func (authBlock aws4AuthBlock) GetText() string { + authBlockText := " aws4_auth {\n" + if authBlock.region != "" { + authBlockText += " region = \"" + authBlock.region + "\"\n" + } + if authBlock.profile != "" { + authBlockText += " profile = \"" + authBlock.profile + "\"\n" + } + if authBlock.accessKey != "" { + authBlockText += " access_key = \"" + authBlock.accessKey + "\"\n" + } + if authBlock.secretKey != "" { + authBlockText += " secret_key = \"" + authBlock.secretKey + "\"\n" + } + authBlockText += " }\n" + return authBlockText +} + +type mcmaApiKeyAuthBlock struct { + apiKey string +} + +func (authBlock mcmaApiKeyAuthBlock) GetText() string { + authBlockText := " mcma_api_key_auth {\n" + if authBlock.apiKey != "" { + authBlockText += " api_key = \"" + authBlock.apiKey + "\"\n" + } + authBlockText += " }\n" + return authBlockText +} + +func getProviderConfig(serviceRegistryUrl string, serviceRegistryAuthType string, authBlocks []authBlock) string { providerConfig := "provider \"mcma\" {\n" providerConfig += " service_registry_url = \"" + serviceRegistryUrl + "\"\n" if serviceRegistryAuthType != "" { @@ -31,20 +66,7 @@ func getProviderConfig(serviceRegistryUrl string, serviceRegistryAuthType string } if authBlocks != nil && len(authBlocks) > 0 { for _, authBlock := range authBlocks { - providerConfig += " aws4_auth {\n" - if authBlock.region != "" { - providerConfig += " region = \"" + authBlock.region + "\"\n" - } - if authBlock.profile != "" { - providerConfig += " profile = \"" + authBlock.profile + "\"\n" - } - if authBlock.accessKey != "" { - providerConfig += " access_key = \"" + authBlock.accessKey + "\"\n" - } - if authBlock.secretKey != "" { - providerConfig += " secret_key = \"" + authBlock.secretKey + "\"\n" - } - providerConfig += " }\n" + providerConfig += authBlock.GetText() } } providerConfig += "}\n" @@ -52,7 +74,7 @@ func getProviderConfig(serviceRegistryUrl string, serviceRegistryAuthType string } func getAwsProfileProviderConfig(serviceRegistryUrl string, region string, profile string) string { - authBlocks := make([]aws4AuthBlock, 1) + authBlocks := make([]authBlock, 1) authBlocks[0] = aws4AuthBlock{ region: region, profile: profile, @@ -63,3 +85,15 @@ func getAwsProfileProviderConfig(serviceRegistryUrl string, region string, profi func getAwsProfileProviderConfigFromEnvVars() string { return getAwsProfileProviderConfig(os.Getenv("MCMA_AWS_SERVICE_REGISTRY_URL"), os.Getenv("MCMA_AWS_REGION"), os.Getenv("MCMA_AWS_PROFILE")) } + +func getMcmaApiKeyProviderConfig(serviceRegistryUrl, apiKey string) string { + authBlocks := make([]authBlock, 1) + authBlocks[0] = mcmaApiKeyAuthBlock{ + apiKey: apiKey, + } + return getProviderConfig(serviceRegistryUrl, "", authBlocks) +} + +func getMcmaApiKeyProviderConfigFromEnvVars() string { + return getMcmaApiKeyProviderConfig(os.Getenv("MCMA_AWS_SERVICE_REGISTRY_URL"), os.Getenv("MCMA_API_KEY")) +} diff --git a/mcma/resource_job_profile_test.go b/mcma/resource_job_profile_test.go index 4ba6175..deb8801 100644 --- a/mcma/resource_job_profile_test.go +++ b/mcma/resource_job_profile_test.go @@ -41,7 +41,7 @@ func TestAccMcmaJobProfile_basic(t *testing.T) { } } //resource.Test(t, createTestCase(getKubernetesProviderConfigFromEnvVars())) - resource.Test(t, createTestCase(getAwsProfileProviderConfigFromEnvVars())) + resource.Test(t, createTestCase(getMcmaApiKeyProviderConfigFromEnvVars())) } func testAccCheckMcmaJobProfileDestroy(s *terraform.State) error { diff --git a/mcma/resource_mcma_resource_test.go b/mcma/resource_mcma_resource_test.go index 00522a8..fe6d75f 100644 --- a/mcma/resource_mcma_resource_test.go +++ b/mcma/resource_mcma_resource_test.go @@ -31,7 +31,7 @@ func TestAccMcmaResource_basic(t *testing.T) { }, } } - resource.Test(t, createTestCase(getAwsProfileProviderConfigFromEnvVars())) + resource.Test(t, createTestCase(getMcmaApiKeyProviderConfigFromEnvVars())) } func testAccCheckMcmaResourceDestroy(s *terraform.State) error { diff --git a/mcma/resource_service_test.go b/mcma/resource_service_test.go index c6863b0..595e25c 100644 --- a/mcma/resource_service_test.go +++ b/mcma/resource_service_test.go @@ -40,7 +40,7 @@ func TestAccMcmaService_basic(t *testing.T) { } } //resource.Test(t, createTestCase(getKubernetesProviderConfigFromEnvVars())) - resource.Test(t, createTestCase(getAwsProfileProviderConfigFromEnvVars())) + resource.Test(t, createTestCase(getMcmaApiKeyProviderConfigFromEnvVars())) } func testAccCheckMcmaServiceDestroy(s *terraform.State) error {