feat: [PL-57366]: Onboarding TF Sanity to IE Clusters (#1097)

* feat:[PL-57366]: secret azureTest creation missing * feat:[PL-57366]: users got commented * OPA Test fix for TF sanity pipeline * OPA Test fix for TF * feat:[PL-57366]: gitops_tf * feat:[PL-57366]: gitops_tf removed * Test Fix * feat:[PL-57366]: CBP required connector tests * feat:[PL-57366]: account data tests * Added Dummy Tests for TF qa0 env * Pre-requisite for IE TF Sanity * added main.tf file * added required_providers * fix: azuretest * fix: azuretest * fix: azuretest * Delete connectorreport.xml * PL connectors to SM * fix: PL connectors to SM * fix: Pl_SM Referring in provider.go (#1096) * fix: PL connectors to SM * fix: Pl_SM Referring in provider.go (#1096) --------- Co-authored-by: Sameed Ul Haq <[email protected]> Co-authored-by: Ritek <[email protected]>
harness · Oct 18, 2024 · 6528a62 · 6528a62
1 parent 51eb950
commit 6528a62
Show file tree

Hide file tree

Showing 40 changed files with 872 additions and 160 deletions.
diff --git a/examples/resources/harness_platform_organization/resource.tf b/examples/resources/harness_platform_organization/resource.tf
@@ -1,6 +1,6 @@
 resource "harness_platform_organization" "this" {
   identifier  = "MyOrg"
-  name        = "My Otganization"
+  name        = "My Organization"
   description = "An example organization"
   tags        = ["foo:bar", "baz:qux"]
 }
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
@@ -56,6 +56,7 @@ import (
 	"github.com/harness/terraform-provider-harness/internal/service/platform/autostopping/schedule"
 	"github.com/harness/terraform-provider-harness/internal/service/platform/ccm_filters"
 	"github.com/harness/terraform-provider-harness/internal/service/platform/connector"
+	pl_secretManagers "github.com/harness/terraform-provider-harness/internal/service/platform/connector/secretManagers"
 	pl_current_user "github.com/harness/terraform-provider-harness/internal/service/platform/current_user"
 	pl_delegatetoken "github.com/harness/terraform-provider-harness/internal/service/platform/delegate_token"
 	pl_environment "github.com/harness/terraform-provider-harness/internal/service/platform/environment"
@@ -156,25 +157,25 @@ func Provider(version string) func() *schema.Provider {
 			},
 			DataSourcesMap: map[string]*schema.Resource{
 				"harness_platform_template":                        pl_template.DataSourceTemplate(),
-				"harness_platform_connector_azure_key_vault":       connector.DataSourceConnectorAzureKeyVault(),
+				"harness_platform_connector_azure_key_vault":       pl_secretManagers.DataSourceConnectorAzureKeyVault(),
 				"harness_platform_connector_gcp_cloud_cost":        connector.DataSourceConnectorGCPCloudCost(),
 				"harness_platform_connector_kubernetes_cloud_cost": connector.DatasourceConnectorKubernetesCloudCost(),
 				"harness_platform_connector_azure_cloud_cost":      connector.DataSourceConnectorAzureCloudCost(),
 				"harness_platform_connector_appdynamics":           connector.DatasourceConnectorAppDynamics(),
 				"harness_platform_connector_elasticsearch":         connector.DatasourceConnectorElasticSearch(),
 				"harness_platform_connector_artifactory":           connector.DatasourceConnectorArtifactory(),
-				"harness_platform_connector_aws_secret_manager":    connector.DatasourceConnectorAwsSM(),
+				"harness_platform_connector_aws_secret_manager":    pl_secretManagers.DatasourceConnectorAwsSM(),
 				"harness_platform_connector_aws":                   connector.DatasourceConnectorAws(),
 				"harness_platform_connector_awscc":                 connector.DatasourceConnectorAwsCC(),
-				"harness_platform_connector_awskms":                connector.DatasourceConnectorAwsKms(),
+				"harness_platform_connector_awskms":                pl_secretManagers.DatasourceConnectorAwsKms(),
 				"harness_platform_connector_bitbucket":             connector.DatasourceConnectorBitbucket(),
 				"harness_platform_connector_customhealthsource":    connector.DatasourceConnectorCustomHealthSource(),
 				"harness_platform_connector_datadog":               connector.DatasourceConnectorDatadog(),
 				"harness_platform_connector_docker":                connector.DatasourceConnectorDocker(),
 				"harness_platform_connector_jdbc":                  connector.DatasourceConnectorJDBC(),
 				"harness_platform_connector_dynatrace":             connector.DatasourceConnectorDynatrace(),
 				"harness_platform_connector_gcp":                   connector.DatasourceConnectorGcp(),
-				"harness_platform_connector_gcp_secret_manager":    connector.DatasourceConnectorGcpSM(),
+				"harness_platform_connector_gcp_secret_manager":    pl_secretManagers.DatasourceConnectorGcpSM(),
 				"harness_platform_connector_git":                   connector.DatasourceConnectorGit(),
 				"harness_platform_connector_github":                connector.DatasourceConnectorGithub(),
 				"harness_platform_connector_gitlab":                connector.DatasourceConnectorGitlab(),
@@ -192,7 +193,7 @@ func Provider(version string) func() *schema.Provider {
 				"harness_platform_connector_terraform_cloud":       connector.DatasourceConnectorTerraformCloud(),
 				"harness_platform_connector_sumologic":             connector.DatasourceConnectorSumologic(),
 				"harness_platform_connector_pdc":                   connector.DatasourceConnectorPdc(),
-				"harness_platform_connector_custom_secret_manager": connector.DatasourceConnectorCustomSM(),
+				"harness_platform_connector_custom_secret_manager": pl_secretManagers.DatasourceConnectorCustomSM(),
 				"harness_platform_current_account":                 pl_account.DataSourceCurrentAccount(),
 				"harness_platform_current_user":                    pl_current_user.DataSourceCurrentUser(),
 				"harness_platform_user":                            pl_user.DataSourceUser(),
@@ -236,7 +237,7 @@ func Provider(version string) func() *schema.Provider {
 				"harness_platform_triggers":                        triggers.DataSourceTriggers(),
 				"harness_platform_role_assignments":                role_assignments.DataSourceRoleAssignments(),
 				"harness_platform_variables":                       variables.DataSourceVariables(),
-				"harness_platform_connector_vault":                 connector.DataSourceConnectorVault(),
+				"harness_platform_connector_vault":                 pl_secretManagers.DataSourceConnectorVault(),
 				"harness_platform_filters":                         filters.DataSourceFilters(),
 				"harness_platform_pipeline_filters":                pipeline_filters.DataSourcePipelineFilters(),
 				"harness_platform_ccm_filters":                     ccm_filters.DataSourceCCMFilters(),
@@ -293,25 +294,25 @@ func Provider(version string) func() *schema.Provider {
 			},
 			ResourcesMap: map[string]*schema.Resource{
 				"harness_platform_template":                        pl_template.ResourceTemplate(),
-				"harness_platform_connector_azure_key_vault":       connector.ResourceConnectorAzureKeyVault(),
+				"harness_platform_connector_azure_key_vault":       pl_secretManagers.ResourceConnectorAzureKeyVault(),
 				"harness_platform_connector_gcp_cloud_cost":        connector.ResourceConnectorGCPCloudCost(),
 				"harness_platform_connector_kubernetes_cloud_cost": connector.ResourceConnectorKubernetesCloudCost(),
 				"harness_platform_connector_azure_cloud_cost":      connector.ResourceConnectorAzureCloudCost(),
 				"harness_platform_connector_appdynamics":           connector.ResourceConnectorAppDynamics(),
 				"harness_platform_connector_elasticsearch":         connector.ResourceConnectorElasticSearch(),
 				"harness_platform_connector_artifactory":           connector.ResourceConnectorArtifactory(),
-				"harness_platform_connector_aws_secret_manager":    connector.ResourceConnectorAwsSM(),
+				"harness_platform_connector_aws_secret_manager":    pl_secretManagers.ResourceConnectorAwsSM(),
 				"harness_platform_connector_aws":                   connector.ResourceConnectorAws(),
 				"harness_platform_connector_awscc":                 connector.ResourceConnectorAwsCC(),
-				"harness_platform_connector_awskms":                connector.ResourceConnectorAwsKms(),
+				"harness_platform_connector_awskms":                pl_secretManagers.ResourceConnectorAwsKms(),
 				"harness_platform_connector_bitbucket":             connector.ResourceConnectorBitbucket(),
 				"harness_platform_connector_customhealthsource":    connector.ResourceConnectorCustomHealthSource(),
 				"harness_platform_connector_datadog":               connector.ResourceConnectorDatadog(),
 				"harness_platform_connector_docker":                connector.ResourceConnectorDocker(),
 				"harness_platform_connector_jdbc":                  connector.ResourceConnectorJDBC(),
 				"harness_platform_connector_dynatrace":             connector.ResourceConnectorDynatrace(),
 				"harness_platform_connector_gcp":                   connector.ResourceConnectorGcp(),
-				"harness_platform_connector_gcp_secret_manager":    connector.ResourceConnectorGCPSecretManager(),
+				"harness_platform_connector_gcp_secret_manager":    pl_secretManagers.ResourceConnectorGCPSecretManager(),
 				"harness_platform_connector_git":                   connector.ResourceConnectorGit(),
 				"harness_platform_connector_github":                connector.ResourceConnectorGithub(),
 				"harness_platform_connector_gitlab":                connector.ResourceConnectorGitlab(),
@@ -370,7 +371,7 @@ func Provider(version string) func() *schema.Provider {
 				"harness_platform_triggers":                        triggers.ResourceTriggers(),
 				"harness_platform_role_assignments":                role_assignments.ResourceRoleAssignments(),
 				"harness_platform_variables":                       variables.ResourceVariables(),
-				"harness_platform_connector_vault":                 connector.ResourceConnectorVault(),
+				"harness_platform_connector_vault":                 pl_secretManagers.ResourceConnectorVault(),
 				"harness_platform_filters":                         filters.ResourceFilters(),
 				"harness_platform_pipeline_filters":                pipeline_filters.ResourcePipelineFilters(),
 				"harness_platform_ccm_filters":                     ccm_filters.ResourceCCMFilters(),
@@ -431,7 +432,7 @@ func Provider(version string) func() *schema.Provider {
 				"harness_platform_repo":                            repo.ResourceRepo(),
 				"harness_platform_repo_rule_branch":                repo_rule_branch.ResourceRepoBranchRule(),
 				"harness_platform_repo_webhook":                    repo_webhook.ResourceRepoWebhook(),
-				"harness_platform_connector_custom_secret_manager": connector.ResourceConnectorCSM(),
+				"harness_platform_connector_custom_secret_manager": pl_secretManagers.ResourceConnectorCSM(),
 				"harness_platform_gitx_webhook":                    webhook.ResourceWebhook(),
 				"harness_governance_rule_enforcement":              governance_enforcement.ResourceRuleEnforcement(),
 				"harness_governance_rule":                          governance_rule.ResourceRule(),

diff --git a/internal/service/platform/_PreRequisites/main.tf b/internal/service/platform/_PreRequisites/main.tf
@@ -0,0 +1,118 @@
+# main.tf
+
+terraform {
+  required_providers {
+    harness = {
+      source = "harness/harness"
+    }
+  }
+}
+
+resource "harness_platform_secret_text" "azuretest" {
+  identifier                = "azuretest"
+  name                      = "azuretest"
+  description               = "This is a test secret text"
+  tags                      = ["foo:bar"]
+  secret_manager_identifier = "harnessSecretManager"
+  value_type                = "Inline"
+  value                     = "my_secret_value"
+}
+
+resource "harness_platform_secret_text" "doNotDeleteHSM" {
+  identifier                = "doNotDeleteHSM"
+  name                      = "doNotDeleteHSM"
+  description               = "This is a test secret text"
+  tags                      = ["foo:bar"]
+  secret_manager_identifier = "harnessSecretManager"
+  value_type                = "Inline"
+  value                     = "Harness@123"
+}
+
+resource "harness_platform_connector_vault" "my_vault_connector" {
+  identifier  = "my_vault_connector_id"
+  name        = "My Vault Connector"
+  description = "Vault Connector example"
+  tags        = ["foo:bar"]
+
+  app_role_id                       = "570acf09-ef2a-144b-2fb0-14a42e06ffe3"
+  base_path                         = "vikas-test/"
+  access_type                       = "APP_ROLE"
+  default                           = false
+  secret_id                         = "account.${harness_platform_secret_text.azuretest.id}"
+  read_only                         = true
+  renewal_interval_minutes          = 60
+  secret_engine_manually_configured = true
+  secret_engine_name                = "harness-test"
+  secret_engine_version             = 2
+  use_aws_iam                       = false
+  use_k8s_auth                      = false
+  use_vault_agent                   = false
+  delegate_selectors                = ["harness-delegate"]
+  vault_url                         = "https://vaultqa.harness.io"
+
+  depends_on = [time_sleep.wait_8_seconds]
+}
+
+resource "harness_platform_service_account" "my_service_account" {
+  identifier  = "my_service_account_id"
+  name        = "My Service Account"
+  email       = "[email protected]"
+  description = "This is a test service account"
+  tags        = ["foo:bar"]
+  account_id  = "your_harness_account_id"
+}
+
+resource "harness_platform_usergroup" "my_user_group" {
+  identifier = "my_user_group_id"
+  name       = "My User Group"
+
+  linked_sso_id      = "linked_sso_id"
+  externally_managed = false
+  users              = []
+
+  notification_configs {
+    type              = "SLACK"
+    slack_webhook_url = "https://slack.webhook.url"
+  }
+
+  notification_configs {
+    type                    = "EMAIL"
+    group_email             = "[email protected]"
+    send_email_to_all_users = true
+  }
+
+  notification_configs {
+    type                        = "MSTEAMS"
+    microsoft_teams_webhook_url = "https://msteams.webhook.url"
+  }
+
+  notification_configs {
+    type           = "PAGERDUTY"
+    pager_duty_key = "pagerDutyKey"
+  }
+
+  linked_sso_display_name = "SSO Display Name"
+  sso_group_id            = "sso_group_id"
+  sso_group_name          = "sso_group_name"
+  linked_sso_type         = "SAML"
+  sso_linked              = true
+}
+
+resource "harness_platform_organization" "my_organization" {
+  identifier  = "my_organization_id"
+  name        = "My Organization"
+  description = "This is a test organization"
+  tags        = ["foo:bar", "baz:qux"]
+}
+
+resource "harness_platform_project" "my_project" {
+  identifier = "my_project_id"
+  name       = "My Project"
+  org_id     = harness_platform_organization.my_organization.id
+}
+
+resource "time_sleep" "wait_8_seconds" {
+  create_duration = "8s"
+}
+
+# Additional resources can be added as needed
diff --git a/internal/service/platform/_PreRequisites/platform.go b/internal/service/platform/_PreRequisites/platform.go
@@ -0,0 +1,159 @@
+package _PreRequisites
+
+import (
+	"fmt"
+	"path/filepath"
+)
+
+// Helper functions for Creation of Resources
+func createConnectorVault_app_role(id string, name string, vault_secret string) string {
+	return fmt.Sprintf(`
+	resource "harness_platform_secret_text" "test" {
+		identifier = "%[1]s"
+		name = "%[2]s"
+		description = "test"
+		tags = ["foo:bar"]
+
+		secret_manager_identifier = "harnessSecretManager"
+		value_type = "Inline"
+		value = "%[3]s"
+	}
+
+	resource "harness_platform_connector_vault" "test" {
+		identifier = "%[1]s"
+		name = "%[2]s"
+		description = "test"
+		tags = ["foo:bar"]
+
+		app_role_id = "570acf09-ef2a-144b-2fb0-14a42e06ffe3"
+		base_path = "vikas-test/"
+		access_type = "APP_ROLE"
+		default = false
+		secret_id = "account.${harness_platform_secret_text.test.id}"
+		read_only = true
+		renewal_interval_minutes = 60
+		secret_engine_manually_configured = true
+		secret_engine_name = "harness-test"
+		secret_engine_version = 2
+		use_aws_iam = false
+		use_k8s_auth = false
+		use_vault_agent = false
+		delegate_selectors = ["harness-delegate"]
+		vault_url = "https://vaultqa.harness.io"
+
+		depends_on = [time_sleep.wait_8_seconds]
+	}
+
+	resource "time_sleep" "wait_8_seconds" {
+		depends_on = [harness_platform_secret_text.test]
+		create_duration = "8s"
+	}
+	`, id, name, vault_secret)
+}
+
+func createSecretFile(id string, name string) string {
+	return fmt.Sprintf(`
+	resource "harness_platform_secret_file" "test" {
+		identifier = "%[1]s"
+		name = "%[2]s"
+		description = "test"
+		tags = ["foo:bar"]
+		file_path = "%[3]s"
+		secret_manager_identifier = "harnessSecretManager"
+	}
+		`, id, name, getAbsFilePath("../../../acctest/secret_files/secret.txt"))
+}
+
+func getAbsFilePath(file_path string) string {
+	absPath, _ := filepath.Abs(file_path)
+	return absPath
+}
+
+func createServiceAccount(id string, name string, accountId string) string {
+	return fmt.Sprintf(`
+	resource "harness_platform_service_account" "test" {
+		identifier = "%[1]s"
+		name = "%[2]s"
+		email = "[email protected]"
+		description = "test"
+		tags = ["foo:bar"]
+		account_id = "%[3]s"
+	}
+	`, id, name, accountId)
+}
+
+func createUserGroup(id string, name string) string {
+	return fmt.Sprintf(`
+		resource "harness_platform_usergroup" "test" {
+			identifier = "%[1]s"
+			name = "%[2]s"
+			linked_sso_id = "linked_sso_id"
+			externally_managed = false
+			users = []
+			notification_configs {
+				type = "SLACK"
+				slack_webhook_url = "https://google.com"
+			}
+			notification_configs {
+				type = "EMAIL"
+				group_email = "[email protected]"
+				send_email_to_all_users = true
+			}
+			notification_configs {
+				type = "MSTEAMS"
+				microsoft_teams_webhook_url = "https://google.com"
+			}
+			notification_configs {
+				type = "PAGERDUTY"
+				pager_duty_key = "pagerDutyKey"
+			}
+			linked_sso_display_name = "linked_sso_display_name"
+			sso_group_id = "sso_group_id"
+			sso_group_name = "sso_group_name"
+			linked_sso_type = "SAML"
+			sso_linked = true
+		}
+`, id, name)
+}
+
+func createProject(id string, name string) string {
+	return fmt.Sprintf(`
+		resource "harness_platform_organization" "test" {
+			identifier = "%[1]s"
+			name = "%[2]s"
+		}
+
+		resource "harness_platform_project" "test" {
+			identifier = "%[1]s"
+			name = "%[2]s"
+			org_id = harness_platform_organization.test.id
+		}
+`, id, name)
+}
+
+func createOrganization(id string, name string) string {
+	return fmt.Sprintf(`
+		resource "harness_platform_organization" "test" {
+			identifier = "%[1]s"
+			name = "%[2]s"
+			description = "test"
+			tags = ["foo:bar", "baz:qux"]
+		}
+`, id, name)
+}
+
+func createSecretText_inline(id string, name string, secretValue string) string {
+	return fmt.Sprintf(`
+		resource "harness_platform_secret_text" "test" {
+			identifier = "%[1]s"
+			name = "%[2]s"
+			description = "test"
+			tags = ["foo:bar"]
+			secret_manager_identifier = "harnessSecretManager"
+			value_type = "Inline"
+			value = "%[3]s"
+		}
+`, id, name, secretValue)
+}
+
+// Add more similar functions for other resources