test against recent cli

.github/workflows/tests.yml

@@ -23,7 +23,7 @@ jobs:
 
     services:
       vaultwarden:
-        image: vaultwarden/server:latest
+        image: vaultwarden/server:1.32.0
         env:
           ADMIN_TOKEN: test1234
           I_REALLY_WANT_VOLATILE_STORAGE: "true"
@@ -50,7 +50,7 @@ jobs:
       - id: binaries
         run: |
           echo "LOCAL_BINARIES=$GITHUB_WORKSPACE/bin" >> $GITHUB_OUTPUT
-          echo "BWCLI_VERSION=2023.2.0" >> $GITHUB_OUTPUT
+          echo "BWCLI_VERSION=2024.7.2" >> $GITHUB_OUTPUT
 
       - name: Check out repository code
         uses: actions/checkout@v3

.gitignore

@@ -42,3 +42,4 @@ terraform-lock
 
 # Code coverage artifact
 profile.cov
+internal/provider/.bitwarden/

README.md

@@ -21,8 +21,8 @@ This project is not associated with the Bitwarden project nor 8bit Solutions LLC
 
 ## Supported Versions
 The plugin has been tested and built with the following components:
-- [Terraform] v1.6.1
-- [Bitwarden CLI] v2023.2.0
+- [Terraform] v1.6.1 / [OpenTofu] v1.8.0
+- [Bitwarden CLI] 2024.7.2
 - [Go] 1.22.0 (for development)
 - [Docker] 23.0.5 (for development)
 
@@ -106,9 +106,10 @@ $ make testacc
 Distributed under the Mozilla License. See [LICENSE](./LICENSE) for more information.
 
 [Terraform]: https://www.terraform.io/downloads.html
+[OpenTofu]: https://opentofu.org/docs/intro/install/
 [Go]: https://golang.org/doc/install
 [Bitwarden CLI]: https://bitwarden.com/help/article/cli/#download-and-install
 [Docker]: https://www.docker.com/products/docker-desktop
 [Terraform Registry docs]: https://registry.terraform.io/providers/maxlaverse/bitwarden/latest/docs
 [hashicorp/terraform-plugin-sdk#63]: https://github.com/hashicorp/terraform-plugin-sdk/issues/63
-[Terraform's documentation on Data Storage]: https://bitwarden.com/help/data-storage/#on-your-local-machine
+[Terraform's documentation on Data Storage]: https://bitwarden.com/help/data-storage/#on-your-local-machine

internal/bitwarden/bw/client.go

@@ -1,6 +1,8 @@
 package bw
 
 import (
+	"context"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"os"
@@ -9,24 +11,24 @@ import (
 )
 
 type Client interface {
-	CreateAttachment(itemId, filePath string) (*Object, error)
-	CreateObject(Object) (*Object, error)
-	EditObject(Object) (*Object, error)
-	GetAttachment(itemId, attachmentId string) ([]byte, error)
-	GetObject(Object) (*Object, error)
+	CreateAttachment(ctx context.Context, itemId, filePath string) (*Object, error)
+	CreateObject(context.Context, Object) (*Object, error)
+	EditObject(context.Context, Object) (*Object, error)
+	GetAttachment(ctx context.Context, itemId, attachmentId string) ([]byte, error)
+	GetObject(context.Context, Object) (*Object, error)
 	GetSessionKey() string
 	HasSessionKey() bool
-	ListObjects(objType string, options ...ListObjectsOption) ([]Object, error)
-	LoginWithAPIKey(password, clientId, clientSecret string) error
-	LoginWithPassword(username, password string) error
-	Logout() error
-	DeleteAttachment(itemId, attachmentId string) error
-	DeleteObject(Object) error
-	SetServer(string) error
+	ListObjects(ctx context.Context, objType string, options ...ListObjectsOption) ([]Object, error)
+	LoginWithAPIKey(ctx context.Context, password, clientId, clientSecret string) error
+	LoginWithPassword(ctx context.Context, username, password string) error
+	Logout(context.Context) error
+	DeleteAttachment(ctx context.Context, itemId, attachmentId string) error
+	DeleteObject(context.Context, Object) error
+	SetServer(context.Context, string) error
 	SetSessionKey(string)
-	Status() (*Status, error)
-	Sync() error
-	Unlock(password string) error
+	Status(context.Context) (*Status, error)
+	Sync(context.Context) error
+	Unlock(ctx context.Context, password string) error
 }
 
 func NewClient(execPath string, opts ...Options) Client {
@@ -79,7 +81,7 @@ func DisableRetryBackoff() Options {
 	}
 }
 
-func (c *client) CreateObject(obj Object) (*Object, error) {
+func (c *client) CreateObject(ctx context.Context, obj Object) (*Object, error) {
 	objEncoded, err := c.encode(obj)
 	if err != nil {
 		return nil, err
@@ -95,7 +97,7 @@ func (c *client) CreateObject(obj Object) (*Object, error) {
 		args = append(args, "--organizationid", obj.OrganizationID)
 	}
 
-	out, err := c.cmdWithSession(args...).Run()
+	out, err := c.cmdWithSession(args...).Run(ctx)
 	if err != nil {
 		return nil, err
 	}
@@ -109,8 +111,8 @@ func (c *client) CreateObject(obj Object) (*Object, error) {
 	return &obj, nil
 }
 
-func (c *client) CreateAttachment(itemId string, filePath string) (*Object, error) {
-	out, err := c.cmdWithSession("create", string(ObjectTypeAttachment), "--itemid", itemId, "--file", filePath).Run()
+func (c *client) CreateAttachment(ctx context.Context, itemId string, filePath string) (*Object, error) {
+	out, err := c.cmdWithSession("create", string(ObjectTypeAttachment), "--itemid", itemId, "--file", filePath).Run(ctx)
 	if err != nil {
 		return nil, err
 	}
@@ -126,29 +128,29 @@ func (c *client) CreateAttachment(itemId string, filePath string) (*Object, erro
 	return &obj, nil
 }
 
-func (c *client) EditObject(obj Object) (*Object, error) {
+func (c *client) EditObject(ctx context.Context, obj Object) (*Object, error) {
 	objEncoded, err := c.encode(obj)
 	if err != nil {
 		return nil, err
 	}
 
-	out, err := c.cmdWithSession("edit", string(obj.Object), obj.ID, objEncoded).Run()
+	out, err := c.cmdWithSession("edit", string(obj.Object), obj.ID, objEncoded).Run(ctx)
 	if err != nil {
 		return nil, err
 	}
 	err = json.Unmarshal(out, &obj)
 	if err != nil {
 		return nil, newUnmarshallError(err, "edit object", out)
 	}
-	err = c.Sync()
+	err = c.Sync(ctx)
 	if err != nil {
 		return nil, fmt.Errorf("error syncing: %v, %v", err, string(out))
 	}
 
 	return &obj, nil
 }
 
-func (c *client) GetObject(obj Object) (*Object, error) {
+func (c *client) GetObject(ctx context.Context, obj Object) (*Object, error) {
 	args := []string{
 		"get",
 		string(obj.Object),
@@ -159,7 +161,7 @@ func (c *client) GetObject(obj Object) (*Object, error) {
 		args = append(args, "--organizationid", obj.OrganizationID)
 	}
 
-	out, err := c.cmdWithSession(args...).Run()
+	out, err := c.cmdWithSession(args...).Run(ctx)
 	if err != nil {
 		return nil, remapError(err)
 	}
@@ -172,8 +174,8 @@ func (c *client) GetObject(obj Object) (*Object, error) {
 	return &obj, nil
 }
 
-func (c *client) GetAttachment(itemId, attachmentId string) ([]byte, error) {
-	out, err := c.cmdWithSession("get", string(ObjectTypeAttachment), attachmentId, "--itemid", itemId, "--raw").Run()
+func (c *client) GetAttachment(ctx context.Context, itemId, attachmentId string) ([]byte, error) {
+	out, err := c.cmdWithSession("get", string(ObjectTypeAttachment), attachmentId, "--itemid", itemId, "--raw").Run(ctx)
 	if err != nil {
 		return nil, remapError(err)
 	}
@@ -186,7 +188,7 @@ func (c *client) GetSessionKey() string {
 }
 
 // ListObjects returns objects of a given type matching given filters.
-func (c *client) ListObjects(objType string, options ...ListObjectsOption) ([]Object, error) {
+func (c *client) ListObjects(ctx context.Context, objType string, options ...ListObjectsOption) ([]Object, error) {
 	args := []string{
 		"list",
 		objType,
@@ -196,7 +198,7 @@ func (c *client) ListObjects(objType string, options ...ListObjectsOption) ([]Ob
 		applyOption(&args)
 	}
 
-	out, err := c.cmdWithSession(args...).Run()
+	out, err := c.cmdWithSession(args...).Run(ctx)
 	if err != nil {
 		return nil, remapError(err)
 	}
@@ -212,8 +214,8 @@ func (c *client) ListObjects(objType string, options ...ListObjectsOption) ([]Ob
 
 // LoginWithPassword logs in using a password and retrieves the session key,
 // allowing authenticated requests using the client.
-func (c *client) LoginWithPassword(username, password string) error {
-	out, err := c.cmd("login", username, "--raw", "--passwordenv", "BW_PASSWORD").AppendEnv([]string{fmt.Sprintf("BW_PASSWORD=%s", password)}).Run()
+func (c *client) LoginWithPassword(ctx context.Context, username, password string) error {
+	out, err := c.cmd("login", username, "--raw", "--passwordenv", "BW_PASSWORD").AppendEnv([]string{fmt.Sprintf("BW_PASSWORD=%s", password)}).Run(ctx)
 	if err != nil {
 		return err
 	}
@@ -223,20 +225,20 @@ func (c *client) LoginWithPassword(username, password string) error {
 
 // LoginWithPassword logs in using an API key and unlock the Vault in order to retrieve a session key,
 // allowing authenticated requests using the client.
-func (c *client) LoginWithAPIKey(password, clientId, clientSecret string) error {
-	_, err := c.cmd("login", "--apikey").AppendEnv([]string{fmt.Sprintf("BW_CLIENTID=%s", clientId), fmt.Sprintf("BW_CLIENTSECRET=%s", clientSecret)}).Run()
+func (c *client) LoginWithAPIKey(ctx context.Context, password, clientId, clientSecret string) error {
+	_, err := c.cmd("login", "--apikey").AppendEnv([]string{fmt.Sprintf("BW_CLIENTID=%s", clientId), fmt.Sprintf("BW_CLIENTSECRET=%s", clientSecret)}).Run(ctx)
 	if err != nil {
 		return err
 	}
-	return c.Unlock(password)
+	return c.Unlock(ctx, password)
 }
 
-func (c *client) Logout() error {
-	_, err := c.cmd("logout").Run()
+func (c *client) Logout(ctx context.Context) error {
+	_, err := c.cmd("logout").Run(ctx)
 	return err
 }
 
-func (c *client) DeleteObject(obj Object) error {
+func (c *client) DeleteObject(ctx context.Context, obj Object) error {
 	args := []string{
 		"delete",
 		string(obj.Object),
@@ -247,22 +249,22 @@ func (c *client) DeleteObject(obj Object) error {
 		args = append(args, "--organizationid", obj.OrganizationID)
 	}
 
-	_, err := c.cmdWithSession(args...).Run()
+	_, err := c.cmdWithSession(args...).Run(ctx)
 	return err
 }
 
-func (c *client) DeleteAttachment(itemId, attachmentId string) error {
-	_, err := c.cmdWithSession("delete", string(ObjectTypeAttachment), attachmentId, "--itemid", itemId).Run()
+func (c *client) DeleteAttachment(ctx context.Context, itemId, attachmentId string) error {
+	_, err := c.cmdWithSession("delete", string(ObjectTypeAttachment), attachmentId, "--itemid", itemId).Run(ctx)
 	return err
 }
 
-func (c *client) SetServer(server string) error {
-	_, err := c.cmd("config", "server", server).Run()
+func (c *client) SetServer(ctx context.Context, server string) error {
+	_, err := c.cmd("config", "server", server).Run(ctx)
 	return err
 }
 
-func (c *client) Status() (*Status, error) {
-	out, err := c.cmdWithSession("status").Run()
+func (c *client) Status(ctx context.Context) (*Status, error) {
+	out, err := c.cmdWithSession("status").Run(ctx)
 	if err != nil {
 		return nil, err
 	}
@@ -276,8 +278,8 @@ func (c *client) Status() (*Status, error) {
 	return &status, nil
 }
 
-func (c *client) Unlock(password string) error {
-	out, err := c.cmd("unlock", "--raw", "--passwordenv", "BW_PASSWORD").AppendEnv([]string{fmt.Sprintf("BW_PASSWORD=%s", password)}).Run()
+func (c *client) Unlock(ctx context.Context, password string) error {
+	out, err := c.cmd("unlock", "--raw", "--passwordenv", "BW_PASSWORD").AppendEnv([]string{fmt.Sprintf("BW_PASSWORD=%s", password)}).Run(ctx)
 	if err != nil {
 		return err
 	}
@@ -294,11 +296,11 @@ func (c *client) SetSessionKey(sessionKey string) {
 	c.sessionKey = sessionKey
 }
 
-func (c *client) Sync() error {
+func (c *client) Sync(ctx context.Context) error {
 	if c.disableSync {
 		return nil
 	}
-	_, err := c.cmdWithSession("sync").Run()
+	_, err := c.cmdWithSession("sync").Run(ctx)
 	return err
 }
 
@@ -327,10 +329,5 @@ func (c *client) encode(item Object) (string, error) {
 	if err != nil {
 		return "", fmt.Errorf("marshalling error: %v, %v", err, string(newOut))
 	}
-
-	out, err := c.cmd("encode").WithStdin(string(newOut)).Run()
-	if err != nil {
-		return "", fmt.Errorf("encoding error: %v, %v", err, string(newOut))
-	}
-	return string(out), err
+	return base64.StdEncoding.EncodeToString(newOut), nil
 }

internal/bitwarden/bw/client_test.go

@@ -1,6 +1,7 @@
 package bw
 
 import (
+	"context"
 	"testing"
 
 	test_command "github.com/maxlaverse/terraform-provider-bitwarden/internal/command/test"
@@ -9,13 +10,12 @@ import (
 
 func TestCreateObjectEncoding(t *testing.T) {
 	removeMocks, commandsExecuted := test_command.MockCommands(t, map[string]string{
-		"encode":       `e30K`,
-		"create  e30K": `{}`,
+		"create  eyJncm91cHMiOm51bGwsImxvZ2luIjp7fSwic2VjdXJlTm90ZSI6e30sInR5cGUiOjEsImZpZWxkcyI6W3sibmFtZSI6InRlc3QiLCJ2YWx1ZSI6InBhc3NlZCIsInR5cGUiOjAsImxpbmtlZElkIjpudWxsfV19": `{}`,
 	})
 	defer removeMocks(t)
 
 	b := NewClient("dummy")
-	_, err := b.CreateObject(Object{
+	_, err := b.CreateObject(context.Background(), Object{
 		Type: ItemTypeLogin,
 		Fields: []Field{
 			{
@@ -27,9 +27,8 @@ func TestCreateObjectEncoding(t *testing.T) {
 	})
 
 	assert.NoError(t, err)
-	if assert.Len(t, commandsExecuted(), 2) {
-		assert.Equal(t, "{\"groups\":null,\"login\":{},\"secureNote\":{},\"type\":1,\"fields\":[{\"name\":\"test\",\"value\":\"passed\",\"type\":0,\"linkedId\":null}]}:/:encode", commandsExecuted()[0])
-		assert.Equal(t, "create  e30K", commandsExecuted()[1])
+	if assert.Len(t, commandsExecuted(), 1) {
+		assert.Equal(t, "create  eyJncm91cHMiOm51bGwsImxvZ2luIjp7fSwic2VjdXJlTm90ZSI6e30sInR5cGUiOjEsImZpZWxkcyI6W3sibmFtZSI6InRlc3QiLCJ2YWx1ZSI6InBhc3NlZCIsInR5cGUiOjAsImxpbmtlZElkIjpudWxsfV19", commandsExecuted()[0])
 	}
 }
 
@@ -40,7 +39,7 @@ func TestListObjects(t *testing.T) {
 	defer removeMocks(t)
 
 	b := NewClient("dummy")
-	_, err := b.ListObjects("item", WithFolderID("folder-id"), WithCollectionID("collection-id"), WithSearch("search"))
+	_, err := b.ListObjects(context.Background(), "item", WithFolderID("folder-id"), WithCollectionID("collection-id"), WithSearch("search"))
 
 	assert.NoError(t, err)
 	if assert.Len(t, commandsExecuted(), 1) {
@@ -55,7 +54,7 @@ func TestGetItem(t *testing.T) {
 	defer removeMocks(t)
 
 	b := NewClient("dummy")
-	_, err := b.GetObject(Object{ID: "object-id", Object: ObjectTypeItem, Type: ItemTypeLogin})
+	_, err := b.GetObject(context.Background(), Object{ID: "object-id", Object: ObjectTypeItem, Type: ItemTypeLogin})
 
 	assert.NoError(t, err)
 	if assert.Len(t, commandsExecuted(), 1) {
@@ -70,7 +69,7 @@ func TestGetOrgCollection(t *testing.T) {
 	defer removeMocks(t)
 
 	b := NewClient("dummy")
-	_, err := b.GetObject(Object{ID: "object-id", Object: ObjectTypeOrgCollection, OrganizationID: "org-id"})
+	_, err := b.GetObject(context.Background(), Object{ID: "object-id", Object: ObjectTypeOrgCollection, OrganizationID: "org-id"})
 
 	assert.NoError(t, err)
 	if assert.Len(t, commandsExecuted(), 1) {

internal/bitwarden/bw/errors.go

@@ -16,7 +16,7 @@ var (
 )
 
 func newUnmarshallError(err error, cmd string, out []byte) error {
-	return fmt.Errorf("unable to parse result of '%s' command: %v, output: %v", cmd, err, string(out))
+	return fmt.Errorf("unable to parse result of '%s', error: '%v', output: '%v'", cmd, err, string(out))
 }
 
 func remapError(err error) error {