From 702b930af9b9041b4dfaf47dde854cf6dec71ada Mon Sep 17 00:00:00 2001
From: piroux-sg <pierre.roux@stackguardian.io>
Date: Thu, 28 Mar 2024 14:47:14 +0100
Subject: [PATCH] Update GH Workflows

---
 .github/workflows/release.yaml      |   8 +-
 .github/workflows/test-api-prd.yaml |  20 +++++
 .github/workflows/test-api-stg.yaml |  19 +++++
 .github/workflows/test-api.yaml     | 121 ++++++++++++++++++++++++++++
 .github/workflows/test.yaml         |  28 +++++--
 .gitignore                          |   2 +
 Makefile                            |  45 +++++++++--
 7 files changed, 226 insertions(+), 17 deletions(-)
 create mode 100644 .github/workflows/test-api-prd.yaml
 create mode 100644 .github/workflows/test-api-stg.yaml
 create mode 100644 .github/workflows/test-api.yaml

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index c5d2d68..8cc7ad4 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -45,9 +45,9 @@ jobs:
           set -eu -x;
           TAG=${{ github.ref_name }};
           VERSION=${TAG#v};
-          make test-example ARGS="-v ${VERSION} -f github-release-draft";
+          make test-examples-quickstart ARGS="-v ${VERSION} -f github-release-draft";
         shell: bash
         env:
-          STACKGUARDIAN_API_KEY: ${{ secrets.STACKGUARDIAN_API_KEY }}
-          STACKGUARDIAN_ORG_NAME: ${{ secrets.STACKGUARDIAN_ORG_NAME }}
-          GH_TOKEN: ${{ github.token }}
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}'
+          GH_TOKEN: '${{ github.token }}'
diff --git a/.github/workflows/test-api-prd.yaml b/.github/workflows/test-api-prd.yaml
new file mode 100644
index 0000000..0dfb5ef
--- /dev/null
+++ b/.github/workflows/test-api-prd.yaml
@@ -0,0 +1,20 @@
+name: "Test API-PRD with TF-Provider"  # for API High-Load with examples on API-PRD
+
+on:
+  # NOTE: Uncomment if needed later
+  #push:
+  #  branches:
+  #    - main
+  #schedule:
+  #  - cron: '*/15 * 1-9,26-31 3,4 *'
+  workflow_dispatch:
+
+jobs:
+
+  api_test:
+    name: "Test API-PRD with TF-Provider"
+    uses: ./.github/workflows/test-api.yaml
+    secrets: inherit
+    with:
+      gitref: main
+      testenv: PRD
diff --git a/.github/workflows/test-api-stg.yaml b/.github/workflows/test-api-stg.yaml
new file mode 100644
index 0000000..5d112b3
--- /dev/null
+++ b/.github/workflows/test-api-stg.yaml
@@ -0,0 +1,19 @@
+name: "Test API-STG with TF-Provider"  # for API High-Load with examples on API-STG
+
+on:
+  push:
+    branches:
+      - devel
+  schedule:
+    - cron: '*/15 * 1-9,26-31 3,4 *'
+  workflow_dispatch:
+
+jobs:
+
+  api_test:
+    name: "Test API-STG with TF-Provider"
+    uses: ./.github/workflows/test-api.yaml
+    secrets: inherit
+    with:
+      gitref: feature/example-onboarding-team
+      testenv: STG
diff --git a/.github/workflows/test-api.yaml b/.github/workflows/test-api.yaml
new file mode 100644
index 0000000..aec2c9b
--- /dev/null
+++ b/.github/workflows/test-api.yaml
@@ -0,0 +1,121 @@
+name: "Test API with TF-Provider"  # with examples on one API env
+
+on:
+  workflow_call:
+    inputs:
+      gitref:
+        type: string
+        default: 'devel'
+        required: true
+      testenv:
+        type: string
+        default: PRD
+        required: true
+        description: "STG|PRD"
+
+jobs:
+
+  api_examples-test:
+    name: "Test API with Provider examples"
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: "Checkout code"
+        if: ${{ !env.ACT }}
+        uses: actions/checkout@v4
+        with:
+          ref: '${{ inputs.gitref }}'
+
+      - name: "Checkout code (local)"
+        if: env.ACT
+        uses: actions/checkout@v4
+
+      - name: "Verify checked-out code (local)"
+        if: ${{ env.ACT }}
+        run: |
+          git --no-pager show --stat;
+          git --no-pager status;
+
+      - name: "Install Go"
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+
+      - name: "Install Terraform"
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_wrapper: false
+          terraform_version: '1.5.7'
+
+      - name: "Build Provider"
+        run: make build
+
+
+      ### --- testenv: STG ----------------------------------------------------
+
+      - name: "Test API-STG with Provider acceptance tests"
+        if: inputs.testenv=='STG'
+        run: make test-acc
+        env:
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}'
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}'
+
+      - name: "Test API-STG with Provider quickstart example"
+        if: inputs.testenv=='STG'
+        run: |
+          set -eu -x;
+          make install;
+          make test-examples-quickstart ARGS="-f local-build";
+        shell: bash
+        env:
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}'
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}'
+
+      - name: "Test API-STG with Provider onboarding example"
+        if: inputs.testenv=='STG'
+        run: |
+          set -eu -x;
+          make install;
+          make test-examples-onboarding ARGS="-f local-build";
+        shell: bash
+        env:
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}'
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}'
+
+
+      ### --- testenv: PRD ----------------------------------------------------
+
+      - name: "Test API-PRD with Provider acceptance tests"
+        if: inputs.testenv=='PRD'
+        run: make test-acc
+        env:
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}'
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}'
+
+      - name: "Test API-PRD with Provider quickstart example"
+        if: inputs.testenv=='PRD'
+        run: |
+          set -eu -x;
+          make install;
+          make test-examples-quickstart ARGS="-f local-build";
+        shell: bash
+        env:
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}'
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}'
+
+      - name: "Test API-PRD with Provider onboarding example"
+        if: inputs.testenv=='PRD'
+        run: |
+          set -eu -x;
+          make install;
+          make test-examples-onboarding ARGS="-f local-build";
+        shell: bash
+        env:
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}'
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}'
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index d8af8da..0b89051 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -1,10 +1,9 @@
-name: "Test TF-Provider on SG-Prod"
+name: "Test TF-Provider on API-PROD"
 
 on:
   push:
     branches:
       - main
-      - devel
   # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request
   pull_request:
     branches:
@@ -28,7 +27,7 @@ jobs:
       - name: "Install Go"
         uses: actions/setup-go@v5
         with:
-          go-version: '1.21'
+          go-version-file: 'go.mod'
 
       - name: "Install Terraform"
         uses: hashicorp/setup-terraform@v3
@@ -42,18 +41,31 @@ jobs:
       - name: "Test Provider with acceptance tests"
         run: make test-acc
         env:
-          STACKGUARDIAN_API_KEY: ${{ secrets.STACKGUARDIAN_API_KEY }}
-          STACKGUARDIAN_ORG_NAME: ${{ secrets.STACKGUARDIAN_ORG_NAME }}
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}'
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}'
 
       - name: "Test Provider with quickstart example"
         run: |
           set -eu -x;
           make install;
-          make test-example ARGS="-f local-build";
+          make test-examples-quickstart ARGS="-f local-build";
         shell: bash
         env:
-          STACKGUARDIAN_API_KEY: ${{ secrets.STACKGUARDIAN_API_KEY }}
-          STACKGUARDIAN_ORG_NAME: ${{ secrets.STACKGUARDIAN_ORG_NAME }}
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}'
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}'
+
+      - name: "Test Provider with onboarding example"
+        run: |
+          set -eu -x;
+          make install;
+          make test-examples-onboarding ARGS="-f local-build";
+        shell: bash
+        env:
+          STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}'
+          STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}'
+          STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}'
 
       - name: "Check Provider docs"
         run: |
diff --git a/.gitignore b/.gitignore
index abb6d83..5f003c9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -36,6 +36,8 @@ override.tf.json
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
+examples/**.png
+examples/**.dot
 
 # Terraform provider build files
 terraform-provider-stackguardian
diff --git a/Makefile b/Makefile
index 1c61af9..accbf9e 100644
--- a/Makefile
+++ b/Makefile
@@ -8,6 +8,13 @@ OS_ARCH=linux_amd64
 
 default: install
 
+clean: clean-examples
+
+clean-examples:
+	find examples/ -type d -name '.terraform' -exec rm -rv {} \+
+	find examples/ -type f -name '.terraform.lock.hcl' -exec rm -v {} \+
+	find examples/ -type f -regextype posix-extended -regex '.+.tfstate(.[[:digit:]]+)?(.backup)?' -exec rm -v {} \+
+
 build:
 	go build -o ${BINARY}
 
@@ -23,11 +30,14 @@ test:
 	echo $(TEST) | xargs -t -n4 go test $(TESTARGS) -timeout=30s -parallel=4
 
 test-acc:
-	TF_ACC=1 STACKGUARDIAN_ORG_NAME=wicked-hop go test -parallel=1 $(TEST) -v $(TESTARGS) -timeout=15m
+	TF_ACC=1 go test -parallel=1 $(TEST) -v $(TESTARGS) -timeout=15m
 
-test-example:
+test-examples-quickstart:
 	bash docs/guides/quickstart/test-quickstart.sh $(ARGS)
 
+test-examples-onboarding:
+	bash examples/onboarding_team_example/project-test/test-onboarding.sh $(ARGS)
+
 docs-generate:
 	mv docs/guides docs_guides
 	tfplugindocs generate
@@ -41,11 +51,36 @@ docs-validate:
 tools-install:
 	cd tools; go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs
 
-gh-workflow:
+gh-workflow-test-provider:
+	act \
+		--workflows ${PWD}/.github/workflows/test.yaml \
+		--job provider-project_test \
+		--secret STACKGUARDIAN_API_KEY=${SG_PRD_API_KEY} \
+		--secret STACKGUARDIAN_ORG_NAME=${SG_PRD_ORG_NAME} \
+		--secret SG_PRD_API_KEY=${SG_PRD_API_KEY} \
+		--secret SG_PRD_ORG_NAME=${SG_PRD_ORG_NAME} \
+		--secret SG_STG_API_URI=${SG_STG_API_URI} \
+		--secret SG_STG_API_KEY=${SG_STG_API_KEY} \
+		--secret SG_STG_ORG_NAME=${SG_STG_ORG_NAME} \
+		push \
+		;
+
+gh-workflow-test-provider-mock-stg-as-prd:
 	act \
 		--workflows ${PWD}/.github/workflows/test.yaml \
 		--job provider-project_test \
-		--secret STACKGUARDIAN_ORG_NAME=${STACKGUARDIAN_ORG_NAME} \
-		--secret STACKGUARDIAN_API_KEY=${STACKGUARDIAN_API_KEY} \
+		--secret SG_PRD_API_URI=${SG_STG_API_URI} \
+		--secret SG_PRD_API_KEY=${SG_STG_API_KEY} \
+		--secret SG_PRD_ORG_NAME=${SG_STG_ORG_NAME} \
 		push \
 		;
+
+#		--local-repository StackGuardian/terraform-provider-stackguardian@devel=${PWD} \#
+gh-workflow-test-api-stg:
+	act \
+		--workflows ${PWD}/.github/workflows/test-api-stg.yaml \
+		--secret SG_STG_API_URI=${SG_STG_API_URI} \
+		--secret SG_STG_API_KEY=${SG_STG_API_KEY} \
+		--secret SG_STG_ORG_NAME=${SG_STG_ORG_NAME} \
+		workflow_dispatch \
+		;