From d42f474370e15aed0d7831515a4c23ab907e1019 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 8 Mar 2024 17:57:28 +0100 Subject: [PATCH 01/33] Add resource workflow_group --- internal/provider/provider.go | 24 +- internal/provider/workflow_group_object.go | 214 ++++++++++++++++++ .../provider/workflow_group_object_test.go | 38 ++++ 3 files changed, 267 insertions(+), 9 deletions(-) create mode 100644 internal/provider/workflow_group_object.go create mode 100644 internal/provider/workflow_group_object_test.go diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 7360f8a..6a244ca 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -25,17 +25,23 @@ func Provider() *schema.Provider { }, }, ResourcesMap: map[string]*schema.Resource{ - "stackguardian_workflow": resourceStackGuardianWorkflowAPI(), - "stackguardian_stack": resourceStackGuardianStackAPI(), - "stackguardian_policy": resourceStackGuardianPolicyAPI(), - "stackguardian_integration": resourceStackGuardianIntegrationAPI(), + "stackguardian_workflow": resourceStackGuardianWorkflowAPI(), + "stackguardian_workflow_group": resourceStackGuardianWorkflowGroupAPI(), + "stackguardian_stack": resourceStackGuardianStackAPI(), + "stackguardian_policy": resourceStackGuardianPolicyAPI(), + "stackguardian_integration": resourceStackGuardianIntegrationAPI(), + //"stackguardian_role": resourceStackGuardianRoleAPI(), + //"stackguardian_connector_cloud": resourceStackGuardianConnectorCloudAPI(), }, DataSourcesMap: map[string]*schema.Resource{ - "stackguardian_workflow": dataSourceStackGuardianAPI(), - "stackguardian_stack": dataSourceStackGuardianAPI(), - "stackguardian_policy": dataSourceStackGuardianAPI(), - "stackguardian_integration": dataSourceStackGuardianAPI(), - "stackguardian_wf_output": dataSourceStackGuardianWorkflowOutputsAPI(), + "stackguardian_workflow": dataSourceStackGuardianAPI(), + "stackguardian_workflow_group": dataSourceStackGuardianAPI(), + "stackguardian_stack": dataSourceStackGuardianAPI(), + "stackguardian_policy": dataSourceStackGuardianAPI(), + "stackguardian_integration": dataSourceStackGuardianAPI(), + "stackguardian_wf_output": dataSourceStackGuardianWorkflowOutputsAPI(), + //"stackguardian_role": dataSourceStackGuardianAPI(), + //"stackguardian_connector_cloud": dataSourceStackGuardianAPI(), }, ConfigureFunc: configureProvider, } diff --git a/internal/provider/workflow_group_object.go b/internal/provider/workflow_group_object.go new file mode 100644 index 0000000..147e09a --- /dev/null +++ b/internal/provider/workflow_group_object.go @@ -0,0 +1,214 @@ +package provider + +import ( + "fmt" + "log" + "strconv" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceStackGuardianWorkflowGroupAPI() *schema.Resource { + // Consider data sensitive if env variables is set to true. + is_data_sensitive, _ := strconv.ParseBool(GetEnvOrDefault("API_DATA_IS_SENSITIVE", "false")) + + return &schema.Resource{ + Create: resourceStackGuardianWorkflowGroupAPICreate, + Read: resourceStackGuardianWorkflowGroupAPIRead, + Update: resourceStackGuardianWorkflowGroupAPIUpdate, + Delete: resourceStackGuardianWorkflowGroupAPIDelete, + Exists: resourceStackGuardianWorkflowGroupAPIExists, + + Importer: &schema.ResourceImporter{ + State: resourceStackGuardianWorkflowGroupAPIImport, + }, + + Schema: map[string]*schema.Schema{ + "data": { + Type: schema.TypeString, + Description: "Valid JSON data that this provider will manage with the API server.", + Required: true, + Sensitive: is_data_sensitive, + }, + "api_data": { + Type: schema.TypeMap, + Elem: &schema.Schema{Type: schema.TypeString}, + Description: "After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting).", + Computed: true, + }, + "api_response": { + Type: schema.TypeString, + Description: "The raw body of the HTTP response from the last read of the object.", + Computed: true, + }, + }, + } +} + +/* +Since there is nothing in the ResourceData structure other + + than the "id" passed on the command line, we have to use an opinionated + view of the API paths to figure out how to read that object + from the API +*/ +func resourceStackGuardianWorkflowGroupAPIImport(d *schema.ResourceData, meta interface{}) (imported []*schema.ResourceData, err error) { + input := d.Id() + + hasTrailingSlash := strings.LastIndex(input, "/") == len(input)-1 + var n int + if hasTrailingSlash { + n = strings.LastIndex(input[0:len(input)-1], "/") + } else { + n = strings.LastIndex(input, "/") + } + + if n == -1 { + return imported, fmt.Errorf("invalid path to import api_object '%s'. Must be //", input) + } + + var id string + if hasTrailingSlash { + id = input[n+1 : len(input)-1] + } else { + id = input[n+1:] + } + + d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) + d.SetId(id) + + obj, err := make_api_object_WorkflowGroup(d, meta) + if err != nil { + return imported, err + } + log.Printf("resource_api_object.go: Import routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object() + if err == nil { + set_resource_state(obj, d) + /* Data that we set in the state above must be passed along + as an item in the stack of imported data */ + imported = append(imported, d) + } + + return imported, err +} + +func resourceStackGuardianWorkflowGroupAPICreate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_WorkflowGroup(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Create routine called. Object built:\n%s\n", obj.toString()) + + err = obj.create_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianWorkflowGroupAPIRead(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_WorkflowGroup(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Read routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + log.Printf("resource_api_object.go: Read resource. Returned id is '%s'\n", obj.ResourceName) + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianWorkflowGroupAPIUpdate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_WorkflowGroup(d, meta) + if err != nil { + return err + } + + log.Printf("resource_api_object.go: Update routine called. Object built:\n%s\n", obj.toString()) + + err = obj.update_object() + if err == nil { + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianWorkflowGroupAPIDelete(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_WorkflowGroup(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Delete routine called. Object built:\n%s\n", obj.toString()) + + err = obj.delete_object() + if err != nil { + if strings.Contains(err.Error(), "404") { + /* 404 means it doesn't exist. Call that good enough */ + err = nil + } + } + return err +} + +func resourceStackGuardianWorkflowGroupAPIExists(d *schema.ResourceData, meta interface{}) (exists bool, err error) { + obj, err := make_api_object_WorkflowGroup(d, meta) + if err != nil { + return exists, err + } + log.Printf("resource_api_object.go: Exists routine called. Object built: %s\n", obj.toString()) + + /* Assume all errors indicate the object just doesn't exist. + This may not be a good assumption... */ + err = obj.read_object() + if err == nil { + exists = true + } + return exists, err +} + +/* +Simple helper routine to build an api_object struct + + for the various calls terraform will use. Unfortunately, + terraform cannot just reuse objects, so each CRUD operation + results in a new object created +*/ +func make_api_object_WorkflowGroup(d *schema.ResourceData, meta interface{}) (*api_object, error) { + opts, err := buildApiObjectOpts_WorkflowGroup(d) + if err != nil { + return nil, err + } + + obj, err := NewAPIObject(meta.(*api_client), opts) + if err != nil { + return nil, err + } + + return obj, nil +} + +func buildApiObjectOpts_WorkflowGroup(d *schema.ResourceData) (*apiObjectOpts, error) { + resultPath := "/wfgrps/" + + opts := &apiObjectOpts{ + path: resultPath, + } + + opts.ResourceName = d.Id() + + log.Printf("common.go: make_api_object routine called for id '%s'\n", opts.ResourceName) + + opts.data = d.Get("data").(string) + opts.debug = true + return opts, nil +} diff --git a/internal/provider/workflow_group_object_test.go b/internal/provider/workflow_group_object_test.go new file mode 100644 index 0000000..1dfceba --- /dev/null +++ b/internal/provider/workflow_group_object_test.go @@ -0,0 +1,38 @@ +package provider + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +const testAccCheckConfig_ResourceSgWorkflowGroup = ` +resource "stackguardian_workflow_group" "TPS-Test-WorkflowGroup" { + + data = jsonencode({ + "ResourceName": "TPS-Test-WorkflowGroup", + "Description": "Test of terraform-provider-stackguardian for WorkflowGroup", + "Tags": ["tf-provider-test"], + "IsActive": 1, + }) + } +` + +func TestAcc_ResourceSgWorkflowGroup(t *testing.T) { + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckConfig_ResourceSgWorkflowGroup, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + "stackguardian_workflow_group.TPS-Test-WorkflowGroup", + "id", + "TPS-Test-WorkflowGroup", + ), + ), + }, + }, + }) +} From 917f3701839335d61efb169614f95d75969fa641 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 8 Mar 2024 17:58:24 +0100 Subject: [PATCH 02/33] Add resource role --- internal/provider/provider.go | 4 +- internal/provider/role_object.go | 214 ++++++++++++++++++++++++++ internal/provider/role_object_test.go | 44 ++++++ 3 files changed, 260 insertions(+), 2 deletions(-) create mode 100644 internal/provider/role_object.go create mode 100644 internal/provider/role_object_test.go diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 6a244ca..6d9db71 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -30,7 +30,7 @@ func Provider() *schema.Provider { "stackguardian_stack": resourceStackGuardianStackAPI(), "stackguardian_policy": resourceStackGuardianPolicyAPI(), "stackguardian_integration": resourceStackGuardianIntegrationAPI(), - //"stackguardian_role": resourceStackGuardianRoleAPI(), + "stackguardian_role": resourceStackGuardianRoleAPI(), //"stackguardian_connector_cloud": resourceStackGuardianConnectorCloudAPI(), }, DataSourcesMap: map[string]*schema.Resource{ @@ -40,7 +40,7 @@ func Provider() *schema.Provider { "stackguardian_policy": dataSourceStackGuardianAPI(), "stackguardian_integration": dataSourceStackGuardianAPI(), "stackguardian_wf_output": dataSourceStackGuardianWorkflowOutputsAPI(), - //"stackguardian_role": dataSourceStackGuardianAPI(), + "stackguardian_role": dataSourceStackGuardianAPI(), //"stackguardian_connector_cloud": dataSourceStackGuardianAPI(), }, ConfigureFunc: configureProvider, diff --git a/internal/provider/role_object.go b/internal/provider/role_object.go new file mode 100644 index 0000000..58e51d5 --- /dev/null +++ b/internal/provider/role_object.go @@ -0,0 +1,214 @@ +package provider + +import ( + "fmt" + "log" + "strconv" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceStackGuardianRoleAPI() *schema.Resource { + // Consider data sensitive if env variables is set to true. + is_data_sensitive, _ := strconv.ParseBool(GetEnvOrDefault("API_DATA_IS_SENSITIVE", "false")) + + return &schema.Resource{ + Create: resourceStackGuardianRoleAPICreate, + Read: resourceStackGuardianRoleAPIRead, + Update: resourceStackGuardianRoleAPIUpdate, + Delete: resourceStackGuardianRoleAPIDelete, + Exists: resourceStackGuardianRoleAPIExists, + + Importer: &schema.ResourceImporter{ + State: resourceStackGuardianRoleAPIImport, + }, + + Schema: map[string]*schema.Schema{ + "data": { + Type: schema.TypeString, + Description: "Valid JSON data that this provider will manage with the API server.", + Required: true, + Sensitive: is_data_sensitive, + }, + "api_data": { + Type: schema.TypeMap, + Elem: &schema.Schema{Type: schema.TypeString}, + Description: "After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting).", + Computed: true, + }, + "api_response": { + Type: schema.TypeString, + Description: "The raw body of the HTTP response from the last read of the object.", + Computed: true, + }, + }, + } +} + +/* +Since there is nothing in the ResourceData structure other + + than the "id" passed on the command line, we have to use an opinionated + view of the API paths to figure out how to read that object + from the API +*/ +func resourceStackGuardianRoleAPIImport(d *schema.ResourceData, meta interface{}) (imported []*schema.ResourceData, err error) { + input := d.Id() + + hasTrailingSlash := strings.LastIndex(input, "/") == len(input)-1 + var n int + if hasTrailingSlash { + n = strings.LastIndex(input[0:len(input)-1], "/") + } else { + n = strings.LastIndex(input, "/") + } + + if n == -1 { + return imported, fmt.Errorf("invalid path to import api_object '%s'. Must be //", input) + } + + var id string + if hasTrailingSlash { + id = input[n+1 : len(input)-1] + } else { + id = input[n+1:] + } + + d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) + d.SetId(id) + + obj, err := make_api_object_Role(d, meta) + if err != nil { + return imported, err + } + log.Printf("resource_api_object.go: Import routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object() + if err == nil { + set_resource_state(obj, d) + /* Data that we set in the state above must be passed along + as an item in the stack of imported data */ + imported = append(imported, d) + } + + return imported, err +} + +func resourceStackGuardianRoleAPICreate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_Role(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Create routine called. Object built:\n%s\n", obj.toString()) + + err = obj.create_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianRoleAPIRead(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_Role(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Read routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + log.Printf("resource_api_object.go: Read resource. Returned id is '%s'\n", obj.ResourceName) + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianRoleAPIUpdate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_Role(d, meta) + if err != nil { + return err + } + + log.Printf("resource_api_object.go: Update routine called. Object built:\n%s\n", obj.toString()) + + err = obj.update_object() + if err == nil { + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianRoleAPIDelete(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_Role(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Delete routine called. Object built:\n%s\n", obj.toString()) + + err = obj.delete_object() + if err != nil { + if strings.Contains(err.Error(), "404") { + /* 404 means it doesn't exist. Call that good enough */ + err = nil + } + } + return err +} + +func resourceStackGuardianRoleAPIExists(d *schema.ResourceData, meta interface{}) (exists bool, err error) { + obj, err := make_api_object_Role(d, meta) + if err != nil { + return exists, err + } + log.Printf("resource_api_object.go: Exists routine called. Object built: %s\n", obj.toString()) + + /* Assume all errors indicate the object just doesn't exist. + This may not be a good assumption... */ + err = obj.read_object() + if err == nil { + exists = true + } + return exists, err +} + +/* +Simple helper routine to build an api_object struct + + for the various calls terraform will use. Unfortunately, + terraform cannot just reuse objects, so each CRUD operation + results in a new object created +*/ +func make_api_object_Role(d *schema.ResourceData, meta interface{}) (*api_object, error) { + opts, err := buildApiObjectOpts_Role(d) + if err != nil { + return nil, err + } + + obj, err := NewAPIObject(meta.(*api_client), opts) + if err != nil { + return nil, err + } + + return obj, nil +} + +func buildApiObjectOpts_Role(d *schema.ResourceData) (*apiObjectOpts, error) { + resultPath := "/roles/" + + opts := &apiObjectOpts{ + path: resultPath, + } + + opts.ResourceName = d.Id() + + log.Printf("common.go: make_api_object routine called for id '%s'\n", opts.ResourceName) + + opts.data = d.Get("data").(string) + opts.debug = true + return opts, nil +} diff --git a/internal/provider/role_object_test.go b/internal/provider/role_object_test.go new file mode 100644 index 0000000..bef06ad --- /dev/null +++ b/internal/provider/role_object_test.go @@ -0,0 +1,44 @@ +package provider + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +const testAccCheckConfig_ResourceSgRole = ` +resource "stackguardian_role" "TPS-Test-Role" { + + data = jsonencode({ + "ResourceName": "TPS-Test-Role", + "Description": "Test of terraform-provider-stackguardian for Role", + "Tags": ["tf-provider-test"], + "Actions": [ + "Action-1" + ], + "AllowedPermissions": { + "Permission-key-1": "Permission-val-1", + "Permission-key-2": "Permission-val-2" + } + }) +} +` + +func TestAcc_ResourceSgRole(t *testing.T) { + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckConfig_ResourceSgRole, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + "stackguardian_role.TPS-Test-Role", + "id", + "TPS-Test-Role", + ), + ), + }, + }, + }) +} From 195e0e9ab410e48292e6d57cc072b7f13785ae32 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 8 Mar 2024 17:58:46 +0100 Subject: [PATCH 03/33] Add resource connector_cloud (WIP) --- internal/provider/connector_cloud_object.go | 221 ++++++++++++++++++ .../provider/connector_cloud_object_test.go | 48 ++++ internal/provider/provider.go | 30 +-- 3 files changed, 284 insertions(+), 15 deletions(-) create mode 100644 internal/provider/connector_cloud_object.go create mode 100644 internal/provider/connector_cloud_object_test.go diff --git a/internal/provider/connector_cloud_object.go b/internal/provider/connector_cloud_object.go new file mode 100644 index 0000000..00d8472 --- /dev/null +++ b/internal/provider/connector_cloud_object.go @@ -0,0 +1,221 @@ +package provider + +import ( + "fmt" + "log" + "strconv" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceStackGuardianConnectorCloudAPI() *schema.Resource { + // Consider data sensitive if env variables is set to true. + is_data_sensitive, _ := strconv.ParseBool(GetEnvOrDefault("API_DATA_IS_SENSITIVE", "false")) + + return &schema.Resource{ + Create: resourceStackGuardianConnectorCloudAPICreate, + Read: resourceStackGuardianConnectorCloudAPIRead, + Update: resourceStackGuardianConnectorCloudAPIUpdate, + Delete: resourceStackGuardianConnectorCloudAPIDelete, + Exists: resourceStackGuardianConnectorCloudAPIExists, + + Importer: &schema.ResourceImporter{ + State: resourceStackGuardianConnectorCloudAPIImport, + }, + + Schema: map[string]*schema.Schema{ + "integrationgroup": { + Type: schema.TypeString, + Description: "Integration Group Name", + Required: true, + }, + "data": { + Type: schema.TypeString, + Description: "Valid JSON data that this provider will manage with the API server.", + Required: true, + Sensitive: is_data_sensitive, + }, + "api_data": { + Type: schema.TypeMap, + Elem: &schema.Schema{Type: schema.TypeString}, + Description: "After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting).", + Computed: true, + }, + "api_response": { + Type: schema.TypeString, + Description: "The raw body of the HTTP response from the last read of the object.", + Computed: true, + }, + }, + } +} + +/* +Since there is nothing in the ResourceData structure other + + than the "id" passed on the command line, we have to use an opinionated + view of the API paths to figure out how to read that object + from the API +*/ +func resourceStackGuardianConnectorCloudAPIImport(d *schema.ResourceData, meta interface{}) (imported []*schema.ResourceData, err error) { + input := d.Id() + + hasTrailingSlash := strings.LastIndex(input, "/") == len(input)-1 + var n int + if hasTrailingSlash { + n = strings.LastIndex(input[0:len(input)-1], "/") + } else { + n = strings.LastIndex(input, "/") + } + + if n == -1 { + return imported, fmt.Errorf("invalid path to import api_object '%s'. Must be //", input) + } + + var id string + if hasTrailingSlash { + id = input[n+1 : len(input)-1] + } else { + id = input[n+1:] + } + + d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) + d.SetId(id) + + obj, err := make_api_object_stack(d, meta) + if err != nil { + return imported, err + } + log.Printf("resource_api_object.go: Import routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object() + if err == nil { + set_resource_state(obj, d) + /* Data that we set in the state above must be passed along + as an item in the stack of imported data */ + imported = append(imported, d) + } + + return imported, err +} + +func resourceStackGuardianConnectorCloudAPICreate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_ConnectorCloud(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Create routine called. Object built:\n%s\n", obj.toString()) + + err = obj.create_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianConnectorCloudAPIRead(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_ConnectorCloud(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Read routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + log.Printf("resource_api_object.go: Read resource. Returned id is '%s'\n", obj.ResourceName) + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianConnectorCloudAPIUpdate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_ConnectorCloud(d, meta) + if err != nil { + return err + } + + log.Printf("resource_api_object.go: Update routine called. Object built:\n%s\n", obj.toString()) + + err = obj.update_object() + if err == nil { + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianConnectorCloudAPIDelete(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_ConnectorCloud(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Delete routine called. Object built:\n%s\n", obj.toString()) + + log.Printf("warning: deletion of ConnectorCloud resource is not possible with API Key") + + err = obj.delete_object() + if err != nil { + if strings.Contains(err.Error(), "404") { + /* 404 means it doesn't exist. Call that good enough */ + err = nil + } + } + return err +} + +func resourceStackGuardianConnectorCloudAPIExists(d *schema.ResourceData, meta interface{}) (exists bool, err error) { + obj, err := make_api_object_ConnectorCloud(d, meta) + if err != nil { + return exists, err + } + log.Printf("resource_api_object.go: Exists routine called. Object built: %s\n", obj.toString()) + + /* Assume all errors indicate the object just doesn't exist. + This may not be a good assumption... */ + err = obj.read_object() + if err == nil { + exists = true + } + return exists, err +} + +/* +Simple helper routine to build an api_object struct + + for the various calls terraform will use. Unfortunately, + terraform cannot just reuse objects, so each CRUD operation + results in a new object created +*/ +func make_api_object_ConnectorCloud(d *schema.ResourceData, meta interface{}) (*api_object, error) { + opts, err := buildApiObjectConnectorCloudOpts(d) + if err != nil { + return nil, err + } + + obj, err := NewAPIObject(meta.(*api_client), opts) + if err != nil { + return nil, err + } + + return obj, nil +} + +func buildApiObjectConnectorCloudOpts(d *schema.ResourceData) (*apiObjectOpts, error) { + var resultPath = "/integrationgroups/" + d.Get("integrationgroup").(string) + "/integrations/" + + opts := &apiObjectOpts{ + path: resultPath, + } + + opts.ResourceName = d.Id() + + log.Printf("common.go: make_api_object routine called for id '%s'\n", opts.ResourceName) + + opts.data = d.Get("data").(string) + opts.debug = true + return opts, nil +} diff --git a/internal/provider/connector_cloud_object_test.go b/internal/provider/connector_cloud_object_test.go new file mode 100644 index 0000000..bb6c7b0 --- /dev/null +++ b/internal/provider/connector_cloud_object_test.go @@ -0,0 +1,48 @@ +package provider + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +const testAccCheckConfig_ResourceSgConnectorCloud = ` +resource "stackguardian_connector_cloud" "TPS-Test-ConnectorCloud" { + integrationgroup = "TPS-Test" + data = jsonencode({ + "ResourceName": "TPS-Test-ConnectorCloud", + // "Tags" : ["tf-provider-test"] + "Description": "Test of terraform-provider-stackguardian for ConnectorCloud", + "Settings": { + "kind": "AWS_STATIC", + "config": [ + { + "awsAccessKeyId": "test-aws-key", + "awsSecretAccessKey": "test-aws-key", + "awsDefaultRegion": "us-west-2" + } + ] + } + }) +} +` + +func TestAcc_ResourceSgConnectorCloud(t *testing.T) { + t.Skipf("TODO: Fix DELETE: deletion of ConnectorCloud resource is not possible with API Key") + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckConfig_ResourceSgConnectorCloud, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + "stackguardian_connector_cloud.TPS-Test-ConnectorCloud", + "id", + "TPS-Test-ConnectorCloud", + ), + ), + }, + }, + }) +} diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 6d9db71..4cff10a 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -25,23 +25,23 @@ func Provider() *schema.Provider { }, }, ResourcesMap: map[string]*schema.Resource{ - "stackguardian_workflow": resourceStackGuardianWorkflowAPI(), - "stackguardian_workflow_group": resourceStackGuardianWorkflowGroupAPI(), - "stackguardian_stack": resourceStackGuardianStackAPI(), - "stackguardian_policy": resourceStackGuardianPolicyAPI(), - "stackguardian_integration": resourceStackGuardianIntegrationAPI(), - "stackguardian_role": resourceStackGuardianRoleAPI(), - //"stackguardian_connector_cloud": resourceStackGuardianConnectorCloudAPI(), + "stackguardian_workflow": resourceStackGuardianWorkflowAPI(), + "stackguardian_workflow_group": resourceStackGuardianWorkflowGroupAPI(), + "stackguardian_stack": resourceStackGuardianStackAPI(), + "stackguardian_policy": resourceStackGuardianPolicyAPI(), + "stackguardian_integration": resourceStackGuardianIntegrationAPI(), + "stackguardian_role": resourceStackGuardianRoleAPI(), + "stackguardian_connector_cloud": resourceStackGuardianConnectorCloudAPI(), }, DataSourcesMap: map[string]*schema.Resource{ - "stackguardian_workflow": dataSourceStackGuardianAPI(), - "stackguardian_workflow_group": dataSourceStackGuardianAPI(), - "stackguardian_stack": dataSourceStackGuardianAPI(), - "stackguardian_policy": dataSourceStackGuardianAPI(), - "stackguardian_integration": dataSourceStackGuardianAPI(), - "stackguardian_wf_output": dataSourceStackGuardianWorkflowOutputsAPI(), - "stackguardian_role": dataSourceStackGuardianAPI(), - //"stackguardian_connector_cloud": dataSourceStackGuardianAPI(), + "stackguardian_workflow": dataSourceStackGuardianAPI(), + "stackguardian_workflow_group": dataSourceStackGuardianAPI(), + "stackguardian_stack": dataSourceStackGuardianAPI(), + "stackguardian_policy": dataSourceStackGuardianAPI(), + "stackguardian_integration": dataSourceStackGuardianAPI(), + "stackguardian_wf_output": dataSourceStackGuardianWorkflowOutputsAPI(), + "stackguardian_role": dataSourceStackGuardianAPI(), + "stackguardian_connector_cloud": dataSourceStackGuardianAPI(), }, ConfigureFunc: configureProvider, } From 3822174abd9978139129b858c0b952b5c7b1560f Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 8 Mar 2024 18:23:55 +0100 Subject: [PATCH 04/33] Fix connector_cloud: without integrationgroups --- internal/provider/connector_cloud_object.go | 13 +++++++------ internal/provider/connector_cloud_object_test.go | 4 ++-- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/internal/provider/connector_cloud_object.go b/internal/provider/connector_cloud_object.go index 00d8472..d3d3230 100644 --- a/internal/provider/connector_cloud_object.go +++ b/internal/provider/connector_cloud_object.go @@ -25,11 +25,11 @@ func resourceStackGuardianConnectorCloudAPI() *schema.Resource { }, Schema: map[string]*schema.Schema{ - "integrationgroup": { - Type: schema.TypeString, - Description: "Integration Group Name", - Required: true, - }, + // "integrationgroup": { + // Type: schema.TypeString, + // Description: "Integration Group Name", + // Required: true, + // }, "data": { Type: schema.TypeString, Description: "Valid JSON data that this provider will manage with the API server.", @@ -205,7 +205,8 @@ func make_api_object_ConnectorCloud(d *schema.ResourceData, meta interface{}) (* } func buildApiObjectConnectorCloudOpts(d *schema.ResourceData) (*apiObjectOpts, error) { - var resultPath = "/integrationgroups/" + d.Get("integrationgroup").(string) + "/integrations/" + // var resultPath = "/integrationgroups/" + d.Get("integrationgroup").(string) + "/integrations/" + var resultPath = "/integrations/" opts := &apiObjectOpts{ path: resultPath, diff --git a/internal/provider/connector_cloud_object_test.go b/internal/provider/connector_cloud_object_test.go index bb6c7b0..8c0d82c 100644 --- a/internal/provider/connector_cloud_object_test.go +++ b/internal/provider/connector_cloud_object_test.go @@ -8,10 +8,10 @@ import ( const testAccCheckConfig_ResourceSgConnectorCloud = ` resource "stackguardian_connector_cloud" "TPS-Test-ConnectorCloud" { - integrationgroup = "TPS-Test" + // integrationgroup = "TPS-Test" data = jsonencode({ "ResourceName": "TPS-Test-ConnectorCloud", - // "Tags" : ["tf-provider-test"] + "Tags" : ["tf-provider-test"] "Description": "Test of terraform-provider-stackguardian for ConnectorCloud", "Settings": { "kind": "AWS_STATIC", From 21416553232dc940201907e85e7bbe1f966979b9 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 8 Mar 2024 18:43:44 +0100 Subject: [PATCH 05/33] Add resource connector_vcs --- internal/provider/connector_vcs_object.go | 222 ++++++++++++++++++ .../provider/connector_vcs_object_test.go | 47 ++++ internal/provider/provider.go | 2 + 3 files changed, 271 insertions(+) create mode 100644 internal/provider/connector_vcs_object.go create mode 100644 internal/provider/connector_vcs_object_test.go diff --git a/internal/provider/connector_vcs_object.go b/internal/provider/connector_vcs_object.go new file mode 100644 index 0000000..27beb31 --- /dev/null +++ b/internal/provider/connector_vcs_object.go @@ -0,0 +1,222 @@ +package provider + +import ( + "fmt" + "log" + "strconv" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceStackGuardianConnectorVcsAPI() *schema.Resource { + // Consider data sensitive if env variables is set to true. + is_data_sensitive, _ := strconv.ParseBool(GetEnvOrDefault("API_DATA_IS_SENSITIVE", "false")) + + return &schema.Resource{ + Create: resourceStackGuardianConnectorVcsAPICreate, + Read: resourceStackGuardianConnectorVcsAPIRead, + Update: resourceStackGuardianConnectorVcsAPIUpdate, + Delete: resourceStackGuardianConnectorVcsAPIDelete, + Exists: resourceStackGuardianConnectorVcsAPIExists, + + Importer: &schema.ResourceImporter{ + State: resourceStackGuardianConnectorVcsAPIImport, + }, + + Schema: map[string]*schema.Schema{ + // "integrationgroup": { + // Type: schema.TypeString, + // Description: "Integration Group Name", + // Required: true, + // }, + "data": { + Type: schema.TypeString, + Description: "Valid JSON data that this provider will manage with the API server.", + Required: true, + Sensitive: is_data_sensitive, + }, + "api_data": { + Type: schema.TypeMap, + Elem: &schema.Schema{Type: schema.TypeString}, + Description: "After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting).", + Computed: true, + }, + "api_response": { + Type: schema.TypeString, + Description: "The raw body of the HTTP response from the last read of the object.", + Computed: true, + }, + }, + } +} + +/* +Since there is nothing in the ResourceData structure other + + than the "id" passed on the command line, we have to use an opinionated + view of the API paths to figure out how to read that object + from the API +*/ +func resourceStackGuardianConnectorVcsAPIImport(d *schema.ResourceData, meta interface{}) (imported []*schema.ResourceData, err error) { + input := d.Id() + + hasTrailingSlash := strings.LastIndex(input, "/") == len(input)-1 + var n int + if hasTrailingSlash { + n = strings.LastIndex(input[0:len(input)-1], "/") + } else { + n = strings.LastIndex(input, "/") + } + + if n == -1 { + return imported, fmt.Errorf("invalid path to import api_object '%s'. Must be //", input) + } + + var id string + if hasTrailingSlash { + id = input[n+1 : len(input)-1] + } else { + id = input[n+1:] + } + + d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) + d.SetId(id) + + obj, err := make_api_object_stack(d, meta) + if err != nil { + return imported, err + } + log.Printf("resource_api_object.go: Import routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object() + if err == nil { + set_resource_state(obj, d) + /* Data that we set in the state above must be passed along + as an item in the stack of imported data */ + imported = append(imported, d) + } + + return imported, err +} + +func resourceStackGuardianConnectorVcsAPICreate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_ConnectorVcs(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Create routine called. Object built:\n%s\n", obj.toString()) + + err = obj.create_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianConnectorVcsAPIRead(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_ConnectorVcs(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Read routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + log.Printf("resource_api_object.go: Read resource. Returned id is '%s'\n", obj.ResourceName) + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianConnectorVcsAPIUpdate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_ConnectorVcs(d, meta) + if err != nil { + return err + } + + log.Printf("resource_api_object.go: Update routine called. Object built:\n%s\n", obj.toString()) + + err = obj.update_object() + if err == nil { + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianConnectorVcsAPIDelete(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_ConnectorVcs(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Delete routine called. Object built:\n%s\n", obj.toString()) + + log.Printf("warning: deletion of ConnectorVcs resource is not possible with API Key") + + err = obj.delete_object() + if err != nil { + if strings.Contains(err.Error(), "404") { + /* 404 means it doesn't exist. Call that good enough */ + err = nil + } + } + return err +} + +func resourceStackGuardianConnectorVcsAPIExists(d *schema.ResourceData, meta interface{}) (exists bool, err error) { + obj, err := make_api_object_ConnectorVcs(d, meta) + if err != nil { + return exists, err + } + log.Printf("resource_api_object.go: Exists routine called. Object built: %s\n", obj.toString()) + + /* Assume all errors indicate the object just doesn't exist. + This may not be a good assumption... */ + err = obj.read_object() + if err == nil { + exists = true + } + return exists, err +} + +/* +Simple helper routine to build an api_object struct + + for the various calls terraform will use. Unfortunately, + terraform cannot just reuse objects, so each CRUD operation + results in a new object created +*/ +func make_api_object_ConnectorVcs(d *schema.ResourceData, meta interface{}) (*api_object, error) { + opts, err := buildApiObjectConnectorVcsOpts(d) + if err != nil { + return nil, err + } + + obj, err := NewAPIObject(meta.(*api_client), opts) + if err != nil { + return nil, err + } + + return obj, nil +} + +func buildApiObjectConnectorVcsOpts(d *schema.ResourceData) (*apiObjectOpts, error) { + // var resultPath = "/integrationgroups/" + d.Get("integrationgroup").(string) + "/integrations/" + var resultPath = "/integrations/" + + opts := &apiObjectOpts{ + path: resultPath, + } + + opts.ResourceName = d.Id() + + log.Printf("common.go: make_api_object routine called for id '%s'\n", opts.ResourceName) + + opts.data = d.Get("data").(string) + opts.debug = true + return opts, nil +} diff --git a/internal/provider/connector_vcs_object_test.go b/internal/provider/connector_vcs_object_test.go new file mode 100644 index 0000000..35962e0 --- /dev/null +++ b/internal/provider/connector_vcs_object_test.go @@ -0,0 +1,47 @@ +package provider + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +const testAccCheckConfig_ResourceSgConnectorVcs = ` +resource "stackguardian_connector_vcs" "TPS-Test-ConnectorVcs" { + // integrationgroup = "TPS-Test" + data = jsonencode({ + "ResourceName": "TPS-Test-ConnectorVcs", + "ResourceType": "INTEGRATION.GITLAB_COM", + "Tags" : ["tf-provider-test"] + "Description": "Test of terraform-provider-stackguardian for ConnectorVcs", + "Settings": { + "kind": "GITLAB_COM", + "config": [ + { + "gitlabCreds": "test-user:test-token" + } + ] + }, + }) +} +` + +func TestAcc_ResourceSgConnectorVcs(t *testing.T) { + t.Skipf("TODO: Fix DELETE: deletion of ConnectorVcs resource is not possible with API Key") + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckConfig_ResourceSgConnectorVcs, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + "stackguardian_connector_vcs.TPS-Test-ConnectorVcs", + "id", + "TPS-Test-ConnectorVcs", + ), + ), + }, + }, + }) +} diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 4cff10a..2624221 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -32,6 +32,7 @@ func Provider() *schema.Provider { "stackguardian_integration": resourceStackGuardianIntegrationAPI(), "stackguardian_role": resourceStackGuardianRoleAPI(), "stackguardian_connector_cloud": resourceStackGuardianConnectorCloudAPI(), + "stackguardian_connector_vcs": resourceStackGuardianConnectorVcsAPI(), }, DataSourcesMap: map[string]*schema.Resource{ "stackguardian_workflow": dataSourceStackGuardianAPI(), @@ -42,6 +43,7 @@ func Provider() *schema.Provider { "stackguardian_wf_output": dataSourceStackGuardianWorkflowOutputsAPI(), "stackguardian_role": dataSourceStackGuardianAPI(), "stackguardian_connector_cloud": dataSourceStackGuardianAPI(), + "stackguardian_connector_vcs": dataSourceStackGuardianAPI(), }, ConfigureFunc: configureProvider, } From d483d2f914523b418288f69a1ac3f12d1d64ec3f Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Mon, 11 Mar 2024 13:26:37 +0100 Subject: [PATCH 06/33] Add resource secret --- internal/provider/api_object.go | 62 ++++++ internal/provider/provider.go | 7 +- internal/provider/secret_object.go | 251 ++++++++++++++++++++++++ internal/provider/secret_object_test.go | 38 ++++ 4 files changed, 356 insertions(+), 2 deletions(-) create mode 100644 internal/provider/secret_object.go create mode 100644 internal/provider/secret_object_test.go diff --git a/internal/provider/api_object.go b/internal/provider/api_object.go index 6e4f743..e7f6212 100644 --- a/internal/provider/api_object.go +++ b/internal/provider/api_object.go @@ -291,6 +291,68 @@ func (obj *api_object) read_object() error { return err } +func (obj *api_object) read_object_from_listall() error { + var err error + if obj.ResourceName == "" { + return errors.New("cannot read an object unless the ID has been set") + } + + res_str, err := obj.api_client.send_request(obj.read_method, obj.get_path, "") + if err != nil { + if strings.Contains(err.Error(), "Unexpected response code '404'") { + log.Printf("api_object.go: 404 error while refreshing state for '%s' at path '%s'. Removing from state.", obj.ResourceName, obj.get_path) + obj.ResourceName = "" + return nil + } + return err + } + + /* + TODO: + - Unmarshal + - Find data msg key + - Iterate over array of Secrets + - Create internal limited secret struct if it finds the ResourceName -- needed if no update ? + - No update of the state + */ + + type secretListAllResponse struct { + Msg []struct { + ResourceName string `json:"ResourceName"` + LastModifiedDate int `json:"LastModifiedDate"` + Attributes []struct { + Key string `json:"Key"` + Value string `json:"Value"` + } `json:"Attributes"` + } `json:"msg"` + } + + var secretListAllResponseRaw secretListAllResponse + err = json.Unmarshal([]byte(res_str), &secretListAllResponseRaw) + if err != nil { + msg := "failure to Unmarshal res_str" + log.Printf("ERROR: " + msg) + return fmt.Errorf("api_object.go: " + msg) + } + + if secretListAllResponseRaw.Msg == nil { + log.Printf("api_object.go: resource not found: empty list of resource looking for '%s' at path '%s'; removing from state", obj.ResourceName, obj.get_path) + obj.ResourceName = "" + return nil + } + for _, secret := range secretListAllResponseRaw.Msg { + if secret.ResourceName == obj.ResourceName { + return nil + } + } + + // err = obj.update_state(res_str) + + log.Printf("api_object.go: resource not found: looking in list for '%s' at path '%s'; removing from state", obj.ResourceName, obj.get_path) + obj.ResourceName = "" + return fmt.Errorf("") +} + func (obj *api_object) update_object() error { if obj.ResourceName == "" { return errors.New("cannot update an object unless the ID has been set") diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 2624221..7693554 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -9,6 +9,7 @@ import ( ) func Provider() *schema.Provider { + // debugProcess() return &schema.Provider{ Schema: map[string]*schema.Schema{ "org_name": { @@ -33,6 +34,7 @@ func Provider() *schema.Provider { "stackguardian_role": resourceStackGuardianRoleAPI(), "stackguardian_connector_cloud": resourceStackGuardianConnectorCloudAPI(), "stackguardian_connector_vcs": resourceStackGuardianConnectorVcsAPI(), + "stackguardian_secret": resourceStackGuardianSecretAPI(), }, DataSourcesMap: map[string]*schema.Resource{ "stackguardian_workflow": dataSourceStackGuardianAPI(), @@ -44,6 +46,7 @@ func Provider() *schema.Provider { "stackguardian_role": dataSourceStackGuardianAPI(), "stackguardian_connector_cloud": dataSourceStackGuardianAPI(), "stackguardian_connector_vcs": dataSourceStackGuardianAPI(), + "stackguardian_secret": dataSourceStackGuardianAPI(), }, ConfigureFunc: configureProvider, } @@ -65,8 +68,8 @@ func configureProvider(d *schema.ResourceData) (interface{}, error) { /// DEBUG ///////////////////////////////////////////////////////////////////////////////////////// func debugProcess() { - debugMode, found := os.LookupEnv("TF_LOG") - if !found || debugMode != "debug" { + _, found := os.LookupEnv("TF_LOG") + if !found { return } diff --git a/internal/provider/secret_object.go b/internal/provider/secret_object.go new file mode 100644 index 0000000..c539846 --- /dev/null +++ b/internal/provider/secret_object.go @@ -0,0 +1,251 @@ +package provider + +import ( + "fmt" + "log" + "strings" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func resourceStackGuardianSecretAPI() *schema.Resource { + // Consider data sensitive if env variables is set to true. + is_data_sensitive := true + + return &schema.Resource{ + Create: resourceStackGuardianSecretAPICreate, + Read: resourceStackGuardianSecretAPIRead, + Update: resourceStackGuardianSecretAPIUpdate, + Delete: resourceStackGuardianSecretAPIDelete, + Exists: resourceStackGuardianSecretAPIExists, + + Importer: &schema.ResourceImporter{ + State: resourceStackGuardianSecretAPIImport, + }, + + Schema: map[string]*schema.Schema{ + "data": { + Type: schema.TypeString, + Description: "Valid JSON data that this provider will manage with the API server.", + Required: true, + Sensitive: is_data_sensitive, + }, + "api_data": { + Type: schema.TypeMap, + Elem: &schema.Schema{Type: schema.TypeString}, + Description: "After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting).", + Computed: true, + }, + "api_response": { + Type: schema.TypeString, + Description: "The raw body of the HTTP response from the last read of the object.", + Computed: true, + }, + }, + } +} + +/* +Since there is nothing in the ResourceData structure other + + than the "id" passed on the command line, we have to use an opinionated + view of the API paths to figure out how to read that object + from the API +*/ +func resourceStackGuardianSecretAPIImport(d *schema.ResourceData, meta interface{}) (imported []*schema.ResourceData, err error) { + input := d.Id() + + hasTrailingSlash := strings.LastIndex(input, "/") == len(input)-1 + var n int + if hasTrailingSlash { + n = strings.LastIndex(input[0:len(input)-1], "/") + } else { + n = strings.LastIndex(input, "/") + } + + if n == -1 { + return imported, fmt.Errorf("invalid path to import api_object '%s'. Must be //", input) + } + + var id string + if hasTrailingSlash { + id = input[n+1 : len(input)-1] + } else { + id = input[n+1:] + } + + d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) + d.SetId(id) + + obj, err := make_api_object_stack(d, meta) + if err != nil { + return imported, err + } + log.Printf("resource_api_object.go: Import routine called. Object built:\n%s\n", obj.toString()) + + // WARNING: It will fail unless FIXME is implemented + err = obj.read_object_from_listall() // FIXME: store ResourseName in obj + if err == nil { + set_resource_state(obj, d) + /* Data that we set in the state above must be passed along + as an item in the stack of imported data */ + imported = append(imported, d) + } + + return imported, err +} + +func resourceStackGuardianSecretAPICreate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_secret(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Create routine called. Object built:\n%s\n", obj.toString()) + + err = obj.create_object() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianSecretAPIRead(d *schema.ResourceData, meta interface{}) error { + // Refresh of the secret is not going to work + obj, err := make_api_object_secret_read(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Read routine called. Object built:\n%s\n", obj.toString()) + + err = obj.read_object_from_listall() + if err == nil { + /* Setting terraform ID tells terraform the object was created or it exists */ + log.Printf("resource_api_object.go: Read resource. Returned id is '%s'\n", obj.ResourceName) + d.SetId(obj.ResourceName) + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianSecretAPIUpdate(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_secret(d, meta) + if err != nil { + return err + } + + log.Printf("resource_api_object.go: Update routine called. Object built:\n%s\n", obj.toString()) + + err = obj.update_object() + if err == nil { + set_resource_state(obj, d) + } + return err +} + +func resourceStackGuardianSecretAPIDelete(d *schema.ResourceData, meta interface{}) error { + obj, err := make_api_object_secret(d, meta) + if err != nil { + return err + } + log.Printf("resource_api_object.go: Delete routine called. Object built:\n%s\n", obj.toString()) + + err = obj.delete_object() + if err != nil { + if strings.Contains(err.Error(), "404") { + /* 404 means it doesn't exist. Call that good enough */ + err = nil + } + } + return err +} + +func resourceStackGuardianSecretAPIExists(d *schema.ResourceData, meta interface{}) (exists bool, err error) { + obj, err := make_api_object_secret_read(d, meta) + if err != nil { + return exists, err + } + log.Printf("resource_api_object.go: Exists routine called. Object built: %s\n", obj.toString()) + + /* Assume all errors indicate the object just doesn't exist. + This may not be a good assumption... */ + err = obj.read_object_from_listall() + if err == nil { + exists = true + } + return exists, err +} + +/* +Simple helper routine to build an api_object struct + + for the various calls terraform will use. Unfortunately, + terraform cannot just reuse objects, so each CRUD operation + results in a new object created +*/ +func make_api_object_secret(d *schema.ResourceData, meta interface{}) (*api_object, error) { + opts, err := buildApiObjectSecretOpts(d) + if err != nil { + return nil, err + } + + obj, err := NewAPIObject(meta.(*api_client), opts) + if err != nil { + return nil, err + } + + return obj, nil +} + +func buildApiObjectSecretOpts(d *schema.ResourceData) (*apiObjectOpts, error) { + // resultPath := "/wfgrps/" + d.Get("wfgrp").(string) + "/stacks/" + resultPath := "/secrets/" + + opts := &apiObjectOpts{ + path: resultPath, + } + + opts.ResourceName = d.Id() + + log.Printf("common.go: make_api_object routine called for id '%s'\n", opts.ResourceName) + + opts.data = d.Get("data").(string) + opts.debug = true + return opts, nil +} + +func make_api_object_secret_read(d *schema.ResourceData, meta interface{}) (*api_object, error) { + opts, err := buildApiObjectSecretOptsRead(d) + if err != nil { + return nil, err + } + + obj, err := NewAPIObject(meta.(*api_client), opts) + if err != nil { + return nil, err + } + + return obj, nil +} + +func buildApiObjectSecretOptsRead(d *schema.ResourceData) (*apiObjectOpts, error) { + readPath := "/secrets/listall/" + + opts := &apiObjectOpts{ + path: "", + post_path: "", + put_path: "", + delete_path: "", + search_path: "", + get_path: readPath, + } + + opts.ResourceName = d.Id() + + log.Printf("common.go: make_api_object routine called for id '%s'\n", opts.ResourceName) + + opts.data = d.Get("data").(string) + opts.debug = true + return opts, nil +} diff --git a/internal/provider/secret_object_test.go b/internal/provider/secret_object_test.go new file mode 100644 index 0000000..631658d --- /dev/null +++ b/internal/provider/secret_object_test.go @@ -0,0 +1,38 @@ +package provider + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +const testAccCheckConfig_ResourceSgSecret = ` +resource "stackguardian_secret" "TPS-Test-Secret-Name" { + data = jsonencode({ + "ResourceName": "TPS-Test-Secret-Name", + "ResourceValue": "TPS-Test-Secret-Value" + }) +} +` + +func TestAcc_ResourceSgSecret(t *testing.T) { + //t.Skipf("TODO: Fix DELETE: deletion of Secret resource is not possible with API Key") + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckConfig_ResourceSgSecret, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + "stackguardian_secret.TPS-Test-Secret-Name", + "id", + "TPS-Test-Secret-Name", + ), + ), + //Destroy: true, + //PreventPostDestroyRefresh: true, + }, + }, + }) +} From 3add87a19bdd8c0f4c96b87f82dad09b73e43831 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Mon, 11 Mar 2024 19:59:45 +0100 Subject: [PATCH 07/33] Add examples for new resources --- .../connector_cloud.tf | 29 +++++++++++++++++++ .../connector_vcs_example/connector_vcs.tf | 28 ++++++++++++++++++ examples/policy_example/policy.tf | 17 +++++------ examples/role_example/role.tf | 25 ++++++++++++++++ examples/secret_example/secret.tf | 17 +++++++++++ .../workflow_group_example/workflow_group.tf | 19 ++++++++++++ 6 files changed, 126 insertions(+), 9 deletions(-) create mode 100644 examples/connector_cloud_example/connector_cloud.tf create mode 100644 examples/connector_vcs_example/connector_vcs.tf create mode 100644 examples/role_example/role.tf create mode 100644 examples/secret_example/secret.tf create mode 100644 examples/workflow_group_example/workflow_group.tf diff --git a/examples/connector_cloud_example/connector_cloud.tf b/examples/connector_cloud_example/connector_cloud.tf new file mode 100644 index 0000000..f30e68c --- /dev/null +++ b/examples/connector_cloud_example/connector_cloud.tf @@ -0,0 +1,29 @@ +terraform { + required_providers { + stackguardian = { + source = "terraform/provider/stackguardian" + version = "0.0.0-dev" + } + } +} + +provider "stackguardian" {} + +resource "stackguardian_connector_cloud" "TPS-Example-ConnectorCloud" { + // integrationgroup = "TPS-Example" + data = jsonencode({ + "ResourceName" : "TPS-Example-ConnectorCloud", + "Tags" : ["tf-provider-example"] + "Description" : "Example of terraform-provider-stackguardian for ConnectorCloud", + "Settings" : { + "kind" : "AWS_STATIC", + "config" : [ + { + "awsAccessKeyId" : "example-aws-key", + "awsSecretAccessKey" : "example-aws-key", + "awsDefaultRegion" : "us-west-2" + } + ] + } + }) +} diff --git a/examples/connector_vcs_example/connector_vcs.tf b/examples/connector_vcs_example/connector_vcs.tf new file mode 100644 index 0000000..dddb83e --- /dev/null +++ b/examples/connector_vcs_example/connector_vcs.tf @@ -0,0 +1,28 @@ +terraform { + required_providers { + stackguardian = { + source = "terraform/provider/stackguardian" + version = "0.0.0-dev" + } + } +} + +provider "stackguardian" {} + +resource "stackguardian_connector_vcs" "TPS-Example-ConnectorVcs" { + // integrationgroup = "TPS-Example" + data = jsonencode({ + "ResourceName" : "TPS-Example-ConnectorVcs", + "ResourceType" : "INTEGRATION.GITLAB_COM", + "Tags" : ["tf-provider-example"] + "Description" : "Example of terraform-provider-stackguardian for ConnectorVcs", + "Settings" : { + "kind" : "GITLAB_COM", + "config" : [ + { + "gitlabCreds" : "example-user:example-token" + } + ] + }, + }) +} diff --git a/examples/policy_example/policy.tf b/examples/policy_example/policy.tf index e27e2dc..975ef4e 100644 --- a/examples/policy_example/policy.tf +++ b/examples/policy_example/policy.tf @@ -1,19 +1,18 @@ terraform { required_providers { stackguardian = { - source = "terraform/provider/stackguardian" + source = "terraform/provider/stackguardian" version = "0.0.0-dev" } } } -provider "stackguardian" { - org_name = "---" // TBD - api_key = "---" // TBD -} +provider "stackguardian" {} -resource "stackguardian_policy" "TestPolicy" { - data = jsonencode( - { "ResourceName" : "test", "Description" : "", "Tags" : ["test", "policy"] } - ) +resource "stackguardian_policy" "TPS-Example-Policy" { + data = jsonencode({ + "ResourceName" : "TPS-Example-Policy", + "Description" : "Example of terraform-provider-stackguardian for Policy", + "Tags" : ["tf-provider-example", "example", "policy"] + }) } diff --git a/examples/role_example/role.tf b/examples/role_example/role.tf new file mode 100644 index 0000000..acce5c4 --- /dev/null +++ b/examples/role_example/role.tf @@ -0,0 +1,25 @@ +terraform { + required_providers { + stackguardian = { + source = "terraform/provider/stackguardian" + version = "0.0.0-dev" + } + } +} + +provider "stackguardian" {} + +resource "stackguardian_role" "TPS-Example-Role" { + data = jsonencode({ + "ResourceName" : "TPS-Example-Role", + "Description" : "Example of terraform-provider-stackguardian for Role", + "Tags" : ["tf-provider-example"], + "Actions" : [ + "Action-1" + ], + "AllowedPermissions" : { + "Permission-key-1" : "Permission-val-1", + "Permission-key-2" : "Permission-val-2" + } + }) +} diff --git a/examples/secret_example/secret.tf b/examples/secret_example/secret.tf new file mode 100644 index 0000000..e8f4074 --- /dev/null +++ b/examples/secret_example/secret.tf @@ -0,0 +1,17 @@ +terraform { + required_providers { + stackguardian = { + source = "terraform/provider/stackguardian" + version = "0.0.0-dev" + } + } +} + +provider "stackguardian" {} + +resource "stackguardian_secret" "TPS-Example-Secret-Name" { + data = jsonencode({ + "ResourceName" : "TPS-Example-Secret-Name", + "ResourceValue" : "TPS-Example-Secret-Value" + }) +} diff --git a/examples/workflow_group_example/workflow_group.tf b/examples/workflow_group_example/workflow_group.tf new file mode 100644 index 0000000..63aefc7 --- /dev/null +++ b/examples/workflow_group_example/workflow_group.tf @@ -0,0 +1,19 @@ +terraform { + required_providers { + stackguardian = { + source = "terraform/provider/stackguardian" + version = "0.0.0-dev" + } + } +} + +provider "stackguardian" {} + +resource "stackguardian_workflow_group" "TPS-Example-WorkflowGroup" { + data = jsonencode({ + "ResourceName" : "TPS-Example-WorkflowGroup", + "Description" : "Example of terraform-provider-stackguardian for WorkflowGroup", + "Tags" : ["tf-provider-"], + "IsActive" : 1, + }) +} From ab5bd47ae8b97edc86c208332398b3e0a2bed11c Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Mon, 11 Mar 2024 20:00:12 +0100 Subject: [PATCH 08/33] Add instructions for running examples --- examples/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 examples/README.md diff --git a/examples/README.md b/examples/README.md new file mode 100644 index 0000000..575c1b9 --- /dev/null +++ b/examples/README.md @@ -0,0 +1,12 @@ + +# Examples of provider usage + +## Instructions for quickly testing out the provider + +```shell +# First, from the project root, enter one of the example directories +cd examples/role_example + +# Then clean, initialize and run Terraform to create and destroy the defined resource in the example +rm -rf .terraform .terraform.lock.hcl; pushd ../..; make install; popd; terraform init && terraform plan && terraform apply -auto-approve && terraform destroy --auto-approve +``` From d063d27daee546fffaa53ab4ca3cba4bfbc3abbc Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Mon, 11 Mar 2024 20:02:13 +0100 Subject: [PATCH 09/33] Add debug mode to provider --- .vscode/launch.json | 12 ++++++++++++ internal/provider/provider.go | 1 - internal/provider/secret_object.go | 2 +- main.go | 10 +++++++++- 4 files changed, 22 insertions(+), 3 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 6ed22ae..b4a24fb 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -11,6 +11,18 @@ "mode": "local", "processId": 0, //"preLaunchTask": "Exec sg-tf-provider", + }, + { + "name": "Debug Terraform Provider", + "type": "go", + "request": "launch", + "mode": "debug", + // this assumes your workspace is the root of the repo + "program": "${workspaceFolder}", + "env": {}, + "args": [ + "-debug", + ] } ] } diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 7693554..dfe77b3 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -9,7 +9,6 @@ import ( ) func Provider() *schema.Provider { - // debugProcess() return &schema.Provider{ Schema: map[string]*schema.Schema{ "org_name": { diff --git a/internal/provider/secret_object.go b/internal/provider/secret_object.go index c539846..8de1860 100644 --- a/internal/provider/secret_object.go +++ b/internal/provider/secret_object.go @@ -112,7 +112,7 @@ func resourceStackGuardianSecretAPICreate(d *schema.ResourceData, meta interface } func resourceStackGuardianSecretAPIRead(d *schema.ResourceData, meta interface{}) error { - // Refresh of the secret is not going to work + // debugProcess() obj, err := make_api_object_secret_read(d, meta) if err != nil { return err diff --git a/main.go b/main.go index e3a9418..87ea86e 100644 --- a/main.go +++ b/main.go @@ -1,15 +1,23 @@ package main import ( + "flag" + "github.com/hashicorp/terraform-plugin-sdk/v2/plugin" provider "github.com/StackGuardian/terraform-provider-stackguardian/internal/provider" ) func main() { + var debug bool + + flag.BoolVar(&debug, "debug", false, "set to true to run the provider with support for debuggers like delve") + flag.Parse() + plugin.Serve( &plugin.ServeOpts{ ProviderFunc: provider.Provider, - // TODO: fill in ProviderAddr + Debug: debug, + ProviderAddr: "terraform/provider/stackguardian", }) } From adfdf6715c7ba61d83f2e396d721a4f126bdd3c9 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Mon, 11 Mar 2024 20:02:31 +0100 Subject: [PATCH 10/33] Fix & Clean comments --- internal/provider/api_object.go | 10 ++-------- internal/provider/secret_object.go | 4 +--- internal/provider/secret_object_test.go | 3 --- 3 files changed, 3 insertions(+), 14 deletions(-) diff --git a/internal/provider/api_object.go b/internal/provider/api_object.go index e7f6212..cf8beb5 100644 --- a/internal/provider/api_object.go +++ b/internal/provider/api_object.go @@ -307,14 +307,8 @@ func (obj *api_object) read_object_from_listall() error { return err } - /* - TODO: - - Unmarshal - - Find data msg key - - Iterate over array of Secrets - - Create internal limited secret struct if it finds the ResourceName -- needed if no update ? - - No update of the state - */ + // NOTE: If another resource beyond Secret need to use the listall path for read purposes, + // a type switch deriving the resource type from the get_path shall be added here. type secretListAllResponse struct { Msg []struct { diff --git a/internal/provider/secret_object.go b/internal/provider/secret_object.go index 8de1860..b338e50 100644 --- a/internal/provider/secret_object.go +++ b/internal/provider/secret_object.go @@ -9,7 +9,6 @@ import ( ) func resourceStackGuardianSecretAPI() *schema.Resource { - // Consider data sensitive if env variables is set to true. is_data_sensitive := true return &schema.Resource{ @@ -84,7 +83,7 @@ func resourceStackGuardianSecretAPIImport(d *schema.ResourceData, meta interface log.Printf("resource_api_object.go: Import routine called. Object built:\n%s\n", obj.toString()) // WARNING: It will fail unless FIXME is implemented - err = obj.read_object_from_listall() // FIXME: store ResourseName in obj + err = obj.read_object_from_listall() // FIXME: store ResourceName in obj if err == nil { set_resource_state(obj, d) /* Data that we set in the state above must be passed along @@ -199,7 +198,6 @@ func make_api_object_secret(d *schema.ResourceData, meta interface{}) (*api_obje } func buildApiObjectSecretOpts(d *schema.ResourceData) (*apiObjectOpts, error) { - // resultPath := "/wfgrps/" + d.Get("wfgrp").(string) + "/stacks/" resultPath := "/secrets/" opts := &apiObjectOpts{ diff --git a/internal/provider/secret_object_test.go b/internal/provider/secret_object_test.go index 631658d..be6f31a 100644 --- a/internal/provider/secret_object_test.go +++ b/internal/provider/secret_object_test.go @@ -16,7 +16,6 @@ resource "stackguardian_secret" "TPS-Test-Secret-Name" { ` func TestAcc_ResourceSgSecret(t *testing.T) { - //t.Skipf("TODO: Fix DELETE: deletion of Secret resource is not possible with API Key") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -30,8 +29,6 @@ func TestAcc_ResourceSgSecret(t *testing.T) { "TPS-Test-Secret-Name", ), ), - //Destroy: true, - //PreventPostDestroyRefresh: true, }, }, }) From ac362f01a67a408e040ef982ff42fd51e8033bf0 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Thu, 21 Mar 2024 19:00:33 +0100 Subject: [PATCH 11/33] Fix Import method for newly added resources --- internal/provider/connector_cloud_object.go | 2 +- internal/provider/connector_vcs_object.go | 2 +- internal/provider/integration_object.go | 2 +- internal/provider/secret_object.go | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/internal/provider/connector_cloud_object.go b/internal/provider/connector_cloud_object.go index d3d3230..899543e 100644 --- a/internal/provider/connector_cloud_object.go +++ b/internal/provider/connector_cloud_object.go @@ -83,7 +83,7 @@ func resourceStackGuardianConnectorCloudAPIImport(d *schema.ResourceData, meta i d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) d.SetId(id) - obj, err := make_api_object_stack(d, meta) + obj, err := make_api_object_ConnectorCloud(d, meta) if err != nil { return imported, err } diff --git a/internal/provider/connector_vcs_object.go b/internal/provider/connector_vcs_object.go index 27beb31..6892bbc 100644 --- a/internal/provider/connector_vcs_object.go +++ b/internal/provider/connector_vcs_object.go @@ -83,7 +83,7 @@ func resourceStackGuardianConnectorVcsAPIImport(d *schema.ResourceData, meta int d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) d.SetId(id) - obj, err := make_api_object_stack(d, meta) + obj, err := make_api_object_ConnectorVcs(d, meta) if err != nil { return imported, err } diff --git a/internal/provider/integration_object.go b/internal/provider/integration_object.go index acf05e4..369bd54 100644 --- a/internal/provider/integration_object.go +++ b/internal/provider/integration_object.go @@ -78,7 +78,7 @@ func resourceStackGuardianIntegrationAPIImport(d *schema.ResourceData, meta inte d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) d.SetId(id) - obj, err := make_api_object_stack(d, meta) + obj, err := make_api_object_integration(d, meta) if err != nil { return imported, err } diff --git a/internal/provider/secret_object.go b/internal/provider/secret_object.go index b338e50..73a8137 100644 --- a/internal/provider/secret_object.go +++ b/internal/provider/secret_object.go @@ -76,7 +76,7 @@ func resourceStackGuardianSecretAPIImport(d *schema.ResourceData, meta interface d.Set("data", fmt.Sprintf(`{ "id": "%s" }`, id)) d.SetId(id) - obj, err := make_api_object_stack(d, meta) + obj, err := make_api_object_secret_read(d, meta) if err != nil { return imported, err } From 0512a6139f9135a47754bd14613acd03613b6bcd Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Wed, 27 Mar 2024 20:24:10 +0100 Subject: [PATCH 12/33] Add API_URI as parameter to Provider --- internal/provider/provider.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/internal/provider/provider.go b/internal/provider/provider.go index dfe77b3..e2c74e5 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -8,9 +8,17 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" ) +const default_api_uri = "https://api.app.stackguardian.io/api/v1/" + func Provider() *schema.Provider { return &schema.Provider{ Schema: map[string]*schema.Schema{ + "api_uri": { + Type: schema.TypeString, + Required: true, + DefaultFunc: schema.EnvDefaultFunc("STACKGUARDIAN_API_URI", default_api_uri), + Description: "Api Uri to use as base for StackGuardian API", + }, "org_name": { Type: schema.TypeString, Required: true, @@ -53,7 +61,7 @@ func Provider() *schema.Provider { func configureProvider(d *schema.ResourceData) (interface{}, error) { opt := &apiClientOpt{ - api_uri: "https://api.app.stackguardian.io/api/v1/", + api_uri: d.Get("api_uri").(string), org_name: d.Get("org_name").(string), headers: map[string]string{ "Authorization": "apikey " + d.Get("api_key").(string), From c8a104021fd98eff5c178c831f7f02b6cc2d8f0b Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Wed, 27 Mar 2024 20:26:04 +0100 Subject: [PATCH 13/33] Fix quickstart Example with WF template on STG & PRD --- docs/guides/quickstart/stackguardian_workflow.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/guides/quickstart/stackguardian_workflow.tf b/docs/guides/quickstart/stackguardian_workflow.tf index eca02fb..10ef646 100644 --- a/docs/guides/quickstart/stackguardian_workflow.tf +++ b/docs/guides/quickstart/stackguardian_workflow.tf @@ -38,7 +38,7 @@ resource "stackguardian_workflow" "TPS-Example-Workflow_WebsiteS3-T000000" { "iacVCSConfig": { "useMarketplaceTemplate": true, "iacTemplate": "/stackguardian/aws-s3-demo-website", - "iacTemplateId": "/stackguardian/aws-s3-demo-website:11" + "iacTemplateId": "/stackguardian/aws-s3-demo-website:4" }, "iacInputData": { "schemaType": "FORM_JSONSCHEMA", From 2d30c0b248463a35e0ae1e0b80a3cbffc30e7c50 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Wed, 27 Mar 2024 20:31:54 +0100 Subject: [PATCH 14/33] Add WF-Group to Quickstart example --- docs/guides/quickstart/stackguardian_workflow.tf | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/docs/guides/quickstart/stackguardian_workflow.tf b/docs/guides/quickstart/stackguardian_workflow.tf index 10ef646..0f5f08c 100644 --- a/docs/guides/quickstart/stackguardian_workflow.tf +++ b/docs/guides/quickstart/stackguardian_workflow.tf @@ -17,14 +17,22 @@ $ export STACKGUARDIAN_ORG_NAME="YOUR_SG_ORG" $ export STACKGUARDIAN_API_KEY="YOUR_SG_KEY" ``` */ -provider "stackguardian" {} + +resource "stackguardian_workflow_group" "TPS-Quickstart-T000000" { + data = jsonencode({ + "ResourceName" : "TPS-Quickstart-T000000", + "Description" : "Example of StackGuardian Workflow Group", + "Tags" : ["tf-provider-example"], + "IsActive" : 1, + }) +} -resource "stackguardian_workflow" "TPS-Example-Workflow_WebsiteS3-T000000" { - wfgrp = "TPS-Test" +resource "stackguardian_workflow" "TPS-Quickstart-Workflow_WebsiteS3-T000000" { + wfgrp = stackguardian_workflow_group.TPS-Quickstart-T000000.id data = jsonencode({ - "ResourceName": "TPS-Example-Workflow_WebsiteS3-T000000", + "ResourceName": "TPS-Quickstart-Workflow_WebsiteS3-T000000", "Description": "Example of StackGuardian Workflow: Deploy a website from AWS S3", "Tags": ["tf-provider-example"], "EnvironmentVariables": [], From 392e62ac4ad7f101aee986280ac36da03881b5ee Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Thu, 28 Mar 2024 14:45:49 +0100 Subject: [PATCH 15/33] Fix unit Tests for prd/stg envs --- internal/provider/connector_cloud_object_test.go | 2 +- internal/provider/connector_vcs_object_test.go | 2 +- internal/provider/role_object_test.go | 2 +- internal/provider/workflow_object_test.go | 2 +- internal/provider/workflow_outputs_object_test.go | 1 + 5 files changed, 5 insertions(+), 4 deletions(-) diff --git a/internal/provider/connector_cloud_object_test.go b/internal/provider/connector_cloud_object_test.go index 8c0d82c..b60a62b 100644 --- a/internal/provider/connector_cloud_object_test.go +++ b/internal/provider/connector_cloud_object_test.go @@ -28,7 +28,7 @@ resource "stackguardian_connector_cloud" "TPS-Test-ConnectorCloud" { ` func TestAcc_ResourceSgConnectorCloud(t *testing.T) { - t.Skipf("TODO: Fix DELETE: deletion of ConnectorCloud resource is not possible with API Key") + //t.Skipf("TODO: Fix DELETE: deletion of ConnectorCloud resource is not possible with API Key") // TODO: clean after check in PROD resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, diff --git a/internal/provider/connector_vcs_object_test.go b/internal/provider/connector_vcs_object_test.go index 35962e0..2da99e4 100644 --- a/internal/provider/connector_vcs_object_test.go +++ b/internal/provider/connector_vcs_object_test.go @@ -27,7 +27,7 @@ resource "stackguardian_connector_vcs" "TPS-Test-ConnectorVcs" { ` func TestAcc_ResourceSgConnectorVcs(t *testing.T) { - t.Skipf("TODO: Fix DELETE: deletion of ConnectorVcs resource is not possible with API Key") + //t.Skipf("TODO: Fix DELETE: deletion of ConnectorVcs resource is not possible with API Key") // TODO: clean after check in PROD resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, diff --git a/internal/provider/role_object_test.go b/internal/provider/role_object_test.go index bef06ad..f9080de 100644 --- a/internal/provider/role_object_test.go +++ b/internal/provider/role_object_test.go @@ -11,7 +11,7 @@ resource "stackguardian_role" "TPS-Test-Role" { data = jsonencode({ "ResourceName": "TPS-Test-Role", - "Description": "Test of terraform-provider-stackguardian for Role", + //"Description": "Test of terraform-provider-stackguardian for Role", // TODO: Uncomment after fix in Frontend "Tags": ["tf-provider-test"], "Actions": [ "Action-1" diff --git a/internal/provider/workflow_object_test.go b/internal/provider/workflow_object_test.go index fc3d155..41c6021 100644 --- a/internal/provider/workflow_object_test.go +++ b/internal/provider/workflow_object_test.go @@ -25,7 +25,7 @@ resource "stackguardian_workflow" "TPS-Test-Workflow" { "iacVCSConfig": { "useMarketplaceTemplate": true, "iacTemplate": "/stackguardian/aws-s3-demo-website", - "iacTemplateId": "/stackguardian/aws-s3-demo-website:11" + "iacTemplateId": "/stackguardian/aws-s3-demo-website:4" }, "iacInputData": { "schemaType": "FORM_JSONSCHEMA", diff --git a/internal/provider/workflow_outputs_object_test.go b/internal/provider/workflow_outputs_object_test.go index 790efb5..60d634c 100644 --- a/internal/provider/workflow_outputs_object_test.go +++ b/internal/provider/workflow_outputs_object_test.go @@ -37,6 +37,7 @@ data "stackguardian_wf_output" "TPS-Test-Outputs" { ` func TestAcc_DatasourceSgWorkflowOutputs(t *testing.T) { + t.Skipf("TODO: Find identical WF for PRD and STG") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, From e2b7654cfbfec215579727860fc049a140ea787e Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Thu, 28 Mar 2024 15:00:19 +0100 Subject: [PATCH 16/33] Improve and Fix quickstart Example --- docs/guides/quickstart/stackguardian_workflow.tf | 6 +++++- docs/guides/quickstart/test-quickstart.sh | 9 +++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/docs/guides/quickstart/stackguardian_workflow.tf b/docs/guides/quickstart/stackguardian_workflow.tf index 0f5f08c..0321039 100644 --- a/docs/guides/quickstart/stackguardian_workflow.tf +++ b/docs/guides/quickstart/stackguardian_workflow.tf @@ -5,7 +5,7 @@ terraform { # https://developer.hashicorp.com/terraform/language/expressions/version-constraints#version-constraint-behavior # NOTE: A prerelease version can be selected only by an exact version constraint. - version = "0.1.0-rc1" #provider-version + version = "0.0.0-rc1" #provider-version } } } @@ -18,6 +18,10 @@ $ export STACKGUARDIAN_API_KEY="YOUR_SG_KEY" ``` */ +provider "stackguardian" {} + + + resource "stackguardian_workflow_group" "TPS-Quickstart-T000000" { data = jsonencode({ "ResourceName" : "TPS-Quickstart-T000000", diff --git a/docs/guides/quickstart/test-quickstart.sh b/docs/guides/quickstart/test-quickstart.sh index 85742b9..9a6455c 100644 --- a/docs/guides/quickstart/test-quickstart.sh +++ b/docs/guides/quickstart/test-quickstart.sh @@ -121,7 +121,16 @@ terraform providers terraform init terraform version +terraform validate + terraform plan + +terraform state list || true + terraform apply -auto-approve +terraform state list + sleep 10 + terraform destroy -auto-approve +terraform state list From 9ccf3f244affba553b0bbebb52c7d44caae09ff7 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Thu, 28 Mar 2024 14:47:14 +0100 Subject: [PATCH 17/33] Update GH Workflows --- .github/workflows/release.yaml | 8 +- .github/workflows/test-api-prd.yaml | 20 +++++ .github/workflows/test-api-stg.yaml | 19 +++++ .github/workflows/test-api.yaml | 121 ++++++++++++++++++++++++++++ .github/workflows/test.yaml | 28 +++++-- .gitignore | 2 + Makefile | 45 +++++++++-- 7 files changed, 226 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/test-api-prd.yaml create mode 100644 .github/workflows/test-api-stg.yaml create mode 100644 .github/workflows/test-api.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c5d2d68..8cc7ad4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -45,9 +45,9 @@ jobs: set -eu -x; TAG=${{ github.ref_name }}; VERSION=${TAG#v}; - make test-example ARGS="-v ${VERSION} -f github-release-draft"; + make test-examples-quickstart ARGS="-v ${VERSION} -f github-release-draft"; shell: bash env: - STACKGUARDIAN_API_KEY: ${{ secrets.STACKGUARDIAN_API_KEY }} - STACKGUARDIAN_ORG_NAME: ${{ secrets.STACKGUARDIAN_ORG_NAME }} - GH_TOKEN: ${{ github.token }} + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' + GH_TOKEN: '${{ github.token }}' diff --git a/.github/workflows/test-api-prd.yaml b/.github/workflows/test-api-prd.yaml new file mode 100644 index 0000000..0dfb5ef --- /dev/null +++ b/.github/workflows/test-api-prd.yaml @@ -0,0 +1,20 @@ +name: "Test API-PRD with TF-Provider" # for API High-Load with examples on API-PRD + +on: + # NOTE: Uncomment if needed later + #push: + # branches: + # - main + #schedule: + # - cron: '*/15 * 1-9,26-31 3,4 *' + workflow_dispatch: + +jobs: + + api_test: + name: "Test API-PRD with TF-Provider" + uses: ./.github/workflows/test-api.yaml + secrets: inherit + with: + gitref: main + testenv: PRD diff --git a/.github/workflows/test-api-stg.yaml b/.github/workflows/test-api-stg.yaml new file mode 100644 index 0000000..5d112b3 --- /dev/null +++ b/.github/workflows/test-api-stg.yaml @@ -0,0 +1,19 @@ +name: "Test API-STG with TF-Provider" # for API High-Load with examples on API-STG + +on: + push: + branches: + - devel + schedule: + - cron: '*/15 * 1-9,26-31 3,4 *' + workflow_dispatch: + +jobs: + + api_test: + name: "Test API-STG with TF-Provider" + uses: ./.github/workflows/test-api.yaml + secrets: inherit + with: + gitref: feature/example-onboarding-team + testenv: STG diff --git a/.github/workflows/test-api.yaml b/.github/workflows/test-api.yaml new file mode 100644 index 0000000..aec2c9b --- /dev/null +++ b/.github/workflows/test-api.yaml @@ -0,0 +1,121 @@ +name: "Test API with TF-Provider" # with examples on one API env + +on: + workflow_call: + inputs: + gitref: + type: string + default: 'devel' + required: true + testenv: + type: string + default: PRD + required: true + description: "STG|PRD" + +jobs: + + api_examples-test: + name: "Test API with Provider examples" + runs-on: ubuntu-latest + steps: + + - name: "Checkout code" + if: ${{ !env.ACT }} + uses: actions/checkout@v4 + with: + ref: '${{ inputs.gitref }}' + + - name: "Checkout code (local)" + if: env.ACT + uses: actions/checkout@v4 + + - name: "Verify checked-out code (local)" + if: ${{ env.ACT }} + run: | + git --no-pager show --stat; + git --no-pager status; + + - name: "Install Go" + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + + - name: "Install Terraform" + uses: hashicorp/setup-terraform@v3 + with: + terraform_wrapper: false + terraform_version: '1.5.7' + + - name: "Build Provider" + run: make build + + + ### --- testenv: STG ---------------------------------------------------- + + - name: "Test API-STG with Provider acceptance tests" + if: inputs.testenv=='STG' + run: make test-acc + env: + STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' + + - name: "Test API-STG with Provider quickstart example" + if: inputs.testenv=='STG' + run: | + set -eu -x; + make install; + make test-examples-quickstart ARGS="-f local-build"; + shell: bash + env: + STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' + + - name: "Test API-STG with Provider onboarding example" + if: inputs.testenv=='STG' + run: | + set -eu -x; + make install; + make test-examples-onboarding ARGS="-f local-build"; + shell: bash + env: + STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' + + + ### --- testenv: PRD ---------------------------------------------------- + + - name: "Test API-PRD with Provider acceptance tests" + if: inputs.testenv=='PRD' + run: make test-acc + env: + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' + + - name: "Test API-PRD with Provider quickstart example" + if: inputs.testenv=='PRD' + run: | + set -eu -x; + make install; + make test-examples-quickstart ARGS="-f local-build"; + shell: bash + env: + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' + + - name: "Test API-PRD with Provider onboarding example" + if: inputs.testenv=='PRD' + run: | + set -eu -x; + make install; + make test-examples-onboarding ARGS="-f local-build"; + shell: bash + env: + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index d8af8da..0b89051 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,10 +1,9 @@ -name: "Test TF-Provider on SG-Prod" +name: "Test TF-Provider on API-PROD" on: push: branches: - main - - devel # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request pull_request: branches: @@ -28,7 +27,7 @@ jobs: - name: "Install Go" uses: actions/setup-go@v5 with: - go-version: '1.21' + go-version-file: 'go.mod' - name: "Install Terraform" uses: hashicorp/setup-terraform@v3 @@ -42,18 +41,31 @@ jobs: - name: "Test Provider with acceptance tests" run: make test-acc env: - STACKGUARDIAN_API_KEY: ${{ secrets.STACKGUARDIAN_API_KEY }} - STACKGUARDIAN_ORG_NAME: ${{ secrets.STACKGUARDIAN_ORG_NAME }} + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' - name: "Test Provider with quickstart example" run: | set -eu -x; make install; - make test-example ARGS="-f local-build"; + make test-examples-quickstart ARGS="-f local-build"; shell: bash env: - STACKGUARDIAN_API_KEY: ${{ secrets.STACKGUARDIAN_API_KEY }} - STACKGUARDIAN_ORG_NAME: ${{ secrets.STACKGUARDIAN_ORG_NAME }} + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' + + - name: "Test Provider with onboarding example" + run: | + set -eu -x; + make install; + make test-examples-onboarding ARGS="-f local-build"; + shell: bash + env: + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' - name: "Check Provider docs" run: | diff --git a/.gitignore b/.gitignore index abb6d83..5f003c9 100644 --- a/.gitignore +++ b/.gitignore @@ -36,6 +36,8 @@ override.tf.json # Ignore CLI configuration files .terraformrc terraform.rc +examples/**.png +examples/**.dot # Terraform provider build files terraform-provider-stackguardian diff --git a/Makefile b/Makefile index 1c61af9..accbf9e 100644 --- a/Makefile +++ b/Makefile @@ -8,6 +8,13 @@ OS_ARCH=linux_amd64 default: install +clean: clean-examples + +clean-examples: + find examples/ -type d -name '.terraform' -exec rm -rv {} \+ + find examples/ -type f -name '.terraform.lock.hcl' -exec rm -v {} \+ + find examples/ -type f -regextype posix-extended -regex '.+.tfstate(.[[:digit:]]+)?(.backup)?' -exec rm -v {} \+ + build: go build -o ${BINARY} @@ -23,11 +30,14 @@ test: echo $(TEST) | xargs -t -n4 go test $(TESTARGS) -timeout=30s -parallel=4 test-acc: - TF_ACC=1 STACKGUARDIAN_ORG_NAME=wicked-hop go test -parallel=1 $(TEST) -v $(TESTARGS) -timeout=15m + TF_ACC=1 go test -parallel=1 $(TEST) -v $(TESTARGS) -timeout=15m -test-example: +test-examples-quickstart: bash docs/guides/quickstart/test-quickstart.sh $(ARGS) +test-examples-onboarding: + bash examples/onboarding_team_example/project-test/test-onboarding.sh $(ARGS) + docs-generate: mv docs/guides docs_guides tfplugindocs generate @@ -41,11 +51,36 @@ docs-validate: tools-install: cd tools; go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs -gh-workflow: +gh-workflow-test-provider: + act \ + --workflows ${PWD}/.github/workflows/test.yaml \ + --job provider-project_test \ + --secret STACKGUARDIAN_API_KEY=${SG_PRD_API_KEY} \ + --secret STACKGUARDIAN_ORG_NAME=${SG_PRD_ORG_NAME} \ + --secret SG_PRD_API_KEY=${SG_PRD_API_KEY} \ + --secret SG_PRD_ORG_NAME=${SG_PRD_ORG_NAME} \ + --secret SG_STG_API_URI=${SG_STG_API_URI} \ + --secret SG_STG_API_KEY=${SG_STG_API_KEY} \ + --secret SG_STG_ORG_NAME=${SG_STG_ORG_NAME} \ + push \ + ; + +gh-workflow-test-provider-mock-stg-as-prd: act \ --workflows ${PWD}/.github/workflows/test.yaml \ --job provider-project_test \ - --secret STACKGUARDIAN_ORG_NAME=${STACKGUARDIAN_ORG_NAME} \ - --secret STACKGUARDIAN_API_KEY=${STACKGUARDIAN_API_KEY} \ + --secret SG_PRD_API_URI=${SG_STG_API_URI} \ + --secret SG_PRD_API_KEY=${SG_STG_API_KEY} \ + --secret SG_PRD_ORG_NAME=${SG_STG_ORG_NAME} \ push \ ; + +# --local-repository StackGuardian/terraform-provider-stackguardian@devel=${PWD} \# +gh-workflow-test-api-stg: + act \ + --workflows ${PWD}/.github/workflows/test-api-stg.yaml \ + --secret SG_STG_API_URI=${SG_STG_API_URI} \ + --secret SG_STG_API_KEY=${SG_STG_API_KEY} \ + --secret SG_STG_ORG_NAME=${SG_STG_ORG_NAME} \ + workflow_dispatch \ + ; From 40722bde4bc1a49b5d4ad7f77878f96577c3873d Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 10:49:25 +0100 Subject: [PATCH 18/33] Fix WF-Outputs datasource name --- internal/provider/provider.go | 20 +++++++++---------- .../provider/workflow_outputs_object_test.go | 8 ++++---- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/internal/provider/provider.go b/internal/provider/provider.go index e2c74e5..ee1a027 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -44,16 +44,16 @@ func Provider() *schema.Provider { "stackguardian_secret": resourceStackGuardianSecretAPI(), }, DataSourcesMap: map[string]*schema.Resource{ - "stackguardian_workflow": dataSourceStackGuardianAPI(), - "stackguardian_workflow_group": dataSourceStackGuardianAPI(), - "stackguardian_stack": dataSourceStackGuardianAPI(), - "stackguardian_policy": dataSourceStackGuardianAPI(), - "stackguardian_integration": dataSourceStackGuardianAPI(), - "stackguardian_wf_output": dataSourceStackGuardianWorkflowOutputsAPI(), - "stackguardian_role": dataSourceStackGuardianAPI(), - "stackguardian_connector_cloud": dataSourceStackGuardianAPI(), - "stackguardian_connector_vcs": dataSourceStackGuardianAPI(), - "stackguardian_secret": dataSourceStackGuardianAPI(), + "stackguardian_workflow": dataSourceStackGuardianAPI(), + "stackguardian_workflow_group": dataSourceStackGuardianAPI(), + "stackguardian_stack": dataSourceStackGuardianAPI(), + "stackguardian_policy": dataSourceStackGuardianAPI(), + "stackguardian_integration": dataSourceStackGuardianAPI(), + "stackguardian_workflow_outputs": dataSourceStackGuardianWorkflowOutputsAPI(), + "stackguardian_role": dataSourceStackGuardianAPI(), + "stackguardian_connector_cloud": dataSourceStackGuardianAPI(), + "stackguardian_connector_vcs": dataSourceStackGuardianAPI(), + "stackguardian_secret": dataSourceStackGuardianAPI(), }, ConfigureFunc: configureProvider, } diff --git a/internal/provider/workflow_outputs_object_test.go b/internal/provider/workflow_outputs_object_test.go index 60d634c..9b61a1f 100644 --- a/internal/provider/workflow_outputs_object_test.go +++ b/internal/provider/workflow_outputs_object_test.go @@ -15,7 +15,7 @@ TODO: */ const testAccCheckSgWorkflowOutputsConfig = ` -data "stackguardian_wf_output" "TPS-Test-Outputs" { +data "stackguardian_workflow_outputs" "TPS-Test-Outputs" { # wfgrps/aws-dev-environments/wfs/wf-musical-coral?tab=outputs wfgrp = "aws-dev-environments" wf = "wf-musical-coral" @@ -23,16 +23,16 @@ data "stackguardian_wf_output" "TPS-Test-Outputs" { } output "website_url_from_mapstr" { - value = data.stackguardian_wf_output.TPS-Test-Outputs.outputs_str.sample_website_url + value = data.stackguardian_workflow_outputs.TPS-Test-Outputs.outputs_str.sample_website_url } output "website_url_from_json" { - value = jsondecode(data.stackguardian_wf_output.TPS-Test-Outputs.outputs_json).sample_website_url.value + value = jsondecode(data.stackguardian_workflow_outputs.TPS-Test-Outputs.outputs_json).sample_website_url.value } output "outputs_full_json" { - value = jsondecode(data.stackguardian_wf_output.TPS-Test-Outputs.outputs_json) + value = jsondecode(data.stackguardian_workflow_outputs.TPS-Test-Outputs.outputs_json) } ` From a582d972753d13770abe4d5a91c97c7d2fb1152e Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 10:50:21 +0100 Subject: [PATCH 19/33] Fix Provider parameters docs --- internal/provider/provider.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/provider/provider.go b/internal/provider/provider.go index ee1a027..362c045 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -17,19 +17,19 @@ func Provider() *schema.Provider { Type: schema.TypeString, Required: true, DefaultFunc: schema.EnvDefaultFunc("STACKGUARDIAN_API_URI", default_api_uri), - Description: "Api Uri to use as base for StackGuardian API", + Description: "Api Uri to set as prefix URL for StackGuardian API", }, "org_name": { Type: schema.TypeString, Required: true, DefaultFunc: schema.EnvDefaultFunc("STACKGUARDIAN_ORG_NAME", nil), - Description: "Organization Name created in STACKGUARDIAN", + Description: "Organization Name to use on StackGuardian API", }, "api_key": { Type: schema.TypeString, Required: true, DefaultFunc: schema.EnvDefaultFunc("STACKGUARDIAN_API_KEY", nil), - Description: "Api Key to Authenticate to StackGuardian API", + Description: "Api Key to authenticate on StackGuardian API", }, }, ResourcesMap: map[string]*schema.Resource{ From b9a2efe7486cdd561c2d0148f08714337ab4793f Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 10:51:07 +0100 Subject: [PATCH 20/33] Add link to API docs for documented resources --- internal/provider/connector_cloud_object.go | 2 +- internal/provider/connector_vcs_object.go | 2 +- internal/provider/integration_object.go | 2 +- internal/provider/policy_object.go | 2 +- internal/provider/role_object.go | 2 +- internal/provider/stack_object.go | 2 +- internal/provider/workflow_group_object.go | 2 +- internal/provider/workflow_object.go | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/internal/provider/connector_cloud_object.go b/internal/provider/connector_cloud_object.go index 899543e..6a7d4d0 100644 --- a/internal/provider/connector_cloud_object.go +++ b/internal/provider/connector_cloud_object.go @@ -32,7 +32,7 @@ func resourceStackGuardianConnectorCloudAPI() *schema.Resource { // }, "data": { Type: schema.TypeString, - Description: "Valid JSON data that this provider will manage with the API server.", + Description: "Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Integrations", Required: true, Sensitive: is_data_sensitive, }, diff --git a/internal/provider/connector_vcs_object.go b/internal/provider/connector_vcs_object.go index 6892bbc..cfb0280 100644 --- a/internal/provider/connector_vcs_object.go +++ b/internal/provider/connector_vcs_object.go @@ -32,7 +32,7 @@ func resourceStackGuardianConnectorVcsAPI() *schema.Resource { // }, "data": { Type: schema.TypeString, - Description: "Valid JSON data that this provider will manage with the API server.", + Description: "Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Integrations", Required: true, Sensitive: is_data_sensitive, }, diff --git a/internal/provider/integration_object.go b/internal/provider/integration_object.go index 369bd54..90ac2d3 100644 --- a/internal/provider/integration_object.go +++ b/internal/provider/integration_object.go @@ -27,7 +27,7 @@ func resourceStackGuardianIntegrationAPI() *schema.Resource { Schema: map[string]*schema.Schema{ "data": { Type: schema.TypeString, - Description: "Valid JSON data that this provider will manage with the API server.", + Description: "Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Integrations", Required: true, Sensitive: is_data_sensitive, }, diff --git a/internal/provider/policy_object.go b/internal/provider/policy_object.go index dd7fc8c..15c87ca 100644 --- a/internal/provider/policy_object.go +++ b/internal/provider/policy_object.go @@ -27,7 +27,7 @@ func resourceStackGuardianPolicyAPI() *schema.Resource { Schema: map[string]*schema.Schema{ "data": { Type: schema.TypeString, - Description: "Valid JSON data that this provider will manage with the API server.", + Description: "Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Policies", Required: true, Sensitive: is_data_sensitive, }, diff --git a/internal/provider/role_object.go b/internal/provider/role_object.go index 58e51d5..745b020 100644 --- a/internal/provider/role_object.go +++ b/internal/provider/role_object.go @@ -27,7 +27,7 @@ func resourceStackGuardianRoleAPI() *schema.Resource { Schema: map[string]*schema.Schema{ "data": { Type: schema.TypeString, - Description: "Valid JSON data that this provider will manage with the API server.", + Description: "Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Role", Required: true, Sensitive: is_data_sensitive, }, diff --git a/internal/provider/stack_object.go b/internal/provider/stack_object.go index 69b1a3f..f26af95 100644 --- a/internal/provider/stack_object.go +++ b/internal/provider/stack_object.go @@ -32,7 +32,7 @@ func resourceStackGuardianStackAPI() *schema.Resource { }, "data": { Type: schema.TypeString, - Description: "Valid JSON data that this provider will manage with the API server.", + Description: "Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Stacks", Required: true, Sensitive: is_data_sensitive, }, diff --git a/internal/provider/workflow_group_object.go b/internal/provider/workflow_group_object.go index 147e09a..e49eb17 100644 --- a/internal/provider/workflow_group_object.go +++ b/internal/provider/workflow_group_object.go @@ -27,7 +27,7 @@ func resourceStackGuardianWorkflowGroupAPI() *schema.Resource { Schema: map[string]*schema.Schema{ "data": { Type: schema.TypeString, - Description: "Valid JSON data that this provider will manage with the API server.", + Description: "Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Workflow-Groups", Required: true, Sensitive: is_data_sensitive, }, diff --git a/internal/provider/workflow_object.go b/internal/provider/workflow_object.go index 310408a..bfe2285 100644 --- a/internal/provider/workflow_object.go +++ b/internal/provider/workflow_object.go @@ -37,7 +37,7 @@ func resourceStackGuardianWorkflowAPI() *schema.Resource { }, "data": { Type: schema.TypeString, - Description: "Valid JSON data that this provider will manage with the API server.", + Description: "Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Workflows", Required: true, Sensitive: is_data_sensitive, }, From 33683477431f53057b434e13301d57567b3c260d Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 10:59:10 +0100 Subject: [PATCH 21/33] Transition docs towards templates based generation --- Makefile | 7 +- .../data-source.tf | 17 ++++ .../stackguardian_connector_cloud/resource.tf | 11 --- .../stackguardian_connector_vcs/resource.tf | 11 --- .../stackguardian_integration/resource.tf | 14 +-- .../stackguardian_policy/resource.tf | 7 ++ .../resources/stackguardian_role/resource.tf | 13 +-- .../stackguardian_secret/resource.tf | 11 --- .../resources/stackguardian_stack/resource.tf | 14 +-- .../stackguardian_workflow/resource.tf | 39 ++++++++ .../stackguardian_workflow_group/resource.tf | 8 ++ {examples => docs-guides-assets}/README.md | 0 docs-guides-assets/onboarding/.gitkeep | 0 .../quickstart/stackguardian_workflow.tf | 0 .../quickstart/test-quickstart.sh | 0 .../data-sources/connector_cloud.md.tmpl | 11 +++ .../data-sources/connector_vcs.md.tmpl | 11 +++ .../data-sources/integration.md.tmpl | 11 +++ docs-templates/data-sources/policy.md.tmpl | 11 +++ docs-templates/data-sources/role.md.tmpl | 11 +++ docs-templates/data-sources/secret.md.tmpl | 11 +++ docs-templates/data-sources/stack.md.tmpl | 11 +++ docs-templates/data-sources/workflow.md.tmpl | 11 +++ .../data-sources/workflow_group.md.tmpl | 11 +++ .../data-sources/workflow_outputs.md.tmpl | 15 ++++ docs-templates/guides/onboarding.md | 9 ++ .../guides}/quickstart.md | 2 +- docs-templates/index.md.tmpl | 11 +++ .../resources/connector_cloud.md.tmpl | 15 ++++ .../resources/connector_vcs.md.tmpl | 15 ++++ docs-templates/resources/integration.md.tmpl | 15 ++++ docs-templates/resources/policy.md.tmpl | 15 ++++ docs-templates/resources/role.md.tmpl | 15 ++++ docs-templates/resources/secret.md.tmpl | 15 ++++ docs-templates/resources/stack.md.tmpl | 15 ++++ docs-templates/resources/workflow.md.tmpl | 15 ++++ .../resources/workflow_group.md.tmpl | 15 ++++ docs/data-sources/integration.md | 35 -------- docs/data-sources/policy.md | 35 -------- docs/data-sources/stack.md | 35 -------- docs/data-sources/wf_output.md | 35 -------- docs/data-sources/workflow.md | 35 -------- docs/index.md | 21 ----- docs/resources/integration.md | 26 ------ docs/resources/policy.md | 26 ------ docs/resources/stack.md | 27 ------ docs/resources/workflow.md | 31 ------- examples/policy_example/policy.tf | 18 ---- examples/workflow_example/workflow.tf | 90 ------------------- .../workflow_group_example/workflow_group.tf | 19 ---- .../workflow_outputs.tf | 33 ------- 51 files changed, 346 insertions(+), 543 deletions(-) create mode 100644 docs-examples/data-sources/stackguardian_workflow_outputs/data-source.tf rename examples/connector_cloud_example/connector_cloud.tf => docs-examples/resources/stackguardian_connector_cloud/resource.tf (75%) rename examples/connector_vcs_example/connector_vcs.tf => docs-examples/resources/stackguardian_connector_vcs/resource.tf (74%) rename examples/integration_example/integration.tf => docs-examples/resources/stackguardian_integration/resource.tf (89%) create mode 100644 docs-examples/resources/stackguardian_policy/resource.tf rename examples/role_example/role.tf => docs-examples/resources/stackguardian_role/resource.tf (66%) rename examples/secret_example/secret.tf => docs-examples/resources/stackguardian_secret/resource.tf (51%) rename examples/stack_example/stack.tf => docs-examples/resources/stackguardian_stack/resource.tf (93%) create mode 100644 docs-examples/resources/stackguardian_workflow/resource.tf create mode 100644 docs-examples/resources/stackguardian_workflow_group/resource.tf rename {examples => docs-guides-assets}/README.md (100%) create mode 100644 docs-guides-assets/onboarding/.gitkeep rename {docs/guides => docs-guides-assets}/quickstart/stackguardian_workflow.tf (100%) rename {docs/guides => docs-guides-assets}/quickstart/test-quickstart.sh (100%) create mode 100644 docs-templates/data-sources/connector_cloud.md.tmpl create mode 100644 docs-templates/data-sources/connector_vcs.md.tmpl create mode 100644 docs-templates/data-sources/integration.md.tmpl create mode 100644 docs-templates/data-sources/policy.md.tmpl create mode 100644 docs-templates/data-sources/role.md.tmpl create mode 100644 docs-templates/data-sources/secret.md.tmpl create mode 100644 docs-templates/data-sources/stack.md.tmpl create mode 100644 docs-templates/data-sources/workflow.md.tmpl create mode 100644 docs-templates/data-sources/workflow_group.md.tmpl create mode 100644 docs-templates/data-sources/workflow_outputs.md.tmpl create mode 100644 docs-templates/guides/onboarding.md rename {docs/guides/quickstart => docs-templates/guides}/quickstart.md (99%) create mode 100644 docs-templates/index.md.tmpl create mode 100644 docs-templates/resources/connector_cloud.md.tmpl create mode 100644 docs-templates/resources/connector_vcs.md.tmpl create mode 100644 docs-templates/resources/integration.md.tmpl create mode 100644 docs-templates/resources/policy.md.tmpl create mode 100644 docs-templates/resources/role.md.tmpl create mode 100644 docs-templates/resources/secret.md.tmpl create mode 100644 docs-templates/resources/stack.md.tmpl create mode 100644 docs-templates/resources/workflow.md.tmpl create mode 100644 docs-templates/resources/workflow_group.md.tmpl delete mode 100644 docs/data-sources/integration.md delete mode 100644 docs/data-sources/policy.md delete mode 100644 docs/data-sources/stack.md delete mode 100644 docs/data-sources/wf_output.md delete mode 100644 docs/data-sources/workflow.md delete mode 100644 docs/index.md delete mode 100644 docs/resources/integration.md delete mode 100644 docs/resources/policy.md delete mode 100644 docs/resources/stack.md delete mode 100644 docs/resources/workflow.md delete mode 100644 examples/policy_example/policy.tf delete mode 100644 examples/workflow_example/workflow.tf delete mode 100644 examples/workflow_group_example/workflow_group.tf delete mode 100644 examples/workflow_outputs_example/workflow_outputs.tf diff --git a/Makefile b/Makefile index accbf9e..4569272 100644 --- a/Makefile +++ b/Makefile @@ -39,14 +39,11 @@ test-examples-onboarding: bash examples/onboarding_team_example/project-test/test-onboarding.sh $(ARGS) docs-generate: - mv docs/guides docs_guides - tfplugindocs generate - mv docs_guides docs/guides + tfplugindocs generate \ + --website-source-dir docs-templates docs-validate: - mv docs/guides docs_guides tfplugindocs validate - mv docs_guides docs/guides tools-install: cd tools; go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs diff --git a/docs-examples/data-sources/stackguardian_workflow_outputs/data-source.tf b/docs-examples/data-sources/stackguardian_workflow_outputs/data-source.tf new file mode 100644 index 0000000..db50ffc --- /dev/null +++ b/docs-examples/data-sources/stackguardian_workflow_outputs/data-source.tf @@ -0,0 +1,17 @@ +data "stackguardian_workflow_outputs" "TPS-Example-WorkflowOutputs" { + wfgrp = "aws-dev-environments" + wf = "wf-musical-coral" + // stack = "test-stack-1" // optionally +} + +output "website_url_from_mapstr" { + value = data.stackguardian_workflow_outputs.TPS-Example-WorkflowOutputs.outputs_str.sample_website_url +} + +output "website_url_from_json" { + value = jsondecode(data.stackguardian_workflow_outputs.TPS-Example-WorkflowOutputs.outputs_json).sample_website_url.value +} + +output "outputs_full_json" { + value = jsondecode(data.stackguardian_workflow_outputs.TPS-Example-WorkflowOutputs.outputs_json) +} diff --git a/examples/connector_cloud_example/connector_cloud.tf b/docs-examples/resources/stackguardian_connector_cloud/resource.tf similarity index 75% rename from examples/connector_cloud_example/connector_cloud.tf rename to docs-examples/resources/stackguardian_connector_cloud/resource.tf index f30e68c..842164c 100644 --- a/examples/connector_cloud_example/connector_cloud.tf +++ b/docs-examples/resources/stackguardian_connector_cloud/resource.tf @@ -1,14 +1,3 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" {} - resource "stackguardian_connector_cloud" "TPS-Example-ConnectorCloud" { // integrationgroup = "TPS-Example" data = jsonencode({ diff --git a/examples/connector_vcs_example/connector_vcs.tf b/docs-examples/resources/stackguardian_connector_vcs/resource.tf similarity index 74% rename from examples/connector_vcs_example/connector_vcs.tf rename to docs-examples/resources/stackguardian_connector_vcs/resource.tf index dddb83e..d8b3c80 100644 --- a/examples/connector_vcs_example/connector_vcs.tf +++ b/docs-examples/resources/stackguardian_connector_vcs/resource.tf @@ -1,14 +1,3 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" {} - resource "stackguardian_connector_vcs" "TPS-Example-ConnectorVcs" { // integrationgroup = "TPS-Example" data = jsonencode({ diff --git a/examples/integration_example/integration.tf b/docs-examples/resources/stackguardian_integration/resource.tf similarity index 89% rename from examples/integration_example/integration.tf rename to docs-examples/resources/stackguardian_integration/resource.tf index c5ee266..b761da2 100644 --- a/examples/integration_example/integration.tf +++ b/docs-examples/resources/stackguardian_integration/resource.tf @@ -1,16 +1,4 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" { - org_name = "---" // TBD - api_key = "---" // TBD -} +// TODO / FIXME resource "stackguardian_integration" "aws-static-integ" { data = jsonencode({ diff --git a/docs-examples/resources/stackguardian_policy/resource.tf b/docs-examples/resources/stackguardian_policy/resource.tf new file mode 100644 index 0000000..a129e67 --- /dev/null +++ b/docs-examples/resources/stackguardian_policy/resource.tf @@ -0,0 +1,7 @@ +resource "stackguardian_policy" "TPS-Example-Policy" { + data = jsonencode({ + "ResourceName" : "TPS-Example-Policy", + "Description" : "Example of terraform-provider-stackguardian for Policy", + "Tags" : ["tf-provider-example"] + }) +} diff --git a/examples/role_example/role.tf b/docs-examples/resources/stackguardian_role/resource.tf similarity index 66% rename from examples/role_example/role.tf rename to docs-examples/resources/stackguardian_role/resource.tf index acce5c4..d8057de 100644 --- a/examples/role_example/role.tf +++ b/docs-examples/resources/stackguardian_role/resource.tf @@ -1,21 +1,10 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" {} - resource "stackguardian_role" "TPS-Example-Role" { data = jsonencode({ "ResourceName" : "TPS-Example-Role", "Description" : "Example of terraform-provider-stackguardian for Role", "Tags" : ["tf-provider-example"], "Actions" : [ - "Action-1" + "Org-Name-1" ], "AllowedPermissions" : { "Permission-key-1" : "Permission-val-1", diff --git a/examples/secret_example/secret.tf b/docs-examples/resources/stackguardian_secret/resource.tf similarity index 51% rename from examples/secret_example/secret.tf rename to docs-examples/resources/stackguardian_secret/resource.tf index e8f4074..66e6e83 100644 --- a/examples/secret_example/secret.tf +++ b/docs-examples/resources/stackguardian_secret/resource.tf @@ -1,14 +1,3 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" {} - resource "stackguardian_secret" "TPS-Example-Secret-Name" { data = jsonencode({ "ResourceName" : "TPS-Example-Secret-Name", diff --git a/examples/stack_example/stack.tf b/docs-examples/resources/stackguardian_stack/resource.tf similarity index 93% rename from examples/stack_example/stack.tf rename to docs-examples/resources/stackguardian_stack/resource.tf index 8a747f9..93bc2f3 100644 --- a/examples/stack_example/stack.tf +++ b/docs-examples/resources/stackguardian_stack/resource.tf @@ -1,16 +1,4 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" { - org_name = "---" // TBD - api_key = "---" // TBD -} +// TODO / FIXME resource "stackguardian_stack" "TestStack" { wfgrp = "Firstworkflow" diff --git a/docs-examples/resources/stackguardian_workflow/resource.tf b/docs-examples/resources/stackguardian_workflow/resource.tf new file mode 100644 index 0000000..b64ccbb --- /dev/null +++ b/docs-examples/resources/stackguardian_workflow/resource.tf @@ -0,0 +1,39 @@ +// TODO / FIXME + +resource "stackguardian_workflow" "TPS-Example-Workflow" { + wfgrp = "TPS-Example" + + data = jsonencode({ + "ResourceName": "TPS-Example-Workflow", + "Description": "Example of terraform-provider-stackguardian for Workflow: Deploy a website from AWS S3", + "Tags": ["tf-provider-example"], + "EnvironmentVariables": [], + "DeploymentPlatformConfig": [{ + "kind": "AWS_RBAC", + "config": { + "integrationId": "/integrations/aws" + } + }], + "VCSConfig": { + "iacVCSConfig": { + "useMarketplaceTemplate": true, + "iacTemplate": "/stackguardian/aws-s3-demo-website", + "iacTemplateId": "/stackguardian/aws-s3-demo-website:4" + }, + "iacInputData": { + "schemaType": "FORM_JSONSCHEMA", + "data": { + "shop_name": "StackGuardian", + "bucket_region": "eu-central-1" + } + } + }, + "Approvers": [], + "TerraformConfig": { + "managedTerraformState": true, + "terraformVersion": "1.4.6" + }, + "WfType": "TERRAFORM", + "UserSchedules": [] + }) +} diff --git a/docs-examples/resources/stackguardian_workflow_group/resource.tf b/docs-examples/resources/stackguardian_workflow_group/resource.tf new file mode 100644 index 0000000..662a8fc --- /dev/null +++ b/docs-examples/resources/stackguardian_workflow_group/resource.tf @@ -0,0 +1,8 @@ +resource "stackguardian_workflow_group" "TPS-Example-WorkflowGroup" { + data = jsonencode({ + "ResourceName" : "TPS-Example", + "Description" : "Example of terraform-provider-stackguardian for WorkflowGroup", + "Tags" : ["tf-provider-example"], + "IsActive" : 1, + }) +} diff --git a/examples/README.md b/docs-guides-assets/README.md similarity index 100% rename from examples/README.md rename to docs-guides-assets/README.md diff --git a/docs-guides-assets/onboarding/.gitkeep b/docs-guides-assets/onboarding/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/docs/guides/quickstart/stackguardian_workflow.tf b/docs-guides-assets/quickstart/stackguardian_workflow.tf similarity index 100% rename from docs/guides/quickstart/stackguardian_workflow.tf rename to docs-guides-assets/quickstart/stackguardian_workflow.tf diff --git a/docs/guides/quickstart/test-quickstart.sh b/docs-guides-assets/quickstart/test-quickstart.sh similarity index 100% rename from docs/guides/quickstart/test-quickstart.sh rename to docs-guides-assets/quickstart/test-quickstart.sh diff --git a/docs-templates/data-sources/connector_cloud.md.tmpl b/docs-templates/data-sources/connector_cloud.md.tmpl new file mode 100644 index 0000000..5ed2b56 --- /dev/null +++ b/docs-templates/data-sources/connector_cloud.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_connector_cloud Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_connector_cloud (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/connector_vcs.md.tmpl b/docs-templates/data-sources/connector_vcs.md.tmpl new file mode 100644 index 0000000..8dfd384 --- /dev/null +++ b/docs-templates/data-sources/connector_vcs.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_connector_vcs Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_connector_vcs (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/integration.md.tmpl b/docs-templates/data-sources/integration.md.tmpl new file mode 100644 index 0000000..a3e0012 --- /dev/null +++ b/docs-templates/data-sources/integration.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_integration Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_integration (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/policy.md.tmpl b/docs-templates/data-sources/policy.md.tmpl new file mode 100644 index 0000000..1305236 --- /dev/null +++ b/docs-templates/data-sources/policy.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_policy Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_policy (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/role.md.tmpl b/docs-templates/data-sources/role.md.tmpl new file mode 100644 index 0000000..5dfd904 --- /dev/null +++ b/docs-templates/data-sources/role.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_role Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_role (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/secret.md.tmpl b/docs-templates/data-sources/secret.md.tmpl new file mode 100644 index 0000000..874b582 --- /dev/null +++ b/docs-templates/data-sources/secret.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_secret Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_secret (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/stack.md.tmpl b/docs-templates/data-sources/stack.md.tmpl new file mode 100644 index 0000000..3b8a046 --- /dev/null +++ b/docs-templates/data-sources/stack.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_stack Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_stack (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/workflow.md.tmpl b/docs-templates/data-sources/workflow.md.tmpl new file mode 100644 index 0000000..1c40965 --- /dev/null +++ b/docs-templates/data-sources/workflow.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/workflow_group.md.tmpl b/docs-templates/data-sources/workflow_group.md.tmpl new file mode 100644 index 0000000..7a372e0 --- /dev/null +++ b/docs-templates/data-sources/workflow_group.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow_group Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow_group (Data Source) + +{{ .SchemaMarkdown }} diff --git a/docs-templates/data-sources/workflow_outputs.md.tmpl b/docs-templates/data-sources/workflow_outputs.md.tmpl new file mode 100644 index 0000000..310f506 --- /dev/null +++ b/docs-templates/data-sources/workflow_outputs.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow_outputs Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow_outputs (Data Source) + +## Example Usage + +{{tffile "docs-examples/data-sources/stackguardian_workflow_outputs/data-source.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/guides/onboarding.md b/docs-templates/guides/onboarding.md new file mode 100644 index 0000000..3a6ae20 --- /dev/null +++ b/docs-templates/guides/onboarding.md @@ -0,0 +1,9 @@ +--- +page_title: "Team Onboarding" +subcategory: "" # Quickstart +--- + + +# Team Onboarding with the StackGuardian Provider + +Please refer to the onboarding examples files available at: https://github.com/StackGuardian/terraform-provider-stackguardian/blob/main/docs-guides-assets/onboarding/ diff --git a/docs/guides/quickstart/quickstart.md b/docs-templates/guides/quickstart.md similarity index 99% rename from docs/guides/quickstart/quickstart.md rename to docs-templates/guides/quickstart.md index e23925a..6112b79 100644 --- a/docs/guides/quickstart/quickstart.md +++ b/docs-templates/guides/quickstart.md @@ -1,6 +1,6 @@ --- page_title: "Setup & Example Test - step by step" -subcategory: "Quickstart" +subcategory: "" # Quickstart --- diff --git a/docs-templates/index.md.tmpl b/docs-templates/index.md.tmpl new file mode 100644 index 0000000..f0b4145 --- /dev/null +++ b/docs-templates/index.md.tmpl @@ -0,0 +1,11 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian Provider" +subcategory: "" +description: |- + +--- + +# stackguardian Provider + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/connector_cloud.md.tmpl b/docs-templates/resources/connector_cloud.md.tmpl new file mode 100644 index 0000000..def125d --- /dev/null +++ b/docs-templates/resources/connector_cloud.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_connector_cloud Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_connector_cloud (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_connector_cloud/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/connector_vcs.md.tmpl b/docs-templates/resources/connector_vcs.md.tmpl new file mode 100644 index 0000000..a51eed3 --- /dev/null +++ b/docs-templates/resources/connector_vcs.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_connector_vcs Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_connector_vcs (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_connector_vcs/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/integration.md.tmpl b/docs-templates/resources/integration.md.tmpl new file mode 100644 index 0000000..9c6254e --- /dev/null +++ b/docs-templates/resources/integration.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_integration Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_integration (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_integration/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/policy.md.tmpl b/docs-templates/resources/policy.md.tmpl new file mode 100644 index 0000000..a81d5c0 --- /dev/null +++ b/docs-templates/resources/policy.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_policy Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_policy (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_policy/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/role.md.tmpl b/docs-templates/resources/role.md.tmpl new file mode 100644 index 0000000..f7ea2da --- /dev/null +++ b/docs-templates/resources/role.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_role Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_role (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_role/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/secret.md.tmpl b/docs-templates/resources/secret.md.tmpl new file mode 100644 index 0000000..4e532fa --- /dev/null +++ b/docs-templates/resources/secret.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_secret Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_secret (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_secret/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/stack.md.tmpl b/docs-templates/resources/stack.md.tmpl new file mode 100644 index 0000000..325acab --- /dev/null +++ b/docs-templates/resources/stack.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_stack Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_stack (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_stack/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/workflow.md.tmpl b/docs-templates/resources/workflow.md.tmpl new file mode 100644 index 0000000..dbfc11b --- /dev/null +++ b/docs-templates/resources/workflow.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_workflow/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs-templates/resources/workflow_group.md.tmpl b/docs-templates/resources/workflow_group.md.tmpl new file mode 100644 index 0000000..7c888f3 --- /dev/null +++ b/docs-templates/resources/workflow_group.md.tmpl @@ -0,0 +1,15 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow_group Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow_group (Resource) + +## Example Usage + +{{tffile "docs-examples/resources/stackguardian_workflow_group/resource.tf"}} + +{{ .SchemaMarkdown }} diff --git a/docs/data-sources/integration.md b/docs/data-sources/integration.md deleted file mode 100644 index 91d09ba..0000000 --- a/docs/data-sources/integration.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_integration Data Source - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_integration (Data Source) - - - - - - -## Schema - -### Required - -- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. -- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. -- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. - -### Optional - -- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. -- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) -- `query_string` (String) An optional query string to send when performing the search. -- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `id` (String) The ID of this resource. diff --git a/docs/data-sources/policy.md b/docs/data-sources/policy.md deleted file mode 100644 index ec0e433..0000000 --- a/docs/data-sources/policy.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_policy Data Source - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_policy (Data Source) - - - - - - -## Schema - -### Required - -- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. -- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. -- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. - -### Optional - -- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. -- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) -- `query_string` (String) An optional query string to send when performing the search. -- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `id` (String) The ID of this resource. diff --git a/docs/data-sources/stack.md b/docs/data-sources/stack.md deleted file mode 100644 index b62e64e..0000000 --- a/docs/data-sources/stack.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_stack Data Source - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_stack (Data Source) - - - - - - -## Schema - -### Required - -- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. -- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. -- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. - -### Optional - -- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. -- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) -- `query_string` (String) An optional query string to send when performing the search. -- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `id` (String) The ID of this resource. diff --git a/docs/data-sources/wf_output.md b/docs/data-sources/wf_output.md deleted file mode 100644 index 94a0b37..0000000 --- a/docs/data-sources/wf_output.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_wf_output Data Source - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_wf_output (Data Source) - - - - - - -## Schema - -### Required - -- `wf` (String) WorkFlow Name -- `wfgrp` (String) WorkFlow Group Name - -### Optional - -- `stack` (String) Stack name - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `id` (String) The ID of this resource. -- `msg` (String) Message from API -- `outputs_json` (String) -- `outputs_str` (Map of String) diff --git a/docs/data-sources/workflow.md b/docs/data-sources/workflow.md deleted file mode 100644 index e270e20..0000000 --- a/docs/data-sources/workflow.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_workflow Data Source - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_workflow (Data Source) - - - - - - -## Schema - -### Required - -- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. -- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. -- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. - -### Optional - -- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. -- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) -- `query_string` (String) An optional query string to send when performing the search. -- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `id` (String) The ID of this resource. diff --git a/docs/index.md b/docs/index.md deleted file mode 100644 index 09faf4b..0000000 --- a/docs/index.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian Provider" -subcategory: "" -description: |- - ---- - -# stackguardian Provider - - - - - - -## Schema - -### Optional - -- `api_key` (String) Api Key to Authenticate to StackGuardian API -- `org_name` (String) Organization Name created in STACKGUARDIAN diff --git a/docs/resources/integration.md b/docs/resources/integration.md deleted file mode 100644 index 8e92b51..0000000 --- a/docs/resources/integration.md +++ /dev/null @@ -1,26 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_integration Resource - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_integration (Resource) - - - - - - -## Schema - -### Required - -- `data` (String) Valid JSON data that this provider will manage with the API server. - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `id` (String) The ID of this resource. diff --git a/docs/resources/policy.md b/docs/resources/policy.md deleted file mode 100644 index 7910840..0000000 --- a/docs/resources/policy.md +++ /dev/null @@ -1,26 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_policy Resource - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_policy (Resource) - - - - - - -## Schema - -### Required - -- `data` (String) Valid JSON data that this provider will manage with the API server. - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `id` (String) The ID of this resource. diff --git a/docs/resources/stack.md b/docs/resources/stack.md deleted file mode 100644 index e4c51dc..0000000 --- a/docs/resources/stack.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_stack Resource - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_stack (Resource) - - - - - - -## Schema - -### Required - -- `data` (String) Valid JSON data that this provider will manage with the API server. -- `wfgrp` (String) WorkFlow Group Name - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `id` (String) The ID of this resource. diff --git a/docs/resources/workflow.md b/docs/resources/workflow.md deleted file mode 100644 index 627d14f..0000000 --- a/docs/resources/workflow.md +++ /dev/null @@ -1,31 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "stackguardian_workflow Resource - terraform-provider-stackguardian" -subcategory: "" -description: |- - ---- - -# stackguardian_workflow (Resource) - - - - - - -## Schema - -### Required - -- `data` (String) Valid JSON data that this provider will manage with the API server. -- `wfgrp` (String) WorkFlow Group Name - -### Optional - -- `stack` (String) stack name - -### Read-Only - -- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). -- `api_response` (String) The raw body of the HTTP response from the last read of the object. -- `id` (String) The ID of this resource. diff --git a/examples/policy_example/policy.tf b/examples/policy_example/policy.tf deleted file mode 100644 index 975ef4e..0000000 --- a/examples/policy_example/policy.tf +++ /dev/null @@ -1,18 +0,0 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" {} - -resource "stackguardian_policy" "TPS-Example-Policy" { - data = jsonencode({ - "ResourceName" : "TPS-Example-Policy", - "Description" : "Example of terraform-provider-stackguardian for Policy", - "Tags" : ["tf-provider-example", "example", "policy"] - }) -} diff --git a/examples/workflow_example/workflow.tf b/examples/workflow_example/workflow.tf deleted file mode 100644 index a573358..0000000 --- a/examples/workflow_example/workflow.tf +++ /dev/null @@ -1,90 +0,0 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" { - org_name = "---" // TBD - api_key = "---" // TBD -} - -resource "stackguardian_workflow" "Test" { - wfgrp = "Firstworkflow" - # stack ="example" optional - data = jsonencode({ - "ResourceName" : "Test", - "wfgrpName" : "Firstworkflow", - "Description" : "test to send to Firas updated 8", - "Tags" : [], - "EnvironmentVariables" : [], - "DeploymentPlatformConfig" : [{ - "kind" : "AZURE_STATIC", - "config" : { - "integrationId" : "/integrations/azure", - "profileName" : "azure" - } - }], - "RunnerConstraints" : { - "type" : "shared" - }, - "VCSConfig" : { - "iacVCSConfig" : { - "useMarketplaceTemplate" : true, - "iacTemplate" : "/stackguardian/aws-s3-demo-website", - "iacTemplateId" : "/stackguardian/aws-s3-demo-website:11" - }, - "iacInputData" : { - "schemaType" : "FORM_JSONSCHEMA", - "data" : { - "shop_name" : "StackGuardian", - "bucket_region" : "eu-central-1", - "s3_bucket_acl" : "public-read", - "s3_bucket_force_destroy" : true, - "s3_bucket_block_public_acls" : false, - "s3_bucket_block_public_policy" : false, - "s3_bucket_ignore_public_acls" : false, - "s3_bucket_restrict_public_buckets" : false, - "s3_bucket_tags" : { - "Owner" : "stackguardian" - }, - "s3_bucket_versioning" : { - "enabled" : true, - "mfa_delete" : false - } - } - } - }, - "MiniSteps" : { - "wfChaining" : { - "ERRORED" : [], - "COMPLETED" : [] - }, - "notifications" : { - "email" : { - "ERRORED" : [], - "COMPLETED" : [], - "APPROVAL_REQUIRED" : [], - "CANCELLED" : [] - } - } - }, - "Approvers" : [], - "TerraformConfig" : { - "managedTerraformState" : true, - "terraformVersion" : "1.4.6" - }, - "WfType" : "TERRAFORM", - "GitHubComSync" : { - "pull_request_opened" : { - "createWfRun" : { - "enabled" : false - } - } - }, - "UserSchedules" : [] - }) -} diff --git a/examples/workflow_group_example/workflow_group.tf b/examples/workflow_group_example/workflow_group.tf deleted file mode 100644 index 63aefc7..0000000 --- a/examples/workflow_group_example/workflow_group.tf +++ /dev/null @@ -1,19 +0,0 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" {} - -resource "stackguardian_workflow_group" "TPS-Example-WorkflowGroup" { - data = jsonencode({ - "ResourceName" : "TPS-Example-WorkflowGroup", - "Description" : "Example of terraform-provider-stackguardian for WorkflowGroup", - "Tags" : ["tf-provider-"], - "IsActive" : 1, - }) -} diff --git a/examples/workflow_outputs_example/workflow_outputs.tf b/examples/workflow_outputs_example/workflow_outputs.tf deleted file mode 100644 index f71561a..0000000 --- a/examples/workflow_outputs_example/workflow_outputs.tf +++ /dev/null @@ -1,33 +0,0 @@ -terraform { - required_providers { - stackguardian = { - source = "terraform/provider/stackguardian" - version = "0.0.0-dev" - } - } -} - -provider "stackguardian" { - org_name = "wicked-hop" - // api_key must be picked up from the var env STACKGUARDIAN_API_KEY -} - -data "stackguardian_wf_output" "wf-test-1" { - # wfgrps/aws-dev-environments/wfs/wf-musical-coral?tab=outputs - wfgrp = "aws-dev-environments" - wf = "wf-musical-coral" - // stack = "test-stack-1" // optionally -} - -output "website_url_from_mapstr" { - value = data.stackguardian_wf_output.wf-test-1.outputs_str.sample_website_url -} - - -output "website_url_from_json" { - value = jsondecode(data.stackguardian_wf_output.wf-test-1.outputs_json).sample_website_url.value -} - -output "outputs_full_json" { - value = jsondecode(data.stackguardian_wf_output.wf-test-1.outputs_json) -} From 7c6e9882ca81261a505a840a68a9a2861b49482f Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 11:01:12 +0100 Subject: [PATCH 22/33] Add newly generated docs --- docs/data-sources/connector_cloud.md | 33 +++++ docs/data-sources/connector_vcs.md | 33 +++++ docs/data-sources/integration.md | 33 +++++ docs/data-sources/policy.md | 33 +++++ docs/data-sources/role.md | 33 +++++ docs/data-sources/secret.md | 33 +++++ docs/data-sources/stack.md | 33 +++++ docs/data-sources/workflow.md | 33 +++++ docs/data-sources/workflow_group.md | 33 +++++ docs/data-sources/workflow_outputs.md | 55 ++++++++ docs/guides/onboarding.md | 9 ++ docs/guides/quickstart.md | 185 +++++++++++++++++++++++++ docs/index.md | 20 +++ docs/resources/connector_cloud.md | 47 +++++++ docs/resources/connector_vcs.md | 46 +++++++ docs/resources/integration.md | 126 +++++++++++++++++ docs/resources/policy.md | 36 +++++ docs/resources/role.md | 43 ++++++ docs/resources/secret.md | 35 +++++ docs/resources/stack.md | 191 ++++++++++++++++++++++++++ docs/resources/workflow.md | 73 ++++++++++ docs/resources/workflow_group.md | 37 +++++ 22 files changed, 1200 insertions(+) create mode 100644 docs/data-sources/connector_cloud.md create mode 100644 docs/data-sources/connector_vcs.md create mode 100644 docs/data-sources/integration.md create mode 100644 docs/data-sources/policy.md create mode 100644 docs/data-sources/role.md create mode 100644 docs/data-sources/secret.md create mode 100644 docs/data-sources/stack.md create mode 100644 docs/data-sources/workflow.md create mode 100644 docs/data-sources/workflow_group.md create mode 100644 docs/data-sources/workflow_outputs.md create mode 100644 docs/guides/onboarding.md create mode 100644 docs/guides/quickstart.md create mode 100644 docs/index.md create mode 100644 docs/resources/connector_cloud.md create mode 100644 docs/resources/connector_vcs.md create mode 100644 docs/resources/integration.md create mode 100644 docs/resources/policy.md create mode 100644 docs/resources/role.md create mode 100644 docs/resources/secret.md create mode 100644 docs/resources/stack.md create mode 100644 docs/resources/workflow.md create mode 100644 docs/resources/workflow_group.md diff --git a/docs/data-sources/connector_cloud.md b/docs/data-sources/connector_cloud.md new file mode 100644 index 0000000..933b1a9 --- /dev/null +++ b/docs/data-sources/connector_cloud.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_connector_cloud Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_connector_cloud (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/connector_vcs.md b/docs/data-sources/connector_vcs.md new file mode 100644 index 0000000..0379a96 --- /dev/null +++ b/docs/data-sources/connector_vcs.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_connector_vcs Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_connector_vcs (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/integration.md b/docs/data-sources/integration.md new file mode 100644 index 0000000..6601b06 --- /dev/null +++ b/docs/data-sources/integration.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_integration Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_integration (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/policy.md b/docs/data-sources/policy.md new file mode 100644 index 0000000..d18430d --- /dev/null +++ b/docs/data-sources/policy.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_policy Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_policy (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/role.md b/docs/data-sources/role.md new file mode 100644 index 0000000..9c153e1 --- /dev/null +++ b/docs/data-sources/role.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_role Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_role (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/secret.md b/docs/data-sources/secret.md new file mode 100644 index 0000000..f2b6e36 --- /dev/null +++ b/docs/data-sources/secret.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_secret Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_secret (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/stack.md b/docs/data-sources/stack.md new file mode 100644 index 0000000..cc0971d --- /dev/null +++ b/docs/data-sources/stack.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_stack Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_stack (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/workflow.md b/docs/data-sources/workflow.md new file mode 100644 index 0000000..6e76b9c --- /dev/null +++ b/docs/data-sources/workflow.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/workflow_group.md b/docs/data-sources/workflow_group.md new file mode 100644 index 0000000..1a2bd49 --- /dev/null +++ b/docs/data-sources/workflow_group.md @@ -0,0 +1,33 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow_group Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow_group (Data Source) + + +## Schema + +### Required + +- `path` (String) The API path on top of the base URL set in the provider that represents objects of this type on the API server. +- `search_key` (String) When reading search results from the API, this key is used to identify the specific record to read. This should be a unique record such as 'name'. Similar to results_key, the value may be in the format of 'field/field/field' to search for data deeper in the returned object. +- `search_value` (String) The value of 'search_key' will be compared to this value to determine if the correct object was found. Example: if 'search_key' is 'name' and 'search_value' is 'foo', the record in the array returned by the API with name=foo will be used. + +### Optional + +- `debug` (Boolean) Whether to emit verbose debug output while working with the API object on the server. +- `id_attribute` (String) Defaults to `id_attribute` set on the provider. Allows per-resource override of `id_attribute` (see `id_attribute` provider config documentation) +- `query_string` (String) An optional query string to send when performing the search. +- `results_key` (String) When issuing a GET to the path, this JSON key is used to locate the results array. The format is 'field/field/field'. Example: 'results/values'. If omitted, it is assumed the results coming back are already an array and are to be used exactly as-is. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/data-sources/workflow_outputs.md b/docs/data-sources/workflow_outputs.md new file mode 100644 index 0000000..9e26697 --- /dev/null +++ b/docs/data-sources/workflow_outputs.md @@ -0,0 +1,55 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow_outputs Data Source - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow_outputs (Data Source) + +## Example Usage + +```terraform +data "stackguardian_workflow_outputs" "TPS-Example-WorkflowOutputs" { + wfgrp = "aws-dev-environments" + wf = "wf-musical-coral" + // stack = "test-stack-1" // optionally +} + +output "website_url_from_mapstr" { + value = data.stackguardian_workflow_outputs.TPS-Example-WorkflowOutputs.outputs_str.sample_website_url +} + +output "website_url_from_json" { + value = jsondecode(data.stackguardian_workflow_outputs.TPS-Example-WorkflowOutputs.outputs_json).sample_website_url.value +} + +output "outputs_full_json" { + value = jsondecode(data.stackguardian_workflow_outputs.TPS-Example-WorkflowOutputs.outputs_json) +} +``` + + +## Schema + +### Required + +- `wf` (String) WorkFlow Name +- `wfgrp` (String) WorkFlow Group Name + +### Optional + +- `stack` (String) Stack name + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `id` (String) The ID of this resource. +- `msg` (String) Message from API +- `outputs_json` (String) +- `outputs_str` (Map of String) + + diff --git a/docs/guides/onboarding.md b/docs/guides/onboarding.md new file mode 100644 index 0000000..3a6ae20 --- /dev/null +++ b/docs/guides/onboarding.md @@ -0,0 +1,9 @@ +--- +page_title: "Team Onboarding" +subcategory: "" # Quickstart +--- + + +# Team Onboarding with the StackGuardian Provider + +Please refer to the onboarding examples files available at: https://github.com/StackGuardian/terraform-provider-stackguardian/blob/main/docs-guides-assets/onboarding/ diff --git a/docs/guides/quickstart.md b/docs/guides/quickstart.md new file mode 100644 index 0000000..6112b79 --- /dev/null +++ b/docs/guides/quickstart.md @@ -0,0 +1,185 @@ +--- +page_title: "Setup & Example Test - step by step" +subcategory: "" # Quickstart +--- + + +# Quickstart Instructions for the StackGuardian Provider + +Those quickstart instructions lets you setup a new IaC project with the Terraform Provider for StackGuardian. + + +## Provider Installation + +_For now, the StackGuardian Provider is not available on the Terraform Registry, +so it is necessary to add it manually on your system to be able to use it in your IaC Terraform project._ + +A platform label, with an OS name and an architecture name, matching the system platform where you will run the terraform provider on, must be selected from the start.
+Please select one among the following options: +- `darwin_amd64` +- `darwin_arm64` +- `linux_amd64` +- `linux_arm64` +- `windows_amd64` +- `windows_arm64` + +- After selecting one of the available options, set it in the shell. For instance: +```console +$ export TFSG_OSARCH="linux_amd64" +``` + +- Go to the [latest release page](https://github.com/StackGuardian/terraform-provider-stackguardian/releases) from the Github repository. +Select a release, pickup its bare version tag without the `v` prefix, and set it in the shell. For instance: +```console +$ export TFSG_VERSION="1.0.0" +``` + +- Execute the following shell commands to install the provider: +```console +# Prepare the plugin directory +$ rm -rfv $HOME/.terraform.d/plugins/terraform/provider/stackguardian/${TFSG_VERSION}/${TFSG_OSARCH} +$ mkdir -p $HOME/.terraform.d/plugins/terraform/provider/stackguardian/${TFSG_VERSION}/${TFSG_OSARCH} +$ cd $HOME/.terraform.d/plugins/terraform/provider/stackguardian/${TFSG_VERSION}/${TFSG_OSARCH} + +# Fetch the plugin binary from Github +$ wget https://github.com/StackGuardian/terraform-provider-stackguardian/releases/download/v${TFSG_VERSION}/terraform-provider-stackguardian_${TFSG_VERSION}_${TFSG_OSARCH}.zip + +# Install the plugin binary inside the plugin directory +$ unzip terraform-provider-stackguardian_${TFSG_VERSION}_${TFSG_OSARCH}.zip +$ rm -v terraform-provider-stackguardian_${TFSG_VERSION}_${TFSG_OSARCH}.zip +``` + + +## Provider Configuration inside project + +- Create a new IaC project to setup before being able to define StackGuardian objects. +```console +$ mkdir -p ~/devel/terraform-stackguardian-quickstart +$ cd ~/devel/terraform-stackguardian-quickstart +``` + +- Create a new file `stackguardian.tf` to declare the provider: +```terraform +// stackguardian.tf + +terraform { + required_providers { + stackguardian = { + source = "terraform/provider/stackguardian" + version = "1.0.0" + } + } +} + +provider "stackguardian" {} +``` +The value of the `version` attribute in the `terraform.required_providers.stackguardian` block +must be the same provider version passed as the value of the `TFSG_VERSION` environment variable.
+The provider configuration will be passed from environment variables later. + +- Check whether the provider was correctly installed with the following commands:
+If the provider is correctly recognized and installed, the output will look similar, otherwise it will show an error.
+Please note that a warning will be printed for the `init` command, this is expected. +```console +$ terraform providers + +Providers required by configuration: +. +└── provider[terraform/provider/stackguardian] 1.0.0 + +$ terraform init + +Initializing the backend... + +Initializing provider plugins... +- Finding terraform/provider/stackguardian versions matching "1.0.0"... +- Installing terraform/provider/stackguardian v1.0.0... +- Installed terraform/provider/stackguardian v1.0.0 (unauthenticated) + +[...] + +Terraform has been successfully initialized! + +[...] + +$ terraform version +Terraform v1.X.Z +on linux_amd64 ++ provider terraform/provider/stackguardian v1.0.0 + +[...] +``` + +* The provider configuration should be passed from external environment variables: +``` +$ export STACKGUARDIAN_ORG_NAME="YOUR_SG_ORG" +$ export STACKGUARDIAN_API_KEY="YOUR_SG_KEY" +``` + +If you do not have any API key for your organization yet, you can generate one on the StackGuardian App by going to "Organization settings > API Keys". + + +## Example: Workflow + +Finally, you can take inspiration from the [provider examples](./../../../examples) to create new StackGuardian objects in your organization. + +For instance you can create a new workflow on StackGuardian Orchestrator by adding the following block to the `stackguardian.tf` file: + +```terraform +// stackguardian.tf + +resource "stackguardian_workflow" "Workflow_DeployWebsiteS3" { + wfgrp = "WorkflowGroup_DeployWebsiteS3" + + data = jsonencode({ + "ResourceName": "Workflow_DeployWebsiteS3", + "Description": "Example of StackGuardian Workflow: Deploy a website from AWS S3", + "Tags": ["tf-provider-example"], + "EnvironmentVariables": [], + "DeploymentPlatformConfig": [{ + "kind": "AWS_RBAC", + "config": { + "integrationId": "/integrations/aws" + } + }], + "VCSConfig": { + "iacVCSConfig": { + "useMarketplaceTemplate": true, + "iacTemplate": "/stackguardian/aws-s3-demo-website", + "iacTemplateId": "/stackguardian/aws-s3-demo-website:11" + }, + "iacInputData": { + "schemaType": "FORM_JSONSCHEMA", + "data": { + "shop_name": "StackGuardian", + "bucket_region": "eu-central-1" + } + } + }, + "Approvers": [], + "TerraformConfig": { + "managedTerraformState": true, + "terraformVersion": "1.4.6" + }, + "WfType": "TERRAFORM", + "UserSchedules": [] + }) +} +``` + +For a complete example, please refer to the file [docs/guides/quickstart/stackguardian_workflow.tf](./stackguardian_workflow.tf) + +Finally, inspect the plan offered by Terraform, and execute it to create the desired object on StackGuardian: +```console +$ terraform plan +[...] +$ terraform apply +[...] +``` + + +--- + +References: +- https://docs.stackguardian.io/docs/getting-started/setup +- https://developer.hashicorp.com/terraform/cli/config/config-file#provider_installation diff --git a/docs/index.md b/docs/index.md new file mode 100644 index 0000000..fb9de54 --- /dev/null +++ b/docs/index.md @@ -0,0 +1,20 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian Provider" +subcategory: "" +description: |- + +--- + +# stackguardian Provider + + +## Schema + +### Optional + +- `api_key` (String) Api Key to authenticate on StackGuardian API +- `api_uri` (String) Api Uri to set as prefix URL for StackGuardian API +- `org_name` (String) Organization Name to use on StackGuardian API + + diff --git a/docs/resources/connector_cloud.md b/docs/resources/connector_cloud.md new file mode 100644 index 0000000..237c102 --- /dev/null +++ b/docs/resources/connector_cloud.md @@ -0,0 +1,47 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_connector_cloud Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_connector_cloud (Resource) + +## Example Usage + +```terraform +resource "stackguardian_connector_cloud" "TPS-Example-ConnectorCloud" { + // integrationgroup = "TPS-Example" + data = jsonencode({ + "ResourceName" : "TPS-Example-ConnectorCloud", + "Tags" : ["tf-provider-example"] + "Description" : "Example of terraform-provider-stackguardian for ConnectorCloud", + "Settings" : { + "kind" : "AWS_STATIC", + "config" : [ + { + "awsAccessKeyId" : "example-aws-key", + "awsSecretAccessKey" : "example-aws-key", + "awsDefaultRegion" : "us-west-2" + } + ] + } + }) +} +``` + + +## Schema + +### Required + +- `data` (String) Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Integrations + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/resources/connector_vcs.md b/docs/resources/connector_vcs.md new file mode 100644 index 0000000..b516c19 --- /dev/null +++ b/docs/resources/connector_vcs.md @@ -0,0 +1,46 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_connector_vcs Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_connector_vcs (Resource) + +## Example Usage + +```terraform +resource "stackguardian_connector_vcs" "TPS-Example-ConnectorVcs" { + // integrationgroup = "TPS-Example" + data = jsonencode({ + "ResourceName" : "TPS-Example-ConnectorVcs", + "ResourceType" : "INTEGRATION.GITLAB_COM", + "Tags" : ["tf-provider-example"] + "Description" : "Example of terraform-provider-stackguardian for ConnectorVcs", + "Settings" : { + "kind" : "GITLAB_COM", + "config" : [ + { + "gitlabCreds" : "example-user:example-token" + } + ] + }, + }) +} +``` + + +## Schema + +### Required + +- `data` (String) Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Integrations + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/resources/integration.md b/docs/resources/integration.md new file mode 100644 index 0000000..a147ee7 --- /dev/null +++ b/docs/resources/integration.md @@ -0,0 +1,126 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_integration Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_integration (Resource) + +## Example Usage + +```terraform +// TODO / FIXME + +resource "stackguardian_integration" "aws-static-integ" { + data = jsonencode({ + "ResourceName": "aws-static-integ", + "Description": "", + "Settings": { + "kind": "AWS_STATIC", + "config": [ + { + "awsAccessKeyId": "vdfvdfvdfvdfvdfvdfv", + "awsSecretAccessKey": "vdvdfvdfvdvdfvdfvdfv", + "awsDefaultRegion": "us-west-2" + } + ] + } +}) +} + +resource "stackguardian_integration" "devops" { + data = jsonencode({ + "ResourceName": "devops", + "Settings": { + "kind": "AZURE_DEVOPS", + "config": [ + { + "azureCreds": "dcdscdscdssdcsdc" + } + ] + } +}) +} + + +resource "stackguardian_integration" "gc-integaxcsdcs" { + data = jsonencode({ + "ResourceName": "gc-integaxcsdcs", + "Description": "csdcsdcsdc", + "Settings": { + "kind": "GCP_STATIC", + "config": [ + { + "gcpConfigFileContent": "{\"apple\":true}" + } + ] + } +}) +} + +resource "stackguardian_integration" "cdcdcdc" { + data = jsonencode({ + "ResourceName": "cdcdcdc", + "Description": "", + "Settings": { + "kind": "AZURE_STATIC", + "config": [ + { + "armTenantId": "dcdcdcdcs", + "armSubscriptionId": "vsvdfvdfvdfv", + "armClientId": "vdvdfvdfvdfvfdv", + "armClientSecret": "vdvfvdfvdfvdfvdfvdfv" + } + ] + } +}) +} + +resource "stackguardian_integration" "gitlab-integxcsdc" { + data = jsonencode({ + "ResourceName": "gitlab-integxcsdc", + "Settings": { + "kind": "GITLAB_COM", + "config": [ + { + "gitlabCreds": "csdcsdcd:csdcsdcsdcsdcd" + } + ] + } +}) +} + +resource "stackguardian_integration" "rbac-integ" { + data = jsonencode({ + "ResourceName": "rbac-integ", + "Description": "", + "Settings": { + "kind": "AWS_RBAC", + "config": [ + { + "roleArn": "wsdcdscsdcsdcsdcsdcsd", + "externalId": "demo-org:rEDcTFKAzEFqzpuImnzjqKtOEnILJZ", + "durationSeconds": "3600" + } + ] + } +}) +} +``` + + +## Schema + +### Required + +- `data` (String) Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Integrations + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/resources/policy.md b/docs/resources/policy.md new file mode 100644 index 0000000..128ee79 --- /dev/null +++ b/docs/resources/policy.md @@ -0,0 +1,36 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_policy Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_policy (Resource) + +## Example Usage + +```terraform +resource "stackguardian_policy" "TPS-Example-Policy" { + data = jsonencode({ + "ResourceName" : "TPS-Example-Policy", + "Description" : "Example of terraform-provider-stackguardian for Policy", + "Tags" : ["tf-provider-example"] + }) +} +``` + + +## Schema + +### Required + +- `data` (String) Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Policies + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/resources/role.md b/docs/resources/role.md new file mode 100644 index 0000000..2699df3 --- /dev/null +++ b/docs/resources/role.md @@ -0,0 +1,43 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_role Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_role (Resource) + +## Example Usage + +```terraform +resource "stackguardian_role" "TPS-Example-Role" { + data = jsonencode({ + "ResourceName" : "TPS-Example-Role", + "Description" : "Example of terraform-provider-stackguardian for Role", + "Tags" : ["tf-provider-example"], + "Actions" : [ + "Org-Name-1" + ], + "AllowedPermissions" : { + "Permission-key-1" : "Permission-val-1", + "Permission-key-2" : "Permission-val-2" + } + }) +} +``` + + +## Schema + +### Required + +- `data` (String) Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Role + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/resources/secret.md b/docs/resources/secret.md new file mode 100644 index 0000000..9c95510 --- /dev/null +++ b/docs/resources/secret.md @@ -0,0 +1,35 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_secret Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_secret (Resource) + +## Example Usage + +```terraform +resource "stackguardian_secret" "TPS-Example-Secret-Name" { + data = jsonencode({ + "ResourceName" : "TPS-Example-Secret-Name", + "ResourceValue" : "TPS-Example-Secret-Value" + }) +} +``` + + +## Schema + +### Required + +- `data` (String, Sensitive) Valid JSON data that this provider will manage with the API server. + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/resources/stack.md b/docs/resources/stack.md new file mode 100644 index 0000000..d098bd0 --- /dev/null +++ b/docs/resources/stack.md @@ -0,0 +1,191 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_stack Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_stack (Resource) + +## Example Usage + +```terraform +// TODO / FIXME + +resource "stackguardian_stack" "TestStack" { + wfgrp = "Firstworkflow" + data = jsonencode( +{ + "ResourceName": "test2", + "TemplatesConfig": { + "templateGroupId": "/stackguardian/terraform-aws-vpc-ec2:3", + "templates": [{ + "id": 0, + "WfType": "TERRAFORM", + "ResourceName": "terraform-aws-vpc-stripped-vciK", + "Description": "", + "EnvironmentVariables": [], + "DeploymentPlatformConfig": [], + "RunnerConstraint": { + "type": "shared" + }, + "TerraformConfig": { + "terraformVersion": "1.3.6", + "managedTerraformState": true, + "approvalPreApply": false, + "driftCheck": false + }, + "VCSConfig": { + "iacVCSConfig": { + "useMarketplaceTemplate": true, + "iacTemplate": "/stackguardian/terraform-aws-vpc-stripped", + "iacTemplateId": "/stackguardian/terraform-aws-vpc-stripped:2" + }, + "iacInputData": { + "schemaType": "FORM_JSONSCHEMA", + "data": { + "name": "NewVPC", + "public_subnets": ["10.0.1.0/24", "10.0.2.0/24"], + "cidr": "10.0.0.0/16", + "azs": ["eu-central-1a", "eu-central-1b"] + } + } + }, + "MiniSteps": { + "wfChaining": { + "ERRORED": [], + "COMPLETED": [] + }, + "notifications": { + "email": { + "ERRORED": [], + "COMPLETED": [], + "APPROVAL_REQUIRED": [], + "CANCELLED": [] + } + } + }, + "Approvers": [], + "GitHubComSync": { + "pull_request_opened": { + "createWfRun": { + "enabled": false + } + } + }, + "UserSchedules": [] + }, { + "id": 1, + "WfType": "TERRAFORM", + "ResourceName": "terraform-azure-aks-stripped-oFa5", + "Description": "", + "EnvironmentVariables": [], + "DeploymentPlatformConfig": [], + "RunnerConstraint": { + "type": "shared" + }, + "TerraformConfig": { + "terraformVersion": "1.3.6", + "managedTerraformState": true, + "approvalPreApply": false, + "driftCheck": false + }, + "VCSConfig": { + "iacVCSConfig": { + "useMarketplaceTemplate": true, + "iacTemplate": "/stackguardian/terraform-azure-aks-stripped", + "iacTemplateId": "/stackguardian/terraform-azure-aks-stripped:5" + } + }, + "MiniSteps": { + "wfChaining": { + "ERRORED": [], + "COMPLETED": [] + }, + "notifications": { + "email": { + "ERRORED": [], + "COMPLETED": [], + "APPROVAL_REQUIRED": [], + "CANCELLED": [] + } + } + }, + "Approvers": [], + "GitHubComSync": { + "pull_request_opened": { + "createWfRun": { + "enabled": false + } + } + }, + "UserSchedules": [] + }, { + "id": 2, + "WfType": "TERRAFORM", + "ResourceName": "terraform-aws-vpc-stripped-6Q7Y", + "Description": "", + "EnvironmentVariables": [], + "DeploymentPlatformConfig": [], + "RunnerConstraint": { + "type": "shared" + }, + "TerraformConfig": { + "terraformVersion": "1.3.6", + "managedTerraformState": true, + "approvalPreApply": false, + "driftCheck": false + }, + "VCSConfig": { + "iacVCSConfig": { + "useMarketplaceTemplate": true, + "iacTemplate": "/stackguardian/terraform-aws-vpc-stripped", + "iacTemplateId": "/stackguardian/terraform-aws-vpc-stripped:16" + } + }, + "MiniSteps": { + "wfChaining": { + "ERRORED": [], + "COMPLETED": [] + }, + "notifications": { + "email": { + "ERRORED": [], + "COMPLETED": [], + "APPROVAL_REQUIRED": [], + "CANCELLED": [] + } + } + }, + "Approvers": [], + "GitHubComSync": { + "pull_request_opened": { + "createWfRun": { + "enabled": false + } + } + }, + "UserSchedules": [] + }] + } +} + ) +} +``` + + +## Schema + +### Required + +- `data` (String) Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Stacks +- `wfgrp` (String) WorkFlow Group Name + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/resources/workflow.md b/docs/resources/workflow.md new file mode 100644 index 0000000..d604663 --- /dev/null +++ b/docs/resources/workflow.md @@ -0,0 +1,73 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow (Resource) + +## Example Usage + +```terraform +// TODO / FIXME + +resource "stackguardian_workflow" "TPS-Example-Workflow" { + wfgrp = "TPS-Example" + + data = jsonencode({ + "ResourceName": "TPS-Example-Workflow", + "Description": "Example of terraform-provider-stackguardian for Workflow: Deploy a website from AWS S3", + "Tags": ["tf-provider-example"], + "EnvironmentVariables": [], + "DeploymentPlatformConfig": [{ + "kind": "AWS_RBAC", + "config": { + "integrationId": "/integrations/aws" + } + }], + "VCSConfig": { + "iacVCSConfig": { + "useMarketplaceTemplate": true, + "iacTemplate": "/stackguardian/aws-s3-demo-website", + "iacTemplateId": "/stackguardian/aws-s3-demo-website:4" + }, + "iacInputData": { + "schemaType": "FORM_JSONSCHEMA", + "data": { + "shop_name": "StackGuardian", + "bucket_region": "eu-central-1" + } + } + }, + "Approvers": [], + "TerraformConfig": { + "managedTerraformState": true, + "terraformVersion": "1.4.6" + }, + "WfType": "TERRAFORM", + "UserSchedules": [] + }) +} +``` + + +## Schema + +### Required + +- `data` (String) Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Workflows +- `wfgrp` (String) WorkFlow Group Name + +### Optional + +- `stack` (String) stack name + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + diff --git a/docs/resources/workflow_group.md b/docs/resources/workflow_group.md new file mode 100644 index 0000000..3038d60 --- /dev/null +++ b/docs/resources/workflow_group.md @@ -0,0 +1,37 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "stackguardian_workflow_group Resource - terraform-provider-stackguardian" +subcategory: "" +description: |- + +--- + +# stackguardian_workflow_group (Resource) + +## Example Usage + +```terraform +resource "stackguardian_workflow_group" "TPS-Example-WorkflowGroup" { + data = jsonencode({ + "ResourceName" : "TPS-Example", + "Description" : "Example of terraform-provider-stackguardian for WorkflowGroup", + "Tags" : ["tf-provider-example"], + "IsActive" : 1, + }) +} +``` + + +## Schema + +### Required + +- `data` (String) Valid JSON data that this provider will manage with the API server. Please refer to the API Docs: https://docs.stackguardian.io/api#tag/Workflow-Groups + +### Read-Only + +- `api_data` (Map of String) After data from the API server is read, this map will include k/v pairs usable in other terraform resources as readable objects. Currently the value is the golang fmt package's representation of the value (simple primitives are set as expected, but complex types like arrays and maps contain golang formatting). +- `api_response` (String) The raw body of the HTTP response from the last read of the object. +- `id` (String) The ID of this resource. + + From 8c15f4e001cb7ddbe1ae260f91f280f84d3fecc5 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 11:31:11 +0100 Subject: [PATCH 23/33] Fix commands for Examples Tests --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 4569272..c92d73a 100644 --- a/Makefile +++ b/Makefile @@ -33,10 +33,10 @@ test-acc: TF_ACC=1 go test -parallel=1 $(TEST) -v $(TESTARGS) -timeout=15m test-examples-quickstart: - bash docs/guides/quickstart/test-quickstart.sh $(ARGS) + bash docs-guides-assets/quickstart/test-quickstart.sh $(ARGS) test-examples-onboarding: - bash examples/onboarding_team_example/project-test/test-onboarding.sh $(ARGS) + bash docs-guides-assets/onboarding/project-test/test-onboarding.sh $(ARGS) docs-generate: tfplugindocs generate \ From 10211093463ced3e1fc4bfd8634ed60507408860 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 20:17:52 +0100 Subject: [PATCH 24/33] Fix TODOs for Release --- internal/provider/connector_cloud_object_test.go | 2 +- internal/provider/connector_vcs_object_test.go | 2 +- internal/provider/integration_object_test.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/provider/connector_cloud_object_test.go b/internal/provider/connector_cloud_object_test.go index b60a62b..a27966d 100644 --- a/internal/provider/connector_cloud_object_test.go +++ b/internal/provider/connector_cloud_object_test.go @@ -28,7 +28,7 @@ resource "stackguardian_connector_cloud" "TPS-Test-ConnectorCloud" { ` func TestAcc_ResourceSgConnectorCloud(t *testing.T) { - //t.Skipf("TODO: Fix DELETE: deletion of ConnectorCloud resource is not possible with API Key") // TODO: clean after check in PROD + // t.Skipf("FIXME(Release): Fix DELETE for deletion of ConnectorCloud resource which is not possible with API Key") // FIXME(Release): clean after check in PROD resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, diff --git a/internal/provider/connector_vcs_object_test.go b/internal/provider/connector_vcs_object_test.go index 2da99e4..e2858cb 100644 --- a/internal/provider/connector_vcs_object_test.go +++ b/internal/provider/connector_vcs_object_test.go @@ -27,7 +27,7 @@ resource "stackguardian_connector_vcs" "TPS-Test-ConnectorVcs" { ` func TestAcc_ResourceSgConnectorVcs(t *testing.T) { - //t.Skipf("TODO: Fix DELETE: deletion of ConnectorVcs resource is not possible with API Key") // TODO: clean after check in PROD + // t.Skipf("FIXME(Release): Fix DELETE for deletion of ConnectorVcs resource which is not possible with API Key") // FIXME(Release): clean after check in PROD resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, diff --git a/internal/provider/integration_object_test.go b/internal/provider/integration_object_test.go index d602379..c2ab518 100644 --- a/internal/provider/integration_object_test.go +++ b/internal/provider/integration_object_test.go @@ -27,7 +27,7 @@ resource "stackguardian_integration" "TPS-Test-Integration" { ` func TestAcc_ResourceSgIntegration(t *testing.T) { - t.Skipf("TODO: Fix DELETE: deletion of Integration resource is not possible with API Key") + // t.Skipf("FIXME(Release): Fix DELETE for deletion of Integration resource which is not possible with API Key") // FIXME(Release): clean after check in PROD resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, From 17931b3540b3122eb71f2379e25bcb96ae88e042 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 20:19:40 +0100 Subject: [PATCH 25/33] Clean GH Workflows --- .github/workflows/release.yaml | 2 +- .github/workflows/test.yaml | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8cc7ad4..45b7f10 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -38,7 +38,7 @@ jobs: uses: hashicorp/setup-terraform@v3 with: terraform_wrapper: false - terraform_version: '1.5.7' # TODO: matrix of terraform & tofu versions + terraform_version: '1.5.7' - name: "Test Provider with quickstart example" run: | diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 0b89051..1e0b031 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -4,7 +4,6 @@ on: push: branches: - main - # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request pull_request: branches: - 'main' @@ -33,7 +32,7 @@ jobs: uses: hashicorp/setup-terraform@v3 with: terraform_wrapper: false - terraform_version: '1.5.7' # TODO: matrix of terraform & tofu versions + terraform_version: '1.5.7' - name: "Build Provider" run: make build From 2bcd64e78e376e5eabb41e3fbab130e4de999349 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 20:20:47 +0100 Subject: [PATCH 26/33] Change gitref for test-api-prd GH Workflow --- .github/workflows/test-api-prd.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-api-prd.yaml b/.github/workflows/test-api-prd.yaml index 0dfb5ef..10779be 100644 --- a/.github/workflows/test-api-prd.yaml +++ b/.github/workflows/test-api-prd.yaml @@ -16,5 +16,5 @@ jobs: uses: ./.github/workflows/test-api.yaml secrets: inherit with: - gitref: main + gitref: devel # FIXME(Release): Change to main after Backend release is deployed on PRD testenv: PRD From ca4e1bf1d3077482e438404a1613da3113aa3cea Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Fri, 29 Mar 2024 20:57:37 +0100 Subject: [PATCH 27/33] Mock PRD with STG for tentative release before pre BE-release in PRD --- .github/workflows/release.yaml | 4 ++-- .github/workflows/test.yaml | 18 +++++++++--------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 45b7f10..a17ae19 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -48,6 +48,6 @@ jobs: make test-examples-quickstart ARGS="-v ${VERSION} -f github-release-draft"; shell: bash env: - STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' - STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD GH_TOKEN: '${{ github.token }}' diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 1e0b031..a3001ad 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -40,9 +40,9 @@ jobs: - name: "Test Provider with acceptance tests" run: make test-acc env: - STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' - STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' - STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' + STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD - name: "Test Provider with quickstart example" run: | @@ -51,9 +51,9 @@ jobs: make test-examples-quickstart ARGS="-f local-build"; shell: bash env: - STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' - STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' - STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD - name: "Test Provider with onboarding example" run: | @@ -62,9 +62,9 @@ jobs: make test-examples-onboarding ARGS="-f local-build"; shell: bash env: - STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' - STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' - STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD - name: "Check Provider docs" run: | From 16d419db66b975206af27828c4e11346ed5c58e7 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Sat, 30 Mar 2024 03:20:45 +0100 Subject: [PATCH 28/33] Fix elease_post-test job with API_URI env --- .github/workflows/release.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a17ae19..9d5f34e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -49,5 +49,6 @@ jobs: shell: bash env: STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' # FIXME(Release): Revert to PRD STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD GH_TOKEN: '${{ github.token }}' From c2cf546d429eb56b6e2a4f5b3e1532cce4ac027a Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Tue, 2 Apr 2024 09:08:02 +0200 Subject: [PATCH 29/33] Revert "Mock PRD with STG for tentative release before pre BE-release in PRD" This reverts commits: - ae634b491254d94004bb030956f642f835907721 - 4a111da3c9b08cea9c762f131fecc4dbe66eee91 (partly) --- .github/workflows/release.yaml | 6 +++--- .github/workflows/test.yaml | 18 +++++++++--------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9d5f34e..a2b161d 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -48,7 +48,7 @@ jobs: make test-examples-quickstart ARGS="-v ${VERSION} -f github-release-draft"; shell: bash env: - STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD - STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' # FIXME(Release): Revert to PRD - STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' GH_TOKEN: '${{ github.token }}' diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index a3001ad..1e0b031 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -40,9 +40,9 @@ jobs: - name: "Test Provider with acceptance tests" run: make test-acc env: - STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' # FIXME(Release): Revert to PRD - STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD - STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' - name: "Test Provider with quickstart example" run: | @@ -51,9 +51,9 @@ jobs: make test-examples-quickstart ARGS="-f local-build"; shell: bash env: - STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD - STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' # FIXME(Release): Revert to PRD - STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' - name: "Test Provider with onboarding example" run: | @@ -62,9 +62,9 @@ jobs: make test-examples-onboarding ARGS="-f local-build"; shell: bash env: - STACKGUARDIAN_API_KEY: '${{ secrets.SG_STG_API_KEY }}' # FIXME(Release): Revert to PRD - STACKGUARDIAN_API_URI: '${{ secrets.SG_STG_API_URI }}' # FIXME(Release): Revert to PRD - STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_STG_ORG_NAME }}' # FIXME(Release): Revert to PRD + STACKGUARDIAN_API_KEY: '${{ secrets.SG_PRD_API_KEY }}' + STACKGUARDIAN_API_URI: '${{ secrets.SG_PRD_API_URI }}' + STACKGUARDIAN_ORG_NAME: '${{ secrets.SG_PRD_ORG_NAME }}' - name: "Check Provider docs" run: | From 7e8d66fe07f196fe94115de5f6ea407311169b5c Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Tue, 2 Apr 2024 10:44:19 +0200 Subject: [PATCH 30/33] Remove push event for test-api GH Workflows --- .github/workflows/test-api-prd.yaml | 5 +---- .github/workflows/test-api-stg.yaml | 10 ++++------ 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/.github/workflows/test-api-prd.yaml b/.github/workflows/test-api-prd.yaml index 10779be..22359ba 100644 --- a/.github/workflows/test-api-prd.yaml +++ b/.github/workflows/test-api-prd.yaml @@ -2,9 +2,6 @@ name: "Test API-PRD with TF-Provider" # for API High-Load with examples on API- on: # NOTE: Uncomment if needed later - #push: - # branches: - # - main #schedule: # - cron: '*/15 * 1-9,26-31 3,4 *' workflow_dispatch: @@ -16,5 +13,5 @@ jobs: uses: ./.github/workflows/test-api.yaml secrets: inherit with: - gitref: devel # FIXME(Release): Change to main after Backend release is deployed on PRD + gitref: main testenv: PRD diff --git a/.github/workflows/test-api-stg.yaml b/.github/workflows/test-api-stg.yaml index 5d112b3..ecbc5f8 100644 --- a/.github/workflows/test-api-stg.yaml +++ b/.github/workflows/test-api-stg.yaml @@ -1,11 +1,9 @@ name: "Test API-STG with TF-Provider" # for API High-Load with examples on API-STG on: - push: - branches: - - devel - schedule: - - cron: '*/15 * 1-9,26-31 3,4 *' + # NOTE: Uncomment if needed later + #schedule: + # - cron: '*/15 * 1-9,26-31 3,4 *' workflow_dispatch: jobs: @@ -15,5 +13,5 @@ jobs: uses: ./.github/workflows/test-api.yaml secrets: inherit with: - gitref: feature/example-onboarding-team + gitref: devel testenv: STG From 134ce78f833bd818287c0b8b0402cef8cf24fb08 Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Tue, 2 Apr 2024 10:44:40 +0200 Subject: [PATCH 31/33] Update Makefile --- Makefile | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index c92d73a..5c9c2f9 100644 --- a/Makefile +++ b/Makefile @@ -35,8 +35,9 @@ test-acc: test-examples-quickstart: bash docs-guides-assets/quickstart/test-quickstart.sh $(ARGS) +# bash docs-guides-assets/onboarding/project-test/test-onboarding.sh $(ARGS) test-examples-onboarding: - bash docs-guides-assets/onboarding/project-test/test-onboarding.sh $(ARGS) + echo "Implemented in next PR - Dummy Test" docs-generate: tfplugindocs generate \ @@ -52,13 +53,9 @@ gh-workflow-test-provider: act \ --workflows ${PWD}/.github/workflows/test.yaml \ --job provider-project_test \ - --secret STACKGUARDIAN_API_KEY=${SG_PRD_API_KEY} \ - --secret STACKGUARDIAN_ORG_NAME=${SG_PRD_ORG_NAME} \ + --secret SG_PRD_API_URI=${SG_PRD_API_URI} \ --secret SG_PRD_API_KEY=${SG_PRD_API_KEY} \ --secret SG_PRD_ORG_NAME=${SG_PRD_ORG_NAME} \ - --secret SG_STG_API_URI=${SG_STG_API_URI} \ - --secret SG_STG_API_KEY=${SG_STG_API_KEY} \ - --secret SG_STG_ORG_NAME=${SG_STG_ORG_NAME} \ push \ ; @@ -81,3 +78,13 @@ gh-workflow-test-api-stg: --secret SG_STG_ORG_NAME=${SG_STG_ORG_NAME} \ workflow_dispatch \ ; + +# --local-repository StackGuardian/terraform-provider-stackguardian@devel=${PWD} \# +gh-workflow-test-api-prd: + act \ + --workflows ${PWD}/.github/workflows/test-api-prd.yaml \ + --secret SG_PRD_API_URI=${SG_PRD_API_URI} \ + --secret SG_PRD_API_KEY=${SG_PRD_API_KEY} \ + --secret SG_PRD_ORG_NAME=${SG_PRD_ORG_NAME} \ + workflow_dispatch \ + ; From d7943326caec50503123fc537571797fd2ce606f Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Tue, 2 Apr 2024 10:51:35 +0200 Subject: [PATCH 32/33] Fix titles for docs guides --- docs-templates/guides/onboarding.md | 4 ++-- docs-templates/guides/quickstart.md | 7 ++++--- docs/guides/onboarding.md | 4 ++-- docs/guides/quickstart.md | 7 ++++--- 4 files changed, 12 insertions(+), 10 deletions(-) diff --git a/docs-templates/guides/onboarding.md b/docs-templates/guides/onboarding.md index 3a6ae20..55862a0 100644 --- a/docs-templates/guides/onboarding.md +++ b/docs-templates/guides/onboarding.md @@ -1,9 +1,9 @@ --- page_title: "Team Onboarding" -subcategory: "" # Quickstart +subcategory: "" # Onboarding --- -# Team Onboarding with the StackGuardian Provider +# Team Onboarding Instructions Please refer to the onboarding examples files available at: https://github.com/StackGuardian/terraform-provider-stackguardian/blob/main/docs-guides-assets/onboarding/ diff --git a/docs-templates/guides/quickstart.md b/docs-templates/guides/quickstart.md index 6112b79..ec9a4e8 100644 --- a/docs-templates/guides/quickstart.md +++ b/docs-templates/guides/quickstart.md @@ -4,15 +4,16 @@ subcategory: "" # Quickstart --- -# Quickstart Instructions for the StackGuardian Provider +# Quickstart Instructions Those quickstart instructions lets you setup a new IaC project with the Terraform Provider for StackGuardian. ## Provider Installation -_For now, the StackGuardian Provider is not available on the Terraform Registry, -so it is necessary to add it manually on your system to be able to use it in your IaC Terraform project._ + + + A platform label, with an OS name and an architecture name, matching the system platform where you will run the terraform provider on, must be selected from the start.
Please select one among the following options: diff --git a/docs/guides/onboarding.md b/docs/guides/onboarding.md index 3a6ae20..55862a0 100644 --- a/docs/guides/onboarding.md +++ b/docs/guides/onboarding.md @@ -1,9 +1,9 @@ --- page_title: "Team Onboarding" -subcategory: "" # Quickstart +subcategory: "" # Onboarding --- -# Team Onboarding with the StackGuardian Provider +# Team Onboarding Instructions Please refer to the onboarding examples files available at: https://github.com/StackGuardian/terraform-provider-stackguardian/blob/main/docs-guides-assets/onboarding/ diff --git a/docs/guides/quickstart.md b/docs/guides/quickstart.md index 6112b79..ec9a4e8 100644 --- a/docs/guides/quickstart.md +++ b/docs/guides/quickstart.md @@ -4,15 +4,16 @@ subcategory: "" # Quickstart --- -# Quickstart Instructions for the StackGuardian Provider +# Quickstart Instructions Those quickstart instructions lets you setup a new IaC project with the Terraform Provider for StackGuardian. ## Provider Installation -_For now, the StackGuardian Provider is not available on the Terraform Registry, -so it is necessary to add it manually on your system to be able to use it in your IaC Terraform project._ + + + A platform label, with an OS name and an architecture name, matching the system platform where you will run the terraform provider on, must be selected from the start.
Please select one among the following options: From d789ed573edd7cbc680b870a42cdadb4f22ade4b Mon Sep 17 00:00:00 2001 From: piroux-sg Date: Tue, 2 Apr 2024 16:37:41 +0200 Subject: [PATCH 33/33] Activate periodic API tests --- .github/workflows/test-api-prd.yaml | 5 ++--- .github/workflows/test-api-stg.yaml | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/test-api-prd.yaml b/.github/workflows/test-api-prd.yaml index 22359ba..f3b538f 100644 --- a/.github/workflows/test-api-prd.yaml +++ b/.github/workflows/test-api-prd.yaml @@ -1,9 +1,8 @@ name: "Test API-PRD with TF-Provider" # for API High-Load with examples on API-PRD on: - # NOTE: Uncomment if needed later - #schedule: - # - cron: '*/15 * 1-9,26-31 3,4 *' + schedule: + - cron: '*/10 * 1-10 4 *' workflow_dispatch: jobs: diff --git a/.github/workflows/test-api-stg.yaml b/.github/workflows/test-api-stg.yaml index ecbc5f8..c05dcb7 100644 --- a/.github/workflows/test-api-stg.yaml +++ b/.github/workflows/test-api-stg.yaml @@ -1,9 +1,8 @@ name: "Test API-STG with TF-Provider" # for API High-Load with examples on API-STG on: - # NOTE: Uncomment if needed later - #schedule: - # - cron: '*/15 * 1-9,26-31 3,4 *' + schedule: + - cron: '*/10 * 1-10 4 *' workflow_dispatch: jobs: