diff --git a/.gitignore b/.gitignore index 483a0a3a..527aea1c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,9 @@ -vendor func-tests/.terraform func-tests/crash.log func-tests/run.log func-tests/terraform.* terraform-provider-pingaccess +terraform-provider-pingaccess_v* .scannerwork/ .vscode/ run.log diff --git a/.travis.yml b/.travis.yml index e2b138d6..8f20e49e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,7 +16,7 @@ addons: organization: "iwarapter-github" script: - - go mod vendor - - go mod verify - - make test-and-report - - sonar-scanner + - go mod vendor || travis_terminate 1; + - go mod verify || travis_terminate 1; + - make test-and-report || travis_terminate 1; + - sonar-scanner || travis_terminate 1; diff --git a/Makefile b/Makefile index b89ff537..fda9c18e 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,6 @@ # Makefile +VERSION ?= local +NAME=terraform-provider-pingaccess_v${VERSION} sweep: @TF_ACC=1 go test ./... -v -sweep=true @@ -8,33 +10,33 @@ pa-init: test: @rm -f pingaccess/terraform.log - @TF_LOG=TRACE TF_LOG_PATH=./terraform.log TF_ACC=1 go test ./... -v + @TF_LOG=TRACE TF_LOG_PATH=./terraform.log TF_ACC=1 go test -mod=vendor ./... -v test-and-report: @rm -f pingaccess/terraform.log coverage.out report.json - @TF_LOG=TRACE TF_LOG_PATH=./terraform.log TF_ACC=1 go test ./... -v -coverprofile=coverage.out -json > report.json && go tool cover -func=coverage.out + @TF_LOG=TRACE TF_LOG_PATH=./terraform.log TF_ACC=1 go test -mod=vendor ./... -v -coverprofile=coverage.out -json > report.json && go tool cover -func=coverage.out build: - @go build -o terraform-provider-pingaccess . + @go build -mod=vendor -o ${NAME} -gcflags "all=-trimpath=$GOPATH" . release: @rm -rf build/* - GOOS=darwin GOARCH=amd64 go build -o build/darwin_amd64/terraform-provider-pingaccess . && zip -j build/darwin_amd64.zip build/darwin_amd64/terraform-provider-pingaccess - # GOOS=freebsd GOARCH=386 go build -o build/freebsd_386/terraform-provider-pingaccess . - # GOOS=freebsd GOARCH=amd64 go build -o build/freebsd_amd64/terraform-provider-pingaccess . - # GOOS=freebsd GOARCH=arm go build -o build/freebsd_arm/terraform-provider-pingaccess . - # GOOS=linux GOARCH=386 go build -o build/linux_386/terraform-provider-pingaccess . - GOOS=linux GOARCH=amd64 go build -o build/linux_amd64/terraform-provider-pingaccess . && zip -j build/linux_amd64.zip build/linux_amd64/terraform-provider-pingaccess - # GOOS=linux GOARCH=arm go build -o build/linux_arm/terraform-provider-pingaccess . - # GOOS=openbsd GOARCH=386 go build -o build/openbsd_386/terraform-provider-pingaccess . - # GOOS=openbsd GOARCH=amd64 go build -o build/openbsd_amd64/terraform-provider-pingaccess . - # GOOS=solaris GOARCH=amd64 go build -o build/solaris_amd64/terraform-provider-pingaccess . - # GOOS=windows GOARCH=386 go build -o build/windows_386/terraform-provider-pingaccess . - GOOS=windows GOARCH=amd64 go build -o build/windows_amd64/terraform-provider-pingaccess . && zip -j build/windows_amd64.zip build/windows_amd64/terraform-provider-pingaccess + GOOS=darwin GOARCH=amd64 go build -o -mod=vendor build/darwin_amd64/${NAME} -gcflags "all=-trimpath=$GOPATH" . && zip -j build/darwin_amd64.zip build/darwin_amd64/${NAME} + # GOOS=freebsd GOARCH=386 go build -o -mod=vendor build/freebsd_386/${NAME} -gcflags "all=-trimpath=$GOPATH" . + # GOOS=freebsd GOARCH=amd64 go build -o -mod=vendor build/freebsd_amd64/${NAME} -gcflags "all=-trimpath=$GOPATH" . + # GOOS=freebsd GOARCH=arm go build -o -mod=vendor build/freebsd_arm/${NAME} -gcflags "all=-trimpath=$GOPATH" . + # GOOS=linux GOARCH=386 go build -o -mod=vendor build/linux_386/${NAME} -gcflags "all=-trimpath=$GOPATH" . + GOOS=linux GOARCH=amd64 go build -o -mod=vendor build/linux_amd64/${NAME} -gcflags "all=-trimpath=$GOPATH" . && zip -j build/linux_amd64.zip build/linux_amd64/${NAME} + # GOOS=linux GOARCH=arm go build -o -mod=vendor build/linux_arm/${NAME} -gcflags "all=-trimpath=$GOPATH" . + # GOOS=openbsd GOARCH=386 go build -o -mod=vendor build/openbsd_386/${NAME} -gcflags "all=-trimpath=$GOPATH" . + # GOOS=openbsd GOARCH=amd64 go build -o -mod=vendor build/openbsd_amd64/${NAME} -gcflags "all=-trimpath=$GOPATH" . + # GOOS=solaris GOARCH=amd64 go build -o -mod=vendor build/solaris_amd64/${NAME} -gcflags "all=-trimpath=$GOPATH" . + # GOOS=windows GOARCH=386 go build -o -mod=vendor build/windows_386/${NAME} -gcflags "all=-trimpath=$GOPATH" . + GOOS=windows GOARCH=amd64 go build -o -mod=vendor build/windows_amd64/${NAME} -gcflags "all=-trimpath=$GOPATH" . && zip -j build/windows_amd64.zip build/windows_amd64/${NAME} deploy-local: @mkdir -p ~/.terraform.d/plugins - @cp terraform-provider-pingaccess ~/.terraform.d/plugins/ + @cp ${NAME} ~/.terraform.d/plugins/ func-init: @rm -rf func-tests/.terraform diff --git a/go.mod b/go.mod index a491e70e..5f514f5f 100644 --- a/go.mod +++ b/go.mod @@ -2,6 +2,8 @@ module github.com/iwarapter/terraform-provider-pingaccess go 1.12 +replace git.apache.org/thrift.git => github.com/apache/thrift v0.0.0-20180902110319-2566ecd5d999 + require ( github.com/GeertJohan/go.rice v1.0.0 // indirect github.com/Microsoft/go-winio v0.4.13 // indirect diff --git a/go.sum b/go.sum index c47671df..a41e2a45 100644 --- a/go.sum +++ b/go.sum @@ -38,6 +38,7 @@ github.com/akavel/rsrc v0.8.0/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkK github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antchfx/xpath v0.0.0-20190129040759-c8489ed3251e/go.mod h1:Yee4kTMuNiPYJ7nSNorELQMr1J33uOpXDMByNYhvtNk= github.com/antchfx/xquery v0.0.0-20180515051857-ad5b8c7a47b0/go.mod h1:LzD22aAzDP8/dyiCKFp31He4m2GPjl0AFyzDtZzUu9M= +github.com/apache/thrift v0.0.0-20180902110319-2566ecd5d999/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= github.com/apparentlymart/go-cidr v1.0.0 h1:lGDvXx8Lv9QHjrAVP7jyzleG4F9+FkRhJcEsDFxeb8w= github.com/apparentlymart/go-cidr v1.0.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= diff --git a/pingaccess/provider_test.go b/pingaccess/provider_test.go index f3b3cbd2..2d4d830e 100644 --- a/pingaccess/provider_test.go +++ b/pingaccess/provider_test.go @@ -28,9 +28,24 @@ func TestMain(m *testing.M) { log.Fatalf("Could not connect to docker: %s", err) } - options := &dockertest.RunOptions{ - Repository: "pingidentity/pingaccess", - Tag: "5.2.2-edge", + devOpsUser, devOpsUserExists := os.LookupEnv("PING_IDENTITY_DEVOPS_USER") + devOpsKey, devOpsKeyExists := os.LookupEnv("PING_IDENTITY_DEVOPS_KEY") + + var options *dockertest.RunOptions + + if devOpsUserExists && devOpsKeyExists { + options = &dockertest.RunOptions{ + Repository: "pingidentity/pingaccess", + Env: []string{fmt.Sprintf("PING_IDENTITY_DEVOPS_USER=%s", devOpsUser), fmt.Sprintf("PING_IDENTITY_DEVOPS_KEY=%s", devOpsKey)}, + Tag: "5.2.2-edge", + } + } else { + dir, _ := os.Getwd() + options = &dockertest.RunOptions{ + Repository: "pingidentity/pingaccess", + Mounts: []string{dir + "/pingaccess.lic:/opt/in/instance/conf/pingaccess.lic"}, + Tag: "5.2.2-edge", + } } // pulls an image, creates a container based on it and runs it diff --git a/pingaccess/resource_pingaccess_application.go b/pingaccess/resource_pingaccess_application.go index 60ee420b..ee3165a0 100644 --- a/pingaccess/resource_pingaccess_application.go +++ b/pingaccess/resource_pingaccess_application.go @@ -1,7 +1,6 @@ package pingaccess import ( - "encoding/json" "fmt" "log" "strconv" @@ -278,32 +277,8 @@ func resourcePingAccessApplicationReadData(d *schema.ResourceData) *pa.Applicati } } - if _, ok := d.GetOk(policy); ok { - policySet := d.Get(policy).([]interface{}) - - webPolicies := make([]*pa.PolicyItem, 0) - apiPolicies := make([]*pa.PolicyItem, 0) - - policy := policySet[0].(map[string]interface{}) - for _, pV := range policy["web"].(*schema.Set).List() { - p := pV.(map[string]interface{}) - webPolicies = append(webPolicies, &pa.PolicyItem{ - Id: json.Number(p["id"].(string)), - Type: String(p["type"].(string)), - }) - } - for _, pV := range policy["api"].(*schema.Set).List() { - p := pV.(map[string]interface{}) - apiPolicies = append(apiPolicies, &pa.PolicyItem{ - Id: json.Number(p["id"].(string)), - Type: String(p["type"].(string)), - }) - } - policies := map[string]*[]*pa.PolicyItem{ - "Web": &webPolicies, - "API": &apiPolicies, - } - application.Policy = policies + if val, ok := d.GetOkExists("policy"); ok { + application.Policy = expandPolicy(val.([]interface{})) } return application diff --git a/pingaccess/resource_pingaccess_application_resource.go b/pingaccess/resource_pingaccess_application_resource.go index c169f245..dd43d652 100644 --- a/pingaccess/resource_pingaccess_application_resource.go +++ b/pingaccess/resource_pingaccess_application_resource.go @@ -76,8 +76,8 @@ func resourcePingAccessApplicationResourceSchema() map[string]*schema.Schema { }, pathPrefixes: &schema.Schema{ Type: schema.TypeSet, - Required: true, - Deprecated: "DEPRECATED - to be removed in a future release; please use 'path_patterns' instead", + Optional: true, + Deprecated: "To be removed in a future release; please use 'path_patterns' instead", Elem: &schema.Schema{ Type: schema.TypeString, }, @@ -309,6 +309,7 @@ func resourcePingAccessApplicationResourceReadData(d *schema.ResourceData) *pa.R if val, ok := d.GetOkExists("policy"); ok { resource.Policy = expandPolicy(val.([]interface{})) + } return resource diff --git a/pingaccess/resource_pingaccess_application_resource_test.go b/pingaccess/resource_pingaccess_application_resource_test.go index 8d6c5e73..0ae6e3d6 100644 --- a/pingaccess/resource_pingaccess_application_resource_test.go +++ b/pingaccess/resource_pingaccess_application_resource_test.go @@ -149,6 +149,8 @@ resource "pingaccess_application_resource" "app_res_test_root_resource" { "/*" ] + policy {} + audit_level = "ON" anonymous = false enabled = true diff --git a/pingaccess/resource_pingaccess_certificate.go b/pingaccess/resource_pingaccess_certificate.go index e95692ed..58c0825b 100644 --- a/pingaccess/resource_pingaccess_certificate.go +++ b/pingaccess/resource_pingaccess_certificate.go @@ -26,7 +26,6 @@ func resourcePingAccessCertificateSchema() map[string]*schema.Schema { "alias": &schema.Schema{ Type: schema.TypeString, Required: true, - ForceNew: true, }, "file_data": &schema.Schema{ Type: schema.TypeString, diff --git a/pingaccess/resource_pingaccess_certificate_test.go b/pingaccess/resource_pingaccess_certificate_test.go index 43c51fbe..a6341865 100644 --- a/pingaccess/resource_pingaccess_certificate_test.go +++ b/pingaccess/resource_pingaccess_certificate_test.go @@ -16,17 +16,17 @@ func TestAccPingAccessCertificate(t *testing.T) { CheckDestroy: testAccCheckPingAccessCertificateDestroy, Steps: []resource.TestStep{ { - Config: testAccPingAccessCertificateConfig("bar", "1"), + Config: testAccPingAccessCertificateConfig("bar"), Check: resource.ComposeTestCheckFunc( - testAccCheckPingAccessCertificateExists("pingaccess_certificate.acc_test_idm_bar"), - testAccCheckPingAccessCertificateAttributes("pingaccess_certificate.acc_test_idm_bar"), + testAccCheckPingAccessCertificateExists("pingaccess_certificate.test"), + testAccCheckPingAccessCertificateAttributes("pingaccess_certificate.test"), ), }, { - Config: testAccPingAccessCertificateConfig("bar", "2"), + Config: testAccPingAccessCertificateConfig("foo"), Check: resource.ComposeTestCheckFunc( - testAccCheckPingAccessCertificateExists("pingaccess_certificate.acc_test_idm_bar"), - testAccCheckPingAccessCertificateAttributes("pingaccess_certificate.acc_test_idm_bar"), + testAccCheckPingAccessCertificateExists("pingaccess_certificate.test"), + testAccCheckPingAccessCertificateAttributes("pingaccess_certificate.test"), ), }, }, @@ -37,12 +37,19 @@ func testAccCheckPingAccessCertificateDestroy(s *terraform.State) error { return nil } -func testAccPingAccessCertificateConfig(name, configUpdate string) string { +func testAccPingAccessCertificateConfig(name string) string { return fmt.Sprintf(` - resource "pingaccess_certificate" "acc_test_idm_%s" { + resource "pingaccess_trusted_certificate_group" "test" { + name = "test_tcg" + cert_ids = [ + pingaccess_certificate.test.id + ] + } + + resource "pingaccess_certificate" "test" { alias = "%s" - file_data = "${base64encode(file("test_cases/amazon_root_ca%s.pem"))}" - }`, name, name, configUpdate) + file_data = "${base64encode(file("test_cases/amazon_root_ca1.pem"))}" + }`, name) } func testAccCheckPingAccessCertificateExists(n string) resource.TestCheckFunc { diff --git a/pingaccess/resource_pingaccess_keypair.go b/pingaccess/resource_pingaccess_keypair.go index 1a771d36..bb99576c 100644 --- a/pingaccess/resource_pingaccess_keypair.go +++ b/pingaccess/resource_pingaccess_keypair.go @@ -34,7 +34,6 @@ func resourcePingAccessKeyPairSchema() map[string]*schema.Schema { "alias": &schema.Schema{ Type: schema.TypeString, Required: true, - ForceNew: true, }, "chain_certificates": &schema.Schema{ Type: schema.TypeSet, diff --git a/pingaccess/structures.go b/pingaccess/structures.go index 16845c7b..32d673b7 100644 --- a/pingaccess/structures.go +++ b/pingaccess/structures.go @@ -228,14 +228,15 @@ func expandPolicy(in []interface{}) map[string]*[]*pa.PolicyItem { webPolicies := make([]*pa.PolicyItem, 0) apiPolicies := make([]*pa.PolicyItem, 0) - for _, raw := range in { - l := raw.(map[string]interface{}) - if val, ok := l["web"]; ok && len(val.(*schema.Set).List()) > 0 { - webPolicies = expandPolicyItem(val.(*schema.Set).List()) - } - if val, ok := l["api"]; ok && len(val.(*schema.Set).List()) > 0 { - apiPolicies = expandPolicyItem(val.(*schema.Set).List()) + if raw != nil { + l := raw.(map[string]interface{}) + if val, ok := l["web"]; ok && len(val.(*schema.Set).List()) > 0 { + webPolicies = expandPolicyItem(val.(*schema.Set).List()) + } + if val, ok := l["api"]; ok && len(val.(*schema.Set).List()) > 0 { + apiPolicies = expandPolicyItem(val.(*schema.Set).List()) + } } }