From 825407ffade02f5f3436a5e3b6a532e3e4fd1535 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Wed, 13 Feb 2019 19:56:13 +0100 Subject: [PATCH 01/63] SecretHub provider with resource secrethub_secret --- Makefile | 7 + go.mod | 29 +++ go.sum | 195 ++++++++++++++++++++ main.go | 15 ++ secrethub/provider.go | 57 ++++++ secrethub/provider_test.go | 13 ++ secrethub/resource_secret.go | 181 +++++++++++++++++++ secrethub/resource_secret_test.go | 289 ++++++++++++++++++++++++++++++ 8 files changed, 786 insertions(+) create mode 100644 Makefile create mode 100644 go.mod create mode 100644 go.sum create mode 100644 main.go create mode 100644 secrethub/provider.go create mode 100644 secrethub/provider_test.go create mode 100644 secrethub/resource_secret.go create mode 100644 secrethub/resource_secret_test.go diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..11fa725 --- /dev/null +++ b/Makefile @@ -0,0 +1,7 @@ +TEST?=$$(go list ./... | grep -v 'vendor') + +build: + go build + +testacc: + TF_ACC=1 go test $(TEST) -v $(TESTARGS) -timeout 120m diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..492cbf0 --- /dev/null +++ b/go.mod @@ -0,0 +1,29 @@ +module github.com/keylockerbv/terraform-provider-secrethub + +require ( + github.com/apparentlymart/go-cidr v1.0.0 // indirect + github.com/blang/semver v3.5.1+incompatible // indirect + github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448 // indirect + github.com/go-chi/chi v4.0.1+incompatible // indirect + github.com/hashicorp/go-getter v1.0.1 // indirect + github.com/hashicorp/go-hclog v0.0.0-20190109152822-4783caec6f2e // indirect + github.com/hashicorp/go-plugin v0.0.0-20190129155509-362c99b11937 // indirect + github.com/hashicorp/go-uuid v1.0.1 // indirect + github.com/hashicorp/go-version v1.1.0 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/hashicorp/hcl2 v0.0.0-20190130225218-89dbc5eb3d9e // indirect + github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952 // indirect + github.com/hashicorp/logutils v1.0.0 // indirect + github.com/hashicorp/terraform v0.11.11 + github.com/keylockerbv/secrethub v0.17.0 + github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25 + github.com/kr/pty v1.1.3 // indirect + github.com/mitchellh/cli v1.0.0 // indirect + github.com/mitchellh/copystructure v1.0.0 // indirect + github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/mitchellh/hashstructure v1.0.0 // indirect + github.com/pkg/errors v0.8.1 // indirect + github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f // indirect + golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67 // indirect + golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..7d7e9b9 --- /dev/null +++ b/go.sum @@ -0,0 +1,195 @@ +bitbucket.org/zombiezen/cardcpx v0.0.0-20150417151802-902f68ff43ef h1:Y5Zf3CYdrdGE7GOuK/MNN98GS1V8mOfeiJlISrKUcEo= +bitbucket.org/zombiezen/cardcpx v0.0.0-20150417151802-902f68ff43ef/go.mod h1:ZJR5FpaQx7Bt2bzIV3gBaCInI1+kG949WhNYYlRr8eA= +github.com/agext/levenshtein v1.2.1 h1:QmvMAjj2aEICytGiWzmxoE0x2KZvE0fvmqMOfy2tjT8= +github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/apparentlymart/go-cidr v1.0.0 h1:lGDvXx8Lv9QHjrAVP7jyzleG4F9+FkRhJcEsDFxeb8w= +github.com/apparentlymart/go-cidr v1.0.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= +github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3 h1:ZSTrOEhiM5J5RFxEaFvMZVEAM1KvT1YzbEOwB2EAGjA= +github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= +github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= +github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= +github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310 h1:BUAU3CGlLvorLI26FmByPp2eC2qla6E1Tw+scpcg/to= +github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf h1:eg0MeVzsP1G42dRafH3vf+al2vQIJU0YHX+1Tw87oco= +github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/aws/aws-sdk-go v1.15.78 h1:LaXy6lWR0YK7LKyuU0QWy2ws/LWTPfYV/UgfiBu4tvY= +github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= +github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= +github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= +github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/bsm/go-vlq v0.0.0-20150828105119-ec6e8d4f5f4e/go.mod h1:N+BjUcTjSxc2mtRGSCPsat1kze3CUtvJN3/jTXlp29k= +github.com/certifi/gocertifi v0.0.0-20180905225744-ee1a9a0726d2 h1:MmeatFT1pTPSVb4nkPmBFN/LRZ97vPjsFKsZrU3KKTs= +github.com/certifi/gocertifi v0.0.0-20180905225744-ee1a9a0726d2/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4= +github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448 h1:8tNk6SPXzLDnATTrWoI5Bgw9s/x4uf0kmBpk21NZgI4= +github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4= +github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docker/go-units v0.3.3 h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk= +github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys= +github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/getsentry/raven-go v0.2.0 h1:no+xWJRb5ZI7eE8TWgIq1jLulQiIoLG0IfYxv5JYMGs= +github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= +github.com/go-chi/chi v3.3.3+incompatible h1:KHkmBEMNkwKuK4FdQL7N2wOeB9jnIx7jR5wsuSBEFI8= +github.com/go-chi/chi v3.3.3+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= +github.com/go-chi/chi v4.0.1+incompatible h1:RSRC5qmFPtO90t7pTL0DBMNpZFsb/sHF3RXVlDgFisA= +github.com/go-chi/chi v4.0.1+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= +github.com/go-test/deep v1.0.1 h1:UQhStjbkDClarlmv0am7OXXO4/GaPdCGiUiMTvi28sg= +github.com/go-test/deep v1.0.1/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/go-cmp v0.2.0 h1:+dTQ8DZQJz0Mb/HjFlkptS1FeQ4cWSnN941F8aEG4SQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk= +github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= +github.com/hashicorp/errwrap v0.0.0-20180715044906-d6c0cd880357/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= +github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-cleanhttp v0.5.0 h1:wvCrVc9TjDls6+YGAF2hAifE1E5U1+b4tH6KdvN3Gig= +github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= +github.com/hashicorp/go-getter v1.0.1 h1:WlFPjyPrd34KmTQMzSPA0pn9JpRsuHjHaRTx0VPzxYw= +github.com/hashicorp/go-getter v1.0.1/go.mod h1:tkKN/c6I/LRSXLOWZ8wa/VB0LfVrryHzk/B0aZLKZI0= +github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= +github.com/hashicorp/go-hclog v0.0.0-20190109152822-4783caec6f2e h1:SS6R03q1M5bxjbOL2JziQUUu7opiRocL4R2H5Y2I6rY= +github.com/hashicorp/go-hclog v0.0.0-20190109152822-4783caec6f2e/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= +github.com/hashicorp/go-multierror v0.0.0-20180717150148-3d5d8f294aa0/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= +github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o= +github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= +github.com/hashicorp/go-plugin v0.0.0-20190129155509-362c99b11937 h1:F3biNWiyQYD6ch5Y/Kua5DKZKH3R0NtCvnv+KhZei20= +github.com/hashicorp/go-plugin v0.0.0-20190129155509-362c99b11937/go.mod h1:++UyYGoz3o5w9ZzAdZxtQKrWWP+iqPBn3cQptSMzBuY= +github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= +github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= +github.com/hashicorp/go-uuid v1.0.1 h1:fv1ep09latC32wFoVwnqcnKJGnMSdBanPczbHAYm1BE= +github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-version v1.0.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.1.0 h1:bPIoEKD27tNdebFGGxxYwcL4nepeY4j1QP23PFRGzg0= +github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/hashicorp/hcl2 v0.0.0-20190130225218-89dbc5eb3d9e h1:wcDATcjAY0ebgNtuyt00GxJll5fCChrevvrIdguzhQQ= +github.com/hashicorp/hcl2 v0.0.0-20190130225218-89dbc5eb3d9e/go.mod h1:HtEzazM5AZ9fviNEof8QZB4T1Vz9UhHrGhnMPzl//Ek= +github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952 h1:2touDRqIeu/4eKrg7WHcH+WZwpW97r0NKOHDixzroJg= +github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952/go.mod h1:n2TSygSNwsLJ76m8qFXTSc7beTb+auJxYdqrnoqwZWE= +github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= +github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= +github.com/hashicorp/terraform v0.11.11 h1:5q1y/a0RB1QmKc1n6E9tnWQqPMb+nEb7Bfol74N2grw= +github.com/hashicorp/terraform v0.11.11/go.mod h1:uN1KUiT7Wdg61fPwsGXQwK3c8PmpIVZrt5Vcb1VrSoM= +github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= +github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8 h1:12VvqtR6Aowv3l/EQUlocDHW2Cp4G9WJVH7uyH8QFJE= +github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/keylockerbv/secrethub v0.17.0 h1:ynvH2JWotytvtLpGE8Bu4hPIV1m+OS/tTlmTGlv8Hmk= +github.com/keylockerbv/secrethub v0.17.0/go.mod h1:EibHbXBS5k+Cw+XEo4rveG+ONA2Czl1VFpVl7+jDYOc= +github.com/keylockerbv/secrethub-go v0.0.0-20190213122755-c4575db362e1 h1:TNLT/GfjM3u9HPPebbHk4gssdPDHBBKrD8UmOP9Ng7Q= +github.com/keylockerbv/secrethub-go v0.0.0-20190213122755-c4575db362e1/go.mod h1:tabojhZpymkSNSayXvZpSujl76grAdEDZeZT8kwR92A= +github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25 h1:1fsFRQgt9AU8Muf9LSVEWiHrFpJ1XySXHY2sTVjtClk= +github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25/go.mod h1:tabojhZpymkSNSayXvZpSujl76grAdEDZeZT8kwR92A= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= +github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= +github.com/mattn/go-colorable v0.0.9 h1:UVL0vNpWh04HeJXV0KLcaT7r06gOH2l4OW6ddYRUIY4= +github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-isatty v0.0.4 h1:bnP0vzxcAdeI1zdubAl5PjU6zsERjGZb7raWodagDYs= +github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/mitchellh/cli v1.0.0 h1:iGBIsUe3+HZ/AD/Vd7DErOt5sU9fa8Uj7A2s1aggv1Y= +github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= +github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= +github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= +github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= +github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7 h1:DpOJ2HYzCv8LZP15IdmG+YdwD2luVPHITV96TkirNBM= +github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/hashstructure v1.0.0 h1:ZkRJX1CyOoTkar7p/mLS5TZU4nJ1Rn/F8u9dGS02Q3Y= +github.com/mitchellh/hashstructure v1.0.0/go.mod h1:QjSHrPWS+BGUVBYkbTZWEnOh3G1DutKwClXU/ABz6AQ= +github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= +github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= +github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 h1:lDH9UUVJtmYCjyT0CI4q8xvlXPxeZ0gYCVvWbmPlp88= +github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= +github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/posener/complete v1.1.1 h1:ccV59UEOTzVDnDUEFdT95ZzHVZ+5+158q8+SJb2QV5w= +github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= +github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww= +github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= +github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= +github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/ulikunitz/xz v0.5.5 h1:pFrO0lVpTBXLpYw+pnLj6TbvHuyjXMfjGeCwSqCVwok= +github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= +github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/zclconf/go-cty v0.0.0-20190124225737-a385d646c1e9/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= +github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f h1:QdzpIo5V8FV8SHsXCXpgSXOquZEF7YozbNcYnEnGZvA= +github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= +golang.org/x/crypto v0.0.0-20180816225734-aabede6cba87/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67 h1:ng3VDlRp5/DHpSWl02R4rM9I+8M2rhmsuLwAMmkLQWE= +golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181129055619-fae4c4e3ad76/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 h1:ulvT7fqt0yHWzpJwI57MezWnYDVpCAYBVuYst/L+fAY= +golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181213200352-4d1cda033e06/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc h1:WiYx1rIFmx8c0mXAFtv5D/mHyKe1+jmuP7PViuwqwuQ= +golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8 h1:Nw54tB0rB7hY/N0NQvRW8DG4Yk3Q6T9cu9RcFQDu1tc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/grpc v1.14.0 h1:ArxJuB1NWfPY6r9Gp9gqwplT0Ge7nqv9msgu03lHLmo= +google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +howett.net/plist v0.0.0-20181124034731-591f970eefbb/go.mod h1:vMygbs4qMhSZSc4lCUl2OEE+rDiIIJAIdR4m7MiMcm0= diff --git a/main.go b/main.go new file mode 100644 index 0000000..4cd850f --- /dev/null +++ b/main.go @@ -0,0 +1,15 @@ +package main + +import ( + "github.com/hashicorp/terraform/plugin" + "github.com/hashicorp/terraform/terraform" + "github.com/keylockerbv/terraform-provider-secrethub/secrethub" +) + +func main() { + plugin.Serve(&plugin.ServeOpts{ + ProviderFunc: func() terraform.ResourceProvider { + return secrethub.Provider() + }, + }) +} diff --git a/secrethub/provider.go b/secrethub/provider.go new file mode 100644 index 0000000..2669273 --- /dev/null +++ b/secrethub/provider.go @@ -0,0 +1,57 @@ +package secrethub + +import ( + "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/terraform" + "github.com/keylockerbv/secrethub-go/pkg/secrethub" +) + +// Provider returns the ScretHub Terraform provider +func Provider() terraform.ResourceProvider { + return &schema.Provider{ + Schema: map[string]*schema.Schema{ + "credential": { + Type: schema.TypeString, + Required: true, + Description: "Credential to use for SecretHub authentication.", + }, + "credential_passphrase": { + Type: schema.TypeString, + Optional: true, + Description: "Passphrase to unlock the authentication passed in `credential`.", + }, + "path_prefix": { + Type: schema.TypeString, + Optional: true, + Description: "The default path prefix of the secret resources and data sources. If left blank, every secret requires the path to be absolute (namespace/repository[/dir]/secret_name).", + }, + }, + ConfigureFunc: configureProvider, + ResourcesMap: map[string]*schema.Resource{ + "secrethub_secret": resourceSecret(), + }, + } +} + +func configureProvider(d *schema.ResourceData) (interface{}, error) { + credRaw := d.Get("credential").(string) + parser := secrethub.NewCredentialParser(secrethub.DefaultCredentialDecoders) + parsed, err := parser.Parse(credRaw) + if err != nil { + return nil, err + } + + cred, err := parsed.Decode() + if err != nil { + return nil, err + } + + client := secrethub.NewClient(cred, nil) + pathPrefix := d.Get("path_prefix").(string) + return providerMeta{&client, pathPrefix}, nil +} + +type providerMeta struct { + client *secrethub.Client + pathPrefix string +} diff --git a/secrethub/provider_test.go b/secrethub/provider_test.go new file mode 100644 index 0000000..87583b4 --- /dev/null +++ b/secrethub/provider_test.go @@ -0,0 +1,13 @@ +package secrethub + +import ( + "testing" + + "github.com/hashicorp/terraform/helper/schema" +) + +func TestProvider(t *testing.T) { + if err := Provider().(*schema.Provider).InternalValidate(); err != nil { + t.Fatalf("err: %s", err) + } +} diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go new file mode 100644 index 0000000..d4fed06 --- /dev/null +++ b/secrethub/resource_secret.go @@ -0,0 +1,181 @@ +package secrethub + +import ( + "fmt" + "strings" + + "github.com/hashicorp/terraform/helper/schema" + "github.com/keylockerbv/secrethub-go/pkg/api" + "github.com/keylockerbv/secrethub/core/random" +) + +func resourceSecret() *schema.Resource { + return &schema.Resource{ + Create: resourceSecretCreate, + Read: resourceSecretRead, + Update: resourceSecretUpdate, + Delete: resourceSecretDelete, + Schema: map[string]*schema.Schema{ + "path": { + Type: schema.TypeString, + Required: true, + Description: "The path where the secret will be stored.", + }, + "path_prefix": { + Type: schema.TypeString, + Optional: true, + Description: "Overrides the `path_prefix` defined in the provider.", + }, + "version": { + Type: schema.TypeInt, + Computed: true, + Description: "The version of the secret.", + }, + "data": { + Type: schema.TypeString, + Computed: true, + Optional: true, + Sensitive: true, + ConflictsWith: []string{"generate"}, + Description: "The secret contents. Either `data` or `generate` must be defined.", + }, + "generate": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + Description: "Settings for autogenerating a secret. Either `data` or `generate` must be defined.", + ConflictsWith: []string{"data"}, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "length": { + Type: schema.TypeInt, + Required: true, + Description: "The length of the secret to generate.", + }, + "symbols": { + Type: schema.TypeBool, + Optional: true, + Description: "Whether the secret should contain symbols.", + }, + }, + }, + }, + }, + } +} + +func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { + prov := m.(providerMeta) + client := *prov.client + + dataStr := d.Get("data").(string) + generateList := d.Get("generate").([]interface{}) + if dataStr == "" && len(generateList) == 0 { + return fmt.Errorf("either 'data' or 'generate' must be specified") + } + + var data []byte + if dataStr != "" { + data = []byte(dataStr) + } + + if len(generateList) > 0 { + settings := generateList[0].(map[string]interface{}) + symbols := settings["symbols"].(bool) + length := settings["length"].(int) + var err error + data, err = random.NewGenerator(symbols).Generate(length) + if err != nil { + return err + } + } + + prefix := d.Get("path_prefix").(string) + if prefix == "" { + prefix = prov.pathPrefix + } + pathStr := d.Get("path").(string) + path, err := newCompoundSecretPath(prefix, pathStr) + if err != nil { + return err + } + + if path.HasVersion() { + return fmt.Errorf("path '%v' should not have a version number", path) + } + + res, err := client.Secrets().Write(path, data) + if err != nil { + return err + } + + d.SetId(string(path)) + d.Set("data", string(data)) + d.Set("version", res.Version) + d.Set("created", res.CreatedAt) + + return resourceSecretRead(d, m) +} + +func resourceSecretRead(d *schema.ResourceData, m interface{}) error { + prov := m.(providerMeta) + client := *prov.client + + pathStr := d.Id() + path, err := api.NewSecretPath(pathStr) + if err != nil { + return err + } + + remote, err := client.Secrets().Get(path) + if err != nil { + return err + } + + prev := d.Get("version") + if prev != remote.LatestVersion { + // someone updated the secret outside of the current terraform scope, so the new secret has to be fetched + updated, err := client.Secrets().Versions().GetWithData(path) + if err != nil { + return err + } + d.Set("data", string(updated.Data)) + d.Set("version", updated.Version) + } + + return nil +} + +func resourceSecretUpdate(d *schema.ResourceData, m interface{}) error { + return resourceSecretCreate(d, m) +} + +func resourceSecretDelete(d *schema.ResourceData, m interface{}) error { + prov := m.(providerMeta) + client := *prov.client + + pathStr := d.Id() + path, err := api.NewSecretPath(pathStr) + if err != nil { + return err + } + + client.Secrets().Delete(path) + + return nil +} + +const pathSeparator = "/" + +// newCompoundSecretPath returns SecretPath that combines multiple path components into a single secret path +func newCompoundSecretPath(components ...string) (api.SecretPath, error) { + var processed []string + for _, c := range components { + trimmed := strings.Trim(c, pathSeparator) + if trimmed != "" { + processed = append(processed, trimmed) + } + } + joined := strings.Join(processed, pathSeparator) + return api.NewSecretPath(joined) +} diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go new file mode 100644 index 0000000..fbceba9 --- /dev/null +++ b/secrethub/resource_secret_test.go @@ -0,0 +1,289 @@ +package secrethub + +import ( + "fmt" + "os" + "reflect" + "testing" + + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/terraform" + "github.com/keylockerbv/secrethub-go/pkg/api" +) + +const ( + envNamespace = "SECRETHUB_TF_ACC_NAMESPACE" + envRepo = "SECRETHUB_TF_ACC_REPOSITORY" +) + +var testAccProviders map[string]terraform.ResourceProvider +var testAccProvider *schema.Provider +var testAcc *testAccValues + +type testAccValues struct { + namespace string + repository string + secretName string + path api.SecretPath + pathErr error +} + +func (testAccValues) validate() error { + if testAcc.namespace == "" || testAcc.repository == "" { + return fmt.Errorf("the following environment variables need to be set: %v, %v", envNamespace, envRepo) + } + return testAcc.pathErr +} + +func init() { + testAccProvider = Provider().(*schema.Provider) + testAccProviders = map[string]terraform.ResourceProvider{ + "secrethub": testAccProvider, + } + + testAcc = &testAccValues{ + namespace: os.Getenv(envNamespace), + repository: os.Getenv(envRepo), + secretName: "test_acc_secret", + } + + testAcc.path, testAcc.pathErr = newCompoundSecretPath(testAcc.namespace, testAcc.repository, testAcc.secretName) +} + +func testAccPreCheck(t *testing.T) func() { + return func() { + err := testAcc.validate() + if err != nil { + t.Error(err) + } + } +} + +func TestAccSecret_writeAbsPath(t *testing.T) { + config := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + } + + resource "secrethub_secret" "%v" { + path = "%v" + data = "secretpassword" + } + `, testAcc.secretName, testAcc.path) + + resource.Test(t, resource.TestCase{ + Providers: testAccProviders, + PreCheck: testAccPreCheck(t), + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + checkSecretExistsRemotely(testAcc), + ), + }, + }, + }) +} + +func TestAccResourceSecret_writePrefPath(t *testing.T) { + config := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + path_prefix = "%v" + } + + resource "secrethub_secret" "%v" { + path = "%v/%v" + data = "secretpassword" + } + `, testAcc.namespace, testAcc.secretName, testAcc.repository, testAcc.secretName) + + resource.Test(t, resource.TestCase{ + Providers: testAccProviders, + PreCheck: testAccPreCheck(t), + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + checkSecretExistsRemotely(testAcc), + ), + }, + }, + }) +} + +func TestAccResourceSecret_writePrefPathOverride(t *testing.T) { + config := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + path_prefix = "override_me" + } + + resource "secrethub_secret" "%v" { + path_prefix = "%v" + path = "%v/%v" + data = "secretpassword" + } + `, testAcc.secretName, testAcc.namespace, testAcc.repository, testAcc.secretName) + + resource.Test(t, resource.TestCase{ + Providers: testAccProviders, + PreCheck: testAccPreCheck(t), + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + checkSecretExistsRemotely(testAcc), + ), + }, + }, + }) +} + +func TestAccResourceSecret_generate(t *testing.T) { + configInit := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + } + + resource "secrethub_secret" "%v" { + path = "%v" + generate { + length = 16 + symbols = true + } + } + `, testAcc.secretName, testAcc.path) + + configLengthUpdate := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + } + + resource "secrethub_secret" "%v" { + path = "%v" + generate { + length = 32 + symbols = true + } + } + `, testAcc.secretName, testAcc.path) + + resource.Test(t, resource.TestCase{ + Providers: testAccProviders, + PreCheck: testAccPreCheck(t), + Steps: []resource.TestStep{ + { + Config: configInit, + Check: resource.ComposeTestCheckFunc( + checkSecretResourceState(testAcc, func(s *terraform.InstanceState) error { + if len(s.Attributes["data"]) != 16 { + return fmt.Errorf("expected 'data' to contain a 16 char secret") + } + return nil + }), + checkSecretExistsRemotely(testAcc), + ), + }, + { + Config: configLengthUpdate, + Check: resource.ComposeTestCheckFunc( + checkSecretResourceState(testAcc, func(s *terraform.InstanceState) error { + if len(s.Attributes["data"]) != 32 { + return fmt.Errorf("expected 'data' to contain newly generated 32 char secret") + } + return nil + }), + checkSecretExistsRemotely(testAcc), + ), + }, + }, + }) +} + +func getSecretResourceState(s *terraform.State, values *testAccValues) (*terraform.InstanceState, error) { + resourceState := s.Modules[0].Resources[fmt.Sprintf("secrethub_secret.%v", values.secretName)] + if resourceState == nil { + return nil, fmt.Errorf("resource '%v' not in tf state", values.secretName) + } + + state := resourceState.Primary + if state == nil { + return nil, fmt.Errorf("resource has no primary instance") + } + + return state, nil +} + +func checkSecretExistsRemotely(values *testAccValues) resource.TestCheckFunc { + return func(s *terraform.State) error { + if _, err := getSecretResourceState(s, values); err != nil { + return err + } + + client := *testAccProvider.Meta().(providerMeta).client + + _, err := client.Secrets().Get(values.path) + if err != nil { + return err + } + + return nil + } +} + +func checkSecretResourceState(values *testAccValues, check func(s *terraform.InstanceState) error) resource.TestCheckFunc { + return func(s *terraform.State) error { + state, err := getSecretResourceState(s, values) + if err != nil { + return err + } + return check(state) + } +} + +func TestMergeSecretPath(t *testing.T) { + type args struct { + prefix string + path string + } + cases := []struct { + name string + args args + want string + wantErr bool + }{ + { + "prefixed path", + args{"myorg/db_passwords", "postgres"}, + "myorg/db_passwords/postgres", + false, + }, + { + "abs path", + args{"", "myorg2/database/postgres"}, + "myorg2/database/postgres", + false, + }, + { + "path with redundant slashes", + args{"myorg/db_passwords/", "/postgres"}, + "myorg/db_passwords/postgres", + false, + }, + } + for _, c := range cases { + t.Run(c.name, func(t *testing.T) { + path, err := newCompoundSecretPath(c.args.prefix, c.args.path) + got := string(path) + if (err != nil) != c.wantErr { + t.Errorf("newCompoundSecretPath() error = %v, wantErr %v", err, c.wantErr) + return + } + if !reflect.DeepEqual(got, c.want) { + t.Errorf("newCompoundSecretPath() = %v, want %v", got, c.want) + } + }) + } +} From 0b42aa44d31fe190c59079d9271c356852dc2dd1 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Wed, 13 Feb 2019 19:58:17 +0100 Subject: [PATCH 02/63] Updated docs --- website/docs/index.html.markdown | 18 ++++++--------- website/docs/r/secrethub_secret.html.markdown | 23 +++++++++---------- 2 files changed, 18 insertions(+), 23 deletions(-) diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index c587c63..c0736bf 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -16,15 +16,14 @@ Use the navigation to the left to read about the available resources. ## Example Usage ```hcl -# Configure the SecretHub provider provider "secrethub" { - version = "latest" - namespace = "myOrg" - repository = "myRepo" + credential = "${file("~/.secrethub/credential")}" + path_prefix = "my_org/my_repo" } resource "secrethub_secret" "db_password" { - # ... + path = "db_password" + data = "mypassword" } ``` @@ -32,9 +31,6 @@ resource "secrethub_secret" "db_password" { The following arguments are supported: -* `version` - (Optional) The provider version. Default value: `latest`. -* `namespace` - (Optional) The namespace to use. -* `repository` - (Optional) The repository to use. If you specify a repository then you need to set also `namespace`. -* `config_dir` - (Optional) The directory where to find the SecretHub client configuration. Conflicts with `credential`. Default value: `~/.secrethub`. -* `credential` - (Optional) Specify the encrypted credentials to use for authentication. Conflicts with `config_dir`. -* `credential_passphrase` - (Optional) Passphrase required to unlock the authentication passed in `credential`. +* `credential` - (Required) Credential to use for SecretHub authentication. +* `credential_passphrase` - (Optional) Passphrase to unlock the authentication passed in `credential`. +* `path_prefix` - (Optional) The default path prefix of the secret resources and data sources. If left blank, every secret requires the path to be absolute (namespace/repository[/dir]/secret_name). diff --git a/website/docs/r/secrethub_secret.html.markdown b/website/docs/r/secrethub_secret.html.markdown index c20af8a..7d1df1d 100644 --- a/website/docs/r/secrethub_secret.html.markdown +++ b/website/docs/r/secrethub_secret.html.markdown @@ -16,8 +16,8 @@ To write a secret: ```hcl resource "secrethub_secret" "ssh_key" { - path = "/ssh_key" - data = "${file("/path/to/ssh/key")}." + path = "my_org/my_repo/ssh_key" + data = "${file("/path/to/ssh/key")}" } ``` @@ -25,7 +25,7 @@ To generate a new secret: ```hcl resource "secrethub_secret" "db_password" { - path = "/db_password" + path = "my_org/my_repo/db_password" generate { length = 20 symbols = true @@ -37,19 +37,18 @@ resource "secrethub_secret" "db_password" { The following arguments are supported: -* `path` - (Required) The path used for storing - the secret. -* `data` - (Optional) The secret to store. Either `data` or `generate` must be specified. -* `generate` - (Optional) The settings block for autogenerating a secret. Either `data` or `generate` must be specified. +* `path` - (Required) The path where the secret will be stored. +* `path_prefix` - (Optional) Overrides the `path_prefix` defined in the provider. +* `data` - (Optional) The secret contents. Either `data` or `generate` must be defined. +* `generate` - (Optional) Settings for autogenerating a secret. Either `data` or `generate` must be defined. -### Generate block +Nested `generate` blocks have the following structure: -* `length` - (Optional) How many characters long the secret should be. -* `symbols` - (Optional) Specifies if symbols can be used to generate the secret. -* `force_new` - (Optional) Force a new secret generation at every run. +* `length` - (Required) The length of the secret to generate. +* `symbols` - (Optional) Whether the secret should contain symbols. ## Attributes Reference In addition to all arguments above, the following attributes are exported: -* `version` - The current version of the secret. +* `version` - The version of the secret. From 7e64dfcf08d05c10d63302eeb8bd64c899350abc Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Wed, 13 Feb 2019 20:13:45 +0100 Subject: [PATCH 03/63] Added gitignore --- .gitignore | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..296e038 --- /dev/null +++ b/.gitignore @@ -0,0 +1,20 @@ +# Go +terraform-provider-secrethub +*.exe +*.exe~ +*.dll +*.so +*.dylib + +# Terraform +terraform.tfplan +terraform.tfstate +*.backup +./*.tfstate +.terraform/ +*.log +*.bak + +# IDE +.vscode +.idea From b7e7a45808a932d3aa559cf3ced1663679a6a8f1 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Wed, 13 Feb 2019 20:22:17 +0100 Subject: [PATCH 04/63] Updated example --- examples/rds.tf | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/examples/rds.tf b/examples/rds.tf index dd8878b..161a58e 100644 --- a/examples/rds.tf +++ b/examples/rds.tf @@ -17,22 +17,22 @@ provider "aws" { } provider "secrethub" { - version = "latest" - namespace = "myOrg" - repository = "myRepo" + credential = "${file("~/.secrethub/credential")}" + path_prefix = "my-org/my-repo/${var.environment}" } resource "secrethub_secret" "db_password" { - path = "/${var.environment}/db/password" + path = "db/password" + generate { length = 22 - symbols = false + symbols = true } } resource "secrethub_secret" "db_username" { - path = "/${var.environment}/db/username" - data = "dbUser" + path = "db/username" + data = "db-user" } resource "aws_db_instance" "default" { From 950b744d587dd25dcc6d5ce2452632130c7c3a37 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Wed, 13 Feb 2019 22:34:08 +0100 Subject: [PATCH 05/63] Remove dependency on the secrethub repo --- go.mod | 2 -- go.sum | 5 ----- secrethub/resource_secret.go | 4 ++-- 3 files changed, 2 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 492cbf0..2c4e6de 100644 --- a/go.mod +++ b/go.mod @@ -15,9 +15,7 @@ require ( github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952 // indirect github.com/hashicorp/logutils v1.0.0 // indirect github.com/hashicorp/terraform v0.11.11 - github.com/keylockerbv/secrethub v0.17.0 github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25 - github.com/kr/pty v1.1.3 // indirect github.com/mitchellh/cli v1.0.0 // indirect github.com/mitchellh/copystructure v1.0.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect diff --git a/go.sum b/go.sum index 7d7e9b9..dcfb675 100644 --- a/go.sum +++ b/go.sum @@ -89,16 +89,11 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8 h1:12VvqtR6Aowv3l/EQUlocDHW2Cp4G9WJVH7uyH8QFJE= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/keylockerbv/secrethub v0.17.0 h1:ynvH2JWotytvtLpGE8Bu4hPIV1m+OS/tTlmTGlv8Hmk= -github.com/keylockerbv/secrethub v0.17.0/go.mod h1:EibHbXBS5k+Cw+XEo4rveG+ONA2Czl1VFpVl7+jDYOc= -github.com/keylockerbv/secrethub-go v0.0.0-20190213122755-c4575db362e1 h1:TNLT/GfjM3u9HPPebbHk4gssdPDHBBKrD8UmOP9Ng7Q= -github.com/keylockerbv/secrethub-go v0.0.0-20190213122755-c4575db362e1/go.mod h1:tabojhZpymkSNSayXvZpSujl76grAdEDZeZT8kwR92A= github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25 h1:1fsFRQgt9AU8Muf9LSVEWiHrFpJ1XySXHY2sTVjtClk= github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25/go.mod h1:tabojhZpymkSNSayXvZpSujl76grAdEDZeZT8kwR92A= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index d4fed06..f203f97 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -2,11 +2,11 @@ package secrethub import ( "fmt" + "github.com/keylockerbv/secrethub-go/pkg/randstr" "strings" "github.com/hashicorp/terraform/helper/schema" "github.com/keylockerbv/secrethub-go/pkg/api" - "github.com/keylockerbv/secrethub/core/random" ) func resourceSecret() *schema.Resource { @@ -84,7 +84,7 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { symbols := settings["symbols"].(bool) length := settings["length"].(int) var err error - data, err = random.NewGenerator(symbols).Generate(length) + data, err = randstr.NewGenerator(symbols).Generate(length) if err != nil { return err } From 54f4f743c97edbe5b49e3f08930504595fd13579 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 14 Feb 2019 10:07:53 +0100 Subject: [PATCH 06/63] Updated docs --- secrethub/provider.go | 2 +- secrethub/resource_secret.go | 2 +- website/docs/index.html.markdown | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/secrethub/provider.go b/secrethub/provider.go index 2669273..0fdbd5e 100644 --- a/secrethub/provider.go +++ b/secrethub/provider.go @@ -23,7 +23,7 @@ func Provider() terraform.ResourceProvider { "path_prefix": { Type: schema.TypeString, Optional: true, - Description: "The default path prefix of the secret resources and data sources. If left blank, every secret requires the path to be absolute (namespace/repository[/dir]/secret_name).", + Description: "The default path prefix of the secret resources and data sources. Specifying it will reduce redundancy in the secret resources as it enables the use of relative paths.", }, }, ConfigureFunc: configureProvider, diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index d4fed06..6d461e7 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -134,7 +134,7 @@ func resourceSecretRead(d *schema.ResourceData, m interface{}) error { prev := d.Get("version") if prev != remote.LatestVersion { - // someone updated the secret outside of the current terraform scope, so the new secret has to be fetched + // The secret is updated outside of the current terraform scope, so the new secret version has to be fetched updated, err := client.Secrets().Versions().GetWithData(path) if err != nil { return err diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index c0736bf..09839aa 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -33,4 +33,4 @@ The following arguments are supported: * `credential` - (Required) Credential to use for SecretHub authentication. * `credential_passphrase` - (Optional) Passphrase to unlock the authentication passed in `credential`. -* `path_prefix` - (Optional) The default path prefix of the secret resources and data sources. If left blank, every secret requires the path to be absolute (namespace/repository[/dir]/secret_name). +* `path_prefix` - (Optional) The default path prefix of the secret resources and data sources. Specifying it will reduce redundancy in the secret resources as it enables the use of relative paths. From 03fd5dd6b4ac6612624d500dd75264f5e4174671 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 14 Feb 2019 10:10:00 +0100 Subject: [PATCH 07/63] Makefile cleaner --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 11fa725..1830520 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -TEST?=$$(go list ./... | grep -v 'vendor') +TEST?=$$(go list ./...) build: go build From ee6bb16fe9e1d229e7776b4a46736339a6bc169d Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 14 Feb 2019 14:00:39 +0100 Subject: [PATCH 08/63] Acceptance test validation errors made fatal --- secrethub/resource_secret_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index fbceba9..7bca14f 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -55,7 +55,7 @@ func testAccPreCheck(t *testing.T) func() { return func() { err := testAcc.validate() if err != nil { - t.Error(err) + t.Fatal(err) } } } From 49e291a89c174c7af1a754cfedfc302b48176013 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 14 Feb 2019 14:32:40 +0100 Subject: [PATCH 09/63] Updated docs --- secrethub/provider.go | 2 +- secrethub/resource_secret.go | 4 ++-- website/docs/index.html.markdown | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/secrethub/provider.go b/secrethub/provider.go index 0fdbd5e..771e64a 100644 --- a/secrethub/provider.go +++ b/secrethub/provider.go @@ -23,7 +23,7 @@ func Provider() terraform.ResourceProvider { "path_prefix": { Type: schema.TypeString, Optional: true, - Description: "The default path prefix of the secret resources and data sources. Specifying it will reduce redundancy in the secret resources as it enables the use of relative paths.", + Description: "The default value to prefix path values with. If set, paths for resources and data sources will be prefixed with the given prefix, allowing you to use relative paths instead. If left blank, every path must be absolute (namespace/repository/[dir/]secret_name).", }, }, ConfigureFunc: configureProvider, diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 20895f9..8c94024 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -2,11 +2,11 @@ package secrethub import ( "fmt" - "github.com/keylockerbv/secrethub-go/pkg/randstr" "strings" "github.com/hashicorp/terraform/helper/schema" "github.com/keylockerbv/secrethub-go/pkg/api" + "github.com/keylockerbv/secrethub-go/pkg/randstr" ) func resourceSecret() *schema.Resource { @@ -134,7 +134,7 @@ func resourceSecretRead(d *schema.ResourceData, m interface{}) error { prev := d.Get("version") if prev != remote.LatestVersion { - // The secret is updated outside of the current terraform scope, so the new secret version has to be fetched + // The secret has been updated outside of the current terraform scope, so the new secret version has to be fetched updated, err := client.Secrets().Versions().GetWithData(path) if err != nil { return err diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index 09839aa..68e2cb4 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -33,4 +33,4 @@ The following arguments are supported: * `credential` - (Required) Credential to use for SecretHub authentication. * `credential_passphrase` - (Optional) Passphrase to unlock the authentication passed in `credential`. -* `path_prefix` - (Optional) The default path prefix of the secret resources and data sources. Specifying it will reduce redundancy in the secret resources as it enables the use of relative paths. +* `path_prefix` - (Optional) The default value to prefix path values with. If set, paths for resources and data sources will be prefixed with the given prefix, allowing you to use relative paths instead. If left blank, every path must be absolute (namespace/repository/[dir/]secret_name). From 07bf5cf364187aa108e06a688e07077882e0b5a0 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Fri, 15 Feb 2019 16:11:54 +0100 Subject: [PATCH 10/63] Removed unnecessary attribute --- secrethub/resource_secret.go | 1 - 1 file changed, 1 deletion(-) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 8c94024..dd33b20 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -112,7 +112,6 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { d.SetId(string(path)) d.Set("data", string(data)) d.Set("version", res.Version) - d.Set("created", res.CreatedAt) return resourceSecretRead(d, m) } From db6482b039d6586b4ac76bb811bad0f580167277 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Fri, 15 Feb 2019 16:12:18 +0100 Subject: [PATCH 11/63] Docs and naming --- secrethub/resource_secret.go | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index dd33b20..65d98ca 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -65,8 +65,8 @@ func resourceSecret() *schema.Resource { } func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { - prov := m.(providerMeta) - client := *prov.client + provider := m.(providerMeta) + client := *provider.client dataStr := d.Get("data").(string) generateList := d.Get("generate").([]interface{}) @@ -92,7 +92,8 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { prefix := d.Get("path_prefix").(string) if prefix == "" { - prefix = prov.pathPrefix + // Fall back to the provider prefix + prefix = provider.pathPrefix } pathStr := d.Get("path").(string) path, err := newCompoundSecretPath(prefix, pathStr) @@ -117,8 +118,8 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { } func resourceSecretRead(d *schema.ResourceData, m interface{}) error { - prov := m.(providerMeta) - client := *prov.client + provider := m.(providerMeta) + client := *provider.client pathStr := d.Id() path, err := api.NewSecretPath(pathStr) @@ -150,8 +151,8 @@ func resourceSecretUpdate(d *schema.ResourceData, m interface{}) error { } func resourceSecretDelete(d *schema.ResourceData, m interface{}) error { - prov := m.(providerMeta) - client := *prov.client + provider := m.(providerMeta) + client := *provider.client pathStr := d.Id() path, err := api.NewSecretPath(pathStr) @@ -166,7 +167,7 @@ func resourceSecretDelete(d *schema.ResourceData, m interface{}) error { const pathSeparator = "/" -// newCompoundSecretPath returns SecretPath that combines multiple path components into a single secret path +// newCompoundSecretPath returns a SecretPath that combines multiple path components into a single secret path func newCompoundSecretPath(components ...string) (api.SecretPath, error) { var processed []string for _, c := range components { From 8c93c0592a652167e7fe041b9860e234b14772e3 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Mon, 18 Feb 2019 09:58:41 +0100 Subject: [PATCH 12/63] =?UTF-8?q?Using=20new=20client=E2=80=99s=20credenti?= =?UTF-8?q?al=20API=20with=20passphrase=20support?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- go.mod | 6 +----- go.sum | 12 +++--------- secrethub/provider.go | 8 ++------ secrethub/resource_secret.go | 4 ++-- 4 files changed, 8 insertions(+), 22 deletions(-) diff --git a/go.mod b/go.mod index 2c4e6de..394b900 100644 --- a/go.mod +++ b/go.mod @@ -3,8 +3,6 @@ module github.com/keylockerbv/terraform-provider-secrethub require ( github.com/apparentlymart/go-cidr v1.0.0 // indirect github.com/blang/semver v3.5.1+incompatible // indirect - github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448 // indirect - github.com/go-chi/chi v4.0.1+incompatible // indirect github.com/hashicorp/go-getter v1.0.1 // indirect github.com/hashicorp/go-hclog v0.0.0-20190109152822-4783caec6f2e // indirect github.com/hashicorp/go-plugin v0.0.0-20190129155509-362c99b11937 // indirect @@ -15,13 +13,11 @@ require ( github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952 // indirect github.com/hashicorp/logutils v1.0.0 // indirect github.com/hashicorp/terraform v0.11.11 - github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25 + github.com/keylockerbv/secrethub-go v0.0.0-20190215145344-c5428f8d99f3 github.com/mitchellh/cli v1.0.0 // indirect github.com/mitchellh/copystructure v1.0.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/hashstructure v1.0.0 // indirect - github.com/pkg/errors v0.8.1 // indirect github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f // indirect - golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67 // indirect golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 // indirect ) diff --git a/go.sum b/go.sum index dcfb675..2aaeec1 100644 --- a/go.sum +++ b/go.sum @@ -21,8 +21,6 @@ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kB github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/bsm/go-vlq v0.0.0-20150828105119-ec6e8d4f5f4e/go.mod h1:N+BjUcTjSxc2mtRGSCPsat1kze3CUtvJN3/jTXlp29k= -github.com/certifi/gocertifi v0.0.0-20180905225744-ee1a9a0726d2 h1:MmeatFT1pTPSVb4nkPmBFN/LRZ97vPjsFKsZrU3KKTs= -github.com/certifi/gocertifi v0.0.0-20180905225744-ee1a9a0726d2/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4= github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448 h1:8tNk6SPXzLDnATTrWoI5Bgw9s/x4uf0kmBpk21NZgI4= github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4= github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= @@ -36,8 +34,6 @@ github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5Kwzbycv github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/getsentry/raven-go v0.2.0 h1:no+xWJRb5ZI7eE8TWgIq1jLulQiIoLG0IfYxv5JYMGs= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= -github.com/go-chi/chi v3.3.3+incompatible h1:KHkmBEMNkwKuK4FdQL7N2wOeB9jnIx7jR5wsuSBEFI8= -github.com/go-chi/chi v3.3.3+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= github.com/go-chi/chi v4.0.1+incompatible h1:RSRC5qmFPtO90t7pTL0DBMNpZFsb/sHF3RXVlDgFisA= github.com/go-chi/chi v4.0.1+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= github.com/go-test/deep v1.0.1 h1:UQhStjbkDClarlmv0am7OXXO4/GaPdCGiUiMTvi28sg= @@ -89,11 +85,12 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8 h1:12VvqtR6Aowv3l/EQUlocDHW2Cp4G9WJVH7uyH8QFJE= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25 h1:1fsFRQgt9AU8Muf9LSVEWiHrFpJ1XySXHY2sTVjtClk= -github.com/keylockerbv/secrethub-go v0.0.0-20190213150736-839e23269a25/go.mod h1:tabojhZpymkSNSayXvZpSujl76grAdEDZeZT8kwR92A= +github.com/keylockerbv/secrethub-go v0.0.0-20190215145344-c5428f8d99f3 h1:RtvtlNoLBemFQLa2HAKkP0LpsaQETkYW5VbfrJRrFZ0= +github.com/keylockerbv/secrethub-go v0.0.0-20190215145344-c5428f8d99f3/go.mod h1:U086plZMagUfy92G4DgCsRAns20Q5j+Rf8bYDXiDxMw= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= @@ -129,8 +126,6 @@ github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 h1:lDH9UUVJtmYCjyT0CI4q8xvlXPxeZ0gYCVvWbmPlp88= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= -github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -153,7 +148,6 @@ github.com/zclconf/go-cty v0.0.0-20190124225737-a385d646c1e9/go.mod h1:xnAOWiHeO github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f h1:QdzpIo5V8FV8SHsXCXpgSXOquZEF7YozbNcYnEnGZvA= github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= golang.org/x/crypto v0.0.0-20180816225734-aabede6cba87/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67 h1:ng3VDlRp5/DHpSWl02R4rM9I+8M2rhmsuLwAMmkLQWE= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= diff --git a/secrethub/provider.go b/secrethub/provider.go index 771e64a..5205c56 100644 --- a/secrethub/provider.go +++ b/secrethub/provider.go @@ -35,13 +35,9 @@ func Provider() terraform.ResourceProvider { func configureProvider(d *schema.ResourceData) (interface{}, error) { credRaw := d.Get("credential").(string) - parser := secrethub.NewCredentialParser(secrethub.DefaultCredentialDecoders) - parsed, err := parser.Parse(credRaw) - if err != nil { - return nil, err - } + passphrase := d.Get("credential_passphrase").(string) - cred, err := parsed.Decode() + cred, err := secrethub.NewCredential(credRaw, passphrase) if err != nil { return nil, err } diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 65d98ca..15c1ff3 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -6,7 +6,7 @@ import ( "github.com/hashicorp/terraform/helper/schema" "github.com/keylockerbv/secrethub-go/pkg/api" - "github.com/keylockerbv/secrethub-go/pkg/randstr" + "github.com/keylockerbv/secrethub-go/pkg/randchar" ) func resourceSecret() *schema.Resource { @@ -84,7 +84,7 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { symbols := settings["symbols"].(bool) length := settings["length"].(int) var err error - data, err = randstr.NewGenerator(symbols).Generate(length) + data, err = randchar.NewGenerator(symbols).Generate(length) if err != nil { return err } From 147a02e20a2f515247e4ed53be03b5ea28d1f350 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 19 Feb 2019 11:20:19 +0100 Subject: [PATCH 13/63] Add make install to install the provider globally --- Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Makefile b/Makefile index 1830520..74b4eec 100644 --- a/Makefile +++ b/Makefile @@ -5,3 +5,6 @@ build: testacc: TF_ACC=1 go test $(TEST) -v $(TESTARGS) -timeout 120m + +install: + go build -o ~/.terraform.d/plugins/terraform-provider-secrethub From 26f4a5a0aceec38e7a53a0107fab38f7fc1b2838 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Tue, 19 Feb 2019 16:59:03 +0100 Subject: [PATCH 14/63] Data source secrethub_secret --- secrethub/data_source_secret.go | 69 ++++++++++++++++ secrethub/data_source_secret_test.go | 82 +++++++++++++++++++ secrethub/provider.go | 3 + secrethub/provider_test.go | 52 ++++++++++++ secrethub/resource_secret.go | 32 +++++--- secrethub/resource_secret_test.go | 69 +++------------- website/docs/d/secrethub_secret.html.markdown | 11 ++- 7 files changed, 244 insertions(+), 74 deletions(-) create mode 100644 secrethub/data_source_secret.go create mode 100644 secrethub/data_source_secret_test.go diff --git a/secrethub/data_source_secret.go b/secrethub/data_source_secret.go new file mode 100644 index 0000000..4c2b84b --- /dev/null +++ b/secrethub/data_source_secret.go @@ -0,0 +1,69 @@ +package secrethub + +import ( + "github.com/hashicorp/terraform/helper/schema" +) + +func dataSourceSecret() *schema.Resource { + return &schema.Resource{ + Read: dataSourceSecretRead, + Schema: map[string]*schema.Schema{ + "path": { + Type: schema.TypeString, + Required: true, + Description: "The path where the secret is stored.", + }, + "path_prefix": { + Type: schema.TypeString, + Optional: true, + Description: "Overrides the `path_prefix` defined in the provider.", + }, + "version": { + Type: schema.TypeInt, + Optional: true, + Computed: true, + Description: "The version of the secret. Defaults to the latest.", + }, + "data": { + Type: schema.TypeString, + Computed: true, + Sensitive: true, + Description: "The secret contents.", + }, + }, + } +} + +func dataSourceSecretRead(d *schema.ResourceData, m interface{}) error { + provider := m.(providerMeta) + client := *provider.client + + path, err := getSecretPath(d, &provider) + if err != nil { + return err + } + + remote, err := client.Secrets().Get(path) + if err != nil { + return err + } + + version := d.Get("version").(int) + if version == 0 { + d.Set("version", remote.LatestVersion) + } + + if d.Get("data") == "" || d.Get("version") != remote.LatestVersion { + // Only fetch the secret contents if it hasn't been fetched before or if the version is out of sync + updated, err := client.Secrets().Versions().GetWithData(path) + if err != nil { + return err + } + d.Set("data", string(updated.Data)) + d.Set("version", updated.Version) + } + + d.SetId(string(path)) + + return nil +} diff --git a/secrethub/data_source_secret_test.go b/secrethub/data_source_secret_test.go new file mode 100644 index 0000000..bec4029 --- /dev/null +++ b/secrethub/data_source_secret_test.go @@ -0,0 +1,82 @@ +package secrethub + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform/helper/resource" +) + +func TestAccDataSourceSecret_absPath(t *testing.T) { + config := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + } + + resource "secrethub_secret" "%v" { + path = "%v" + data = "secretpassword" + } + + data "secrethub_secret" "%v" { + path = "${secrethub_secret.%v.path}" + } + `, testAcc.secretName, testAcc.path, testAcc.secretName, testAcc.secretName) + + resource.Test(t, resource.TestCase{ + Providers: testAccProviders, + PreCheck: testAccPreCheck(t), + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), + "path", + string(testAcc.path), + ), + resource.TestCheckResourceAttr( + fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), + "data", + "secretpassword", + ), + ), + }, + }, + }) +} + +func TestAccDataSourceSecret_prefPath(t *testing.T) { + config := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + path_prefix = "%v/%v" + } + + resource "secrethub_secret" "%v" { + path = "%v" + data = "secretpassword" + } + + data "secrethub_secret" "%v" { + path = "${secrethub_secret.%v.path}" + } + `, testAcc.namespace, testAcc.repository, testAcc.secretName, testAcc.secretName, testAcc.secretName, testAcc.secretName) + + resource.Test(t, resource.TestCase{ + Providers: testAccProviders, + PreCheck: testAccPreCheck(t), + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), + "data", + "secretpassword", + ), + ), + }, + }, + }) +} diff --git a/secrethub/provider.go b/secrethub/provider.go index 5205c56..35a7f53 100644 --- a/secrethub/provider.go +++ b/secrethub/provider.go @@ -30,6 +30,9 @@ func Provider() terraform.ResourceProvider { ResourcesMap: map[string]*schema.Resource{ "secrethub_secret": resourceSecret(), }, + DataSourcesMap: map[string]*schema.Resource{ + "secrethub_secret": dataSourceSecret(), + }, } } diff --git a/secrethub/provider_test.go b/secrethub/provider_test.go index 87583b4..996da9f 100644 --- a/secrethub/provider_test.go +++ b/secrethub/provider_test.go @@ -1,11 +1,63 @@ package secrethub import ( + "fmt" + "os" "testing" "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/terraform" + "github.com/keylockerbv/secrethub-go/pkg/api" ) +const ( + envNamespace = "SECRETHUB_TF_ACC_NAMESPACE" + envRepo = "SECRETHUB_TF_ACC_REPOSITORY" +) + +var testAccProviders map[string]terraform.ResourceProvider +var testAccProvider *schema.Provider +var testAcc *testAccValues + +type testAccValues struct { + namespace string + repository string + secretName string + path api.SecretPath + pathErr error +} + +func (testAccValues) validate() error { + if testAcc.namespace == "" || testAcc.repository == "" { + return fmt.Errorf("the following environment variables need to be set: %v, %v", envNamespace, envRepo) + } + return testAcc.pathErr +} + +func init() { + testAccProvider = Provider().(*schema.Provider) + testAccProviders = map[string]terraform.ResourceProvider{ + "secrethub": testAccProvider, + } + + testAcc = &testAccValues{ + namespace: os.Getenv(envNamespace), + repository: os.Getenv(envRepo), + secretName: "test_acc_secret", + } + + testAcc.path, testAcc.pathErr = newCompoundSecretPath(testAcc.namespace, testAcc.repository, testAcc.secretName) +} + +func testAccPreCheck(t *testing.T) func() { + return func() { + err := testAcc.validate() + if err != nil { + t.Fatal(err) + } + } +} + func TestProvider(t *testing.T) { if err := Provider().(*schema.Provider).InternalValidate(); err != nil { t.Fatalf("err: %s", err) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 15c1ff3..d78396f 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -90,21 +90,11 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { } } - prefix := d.Get("path_prefix").(string) - if prefix == "" { - // Fall back to the provider prefix - prefix = provider.pathPrefix - } - pathStr := d.Get("path").(string) - path, err := newCompoundSecretPath(prefix, pathStr) + path, err := getSecretPath(d, &provider) if err != nil { return err } - if path.HasVersion() { - return fmt.Errorf("path '%v' should not have a version number", path) - } - res, err := client.Secrets().Write(path, data) if err != nil { return err @@ -165,6 +155,26 @@ func resourceSecretDelete(d *schema.ResourceData, m interface{}) error { return nil } +// getSecretPath finds the full path of a secret, combining the specified path with the provider's path prefix +func getSecretPath(d *schema.ResourceData, provider *providerMeta) (api.SecretPath, error) { + prefix := d.Get("path_prefix").(string) + if prefix == "" { + // Fall back to the provider prefix + prefix = provider.pathPrefix + } + pathStr := d.Get("path").(string) + path, err := newCompoundSecretPath(prefix, pathStr) + if err != nil { + return path, err + } + + if path.HasVersion() { + return path, fmt.Errorf("path '%v' should not have a version number", path) + } + + return path, nil +} + const pathSeparator = "/" // newCompoundSecretPath returns a SecretPath that combines multiple path components into a single secret path diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index 7bca14f..2eb322b 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -2,65 +2,14 @@ package secrethub import ( "fmt" - "os" "reflect" "testing" "github.com/hashicorp/terraform/helper/resource" - "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/terraform" - "github.com/keylockerbv/secrethub-go/pkg/api" ) -const ( - envNamespace = "SECRETHUB_TF_ACC_NAMESPACE" - envRepo = "SECRETHUB_TF_ACC_REPOSITORY" -) - -var testAccProviders map[string]terraform.ResourceProvider -var testAccProvider *schema.Provider -var testAcc *testAccValues - -type testAccValues struct { - namespace string - repository string - secretName string - path api.SecretPath - pathErr error -} - -func (testAccValues) validate() error { - if testAcc.namespace == "" || testAcc.repository == "" { - return fmt.Errorf("the following environment variables need to be set: %v, %v", envNamespace, envRepo) - } - return testAcc.pathErr -} - -func init() { - testAccProvider = Provider().(*schema.Provider) - testAccProviders = map[string]terraform.ResourceProvider{ - "secrethub": testAccProvider, - } - - testAcc = &testAccValues{ - namespace: os.Getenv(envNamespace), - repository: os.Getenv(envRepo), - secretName: "test_acc_secret", - } - - testAcc.path, testAcc.pathErr = newCompoundSecretPath(testAcc.namespace, testAcc.repository, testAcc.secretName) -} - -func testAccPreCheck(t *testing.T) func() { - return func() { - err := testAcc.validate() - if err != nil { - t.Fatal(err) - } - } -} - -func TestAccSecret_writeAbsPath(t *testing.T) { +func TestAccResourceSecret_writeAbsPath(t *testing.T) { config := fmt.Sprintf(` provider "secrethub" { credential = "${file("~/.secrethub/credential")}" @@ -218,10 +167,6 @@ func getSecretResourceState(s *terraform.State, values *testAccValues) (*terrafo func checkSecretExistsRemotely(values *testAccValues) resource.TestCheckFunc { return func(s *terraform.State) error { - if _, err := getSecretResourceState(s, values); err != nil { - return err - } - client := *testAccProvider.Meta().(providerMeta).client _, err := client.Secrets().Get(values.path) @@ -235,10 +180,16 @@ func checkSecretExistsRemotely(values *testAccValues) resource.TestCheckFunc { func checkSecretResourceState(values *testAccValues, check func(s *terraform.InstanceState) error) resource.TestCheckFunc { return func(s *terraform.State) error { - state, err := getSecretResourceState(s, values) - if err != nil { - return err + resourceState := s.RootModule().Resources[fmt.Sprintf("secrethub_secret.%v", values.secretName)] + if resourceState == nil { + return fmt.Errorf("resource '%v' not in tf state", values.secretName) } + + state := resourceState.Primary + if state == nil { + return fmt.Errorf("resource has no primary instance") + } + return check(state) } } diff --git a/website/docs/d/secrethub_secret.html.markdown b/website/docs/d/secrethub_secret.html.markdown index 71ca1f3..9bff5ab 100644 --- a/website/docs/d/secrethub_secret.html.markdown +++ b/website/docs/d/secrethub_secret.html.markdown @@ -14,15 +14,18 @@ Use this data source to read secrets already in SecretHub ```hcl data "secrethub_secret" "db_password" { - path = "/db" + path = "db-password" } ``` ## Argument Reference -* `path` - (Required) The path where the secret is stored, optionally including a version number. +* `path` - (Required) The path where the secret is stored. +* `path_prefix` - (Optional) Overrides the `path_prefix` defined in the provider. +* `version` - (Optional) The version of the secret read. Defaults to the latest. ## Attributes Reference -* `data` - The secret retrieved. -* `version` - The version of the secret read. +In addition to all arguments above, the following attributes are exported: + +* `data` - The secret contents. From b7c0b32bed12173c274998b1f9bad2ad971edc33 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 21 Feb 2019 14:56:04 +0100 Subject: [PATCH 15/63] Secret data source support for versions in path --- secrethub/data_source_secret.go | 23 ++------ secrethub/data_source_secret_test.go | 59 +++++++++++++++++++ secrethub/resource_secret.go | 8 +-- website/docs/d/secrethub_secret.html.markdown | 4 +- 4 files changed, 70 insertions(+), 24 deletions(-) diff --git a/secrethub/data_source_secret.go b/secrethub/data_source_secret.go index 4c2b84b..02b8126 100644 --- a/secrethub/data_source_secret.go +++ b/secrethub/data_source_secret.go @@ -11,7 +11,7 @@ func dataSourceSecret() *schema.Resource { "path": { Type: schema.TypeString, Required: true, - Description: "The path where the secret is stored.", + Description: "The path where the secret is stored. To use a specific version, append the version number to the path, separated by a colon (path:version). Defaults to the latest version.", }, "path_prefix": { Type: schema.TypeString, @@ -20,9 +20,8 @@ func dataSourceSecret() *schema.Resource { }, "version": { Type: schema.TypeInt, - Optional: true, Computed: true, - Description: "The version of the secret. Defaults to the latest.", + Description: "The version of the secret.", }, "data": { Type: schema.TypeString, @@ -43,25 +42,13 @@ func dataSourceSecretRead(d *schema.ResourceData, m interface{}) error { return err } - remote, err := client.Secrets().Get(path) + secret, err := client.Secrets().Versions().GetWithData(path) if err != nil { return err } - version := d.Get("version").(int) - if version == 0 { - d.Set("version", remote.LatestVersion) - } - - if d.Get("data") == "" || d.Get("version") != remote.LatestVersion { - // Only fetch the secret contents if it hasn't been fetched before or if the version is out of sync - updated, err := client.Secrets().Versions().GetWithData(path) - if err != nil { - return err - } - d.Set("data", string(updated.Data)) - d.Set("version", updated.Version) - } + d.Set("data", string(secret.Data)) + d.Set("version", secret.Version) d.SetId(string(path)) diff --git a/secrethub/data_source_secret_test.go b/secrethub/data_source_secret_test.go index bec4029..bb15318 100644 --- a/secrethub/data_source_secret_test.go +++ b/secrethub/data_source_secret_test.go @@ -46,6 +46,65 @@ func TestAccDataSourceSecret_absPath(t *testing.T) { }) } +func TestAccDataSourceSecret_absPathVersioned(t *testing.T) { + configInit := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + } + + resource "secrethub_secret" "%v" { + path = "%v" + data = "secretpasswordv1" + } + + data "secrethub_secret" "%v" { + path = "${secrethub_secret.%v.path}:1" + } + `, testAcc.secretName, testAcc.path, testAcc.secretName, testAcc.secretName) + + configVersioned := fmt.Sprintf(` + provider "secrethub" { + credential = "${file("~/.secrethub/credential")}" + } + + resource "secrethub_secret" "%v" { + path = "%v" + data = "secretpasswordv2" + } + + data "secrethub_secret" "%v" { + path = "${secrethub_secret.%v.path}:1" + } + `, testAcc.secretName, testAcc.path, testAcc.secretName, testAcc.secretName) + + resource.Test(t, resource.TestCase{ + Providers: testAccProviders, + PreCheck: testAccPreCheck(t), + Steps: []resource.TestStep{ + { + Config: configInit, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), + "data", + "secretpasswordv1", + ), + ), + }, + { + Config: configVersioned, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), + "data", + "secretpasswordv1", + ), + ), + }, + }, + }) +} + func TestAccDataSourceSecret_prefPath(t *testing.T) { config := fmt.Sprintf(` provider "secrethub" { diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index d78396f..b16f471 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -95,6 +95,10 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { return err } + if path.HasVersion() { + return fmt.Errorf("path '%v' should not have a version number", path) + } + res, err := client.Secrets().Write(path, data) if err != nil { return err @@ -168,10 +172,6 @@ func getSecretPath(d *schema.ResourceData, provider *providerMeta) (api.SecretPa return path, err } - if path.HasVersion() { - return path, fmt.Errorf("path '%v' should not have a version number", path) - } - return path, nil } diff --git a/website/docs/d/secrethub_secret.html.markdown b/website/docs/d/secrethub_secret.html.markdown index 9bff5ab..0f1feab 100644 --- a/website/docs/d/secrethub_secret.html.markdown +++ b/website/docs/d/secrethub_secret.html.markdown @@ -20,12 +20,12 @@ data "secrethub_secret" "db_password" { ## Argument Reference -* `path` - (Required) The path where the secret is stored. +* `path` - (Required) "The path where the secret is stored. To use a specific version, append the version number to the path, separated by a colon (path:version). Defaults to the latest version. * `path_prefix` - (Optional) Overrides the `path_prefix` defined in the provider. -* `version` - (Optional) The version of the secret read. Defaults to the latest. ## Attributes Reference In addition to all arguments above, the following attributes are exported: * `data` - The secret contents. +* `version` - The version of the secret. From 52eaa3e4f80b18754854b9a0cde891a67f1decfa Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Mon, 25 Feb 2019 11:58:20 +0100 Subject: [PATCH 16/63] Removed input validation that client also does --- secrethub/resource_secret.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index b16f471..483e1f1 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -95,10 +95,6 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { return err } - if path.HasVersion() { - return fmt.Errorf("path '%v' should not have a version number", path) - } - res, err := client.Secrets().Write(path, data) if err != nil { return err From ebe4b171c51963ce5a512de85ca532db11635438 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Mon, 25 Feb 2019 13:27:24 +0100 Subject: [PATCH 17/63] Update secrethub-go --- go.mod | 2 +- go.sum | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 394b900..011e10b 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952 // indirect github.com/hashicorp/logutils v1.0.0 // indirect github.com/hashicorp/terraform v0.11.11 - github.com/keylockerbv/secrethub-go v0.0.0-20190215145344-c5428f8d99f3 + github.com/keylockerbv/secrethub-go v0.0.0-20190225122246-8861c3dd7542 github.com/mitchellh/cli v1.0.0 // indirect github.com/mitchellh/copystructure v1.0.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect diff --git a/go.sum b/go.sum index 2aaeec1..1000fe9 100644 --- a/go.sum +++ b/go.sum @@ -87,6 +87,9 @@ github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8 h1:12VvqtR6Ao github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/keylockerbv/secrethub-go v0.0.0-20190215145344-c5428f8d99f3 h1:RtvtlNoLBemFQLa2HAKkP0LpsaQETkYW5VbfrJRrFZ0= github.com/keylockerbv/secrethub-go v0.0.0-20190215145344-c5428f8d99f3/go.mod h1:U086plZMagUfy92G4DgCsRAns20Q5j+Rf8bYDXiDxMw= +github.com/keylockerbv/secrethub-go v0.0.0-20190221141042-e25baae6094c h1:GiIe35ZSCwJZh87M7D/ke2nE92fwEMYMuIeaAj6AMBc= +github.com/keylockerbv/secrethub-go v0.0.0-20190225122246-8861c3dd7542 h1:1nFBWN0N/RWtnlnoxfdIXmBy6wT2jnPq8ZONxBHd8lk= +github.com/keylockerbv/secrethub-go v0.0.0-20190225122246-8861c3dd7542/go.mod h1:U086plZMagUfy92G4DgCsRAns20Q5j+Rf8bYDXiDxMw= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= From c2f5033a351b59f2bcc9805f2e8893e41118876c Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Mon, 25 Feb 2019 13:32:07 +0100 Subject: [PATCH 18/63] Pass strings instead of api.SecretPath to the secrethub client --- secrethub/data_source_secret.go | 5 +---- secrethub/resource_secret.go | 32 +++++++------------------------- 2 files changed, 8 insertions(+), 29 deletions(-) diff --git a/secrethub/data_source_secret.go b/secrethub/data_source_secret.go index 02b8126..9e82dc3 100644 --- a/secrethub/data_source_secret.go +++ b/secrethub/data_source_secret.go @@ -37,10 +37,7 @@ func dataSourceSecretRead(d *schema.ResourceData, m interface{}) error { provider := m.(providerMeta) client := *provider.client - path, err := getSecretPath(d, &provider) - if err != nil { - return err - } + path := getSecretPath(d, &provider) secret, err := client.Secrets().Versions().GetWithData(path) if err != nil { diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 483e1f1..36a4a3a 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -5,7 +5,6 @@ import ( "strings" "github.com/hashicorp/terraform/helper/schema" - "github.com/keylockerbv/secrethub-go/pkg/api" "github.com/keylockerbv/secrethub-go/pkg/randchar" ) @@ -90,10 +89,7 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { } } - path, err := getSecretPath(d, &provider) - if err != nil { - return err - } + path := getSecretPath(d, &provider) res, err := client.Secrets().Write(path, data) if err != nil { @@ -111,11 +107,7 @@ func resourceSecretRead(d *schema.ResourceData, m interface{}) error { provider := m.(providerMeta) client := *provider.client - pathStr := d.Id() - path, err := api.NewSecretPath(pathStr) - if err != nil { - return err - } + path := d.Id() remote, err := client.Secrets().Get(path) if err != nil { @@ -144,11 +136,7 @@ func resourceSecretDelete(d *schema.ResourceData, m interface{}) error { provider := m.(providerMeta) client := *provider.client - pathStr := d.Id() - path, err := api.NewSecretPath(pathStr) - if err != nil { - return err - } + path := d.Id() client.Secrets().Delete(path) @@ -156,25 +144,20 @@ func resourceSecretDelete(d *schema.ResourceData, m interface{}) error { } // getSecretPath finds the full path of a secret, combining the specified path with the provider's path prefix -func getSecretPath(d *schema.ResourceData, provider *providerMeta) (api.SecretPath, error) { +func getSecretPath(d *schema.ResourceData, provider *providerMeta) string { prefix := d.Get("path_prefix").(string) if prefix == "" { // Fall back to the provider prefix prefix = provider.pathPrefix } pathStr := d.Get("path").(string) - path, err := newCompoundSecretPath(prefix, pathStr) - if err != nil { - return path, err - } - - return path, nil + return newCompoundSecretPath(prefix, pathStr) } const pathSeparator = "/" // newCompoundSecretPath returns a SecretPath that combines multiple path components into a single secret path -func newCompoundSecretPath(components ...string) (api.SecretPath, error) { +func newCompoundSecretPath(components ...string) string { var processed []string for _, c := range components { trimmed := strings.Trim(c, pathSeparator) @@ -182,6 +165,5 @@ func newCompoundSecretPath(components ...string) (api.SecretPath, error) { processed = append(processed, trimmed) } } - joined := strings.Join(processed, pathSeparator) - return api.NewSecretPath(joined) + return strings.Join(processed, pathSeparator) } From 3ff52421f0a3ee724d6c47948459369772953e78 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Mon, 25 Feb 2019 13:50:09 +0100 Subject: [PATCH 19/63] Added goreleaser config --- .gitignore | 1 + .goreleaser.yml | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 .goreleaser.yml diff --git a/.gitignore b/.gitignore index 296e038..8b069ff 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ terraform-provider-secrethub *.dll *.so *.dylib +dist/ # Terraform terraform.tfplan diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 0000000..2e3b65b --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,21 @@ +project_name: terraform-provider-secrethub + +builds: + - binary: "{{ .ProjectName }}" + env: + - CGO_ENABLED=0 + goos: + - linux + - darwin + - windows + goarch: + - amd64 + +archive: + name_template: "{{ .ProjectName }}-{{ .Os }}-{{ .Arch }}" + replacements: + amd64: 64-bit + darwin: macOS + files: + # Only archive the binary + - none* From 1cdc5eeeffe90adf37e480f093c51dde9f04993d Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Fri, 1 Mar 2019 11:25:53 +0100 Subject: [PATCH 20/63] Using SecretHub open source client --- go.mod | 2 +- go.sum | 12 ++++-------- secrethub/provider.go | 2 +- secrethub/resource_secret.go | 2 +- 4 files changed, 7 insertions(+), 11 deletions(-) diff --git a/go.mod b/go.mod index 011e10b..05eaa9c 100644 --- a/go.mod +++ b/go.mod @@ -13,11 +13,11 @@ require ( github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952 // indirect github.com/hashicorp/logutils v1.0.0 // indirect github.com/hashicorp/terraform v0.11.11 - github.com/keylockerbv/secrethub-go v0.0.0-20190225122246-8861c3dd7542 github.com/mitchellh/cli v1.0.0 // indirect github.com/mitchellh/copystructure v1.0.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/hashstructure v1.0.0 // indirect + github.com/secrethub/secrethub-go v0.17.0 github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f // indirect golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 // indirect ) diff --git a/go.sum b/go.sum index 1000fe9..05eeb76 100644 --- a/go.sum +++ b/go.sum @@ -85,15 +85,9 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8 h1:12VvqtR6Aowv3l/EQUlocDHW2Cp4G9WJVH7uyH8QFJE= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/keylockerbv/secrethub-go v0.0.0-20190215145344-c5428f8d99f3 h1:RtvtlNoLBemFQLa2HAKkP0LpsaQETkYW5VbfrJRrFZ0= -github.com/keylockerbv/secrethub-go v0.0.0-20190215145344-c5428f8d99f3/go.mod h1:U086plZMagUfy92G4DgCsRAns20Q5j+Rf8bYDXiDxMw= -github.com/keylockerbv/secrethub-go v0.0.0-20190221141042-e25baae6094c h1:GiIe35ZSCwJZh87M7D/ke2nE92fwEMYMuIeaAj6AMBc= -github.com/keylockerbv/secrethub-go v0.0.0-20190225122246-8861c3dd7542 h1:1nFBWN0N/RWtnlnoxfdIXmBy6wT2jnPq8ZONxBHd8lk= -github.com/keylockerbv/secrethub-go v0.0.0-20190225122246-8861c3dd7542/go.mod h1:U086plZMagUfy92G4DgCsRAns20Q5j+Rf8bYDXiDxMw= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= @@ -137,6 +131,8 @@ github.com/posener/complete v1.1.1 h1:ccV59UEOTzVDnDUEFdT95ZzHVZ+5+158q8+SJb2QV5 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/secrethub/secrethub-go v0.17.0 h1:AlRbFlLofhzY7Onv1QRI0u0iB4UTr8PCrNW5rnvsiHE= +github.com/secrethub/secrethub-go v0.17.0/go.mod h1:gqrxdTNcVowCy/Bo49Y+7En12aV24wnoG3ktUF9xW/k= github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= @@ -151,8 +147,8 @@ github.com/zclconf/go-cty v0.0.0-20190124225737-a385d646c1e9/go.mod h1:xnAOWiHeO github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f h1:QdzpIo5V8FV8SHsXCXpgSXOquZEF7YozbNcYnEnGZvA= github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= golang.org/x/crypto v0.0.0-20180816225734-aabede6cba87/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67 h1:ng3VDlRp5/DHpSWl02R4rM9I+8M2rhmsuLwAMmkLQWE= -golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b h1:+/WWzjwW6gidDJnMKWLKLX1gxn7irUTF1fLpQovfQ5M= +golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= diff --git a/secrethub/provider.go b/secrethub/provider.go index 35a7f53..246b2bc 100644 --- a/secrethub/provider.go +++ b/secrethub/provider.go @@ -3,7 +3,7 @@ package secrethub import ( "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/terraform" - "github.com/keylockerbv/secrethub-go/pkg/secrethub" + "github.com/secrethub/secrethub-go/pkg/secrethub" ) // Provider returns the ScretHub Terraform provider diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 36a4a3a..6d3e876 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -5,7 +5,7 @@ import ( "strings" "github.com/hashicorp/terraform/helper/schema" - "github.com/keylockerbv/secrethub-go/pkg/randchar" + "github.com/secrethub/secrethub-go/pkg/randchar" ) func resourceSecret() *schema.Resource { From b8bf47196e15c96d1a394184d63642716761a509 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Fri, 1 Mar 2019 13:49:31 +0100 Subject: [PATCH 21/63] Tests not using internal client pkg anymore --- secrethub/provider_test.go | 5 ++--- secrethub/resource_secret_test.go | 17 ++++------------- 2 files changed, 6 insertions(+), 16 deletions(-) diff --git a/secrethub/provider_test.go b/secrethub/provider_test.go index 996da9f..68565f2 100644 --- a/secrethub/provider_test.go +++ b/secrethub/provider_test.go @@ -7,7 +7,6 @@ import ( "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/terraform" - "github.com/keylockerbv/secrethub-go/pkg/api" ) const ( @@ -23,7 +22,7 @@ type testAccValues struct { namespace string repository string secretName string - path api.SecretPath + path string pathErr error } @@ -46,7 +45,7 @@ func init() { secretName: "test_acc_secret", } - testAcc.path, testAcc.pathErr = newCompoundSecretPath(testAcc.namespace, testAcc.repository, testAcc.secretName) + testAcc.path = newCompoundSecretPath(testAcc.namespace, testAcc.repository, testAcc.secretName) } func testAccPreCheck(t *testing.T) func() { diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index 2eb322b..2d9d1d3 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -200,38 +200,29 @@ func TestMergeSecretPath(t *testing.T) { path string } cases := []struct { - name string - args args - want string - wantErr bool + name string + args args + want string }{ { "prefixed path", args{"myorg/db_passwords", "postgres"}, "myorg/db_passwords/postgres", - false, }, { "abs path", args{"", "myorg2/database/postgres"}, "myorg2/database/postgres", - false, }, { "path with redundant slashes", args{"myorg/db_passwords/", "/postgres"}, "myorg/db_passwords/postgres", - false, }, } for _, c := range cases { t.Run(c.name, func(t *testing.T) { - path, err := newCompoundSecretPath(c.args.prefix, c.args.path) - got := string(path) - if (err != nil) != c.wantErr { - t.Errorf("newCompoundSecretPath() error = %v, wantErr %v", err, c.wantErr) - return - } + got := newCompoundSecretPath(c.args.prefix, c.args.path) if !reflect.DeepEqual(got, c.want) { t.Errorf("newCompoundSecretPath() = %v, want %v", got, c.want) } From a44b11fc124130e2b0a5e233a395fb77e77d41f4 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Wed, 6 Mar 2019 15:24:37 +0100 Subject: [PATCH 22/63] Initial CircleCI config --- .circleci/config.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 0000000..bfa9eb0 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,8 @@ +version: 2.1 +jobs: + test: + docker: + - image: circleci/golang:1.11.5 + steps: + - checkout + - run: make testacc From 11c27626d8fbd3b07a82571beefcfe4c799a6304 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Wed, 6 Mar 2019 15:32:24 +0100 Subject: [PATCH 23/63] Acceptance test setup more CI friendly --- secrethub/data_source_secret_test.go | 13 ------------- secrethub/provider.go | 1 + secrethub/provider_test.go | 7 ++++--- secrethub/resource_secret_test.go | 14 -------------- 4 files changed, 5 insertions(+), 30 deletions(-) diff --git a/secrethub/data_source_secret_test.go b/secrethub/data_source_secret_test.go index bb15318..abd594c 100644 --- a/secrethub/data_source_secret_test.go +++ b/secrethub/data_source_secret_test.go @@ -9,10 +9,6 @@ import ( func TestAccDataSourceSecret_absPath(t *testing.T) { config := fmt.Sprintf(` - provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" - } - resource "secrethub_secret" "%v" { path = "%v" data = "secretpassword" @@ -48,10 +44,6 @@ func TestAccDataSourceSecret_absPath(t *testing.T) { func TestAccDataSourceSecret_absPathVersioned(t *testing.T) { configInit := fmt.Sprintf(` - provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" - } - resource "secrethub_secret" "%v" { path = "%v" data = "secretpasswordv1" @@ -63,10 +55,6 @@ func TestAccDataSourceSecret_absPathVersioned(t *testing.T) { `, testAcc.secretName, testAcc.path, testAcc.secretName, testAcc.secretName) configVersioned := fmt.Sprintf(` - provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" - } - resource "secrethub_secret" "%v" { path = "%v" data = "secretpasswordv2" @@ -108,7 +96,6 @@ func TestAccDataSourceSecret_absPathVersioned(t *testing.T) { func TestAccDataSourceSecret_prefPath(t *testing.T) { config := fmt.Sprintf(` provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" path_prefix = "%v/%v" } diff --git a/secrethub/provider.go b/secrethub/provider.go index 246b2bc..c20a2ca 100644 --- a/secrethub/provider.go +++ b/secrethub/provider.go @@ -13,6 +13,7 @@ func Provider() terraform.ResourceProvider { "credential": { Type: schema.TypeString, Required: true, + DefaultFunc: schema.EnvDefaultFunc("SECRETHUB_CREDENTIAL", nil), Description: "Credential to use for SecretHub authentication.", }, "credential_passphrase": { diff --git a/secrethub/provider_test.go b/secrethub/provider_test.go index 68565f2..ccc9b1f 100644 --- a/secrethub/provider_test.go +++ b/secrethub/provider_test.go @@ -10,8 +10,9 @@ import ( ) const ( - envNamespace = "SECRETHUB_TF_ACC_NAMESPACE" - envRepo = "SECRETHUB_TF_ACC_REPOSITORY" + envCredential = "SECRETHUB_CREDENTIAL" + envNamespace = "SECRETHUB_TF_ACC_NAMESPACE" + envRepo = "SECRETHUB_TF_ACC_REPOSITORY" ) var testAccProviders map[string]terraform.ResourceProvider @@ -28,7 +29,7 @@ type testAccValues struct { func (testAccValues) validate() error { if testAcc.namespace == "" || testAcc.repository == "" { - return fmt.Errorf("the following environment variables need to be set: %v, %v", envNamespace, envRepo) + return fmt.Errorf("the following environment variables need to be set: %v, %v, %v", envCredential, envNamespace, envRepo) } return testAcc.pathErr } diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index 2d9d1d3..972085e 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -11,10 +11,6 @@ import ( func TestAccResourceSecret_writeAbsPath(t *testing.T) { config := fmt.Sprintf(` - provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" - } - resource "secrethub_secret" "%v" { path = "%v" data = "secretpassword" @@ -38,7 +34,6 @@ func TestAccResourceSecret_writeAbsPath(t *testing.T) { func TestAccResourceSecret_writePrefPath(t *testing.T) { config := fmt.Sprintf(` provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" path_prefix = "%v" } @@ -65,7 +60,6 @@ func TestAccResourceSecret_writePrefPath(t *testing.T) { func TestAccResourceSecret_writePrefPathOverride(t *testing.T) { config := fmt.Sprintf(` provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" path_prefix = "override_me" } @@ -92,10 +86,6 @@ func TestAccResourceSecret_writePrefPathOverride(t *testing.T) { func TestAccResourceSecret_generate(t *testing.T) { configInit := fmt.Sprintf(` - provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" - } - resource "secrethub_secret" "%v" { path = "%v" generate { @@ -106,10 +96,6 @@ func TestAccResourceSecret_generate(t *testing.T) { `, testAcc.secretName, testAcc.path) configLengthUpdate := fmt.Sprintf(` - provider "secrethub" { - credential = "${file("~/.secrethub/credential")}" - } - resource "secrethub_secret" "%v" { path = "%v" generate { From bc0e30df609b306e7a26aa3ef4ed25ac137dfd7b Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Wed, 6 Mar 2019 15:49:27 +0100 Subject: [PATCH 24/63] Provider docs for credential env var --- secrethub/provider.go | 2 +- website/docs/index.html.markdown | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/secrethub/provider.go b/secrethub/provider.go index c20a2ca..22306f4 100644 --- a/secrethub/provider.go +++ b/secrethub/provider.go @@ -14,7 +14,7 @@ func Provider() terraform.ResourceProvider { Type: schema.TypeString, Required: true, DefaultFunc: schema.EnvDefaultFunc("SECRETHUB_CREDENTIAL", nil), - Description: "Credential to use for SecretHub authentication.", + Description: "Credential to use for SecretHub authentication. Can also be sourced from SECRETHUB_CREDENTIAL.", }, "credential_passphrase": { Type: schema.TypeString, diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index 68e2cb4..866da0d 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -31,6 +31,6 @@ resource "secrethub_secret" "db_password" { The following arguments are supported: -* `credential` - (Required) Credential to use for SecretHub authentication. +* `credential` - (Required) Credential to use for SecretHub authentication. Can also be sourced from SECRETHUB_CREDENTIAL. * `credential_passphrase` - (Optional) Passphrase to unlock the authentication passed in `credential`. * `path_prefix` - (Optional) The default value to prefix path values with. If set, paths for resources and data sources will be prefixed with the given prefix, allowing you to use relative paths instead. If left blank, every path must be absolute (namespace/repository/[dir/]secret_name). From 5ff5ca18c0ca09da9a2a640c8e1adaaae104b66c Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Wed, 6 Mar 2019 15:49:44 +0100 Subject: [PATCH 25/63] CircleCI build job --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index bfa9eb0..46313ec 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,6 +1,6 @@ version: 2.1 jobs: - test: + build: docker: - image: circleci/golang:1.11.5 steps: From cfe66fc1ff54d29f6207f6fe0a50000d577a203e Mon Sep 17 00:00:00 2001 From: florisvdg Date: Wed, 6 Mar 2019 17:40:04 +0100 Subject: [PATCH 26/63] Apache license --- LICENSE | 201 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 201 insertions(+) create mode 100644 LICENSE diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. From 76fb18b159f95bd5d4830432095bee455ce0b4c4 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 7 Mar 2019 13:53:17 +0100 Subject: [PATCH 27/63] =?UTF-8?q?README=20with=20install,=20develop=20and?= =?UTF-8?q?=20usage=20section=20and=20logo=E2=80=99s?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 95 +++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 89 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 7b2566d..ec8a969 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,91 @@ -Terraform Provider -================== +# Terraform SecretHub Provider +====== -- Website: https://www.terraform.io -- [![Gitter chat](https://badges.gitter.im/hashicorp-terraform/Lobby.png)](https://gitter.im/hashicorp-terraform/Lobby) -- Mailing list: [Google Groups](http://groups.google.com/group/terraform-tool) +> [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. - +The Terraform SecretHub Provider lets you manage your secrets using Terraform. + +
+ +

+ Terraform + + SecretHub +

+ + +## Installation + +Download and extract the [latest release](https://github.com/keylockerbv/terraform-provider-secrethub/releases/latest) of the Terraform SecretHub Provider and move it to your [Terraform plugin directory](https://www.terraform.io/docs/configuration/providers.html#third-party-plugins) (`~/.terraform.d/plugins/`, or `%APPDATA%\terraform.d\plugins` on Windows). + +Afterwards, you can use `terraform init` as you would normally. + +## Usage + +```hcl +provider "secrethub" { + # pass in credential or set SECRETHUB_CREDENTIAL enviroment variable + credential = "${file("~/.secrethub/credential")}" + path_prefix = "my-org/my-repo" +} + +resource "secrethub_secret" "db_password" { + path = "db/password" + + generate { + length = 22 + symbols = true + } +} + +resource "secrethub_secret" "db_username" { + path = "db/username" + data = "db-user" +} + +resource "aws_db_instance" "default" { + allocated_storage = 10 + storage_type = "gp2" + engine = "mysql" + engine_version = "5.7" + instance_class = "db.t2.micro" + name = "mydb" + username = "${secrethub_secret.db_username.data}" + password = "${secrethub_secret.db_password.data}" + parameter_group_name = "default.mysql5.7" +} +``` + +Have a look at the [reference docs](/website/docs) for more information on the supported resources and data sources. + +Have a look at the [examples](/examples) for more practical use-cases. + +## Development + +### Building + +Go get the source code: + +``` +go get -u https://github.com/keylockerbv/terraform-provider-secrethub +``` + +Build it using: + +``` +make build +``` + +### Testing + +To run the [acceptance tests](https://www.terraform.io/docs/extend/testing/acceptance-tests/index.html), the following environment variables need to be setup. + +* `SECRETHUB_CREDENTIAL` - +* `SECRETHUB_TF_ACC_NAMESPACE` - a namespace registered on SecretHub. Make sure `SECRETHUB_CREDENTIAL` has admin access. +* `SECRETHUB_TF_ACC_REPOSITORY` - a repository within `SECRETHUB_TF_ACC_NAMESPACE` to be used by the acceptance tests. Make sure `SECRETHUB_CREDENTIAL` has admin access. + +With the environment variables properly set up, run: + +``` +make testacc +``` From c8a3e5a515c4f1992d78572f78cffd731b0cfbee Mon Sep 17 00:00:00 2001 From: florisvdg Date: Thu, 7 Mar 2019 13:55:15 +0100 Subject: [PATCH 28/63] README layout --- README.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index ec8a969..ab6c019 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,4 @@ # Terraform SecretHub Provider -====== > [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. @@ -8,9 +7,9 @@ The Terraform SecretHub Provider lets you manage your secrets using Terraform.

- Terraform + Terraform - SecretHub + SecretHub

From ae0fe2d7486a9997cdf76acb822b9bdf13e45153 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 7 Mar 2019 14:07:48 +0100 Subject: [PATCH 29/63] README tests notes --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index ab6c019..18a1177 100644 --- a/README.md +++ b/README.md @@ -77,11 +77,11 @@ make build ### Testing -To run the [acceptance tests](https://www.terraform.io/docs/extend/testing/acceptance-tests/index.html), the following environment variables need to be setup. +To run the [acceptance tests](https://www.terraform.io/docs/extend/testing/acceptance-tests/index.html), the following environment variables need to be set up. -* `SECRETHUB_CREDENTIAL` - +* `SECRETHUB_CREDENTIAL` - a SecretHub credential. * `SECRETHUB_TF_ACC_NAMESPACE` - a namespace registered on SecretHub. Make sure `SECRETHUB_CREDENTIAL` has admin access. -* `SECRETHUB_TF_ACC_REPOSITORY` - a repository within `SECRETHUB_TF_ACC_NAMESPACE` to be used by the acceptance tests. Make sure `SECRETHUB_CREDENTIAL` has admin access. +* `SECRETHUB_TF_ACC_REPOSITORY` - a repository within `SECRETHUB_TF_ACC_NAMESPACE` to be used in the acceptance tests. Make sure `SECRETHUB_CREDENTIAL` has admin access. With the environment variables properly set up, run: From cc66930efcda9fc3356b2db8d2cef60c6cbf8fe4 Mon Sep 17 00:00:00 2001 From: florisvdg Date: Thu, 7 Mar 2019 15:35:01 +0100 Subject: [PATCH 30/63] Simpler provider config in README example --- README.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 18a1177..c6cfad8 100644 --- a/README.md +++ b/README.md @@ -24,12 +24,11 @@ Afterwards, you can use `terraform init` as you would normally. ```hcl provider "secrethub" { # pass in credential or set SECRETHUB_CREDENTIAL enviroment variable - credential = "${file("~/.secrethub/credential")}" - path_prefix = "my-org/my-repo" + credential = "${file("~/.secrethub/credential")}" } resource "secrethub_secret" "db_password" { - path = "db/password" + path = "my-org/my-repo/db/password" generate { length = 22 From d9a91f1d190ba7c126ff2dcd82a529ae708de4a9 Mon Sep 17 00:00:00 2001 From: florisvdg Date: Thu, 7 Mar 2019 17:23:55 +0100 Subject: [PATCH 31/63] Fixed README example --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c6cfad8..9d4b0ca 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ resource "secrethub_secret" "db_password" { } resource "secrethub_secret" "db_username" { - path = "db/username" + path = "my-org/my-repo/db/username" data = "db-user" } From 7f6e4c471e75daaa252d229713cce62c1c6bea13 Mon Sep 17 00:00:00 2001 From: florisvdg Date: Fri, 8 Mar 2019 09:21:28 +0100 Subject: [PATCH 32/63] Using svg logo in README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9d4b0ca..4c1278f 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ The Terraform SecretHub Provider lets you manage your secrets using Terraform.

Terraform - SecretHub + SecretHub

From 8df42f88971d76588a6df54e1aa946bb21f4c8f1 Mon Sep 17 00:00:00 2001 From: florisvdg Date: Sun, 10 Mar 2019 20:16:15 +0100 Subject: [PATCH 33/63] Build from source instructions using git clone instead of go get --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4c1278f..80c2ff1 100644 --- a/README.md +++ b/README.md @@ -62,10 +62,12 @@ Have a look at the [examples](/examples) for more practical use-cases. ### Building -Go get the source code: +Get the source code: ``` -go get -u https://github.com/keylockerbv/terraform-provider-secrethub +mkdir -p $GOPATH/src/github.com/keylockerbv +cd $GOPATH/src/github.com/keylockerbv +git clone https://github.com/keylockerbv/terraform-provider-secrethub ``` Build it using: From 4cccf0347e35ad50db018eeb5d71ea0c1c40c2ff Mon Sep 17 00:00:00 2001 From: florisvdg Date: Mon, 11 Mar 2019 13:59:00 +0100 Subject: [PATCH 34/63] Added beta note to README --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 80c2ff1..7e8e182 100644 --- a/README.md +++ b/README.md @@ -58,6 +58,10 @@ Have a look at the [reference docs](/website/docs) for more information on the s Have a look at the [examples](/examples) for more practical use-cases. +## BETA + +This project is currently in beta. [Issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) are very much appreciated. + ## Development ### Building From 7d4066824cb57d157c9dd04f68e9dbcfdec07cee Mon Sep 17 00:00:00 2001 From: florisvdg Date: Mon, 11 Mar 2019 15:47:26 +0100 Subject: [PATCH 35/63] Added Discord invitation badge --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 7e8e182..39c2f6c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Terraform SecretHub Provider +[![](https://img.shields.io/badge/discord-SecretHub-blue.svg)](https://discord.gg/wcxV5RD) + > [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. The Terraform SecretHub Provider lets you manage your secrets using Terraform. From 978ead04ab2a22b97754db84f561df4d1cb47055 Mon Sep 17 00:00:00 2001 From: florisvdg Date: Mon, 11 Mar 2019 15:50:03 +0100 Subject: [PATCH 36/63] Added Discord url to beta note --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 39c2f6c..f1184a9 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,7 @@ Have a look at the [examples](/examples) for more practical use-cases. ## BETA -This project is currently in beta. [Issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) are very much appreciated. +This project is currently in beta. [Issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) are very much appreciated. For more high level discussions about the Terraform SecretHub integration as a whole, check out our [Discord](https://discord.gg/wcxV5RD). ## Development From 59af56a54f2e9a4ed4ae38ba194dc48983d3a3ab Mon Sep 17 00:00:00 2001 From: florisvdg Date: Mon, 11 Mar 2019 16:01:20 +0100 Subject: [PATCH 37/63] Discord invite logo branding --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f1184a9..7e3042e 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Terraform SecretHub Provider -[![](https://img.shields.io/badge/discord-SecretHub-blue.svg)](https://discord.gg/wcxV5RD) +[![](https://img.shields.io/badge/discord-SecretHub-7289da.svg?logo=discord)](https://discord.gg/wcxV5RD) > [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. @@ -62,7 +62,7 @@ Have a look at the [examples](/examples) for more practical use-cases. ## BETA -This project is currently in beta. [Issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) are very much appreciated. For more high level discussions about the Terraform SecretHub integration as a whole, check out our [Discord](https://discord.gg/wcxV5RD). +This project is currently in beta. [Issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) are very much appreciated. For more high level discussions about the Terraform SecretHub integration as a whole, check out our [Discord Discord](https://discord.gg/wcxV5RD). ## Development From 812b2205e14c00e6c3fe138d760823fc08f41817 Mon Sep 17 00:00:00 2001 From: Marc Mackenbach Date: Tue, 12 Mar 2019 11:26:25 +0100 Subject: [PATCH 38/63] improve BETA notice --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7e3042e..469aaaf 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Terraform SecretHub Provider +# Terraform SecretHub Provider [BETA](#beta) [![](https://img.shields.io/badge/discord-SecretHub-7289da.svg?logo=discord)](https://discord.gg/wcxV5RD) @@ -62,7 +62,9 @@ Have a look at the [examples](/examples) for more practical use-cases. ## BETA -This project is currently in beta. [Issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) are very much appreciated. For more high level discussions about the Terraform SecretHub integration as a whole, check out our [Discord Discord](https://discord.gg/wcxV5RD). +This project is currently in beta and we'd love your feedback! Check out the [issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) and feel free suggest cool ideas, use cases, or improvements. + +For support, send us a message on the `#terraform` channel on [Discord Discord](https://discord.gg/wcxV5RD) or send an email to [terraform@secrethub.io](mailto:terraform@secrethub.io) ## Development From 5caf86e5b5fdb66acf1a9dfe072667467ebb7adf Mon Sep 17 00:00:00 2001 From: Marc Mackenbach Date: Tue, 12 Mar 2019 11:30:35 +0100 Subject: [PATCH 39/63] add notice about changes and PRs --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 469aaaf..f7e9119 100644 --- a/README.md +++ b/README.md @@ -64,6 +64,8 @@ Have a look at the [examples](/examples) for more practical use-cases. This project is currently in beta and we'd love your feedback! Check out the [issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) and feel free suggest cool ideas, use cases, or improvements. +Because it's still in beta, you can expect to see some changes introduced. Pull requests are very welcome. + For support, send us a message on the `#terraform` channel on [Discord Discord](https://discord.gg/wcxV5RD) or send an email to [terraform@secrethub.io](mailto:terraform@secrethub.io) ## Development From 75412c40004c082941949bac6aca3d03e80dc570 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Tue, 19 Mar 2019 15:18:46 +0100 Subject: [PATCH 40/63] Passphrase default from environment variable --- secrethub/provider.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/secrethub/provider.go b/secrethub/provider.go index 22306f4..1f45257 100644 --- a/secrethub/provider.go +++ b/secrethub/provider.go @@ -19,7 +19,8 @@ func Provider() terraform.ResourceProvider { "credential_passphrase": { Type: schema.TypeString, Optional: true, - Description: "Passphrase to unlock the authentication passed in `credential`.", + DefaultFunc: schema.EnvDefaultFunc("SECRETHUB_CREDENTIAL_PASSPHRASE", nil), + Description: "Passphrase to unlock the authentication passed in `credential`. Can also be sourced from SECRETHUB_CREDENTIAL_PASSPHRASE.", }, "path_prefix": { Type: schema.TypeString, From d09aefa160cd576d777ace886e3975166ac9c384 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 28 Mar 2019 12:37:51 +0100 Subject: [PATCH 41/63] Add secret resource importer --- secrethub/resource_secret.go | 33 ++++++++++++++++++++++++++++++- secrethub/resource_secret_test.go | 24 ++++++++++++++++++++++ 2 files changed, 56 insertions(+), 1 deletion(-) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 6d3e876..58b3786 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -5,6 +5,7 @@ import ( "strings" "github.com/hashicorp/terraform/helper/schema" + "github.com/secrethub/secrethub-go/internals/api" "github.com/secrethub/secrethub-go/pkg/randchar" ) @@ -14,6 +15,9 @@ func resourceSecret() *schema.Resource { Read: resourceSecretRead, Update: resourceSecretUpdate, Delete: resourceSecretDelete, + Importer: &schema.ResourceImporter{ + State: resourceSecretImport, + }, Schema: map[string]*schema.Schema{ "path": { Type: schema.TypeString, @@ -143,6 +147,29 @@ func resourceSecretDelete(d *schema.ResourceData, m interface{}) error { return nil } +func resourceSecretImport(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) { + path := d.Id() + + provider := m.(providerMeta) + if provider.pathPrefix != "" && !strings.HasPrefix(path, provider.pathPrefix) { + return nil, fmt.Errorf("secret import path must be absolute") + } + + err := api.ValidateSecretPath(path) + if err != nil { + return nil, err + } + + if provider.pathPrefix != "" { + relativePath := strings.TrimPrefix(path, provider.pathPrefix) + path = trimPathComponent(relativePath) + } + + d.Set("path", path) + + return []*schema.ResourceData{d}, nil +} + // getSecretPath finds the full path of a secret, combining the specified path with the provider's path prefix func getSecretPath(d *schema.ResourceData, provider *providerMeta) string { prefix := d.Get("path_prefix").(string) @@ -160,10 +187,14 @@ const pathSeparator = "/" func newCompoundSecretPath(components ...string) string { var processed []string for _, c := range components { - trimmed := strings.Trim(c, pathSeparator) + trimmed := trimPathComponent(c) if trimmed != "" { processed = append(processed, trimmed) } } return strings.Join(processed, pathSeparator) } + +func trimPathComponent(c string) string { + return strings.Trim(c, pathSeparator) +} diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index 972085e..7e50044 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -137,6 +137,30 @@ func TestAccResourceSecret_generate(t *testing.T) { }) } +func TestAccResourceSecret_import(t *testing.T) { + config := fmt.Sprintf(` + resource "secrethub_secret" "%v" { + path = "%v" + data = "secretpassword" + } + `, testAcc.secretName, testAcc.path) + + resource.Test(t, resource.TestCase{ + PreCheck: testAccPreCheck(t), + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: config, + }, + { + ResourceName: fmt.Sprintf("secrethub_secret.%v", testAcc.secretName), + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func getSecretResourceState(s *terraform.State, values *testAccValues) (*terraform.InstanceState, error) { resourceState := s.Modules[0].Resources[fmt.Sprintf("secrethub_secret.%v", values.secretName)] if resourceState == nil { From 27ea3b2df3ef5e7d17f1b0720ae5b162876bf562 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 28 Mar 2019 13:00:53 +0100 Subject: [PATCH 42/63] Detect secret external deletion --- secrethub/resource_secret.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 6d3e876..6685a3b 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -110,13 +110,18 @@ func resourceSecretRead(d *schema.ResourceData, m interface{}) error { path := d.Id() remote, err := client.Secrets().Get(path) + if err == api.ErrSecretNotFound { + // The secret was deleted outside of the current Terraform workspace, so invalidate this resource + d.SetId("") + return nil + } if err != nil { return err } prev := d.Get("version") if prev != remote.LatestVersion { - // The secret has been updated outside of the current terraform scope, so the new secret version has to be fetched + // The secret has been updated outside of the current Terraform workspace, so the new secret version has to be fetched updated, err := client.Secrets().Versions().GetWithData(path) if err != nil { return err From fd566f6c4e86694adb01e3aa171f712ed41c5d69 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Thu, 28 Mar 2019 13:05:15 +0100 Subject: [PATCH 43/63] Fix import --- secrethub/resource_secret.go | 1 + 1 file changed, 1 insertion(+) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 6685a3b..2aaf706 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -5,6 +5,7 @@ import ( "strings" "github.com/hashicorp/terraform/helper/schema" + "github.com/secrethub/secrethub-go/internals/api" "github.com/secrethub/secrethub-go/pkg/randchar" ) From b5bafb6a4eb4ce6beafc2ff2e58adea0795848d2 Mon Sep 17 00:00:00 2001 From: Floris van der Grinten Date: Mon, 1 Apr 2019 13:40:09 +0200 Subject: [PATCH 44/63] Add acceptance test for external delete detection --- secrethub/provider_test.go | 5 +++++ secrethub/resource_secret_test.go | 28 ++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/secrethub/provider_test.go b/secrethub/provider_test.go index ccc9b1f..4dbdf9a 100644 --- a/secrethub/provider_test.go +++ b/secrethub/provider_test.go @@ -7,6 +7,7 @@ import ( "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/terraform" + "github.com/secrethub/secrethub-go/pkg/secrethub" ) const ( @@ -49,6 +50,10 @@ func init() { testAcc.path = newCompoundSecretPath(testAcc.namespace, testAcc.repository, testAcc.secretName) } +func client() secrethub.Client { + return *testAccProvider.Meta().(providerMeta).client +} + func testAccPreCheck(t *testing.T) func() { return func() { err := testAcc.validate() diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index 972085e..04279b4 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -137,6 +137,34 @@ func TestAccResourceSecret_generate(t *testing.T) { }) } +func TestAccResourceSecret_deleteDetection(t *testing.T) { + config := fmt.Sprintf(` + resource "secrethub_secret" "%v" { + path = "%v" + data = "secretpassword" + } + `, testAcc.secretName, testAcc.path) + + resource.Test(t, resource.TestCase{ + Providers: testAccProviders, + PreCheck: testAccPreCheck(t), + Steps: []resource.TestStep{ + { + Config: config, + }, + { + PreConfig: func() { + // Delete secret outside of Terraform workspace + client().Secrets().Delete(testAcc.path) + }, + Config: config, + PlanOnly: true, + ExpectNonEmptyPlan: true, // The externally deleted secrethub_secret should be planned in for recreation + }, + }, + }) +} + func getSecretResourceState(s *terraform.State, values *testAccValues) (*terraform.InstanceState, error) { resourceState := s.Modules[0].Resources[fmt.Sprintf("secrethub_secret.%v", values.secretName)] if resourceState == nil { From c00c91b0558d03b5e8ee0ea76c82df721e634aaf Mon Sep 17 00:00:00 2001 From: florisvdg Date: Thu, 4 Apr 2019 15:38:50 +0200 Subject: [PATCH 45/63] Redesign README Discord shield --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f7e9119..a924aa6 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Terraform SecretHub Provider [BETA](#beta) -[![](https://img.shields.io/badge/discord-SecretHub-7289da.svg?logo=discord)](https://discord.gg/wcxV5RD) +[![](https://img.shields.io/badge/chat%20on-discord-7289da.svg?logo=discord)](https://discord.gg/wcxV5RD) > [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. From 77a18019648d3503fbc2712c9791528034e02e74 Mon Sep 17 00:00:00 2001 From: florisvdg Date: Thu, 4 Apr 2019 15:42:08 +0200 Subject: [PATCH 46/63] Fix Discord shield text --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a924aa6..a4c62fb 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Terraform SecretHub Provider [BETA](#beta) -[![](https://img.shields.io/badge/chat%20on-discord-7289da.svg?logo=discord)](https://discord.gg/wcxV5RD) +[![](https://img.shields.io/badge/chat-on%20discord-7289da.svg?logo=discord)](https://discord.gg/wcxV5RD) > [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. From 8567d6825dffd43e8f7c06cafb676822fd04d42a Mon Sep 17 00:00:00 2001 From: florisvdg Date: Thu, 4 Apr 2019 16:00:45 +0200 Subject: [PATCH 47/63] Update README heading --- README.md | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index a4c62fb..e9b2f3e 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,22 @@ -# Terraform SecretHub Provider [BETA](#beta) +

+ + Terraform + + + + SecretHub + +

+

+ ProviderBETA +

[![](https://img.shields.io/badge/chat-on%20discord-7289da.svg?logo=discord)](https://discord.gg/wcxV5RD) -> [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. - The Terraform SecretHub Provider lets you manage your secrets using Terraform. +> [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. +

From 6f2b34efd84696c99a53295df99fea7b07fc2eb7 Mon Sep 17 00:00:00 2001 From: florisvdg Date: Thu, 4 Apr 2019 16:53:32 +0200 Subject: [PATCH 48/63] Remove redundant logo's in README --- README.md | 9 --------- 1 file changed, 9 deletions(-) diff --git a/README.md b/README.md index e9b2f3e..d31ed38 100644 --- a/README.md +++ b/README.md @@ -17,15 +17,6 @@ The Terraform SecretHub Provider lets you manage your secrets using Terraform. > [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. -
- -

- Terraform - - SecretHub -

- - ## Installation Download and extract the [latest release](https://github.com/keylockerbv/terraform-provider-secrethub/releases/latest) of the Terraform SecretHub Provider and move it to your [Terraform plugin directory](https://www.terraform.io/docs/configuration/providers.html#third-party-plugins) (`~/.terraform.d/plugins/`, or `%APPDATA%\terraform.d\plugins` on Windows). From ad947ccb1ad885f0c186921ae2e6f192421fd7fb Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Mon, 29 Apr 2019 09:52:18 +0200 Subject: [PATCH 49/63] Move to github.com/secrethub/terraform-provider-secrethub --- README.md | 6 +++--- go.mod | 2 +- main.go | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index d31ed38..bbba98f 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ The Terraform SecretHub Provider lets you manage your secrets using Terraform. ## Installation -Download and extract the [latest release](https://github.com/keylockerbv/terraform-provider-secrethub/releases/latest) of the Terraform SecretHub Provider and move it to your [Terraform plugin directory](https://www.terraform.io/docs/configuration/providers.html#third-party-plugins) (`~/.terraform.d/plugins/`, or `%APPDATA%\terraform.d\plugins` on Windows). +Download and extract the [latest release](https://github.com/secrethub/terraform-provider-secrethub/releases/latest) of the Terraform SecretHub Provider and move it to your [Terraform plugin directory](https://www.terraform.io/docs/configuration/providers.html#third-party-plugins) (`~/.terraform.d/plugins/`, or `%APPDATA%\terraform.d\plugins` on Windows). Afterwards, you can use `terraform init` as you would normally. @@ -64,7 +64,7 @@ Have a look at the [examples](/examples) for more practical use-cases. ## BETA -This project is currently in beta and we'd love your feedback! Check out the [issues](https://github.com/keylockerbv/terraform-provider-secrethub/issues) and feel free suggest cool ideas, use cases, or improvements. +This project is currently in beta and we'd love your feedback! Check out the [issues](https://github.com/secrethub/terraform-provider-secrethub/issues) and feel free suggest cool ideas, use cases, or improvements. Because it's still in beta, you can expect to see some changes introduced. Pull requests are very welcome. @@ -79,7 +79,7 @@ Get the source code: ``` mkdir -p $GOPATH/src/github.com/keylockerbv cd $GOPATH/src/github.com/keylockerbv -git clone https://github.com/keylockerbv/terraform-provider-secrethub +git clone https://github.com/secrethub/terraform-provider-secrethub ``` Build it using: diff --git a/go.mod b/go.mod index 05eaa9c..2c16169 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/keylockerbv/terraform-provider-secrethub +module github.com/secrethub/terraform-provider-secrethub require ( github.com/apparentlymart/go-cidr v1.0.0 // indirect diff --git a/main.go b/main.go index 4cd850f..0b86929 100644 --- a/main.go +++ b/main.go @@ -3,7 +3,7 @@ package main import ( "github.com/hashicorp/terraform/plugin" "github.com/hashicorp/terraform/terraform" - "github.com/keylockerbv/terraform-provider-secrethub/secrethub" + "github.com/secrethub/terraform-provider-secrethub/secrethub" ) func main() { From 40d6dfe159423d2aebeb311a13dac549b6ecf1e9 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Mon, 29 Apr 2019 17:49:53 +0200 Subject: [PATCH 50/63] Use .zip format for Windows releases --- .goreleaser.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.goreleaser.yml b/.goreleaser.yml index 2e3b65b..576a1a9 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -16,6 +16,9 @@ archive: replacements: amd64: 64-bit darwin: macOS + format_overrides: + - goos: windows + format: zip files: # Only archive the binary - none* From a23b1d394065745f6a31f6cdd2cdf95a454d03d3 Mon Sep 17 00:00:00 2001 From: florisvdg Date: Mon, 29 Apr 2019 17:50:22 +0200 Subject: [PATCH 51/63] Rename secret symbols flag to use_symbols --- README.md | 2 +- secrethub/resource_secret.go | 6 +++--- secrethub/resource_secret_test.go | 4 ++-- website/docs/r/secrethub_secret.html.markdown | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index d31ed38..304cecf 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ resource "secrethub_secret" "db_password" { generate { length = 22 - symbols = true + use_symbols = true } } diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index a9d3f61..ec7db09 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -55,7 +55,7 @@ func resourceSecret() *schema.Resource { Required: true, Description: "The length of the secret to generate.", }, - "symbols": { + "use_symbols": { Type: schema.TypeBool, Optional: true, Description: "Whether the secret should contain symbols.", @@ -84,10 +84,10 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { if len(generateList) > 0 { settings := generateList[0].(map[string]interface{}) - symbols := settings["symbols"].(bool) + useSymbols := settings["use_symbols"].(bool) length := settings["length"].(int) var err error - data, err = randchar.NewGenerator(symbols).Generate(length) + data, err = randchar.NewGenerator(useSymbols).Generate(length) if err != nil { return err } diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index 388938f..6988ac1 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -90,7 +90,7 @@ func TestAccResourceSecret_generate(t *testing.T) { path = "%v" generate { length = 16 - symbols = true + use_symbols = true } } `, testAcc.secretName, testAcc.path) @@ -100,7 +100,7 @@ func TestAccResourceSecret_generate(t *testing.T) { path = "%v" generate { length = 32 - symbols = true + use_symbols = true } } `, testAcc.secretName, testAcc.path) diff --git a/website/docs/r/secrethub_secret.html.markdown b/website/docs/r/secrethub_secret.html.markdown index 7d1df1d..a9b1518 100644 --- a/website/docs/r/secrethub_secret.html.markdown +++ b/website/docs/r/secrethub_secret.html.markdown @@ -28,7 +28,7 @@ resource "secrethub_secret" "db_password" { path = "my_org/my_repo/db_password" generate { length = 20 - symbols = true + use_symbols = true } } ``` @@ -45,7 +45,7 @@ The following arguments are supported: Nested `generate` blocks have the following structure: * `length` - (Required) The length of the secret to generate. -* `symbols` - (Optional) Whether the secret should contain symbols. +* `use_symbols` - (Optional) Whether the secret should contain symbols. ## Attributes Reference From 23faffa7018cade1e67335afb0e878468b6eda3e Mon Sep 17 00:00:00 2001 From: florisvdg Date: Mon, 29 Apr 2019 17:58:23 +0200 Subject: [PATCH 52/63] Rename secret data field to value --- README.md | 6 ++-- examples/rds.tf | 8 +++--- secrethub/data_source_secret.go | 4 +-- secrethub/data_source_secret_test.go | 16 +++++------ secrethub/resource_secret.go | 28 +++++++++---------- secrethub/resource_secret_test.go | 18 ++++++------ website/docs/d/secrethub_secret.html.markdown | 2 +- website/docs/index.html.markdown | 2 +- website/docs/r/secrethub_secret.html.markdown | 6 ++-- 9 files changed, 45 insertions(+), 45 deletions(-) diff --git a/README.md b/README.md index 304cecf..e5bfd8f 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ resource "secrethub_secret" "db_password" { resource "secrethub_secret" "db_username" { path = "my-org/my-repo/db/username" - data = "db-user" + value = "db-user" } resource "aws_db_instance" "default" { @@ -52,8 +52,8 @@ resource "aws_db_instance" "default" { engine_version = "5.7" instance_class = "db.t2.micro" name = "mydb" - username = "${secrethub_secret.db_username.data}" - password = "${secrethub_secret.db_password.data}" + username = "${secrethub_secret.db_username.value}" + password = "${secrethub_secret.db_password.value}" parameter_group_name = "default.mysql5.7" } ``` diff --git a/examples/rds.tf b/examples/rds.tf index 161a58e..08768b9 100644 --- a/examples/rds.tf +++ b/examples/rds.tf @@ -26,13 +26,13 @@ resource "secrethub_secret" "db_password" { generate { length = 22 - symbols = true + use_symbols = true } } resource "secrethub_secret" "db_username" { path = "db/username" - data = "db-user" + value = "db-user" } resource "aws_db_instance" "default" { @@ -42,7 +42,7 @@ resource "aws_db_instance" "default" { engine_version = "5.7" instance_class = "db.t2.micro" name = "mydb" - username = "${secrethub_secret.db_username.data}" - password = "${secrethub_secret.db_password.data}" + username = "${secrethub_secret.db_username.value}" + password = "${secrethub_secret.db_password.value}" parameter_group_name = "default.mysql5.7" } diff --git a/secrethub/data_source_secret.go b/secrethub/data_source_secret.go index 9e82dc3..58a2994 100644 --- a/secrethub/data_source_secret.go +++ b/secrethub/data_source_secret.go @@ -23,7 +23,7 @@ func dataSourceSecret() *schema.Resource { Computed: true, Description: "The version of the secret.", }, - "data": { + "value": { Type: schema.TypeString, Computed: true, Sensitive: true, @@ -44,7 +44,7 @@ func dataSourceSecretRead(d *schema.ResourceData, m interface{}) error { return err } - d.Set("data", string(secret.Data)) + d.Set("value", string(secret.Data)) d.Set("version", secret.Version) d.SetId(string(path)) diff --git a/secrethub/data_source_secret_test.go b/secrethub/data_source_secret_test.go index abd594c..0f4ba70 100644 --- a/secrethub/data_source_secret_test.go +++ b/secrethub/data_source_secret_test.go @@ -11,7 +11,7 @@ func TestAccDataSourceSecret_absPath(t *testing.T) { config := fmt.Sprintf(` resource "secrethub_secret" "%v" { path = "%v" - data = "secretpassword" + value = "secretpassword" } data "secrethub_secret" "%v" { @@ -33,7 +33,7 @@ func TestAccDataSourceSecret_absPath(t *testing.T) { ), resource.TestCheckResourceAttr( fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), - "data", + "value", "secretpassword", ), ), @@ -46,7 +46,7 @@ func TestAccDataSourceSecret_absPathVersioned(t *testing.T) { configInit := fmt.Sprintf(` resource "secrethub_secret" "%v" { path = "%v" - data = "secretpasswordv1" + value = "secretpasswordv1" } data "secrethub_secret" "%v" { @@ -57,7 +57,7 @@ func TestAccDataSourceSecret_absPathVersioned(t *testing.T) { configVersioned := fmt.Sprintf(` resource "secrethub_secret" "%v" { path = "%v" - data = "secretpasswordv2" + value = "secretpasswordv2" } data "secrethub_secret" "%v" { @@ -74,7 +74,7 @@ func TestAccDataSourceSecret_absPathVersioned(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr( fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), - "data", + "value", "secretpasswordv1", ), ), @@ -84,7 +84,7 @@ func TestAccDataSourceSecret_absPathVersioned(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr( fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), - "data", + "value", "secretpasswordv1", ), ), @@ -101,7 +101,7 @@ func TestAccDataSourceSecret_prefPath(t *testing.T) { resource "secrethub_secret" "%v" { path = "%v" - data = "secretpassword" + value = "secretpassword" } data "secrethub_secret" "%v" { @@ -118,7 +118,7 @@ func TestAccDataSourceSecret_prefPath(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr( fmt.Sprintf("data.secrethub_secret.%v", testAcc.secretName), - "data", + "value", "secretpassword", ), ), diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index ec7db09..0cc7585 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -34,20 +34,20 @@ func resourceSecret() *schema.Resource { Computed: true, Description: "The version of the secret.", }, - "data": { + "value": { Type: schema.TypeString, Computed: true, Optional: true, Sensitive: true, ConflictsWith: []string{"generate"}, - Description: "The secret contents. Either `data` or `generate` must be defined.", + Description: "The secret contents. Either `value` or `generate` must be defined.", }, "generate": { Type: schema.TypeList, Optional: true, MaxItems: 1, - Description: "Settings for autogenerating a secret. Either `data` or `generate` must be defined.", - ConflictsWith: []string{"data"}, + Description: "Settings for autogenerating a secret. Either `value` or `generate` must be defined.", + ConflictsWith: []string{"value"}, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "length": { @@ -71,15 +71,15 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { provider := m.(providerMeta) client := *provider.client - dataStr := d.Get("data").(string) + valueStr := d.Get("value").(string) generateList := d.Get("generate").([]interface{}) - if dataStr == "" && len(generateList) == 0 { - return fmt.Errorf("either 'data' or 'generate' must be specified") + if valueStr == "" && len(generateList) == 0 { + return fmt.Errorf("either 'value' or 'generate' must be specified") } - var data []byte - if dataStr != "" { - data = []byte(dataStr) + var value []byte + if valueStr != "" { + value = []byte(valueStr) } if len(generateList) > 0 { @@ -87,7 +87,7 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { useSymbols := settings["use_symbols"].(bool) length := settings["length"].(int) var err error - data, err = randchar.NewGenerator(useSymbols).Generate(length) + value, err = randchar.NewGenerator(useSymbols).Generate(length) if err != nil { return err } @@ -95,13 +95,13 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { path := getSecretPath(d, &provider) - res, err := client.Secrets().Write(path, data) + res, err := client.Secrets().Write(path, value) if err != nil { return err } d.SetId(string(path)) - d.Set("data", string(data)) + d.Set("value", string(value)) d.Set("version", res.Version) return resourceSecretRead(d, m) @@ -130,7 +130,7 @@ func resourceSecretRead(d *schema.ResourceData, m interface{}) error { if err != nil { return err } - d.Set("data", string(updated.Data)) + d.Set("value", string(updated.Data)) d.Set("version", updated.Version) } diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index 6988ac1..b2b6530 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -13,7 +13,7 @@ func TestAccResourceSecret_writeAbsPath(t *testing.T) { config := fmt.Sprintf(` resource "secrethub_secret" "%v" { path = "%v" - data = "secretpassword" + value = "secretpassword" } `, testAcc.secretName, testAcc.path) @@ -39,7 +39,7 @@ func TestAccResourceSecret_writePrefPath(t *testing.T) { resource "secrethub_secret" "%v" { path = "%v/%v" - data = "secretpassword" + value = "secretpassword" } `, testAcc.namespace, testAcc.secretName, testAcc.repository, testAcc.secretName) @@ -66,7 +66,7 @@ func TestAccResourceSecret_writePrefPathOverride(t *testing.T) { resource "secrethub_secret" "%v" { path_prefix = "%v" path = "%v/%v" - data = "secretpassword" + value = "secretpassword" } `, testAcc.secretName, testAcc.namespace, testAcc.repository, testAcc.secretName) @@ -113,8 +113,8 @@ func TestAccResourceSecret_generate(t *testing.T) { Config: configInit, Check: resource.ComposeTestCheckFunc( checkSecretResourceState(testAcc, func(s *terraform.InstanceState) error { - if len(s.Attributes["data"]) != 16 { - return fmt.Errorf("expected 'data' to contain a 16 char secret") + if len(s.Attributes["value"]) != 16 { + return fmt.Errorf("expected 'value' to contain a 16 char secret") } return nil }), @@ -125,8 +125,8 @@ func TestAccResourceSecret_generate(t *testing.T) { Config: configLengthUpdate, Check: resource.ComposeTestCheckFunc( checkSecretResourceState(testAcc, func(s *terraform.InstanceState) error { - if len(s.Attributes["data"]) != 32 { - return fmt.Errorf("expected 'data' to contain newly generated 32 char secret") + if len(s.Attributes["value"]) != 32 { + return fmt.Errorf("expected 'value' to contain newly generated 32 char secret") } return nil }), @@ -141,7 +141,7 @@ func TestAccResourceSecret_deleteDetection(t *testing.T) { config := fmt.Sprintf(` resource "secrethub_secret" "%v" { path = "%v" - data = "secretpassword" + value = "secretpassword" } `, testAcc.secretName, testAcc.path) @@ -169,7 +169,7 @@ func TestAccResourceSecret_import(t *testing.T) { config := fmt.Sprintf(` resource "secrethub_secret" "%v" { path = "%v" - data = "secretpassword" + value = "secretpassword" } `, testAcc.secretName, testAcc.path) diff --git a/website/docs/d/secrethub_secret.html.markdown b/website/docs/d/secrethub_secret.html.markdown index 0f1feab..45b09a6 100644 --- a/website/docs/d/secrethub_secret.html.markdown +++ b/website/docs/d/secrethub_secret.html.markdown @@ -27,5 +27,5 @@ data "secrethub_secret" "db_password" { In addition to all arguments above, the following attributes are exported: -* `data` - The secret contents. +* `value` - The secret contents. * `version` - The version of the secret. diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index 866da0d..d67a885 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -23,7 +23,7 @@ provider "secrethub" { resource "secrethub_secret" "db_password" { path = "db_password" - data = "mypassword" + value = "mypassword" } ``` diff --git a/website/docs/r/secrethub_secret.html.markdown b/website/docs/r/secrethub_secret.html.markdown index a9b1518..8f1acb5 100644 --- a/website/docs/r/secrethub_secret.html.markdown +++ b/website/docs/r/secrethub_secret.html.markdown @@ -17,7 +17,7 @@ To write a secret: ```hcl resource "secrethub_secret" "ssh_key" { path = "my_org/my_repo/ssh_key" - data = "${file("/path/to/ssh/key")}" + value = "${file("/path/to/ssh/key")}" } ``` @@ -39,8 +39,8 @@ The following arguments are supported: * `path` - (Required) The path where the secret will be stored. * `path_prefix` - (Optional) Overrides the `path_prefix` defined in the provider. -* `data` - (Optional) The secret contents. Either `data` or `generate` must be defined. -* `generate` - (Optional) Settings for autogenerating a secret. Either `data` or `generate` must be defined. +* `value` - (Optional) The secret contents. Either `value` or `generate` must be defined. +* `generate` - (Optional) Settings for autogenerating a secret. Either `value` or `generate` must be defined. Nested `generate` blocks have the following structure: From d7e078feb5cbadb991e16c74c6cebd153a601323 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Mon, 29 Apr 2019 18:28:13 +0200 Subject: [PATCH 53/63] Use terraform-provider-secrethub_vX.Y.Z as binary name This is the convention as documented here: https://www.terraform.io/docs/configuration/providers.html#plugin-names-and-versions --- .goreleaser.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 576a1a9..c6dd435 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,7 +1,7 @@ project_name: terraform-provider-secrethub builds: - - binary: "{{ .ProjectName }}" + - binary: "{{ .ProjectName }}_{{ .Tag }}" env: - CGO_ENABLED=0 goos: From c75ea04cb63425ef928f2f2af727cb853543e718 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Mon, 29 Apr 2019 20:49:35 +0200 Subject: [PATCH 54/63] Remove instructions for creating dir in GOPATH before cloning The recommended way to clone a go module is outside of the GOPATH. --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index bbba98f..7ab1791 100644 --- a/README.md +++ b/README.md @@ -77,8 +77,6 @@ For support, send us a message on the `#terraform` channel on [BETA -[![](https://img.shields.io/badge/chat-on%20discord-7289da.svg?logo=discord)](https://discord.gg/wcxV5RD) +[![CircleCI](https://circleci.com/gh/secrethub/terraform-provider-secrethub.svg)][circleci] +[![Go Report Card](https://goreportcard.com/badge/github.com/secrethub/terraform-provider-secrethub)][goreportcard] +[![Version]( https://img.shields.io/github/release/secrethub/terraform-provider-secrethub.svg)][latest-version] +[![Discord](https://img.shields.io/badge/chat-on%20discord-7289da.svg?logo=discord)][discord] The Terraform SecretHub Provider lets you manage your secrets using Terraform. @@ -101,3 +104,8 @@ With the environment variables properly set up, run: ``` make testacc ``` + +[circleci]: https://circleci.com/gh/secrethub/terraform-provider-secrethub +[discord]: https://discord.gg/wcxV5RD +[latest-version]: https://github.com/secrethub/terraform-provider-secrethub/releases/latest +[goreportcard]: https://goreportcard.com/report/github.com/secrethub/terraform-provider-secrethub From 524a87eb301c60b03b7b3e10e613a37d248a64ee Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 30 Apr 2019 12:23:37 +0200 Subject: [PATCH 56/63] Return the error of deleting a secret --- secrethub/resource_secret.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 0cc7585..4986d70 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -147,9 +147,7 @@ func resourceSecretDelete(d *schema.ResourceData, m interface{}) error { path := d.Id() - client.Secrets().Delete(path) - - return nil + return client.Secrets().Delete(path) } func resourceSecretImport(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) { From fa2f32967794df3ab057446062aa9343a6d6e7a0 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 30 Apr 2019 12:24:24 +0200 Subject: [PATCH 57/63] Assert no error is returned when deleting secret in the tests --- secrethub/resource_secret_test.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index b2b6530..f173cd1 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -5,6 +5,8 @@ import ( "reflect" "testing" + "github.com/secrethub/secrethub-go/internals/assert" + "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/terraform" ) @@ -155,7 +157,8 @@ func TestAccResourceSecret_deleteDetection(t *testing.T) { { PreConfig: func() { // Delete secret outside of Terraform workspace - client().Secrets().Delete(testAcc.path) + err := client().Secrets().Delete(testAcc.path) + assert.OK(t, err) }, Config: config, PlanOnly: true, From d4a1e0ead25e0b63bda47cb5847f7db16d56f185 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 30 Apr 2019 12:29:59 +0200 Subject: [PATCH 58/63] Check and return errors from d.Set --- secrethub/data_source_secret.go | 10 ++++++++-- secrethub/resource_secret.go | 25 ++++++++++++++++++++----- 2 files changed, 28 insertions(+), 7 deletions(-) diff --git a/secrethub/data_source_secret.go b/secrethub/data_source_secret.go index 58a2994..30ce252 100644 --- a/secrethub/data_source_secret.go +++ b/secrethub/data_source_secret.go @@ -44,8 +44,14 @@ func dataSourceSecretRead(d *schema.ResourceData, m interface{}) error { return err } - d.Set("value", string(secret.Data)) - d.Set("version", secret.Version) + err = d.Set("value", string(secret.Data)) + if err != nil { + return err + } + err = d.Set("version", secret.Version) + if err != nil { + return err + } d.SetId(string(path)) diff --git a/secrethub/resource_secret.go b/secrethub/resource_secret.go index 0cc7585..ef4f95d 100644 --- a/secrethub/resource_secret.go +++ b/secrethub/resource_secret.go @@ -101,8 +101,14 @@ func resourceSecretCreate(d *schema.ResourceData, m interface{}) error { } d.SetId(string(path)) - d.Set("value", string(value)) - d.Set("version", res.Version) + err = d.Set("value", string(value)) + if err != nil { + return err + } + err = d.Set("version", res.Version) + if err != nil { + return err + } return resourceSecretRead(d, m) } @@ -130,8 +136,14 @@ func resourceSecretRead(d *schema.ResourceData, m interface{}) error { if err != nil { return err } - d.Set("value", string(updated.Data)) - d.Set("version", updated.Version) + err = d.Set("value", string(updated.Data)) + if err != nil { + return err + } + err = d.Set("version", updated.Version) + if err != nil { + return err + } } return nil @@ -170,7 +182,10 @@ func resourceSecretImport(d *schema.ResourceData, m interface{}) ([]*schema.Reso path = trimPathComponent(relativePath) } - d.Set("path", path) + err = d.Set("path", path) + if err != nil { + return nil, err + } return []*schema.ResourceData{d}, nil } From 5ea9094c6829fee1ba4ac5259d42245d6da12c55 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 30 Apr 2019 12:31:59 +0200 Subject: [PATCH 59/63] Remove dead code --- secrethub/resource_secret_test.go | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/secrethub/resource_secret_test.go b/secrethub/resource_secret_test.go index b2b6530..14b318d 100644 --- a/secrethub/resource_secret_test.go +++ b/secrethub/resource_secret_test.go @@ -189,20 +189,6 @@ func TestAccResourceSecret_import(t *testing.T) { }) } -func getSecretResourceState(s *terraform.State, values *testAccValues) (*terraform.InstanceState, error) { - resourceState := s.Modules[0].Resources[fmt.Sprintf("secrethub_secret.%v", values.secretName)] - if resourceState == nil { - return nil, fmt.Errorf("resource '%v' not in tf state", values.secretName) - } - - state := resourceState.Primary - if state == nil { - return nil, fmt.Errorf("resource has no primary instance") - } - - return state, nil -} - func checkSecretExistsRemotely(values *testAccValues) resource.TestCheckFunc { return func(s *terraform.State) error { client := *testAccProvider.Meta().(providerMeta).client From ad85b60b88afd101c79e4a1c840633a78e07411b Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 30 Apr 2019 13:28:25 +0200 Subject: [PATCH 60/63] Add a godoc badge to the readme --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 2befc70..cc0bbf8 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ ProviderBETA +[![GoDoc](https://godoc.org/github.com/secrethub/terraform-provider-secrethub?status.svg)][godoc] [![CircleCI](https://circleci.com/gh/secrethub/terraform-provider-secrethub.svg)][circleci] [![Go Report Card](https://goreportcard.com/badge/github.com/secrethub/terraform-provider-secrethub)][goreportcard] [![Version]( https://img.shields.io/github/release/secrethub/terraform-provider-secrethub.svg)][latest-version] @@ -103,6 +104,7 @@ With the environment variables properly set up, run: make testacc ``` +[godoc]: https://godoc.org/github.com/secrethub/terraform-provider-secrethub [circleci]: https://circleci.com/gh/secrethub/terraform-provider-secrethub [discord]: https://discord.gg/wcxV5RD [latest-version]: https://github.com/secrethub/terraform-provider-secrethub/releases/latest From 9e07fc16b771f2abcccaf6a3a76f2b62592e96c4 Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 30 Apr 2019 14:50:15 +0200 Subject: [PATCH 61/63] Add get started section to the readme --- README.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index cc0bbf8..2cd0f28 100644 --- a/README.md +++ b/README.md @@ -21,12 +21,6 @@ The Terraform SecretHub Provider lets you manage your secrets using Terraform. > [SecretHub](https://secrethub.io) is a developer tool to help you keep database passwords, API tokens, and other secrets out of IT automation scripts. -## Installation - -Download and extract the [latest release](https://github.com/secrethub/terraform-provider-secrethub/releases/latest) of the Terraform SecretHub Provider and move it to your [Terraform plugin directory](https://www.terraform.io/docs/configuration/providers.html#third-party-plugins) (`~/.terraform.d/plugins/`, or `%APPDATA%\terraform.d\plugins` on Windows). - -Afterwards, you can use `terraform init` as you would normally. - ## Usage ```hcl @@ -64,11 +58,16 @@ resource "aws_db_instance" "default" { Have a look at the [reference docs](/website/docs) for more information on the supported resources and data sources. -Have a look at the [examples](/examples) for more practical use-cases. +## [Get Started]((https://secrethub.io/docs/terraform/)) + +Check out the [step-by-step integration guide](https://secrethub.io/docs/terraform/) to get started. + +A detailed use case is described in the [beta announcement](https://secrethub.io/blog/secret-management-for-terraform/). +There are also some [examples](/examples) in this repo. ## BETA -This project is currently in beta and we'd love your feedback! Check out the [issues](https://github.com/secrethub/terraform-provider-secrethub/issues) and feel free suggest cool ideas, use cases, or improvements. +This project is [currently in beta](https://secrethub.io/blog/secret-management-for-terraform/) and we'd love your feedback! Check out the [issues](https://github.com/secrethub/terraform-provider-secrethub/issues) and feel free suggest cool ideas, use cases, or improvements. Because it's still in beta, you can expect to see some changes introduced. Pull requests are very welcome. From affd33c1092c66aaa618d152ba54d9e7f3a1c16e Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 30 Apr 2019 15:03:23 +0200 Subject: [PATCH 62/63] Update secrethub-go --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 2c16169..84693fc 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/mitchellh/copystructure v1.0.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/hashstructure v1.0.0 // indirect - github.com/secrethub/secrethub-go v0.17.0 + github.com/secrethub/secrethub-go v0.18.0 github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f // indirect golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 // indirect ) diff --git a/go.sum b/go.sum index 05eeb76..d2504e9 100644 --- a/go.sum +++ b/go.sum @@ -131,8 +131,8 @@ github.com/posener/complete v1.1.1 h1:ccV59UEOTzVDnDUEFdT95ZzHVZ+5+158q8+SJb2QV5 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/secrethub/secrethub-go v0.17.0 h1:AlRbFlLofhzY7Onv1QRI0u0iB4UTr8PCrNW5rnvsiHE= -github.com/secrethub/secrethub-go v0.17.0/go.mod h1:gqrxdTNcVowCy/Bo49Y+7En12aV24wnoG3ktUF9xW/k= +github.com/secrethub/secrethub-go v0.18.0 h1:6Jm3d/UjaWgOoduZX9S1MjiXG+zyVsxkpQ5RxLRucRs= +github.com/secrethub/secrethub-go v0.18.0/go.mod h1:gqrxdTNcVowCy/Bo49Y+7En12aV24wnoG3ktUF9xW/k= github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= From fec57f9cdbbab66740710442fc265a2a1802282b Mon Sep 17 00:00:00 2001 From: Simon Barendse Date: Tue, 30 Apr 2019 15:15:39 +0200 Subject: [PATCH 63/63] Update Terraform to v0.11.13 --- go.mod | 19 +--- go.sum | 303 ++++++++++++++++++++++++++++++++++----------------------- 2 files changed, 181 insertions(+), 141 deletions(-) diff --git a/go.mod b/go.mod index 84693fc..846cd21 100644 --- a/go.mod +++ b/go.mod @@ -1,23 +1,6 @@ module github.com/secrethub/terraform-provider-secrethub require ( - github.com/apparentlymart/go-cidr v1.0.0 // indirect - github.com/blang/semver v3.5.1+incompatible // indirect - github.com/hashicorp/go-getter v1.0.1 // indirect - github.com/hashicorp/go-hclog v0.0.0-20190109152822-4783caec6f2e // indirect - github.com/hashicorp/go-plugin v0.0.0-20190129155509-362c99b11937 // indirect - github.com/hashicorp/go-uuid v1.0.1 // indirect - github.com/hashicorp/go-version v1.1.0 // indirect - github.com/hashicorp/hcl v1.0.0 // indirect - github.com/hashicorp/hcl2 v0.0.0-20190130225218-89dbc5eb3d9e // indirect - github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952 // indirect - github.com/hashicorp/logutils v1.0.0 // indirect - github.com/hashicorp/terraform v0.11.11 - github.com/mitchellh/cli v1.0.0 // indirect - github.com/mitchellh/copystructure v1.0.0 // indirect - github.com/mitchellh/go-homedir v1.1.0 // indirect - github.com/mitchellh/hashstructure v1.0.0 // indirect + github.com/hashicorp/terraform v0.11.13 github.com/secrethub/secrethub-go v0.18.0 - github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f // indirect - golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 // indirect ) diff --git a/go.sum b/go.sum index d2504e9..5781399 100644 --- a/go.sum +++ b/go.sum @@ -1,90 +1,135 @@ bitbucket.org/zombiezen/cardcpx v0.0.0-20150417151802-902f68ff43ef h1:Y5Zf3CYdrdGE7GOuK/MNN98GS1V8mOfeiJlISrKUcEo= bitbucket.org/zombiezen/cardcpx v0.0.0-20150417151802-902f68ff43ef/go.mod h1:ZJR5FpaQx7Bt2bzIV3gBaCInI1+kG949WhNYYlRr8eA= +cloud.google.com/go v0.15.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/Azure/azure-sdk-for-go v10.3.0-beta+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/go-autorest v9.10.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-ntlmssp v0.0.0-20170803034930-c92175d54006/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= +github.com/ChrisTrenkamp/goxpath v0.0.0-20170625215350-4fe035839290/go.mod h1:nuWgzSkT5PnyOd+272uUmV0dnAnAn42Mk7PiQC5VzN4= +github.com/Unknwon/com v0.0.0-20151008135407-28b053d5a292/go.mod h1:KYCjqMOeHpNuTOiFQU6WEcTG7poCJrUs0YgyHNtn1no= +github.com/abdullin/seq v0.0.0-20160510034733-d5467c17e7af/go.mod h1:5Jv4cbFiHJMsVxt52+i0Ha45fjshj6wxYr1r19tB9bw= github.com/agext/levenshtein v1.2.1 h1:QmvMAjj2aEICytGiWzmxoE0x2KZvE0fvmqMOfy2tjT8= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= -github.com/apparentlymart/go-cidr v1.0.0 h1:lGDvXx8Lv9QHjrAVP7jyzleG4F9+FkRhJcEsDFxeb8w= -github.com/apparentlymart/go-cidr v1.0.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= -github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3 h1:ZSTrOEhiM5J5RFxEaFvMZVEAM1KvT1YzbEOwB2EAGjA= -github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= -github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= -github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310 h1:BUAU3CGlLvorLI26FmByPp2eC2qla6E1Tw+scpcg/to= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/agl/ed25519 v0.0.0-20150830182803-278e1ec8e8a6/go.mod h1:WPjqKcmVOxf0XSf3YxCJs6N6AOSrOx3obionmG7T0y0= +github.com/antchfx/xpath v0.0.0-20170728053731-b5c552e1acbd/go.mod h1:Yee4kTMuNiPYJ7nSNorELQMr1J33uOpXDMByNYhvtNk= +github.com/antchfx/xquery v0.0.0-20170730121040-eb8c3c172607/go.mod h1:LzD22aAzDP8/dyiCKFp31He4m2GPjl0AFyzDtZzUu9M= +github.com/apparentlymart/go-cidr v0.0.0-20170616213631-2bd8b58cf427 h1:2P/DTyNDU+7qJOB6E5KeIpdc3qcT9IYjyA8hZ9HGz50= +github.com/apparentlymart/go-cidr v0.0.0-20170616213631-2bd8b58cf427/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= +github.com/apparentlymart/go-textseg v0.0.0-20170531203952-b836f5c4d331 h1:AIKxo1t7QE7MAqADwrmzMiaFC+QfHfXOk8lrmibN5Lk= +github.com/apparentlymart/go-textseg v0.0.0-20170531203952-b836f5c4d331/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= +github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= +github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= +github.com/armon/go-radix v0.0.0-20160115234725-4239b77079c7 h1:MBXhrxjNkjdqJysfNbKMMPFNXlz6EzpOnPcsoYBeD3E= +github.com/armon/go-radix v0.0.0-20160115234725-4239b77079c7/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf h1:eg0MeVzsP1G42dRafH3vf+al2vQIJU0YHX+1Tw87oco= github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/aws/aws-sdk-go v1.15.78 h1:LaXy6lWR0YK7LKyuU0QWy2ws/LWTPfYV/UgfiBu4tvY= -github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= +github.com/aws/aws-sdk-go v1.14.31 h1:amhorvKh1zNxo9YCntvA5uDmgw+pCYXOp4xO8WS1oDg= +github.com/aws/aws-sdk-go v1.14.31/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= +github.com/beevik/etree v0.0.0-20171015221209-af219c0c7ea1/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= -github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= -github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/bsm/go-vlq v0.0.0-20150828105119-ec6e8d4f5f4e/go.mod h1:N+BjUcTjSxc2mtRGSCPsat1kze3CUtvJN3/jTXlp29k= +github.com/bgentry/speakeasy v0.0.0-20161015143505-675b82c74c0e h1:giZ2nnSSH4ntzmoNPwdncPXXA2nWdlO7NiebK0gozNI= +github.com/bgentry/speakeasy v0.0.0-20161015143505-675b82c74c0e/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/blang/semver v0.0.0-20170202183821-4a1e882c79dc h1:J/iAaGTCZYfT/allw61NfW/CEoflFsNdhQJny4iLU+0= +github.com/blang/semver v0.0.0-20170202183821-4a1e882c79dc/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448 h1:8tNk6SPXzLDnATTrWoI5Bgw9s/x4uf0kmBpk21NZgI4= github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4= -github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= +github.com/chzyer/logex v1.1.11-0.20160617073814-96a4d311aa9b/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20161106042343-c914be64f07d/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20160617131543-bea8f082b6fd/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/coreos/bbolt v1.3.1-coreos.1/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= +github.com/coreos/etcd v3.2.0-rc.1.0.20170908195435-80aa810309d4+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgrijalva/jwt-go v0.0.0-20160617170158-f0777076321a/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dnaeon/go-vcr v0.0.0-20170218072653-87d4990451a8/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= github.com/docker/go-units v0.3.3 h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk= github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/dylanmei/iso8601 v0.1.0/go.mod h1:w9KhXSgIyROl1DefbMYIE7UVSIvELTbMrCfx+QkYnoQ= +github.com/dylanmei/winrmtest v0.0.0-20170819153634-c2fbb09e6c08/go.mod h1:VBVDFSBXCIW8JaHQpI8lldSKfYaLMzP9oyq6IJ4fhzY= github.com/getsentry/raven-go v0.2.0 h1:no+xWJRb5ZI7eE8TWgIq1jLulQiIoLG0IfYxv5JYMGs= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-chi/chi v4.0.1+incompatible h1:RSRC5qmFPtO90t7pTL0DBMNpZFsb/sHF3RXVlDgFisA= github.com/go-chi/chi v4.0.1+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= +github.com/go-ini/ini v1.25.4 h1:Mujh4R/dH6YL8bxuISne3xX2+qcQ9p0IxKAP6ExWoUo= +github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-test/deep v1.0.1 h1:UQhStjbkDClarlmv0am7OXXO4/GaPdCGiUiMTvi28sg= github.com/go-test/deep v1.0.1/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/gogo/protobuf v0.0.0-20170307180453-100ba4e88506/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/google/go-cmp v0.2.0 h1:+dTQ8DZQJz0Mb/HjFlkptS1FeQ4cWSnN941F8aEG4SQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.1.1-0.20171002171727-8ebdfab36c66/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= -github.com/hashicorp/errwrap v0.0.0-20180715044906-d6c0cd880357/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= -github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/googleapis/gax-go v0.0.0-20161107002406-da06d194a00e/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= +github.com/gophercloud/gophercloud v0.0.0-20190208042652-bc37892e1968/go.mod h1:3WdhXV3rUYy9p6AUW8d94kr+HS62Y4VL9mBnFxsD8q4= +github.com/gophercloud/utils v0.0.0-20190128072930-fbb6ab446f01/go.mod h1:wjDF8z83zTeg5eMLml5EBSlAhbF7G8DobyI1YsMuyzw= +github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e h1:JKmoR8x90Iww1ks85zJ1lfDGgIiMDuIptTOhJq+zKyg= +github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/grpc-ecosystem/go-grpc-prometheus v0.0.0-20160910222444-6b7015e65d36/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/grpc-gateway v1.2.2/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= +github.com/hashicorp/atlas-go v0.0.0-20161107204910-1792bd8de119/go.mod h1:ckHDuH0pxfnmXZkq1niVSguIIV0pA65gifQv3so9llw= +github.com/hashicorp/consul v0.0.0-20171026175957-610f3c86a089/go.mod h1:mFrjN1mfidgJfYP1xrJCF+AfRhr6Eaqhb2+sfyn/OOI= +github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce h1:prjrVgOk2Yg6w+PflHoszQNLTUh4kaByUcEWM/9uin4= +github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de/go.mod h1:xIwEieBHERyEvaeKF/TcHh1Hu+lxPM+n2vT1+g9I4m4= github.com/hashicorp/go-cleanhttp v0.5.0 h1:wvCrVc9TjDls6+YGAF2hAifE1E5U1+b4tH6KdvN3Gig= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-getter v1.0.1 h1:WlFPjyPrd34KmTQMzSPA0pn9JpRsuHjHaRTx0VPzxYw= -github.com/hashicorp/go-getter v1.0.1/go.mod h1:tkKN/c6I/LRSXLOWZ8wa/VB0LfVrryHzk/B0aZLKZI0= -github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= -github.com/hashicorp/go-hclog v0.0.0-20190109152822-4783caec6f2e h1:SS6R03q1M5bxjbOL2JziQUUu7opiRocL4R2H5Y2I6rY= -github.com/hashicorp/go-hclog v0.0.0-20190109152822-4783caec6f2e/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= -github.com/hashicorp/go-multierror v0.0.0-20180717150148-3d5d8f294aa0/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= -github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/go-plugin v0.0.0-20190129155509-362c99b11937 h1:F3biNWiyQYD6ch5Y/Kua5DKZKH3R0NtCvnv+KhZei20= -github.com/hashicorp/go-plugin v0.0.0-20190129155509-362c99b11937/go.mod h1:++UyYGoz3o5w9ZzAdZxtQKrWWP+iqPBn3cQptSMzBuY= -github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= -github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= -github.com/hashicorp/go-uuid v1.0.1 h1:fv1ep09latC32wFoVwnqcnKJGnMSdBanPczbHAYm1BE= -github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-getter v0.0.0-20180327010114-90bb99a48d86 h1:hLYM35twiyKH44g36g+GFYODcrZQetEAY4+zrJtGea0= +github.com/hashicorp/go-getter v0.0.0-20180327010114-90bb99a48d86/go.mod h1:6rdJFnhkXnzGOJbvkrdv4t9nLwKcVA+tmbQeUlkIzrU= +github.com/hashicorp/go-hclog v0.0.0-20170716174523-b4e5765d1e5f h1:5onjUM14Pu2IrXp+iFQJYxswZoCn8PmSvVQ6IOic8uE= +github.com/hashicorp/go-hclog v0.0.0-20170716174523-b4e5765d1e5f/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= +github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= +github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= +github.com/hashicorp/go-multierror v0.0.0-20150916205742-d30f09973e19 h1:gb61U/o4ZJ6TRYvZqJUKYidIhJOEAvNyVMesryROxAY= +github.com/hashicorp/go-multierror v0.0.0-20150916205742-d30f09973e19/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= +github.com/hashicorp/go-plugin v0.0.0-20180125190438-e53f54cbf51e h1:v7Pi8dJoDS0h0BAyFll8mfbrBrXg2vtfPg+J0XnIibM= +github.com/hashicorp/go-plugin v0.0.0-20180125190438-e53f54cbf51e/go.mod h1:JSqWYsict+jzcj0+xElxyrBQRPNoiWQuddnxArJ7XHQ= +github.com/hashicorp/go-retryablehttp v0.5.1/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= +github.com/hashicorp/go-rootcerts v0.0.0-20160503143440-6bb64b370b90/go.mod h1:o4zcYY1e0GEZI6eSEr+43QDYmuGglw1qSO6qdHUHCgg= +github.com/hashicorp/go-safetemp v0.0.0-20180326211150-b1a1dbde6fdc h1:wAa9fGALVHfjYxZuXRnmuJG2CnwRpJYOTvY6YdErAh0= +github.com/hashicorp/go-safetemp v0.0.0-20180326211150-b1a1dbde6fdc/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= +github.com/hashicorp/go-slug v0.2.0/go.mod h1:+zDycQOzGqOqMW7Kn2fp9vz/NtqpMLQlgb9JUF+0km4= +github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= +github.com/hashicorp/go-tfe v0.3.11/go.mod h1:LHLchj07PCYgQqcyE5Sz+g4zrMNW+nALKbiSNTZedEs= +github.com/hashicorp/go-uuid v1.0.0 h1:RS8zrF7PhGwyNPOtxSClXXj9HA8feRnJzgnI1RJCSnM= +github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-version v1.0.0 h1:21MVWPKDphxa7ineQQTrCU5brh7OuVVAzGOCnnCPtE8= github.com/hashicorp/go-version v1.0.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.1.0 h1:bPIoEKD27tNdebFGGxxYwcL4nepeY4j1QP23PFRGzg0= -github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/hcl2 v0.0.0-20190130225218-89dbc5eb3d9e h1:wcDATcjAY0ebgNtuyt00GxJll5fCChrevvrIdguzhQQ= -github.com/hashicorp/hcl2 v0.0.0-20190130225218-89dbc5eb3d9e/go.mod h1:HtEzazM5AZ9fviNEof8QZB4T1Vz9UhHrGhnMPzl//Ek= -github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952 h1:2touDRqIeu/4eKrg7WHcH+WZwpW97r0NKOHDixzroJg= -github.com/hashicorp/hil v0.0.0-20190129155652-59d7c1fee952/go.mod h1:n2TSygSNwsLJ76m8qFXTSc7beTb+auJxYdqrnoqwZWE= -github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= -github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/terraform v0.11.11 h1:5q1y/a0RB1QmKc1n6E9tnWQqPMb+nEb7Bfol74N2grw= -github.com/hashicorp/terraform v0.11.11/go.mod h1:uN1KUiT7Wdg61fPwsGXQwK3c8PmpIVZrt5Vcb1VrSoM= -github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= -github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f h1:UdxlrJz4JOnY8W+DbLISwf2B8WXEolNRA8BGCwI9jws= +github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f/go.mod h1:oZtUIOe8dh44I2q6ScRibXws4Ajl+d+nod3AaR9vL5w= +github.com/hashicorp/hcl2 v0.0.0-20180308163058-5f8ed954abd8 h1:laCE8EKBOUVN6LwBt7Be9IX7i2RQ2cnfbt+Z5a+0PRI= +github.com/hashicorp/hcl2 v0.0.0-20180308163058-5f8ed954abd8/go.mod h1:xp1eMAxqhQKBxz+yQUTsig9bBMRRWRWw+rK3FJmHf/A= +github.com/hashicorp/hil v0.0.0-20170627220502-fa9f258a9250 h1:fooK5IvDL/KIsi4LxF/JH68nVdrBSiGNPhS2JAQjtjo= +github.com/hashicorp/hil v0.0.0-20170627220502-fa9f258a9250/go.mod h1:KHvg/R2/dPtaePb16oW4qIyzkMxXOL38xjRN64adsts= +github.com/hashicorp/logutils v0.0.0-20150609070431-0dc08b1671f3 h1:oD64EFjELI9RY9yoWlfua58r+etdnoIC871z+rr6lkA= +github.com/hashicorp/logutils v0.0.0-20150609070431-0dc08b1671f3/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= +github.com/hashicorp/memberlist v0.0.0-20170208211506-23ad4b7d7b38/go.mod h1:ncdBp14cuox2iFOq3kDiquKU6fqsTBc3W6JvZwjxxsE= +github.com/hashicorp/serf v0.8.2-0.20171022020050-c20a0b1b1ea9/go.mod h1:h/Ru6tmZazX7WO/GDmwdpS975F019L4t5ng5IgwbNrE= +github.com/hashicorp/terraform v0.11.13 h1:1Ka1IPqYNCu3yIZUW1OAnZjQaacNnnZne2AEmWRCm0o= +github.com/hashicorp/terraform v0.11.13/go.mod h1:aSdr9xVNED8nCdH3naa31VNUaWo63itXzRBe4f1q5HM= +github.com/hashicorp/vault v0.0.0-20161029210149-9a60bf2a50e4/go.mod h1:KfSyffbKxoVyspOdlaGVjIuwLobi07qD1bAbosPMpP0= +github.com/hashicorp/yamux v0.0.0-20160720233140-d1caa6c97c9f h1:K4RDeor/qhbs5ETM85SN8xekXkk+KkOBclNXXM8+UR0= +github.com/hashicorp/yamux v0.0.0-20160720233140-d1caa6c97c9f/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= +github.com/jen20/awspolicyequivalence v0.0.0-20170831201602-3d48364a137a/go.mod h1:uoIMjNxUfXi48Ci40IXkPRbghZ1vbti6v9LCbNqRgHY= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8 h1:12VvqtR6Aowv3l/EQUlocDHW2Cp4G9WJVH7uyH8QFJE= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7 h1:SMvOWPJCES2GdFracYbBQh93GXac8fq7HeN6JnpduB8= +github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/joyent/triton-go v0.0.0-20180313100802-d8f9c0314926/go.mod h1:U+RSyWxWd04xTqnuOQxnai7XGS2PrPY2cfGoDKtMHjA= +github.com/jtolds/gls v4.2.1+incompatible h1:fSuqC+Gmlu6l/ZYAoZzx2pyucC8Xza35fpRVWLVmUEE= +github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/kardianos/osext v0.0.0-20160811001526-c2c54e542fb7/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8= +github.com/keybase/go-crypto v0.0.0-20161004153544-93f5b35093ba/go.mod h1:ghbZscTyKdM07+Fw3KSi0hcJm+AlEUWj8QLlPtijN/M= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= @@ -92,92 +137,104 @@ github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= -github.com/mattn/go-colorable v0.0.9 h1:UVL0vNpWh04HeJXV0KLcaT7r06gOH2l4OW6ddYRUIY4= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.4 h1:bnP0vzxcAdeI1zdubAl5PjU6zsERjGZb7raWodagDYs= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mitchellh/cli v1.0.0 h1:iGBIsUe3+HZ/AD/Vd7DErOt5sU9fa8Uj7A2s1aggv1Y= -github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= -github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= -github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= -github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= -github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/lusis/go-artifactory v0.0.0-20160115162124-7e4ce345df82/go.mod h1:y54tfGmO3NKssKveTEFFzH8C/akrSOy/iW9qEAUDV84= +github.com/masterzen/azure-sdk-for-go v0.0.0-20161014135628-ee4f0065d00c/go.mod h1:mf8fjOu33zCqxUjuiU3I8S1lJMyEAlH+0F2+M5xl3hE= +github.com/masterzen/simplexml v0.0.0-20160608183007-4572e39b1ab9/go.mod h1:kCEbxUJlNDEBNbdQMkPSp6yaKcRXVI6f4ddk8Riv4bc= +github.com/masterzen/winrm v0.0.0-20180224160350-7e40f93ae939/go.mod h1:CfZSN7zwz5gJiFhZJz49Uzk7mEBHIceWmbFmYx7Hf7E= +github.com/mattn/go-colorable v0.0.0-20160220075935-9cbef7c35391/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-isatty v0.0.0-20161123143637-30a891c33c7c h1:YHHK/dEmr2Jo1cWD1VMB2waEeHJhHFp3CEylwWy/VcY= +github.com/mattn/go-isatty v0.0.0-20161123143637-30a891c33c7c/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-shellwords v1.0.1/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= +github.com/mitchellh/cli v0.0.0-20171129193617-33edc47170b5 h1:OYr3N2fY3e3kP/x/d81CJXlcZrIV2hH8gPnuRLpiME4= +github.com/mitchellh/cli v0.0.0-20171129193617-33edc47170b5/go.mod h1:oGumspjLm2kTyiT1QMGpFqRlmxnKHfCvhZEVnx+5UeE= +github.com/mitchellh/colorstring v0.0.0-20150917214807-8631ce90f286/go.mod h1:l0dey0ia/Uv7NcFFVbCLtqEBQbrT4OCwCSKTEv6enCw= +github.com/mitchellh/copystructure v0.0.0-20170525013902-d23ffcb85de3 h1:dECZqiJYhKdj9QlLpiQaRDXHDXRTdiyZI3owdDGhlYY= +github.com/mitchellh/copystructure v0.0.0-20170525013902-d23ffcb85de3/go.mod h1:eOsF2yLPlBBJPvD+nhl5QMTBSOBbOph6N7j/IDUw7PY= +github.com/mitchellh/go-homedir v0.0.0-20161203194507-b8bc1bf76747 h1:eQox4Rh4ewJF+mqYPxCkmBAirRnPaHEB26UkNuPyjlk= +github.com/mitchellh/go-homedir v0.0.0-20161203194507-b8bc1bf76747/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-linereader v0.0.0-20141013185533-07bab5fdd958/go.mod h1:OaY7UOoTkkrX3wRwjpYRKafIkkyeD0UtweSHAWWiqQM= +github.com/mitchellh/go-testing-interface v0.0.0-20170730050907-9a441910b168 h1:FW/lWFII8EehRx+hVNy5OkkIhWXz9NC69vO5Zr2RExY= +github.com/mitchellh/go-testing-interface v0.0.0-20170730050907-9a441910b168/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7 h1:DpOJ2HYzCv8LZP15IdmG+YdwD2luVPHITV96TkirNBM= github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= -github.com/mitchellh/hashstructure v1.0.0 h1:ZkRJX1CyOoTkar7p/mLS5TZU4nJ1Rn/F8u9dGS02Q3Y= -github.com/mitchellh/hashstructure v1.0.0/go.mod h1:QjSHrPWS+BGUVBYkbTZWEnOh3G1DutKwClXU/ABz6AQ= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= -github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/mitchellh/hashstructure v0.0.0-20160209213820-6b17d669fac5 h1:h+4fp6yIoLPf/K2egDK3kvYM2zqb28gJIWWMiDzBdKM= +github.com/mitchellh/hashstructure v0.0.0-20160209213820-6b17d669fac5/go.mod h1:QjSHrPWS+BGUVBYkbTZWEnOh3G1DutKwClXU/ABz6AQ= +github.com/mitchellh/mapstructure v0.0.0-20170307201123-53818660ed49 h1:kaWdlw4YogwkDl8CG+/VxhXkrL9uz3n1D9QBC2pEGLE= +github.com/mitchellh/mapstructure v0.0.0-20170307201123-53818660ed49/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/panicwrap v0.0.0-20161208170302-ba9e1a65e0f7/go.mod h1:QuAqW7/z+iv6aWFJdrA8kCbsF0OOJVKCICqTcYBexuY= +github.com/mitchellh/prefixedio v0.0.0-20151214002211-6e6954073784/go.mod h1:kB1naBgV9ORnkiTVeyJOI1DavaJkG4oNIq0Af6ZVKUo= +github.com/mitchellh/reflectwalk v0.0.0-20170726202117-63d60e9d0dbc h1:gqYjvctjtX4GHzgfutJxZpvZ7XhGwQLGR5BASwhpO2o= +github.com/mitchellh/reflectwalk v0.0.0-20170726202117-63d60e9d0dbc/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d/go.mod h1:YUTz3bUH2ZwIWBy3CJBeOBEugqcmXREj14T+iG/4k4U= github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 h1:lDH9UUVJtmYCjyT0CI4q8xvlXPxeZ0gYCVvWbmPlp88= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= +github.com/packer-community/winrmcp v0.0.0-20180102160824-81144009af58/go.mod h1:f6Izs6JvFTdnRbziASagjZ2vmf55NSIkC/weStxCHqk= +github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= +github.com/pkg/errors v0.0.0-20170505043639-c605e284fe17/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1 h1:ccV59UEOTzVDnDUEFdT95ZzHVZ+5+158q8+SJb2QV5w= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= +github.com/posener/complete v0.0.0-20171219111128-6bee943216c8 h1:lcb1zvdlaZyEbl2OXifN3uOYYyIvllofUbmp9bwbL+0= +github.com/posener/complete v0.0.0-20171219111128-6bee943216c8/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= +github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_model v0.0.0-20170216185247-6f3806018612/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/ryanuber/columnize v0.0.0-20161220214920-0fbbb3f0e3fb/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= +github.com/satori/go.uuid v0.0.0-20160927100844-b061729afc07/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/satori/uuid v0.0.0-20160927100844-b061729afc07/go.mod h1:B8HLsPLik/YNn6KKWVMDJ8nzCL8RP5WyfsnmvnAEwIU= +github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/secrethub/secrethub-go v0.18.0 h1:6Jm3d/UjaWgOoduZX9S1MjiXG+zyVsxkpQ5RxLRucRs= github.com/secrethub/secrethub-go v0.18.0/go.mod h1:gqrxdTNcVowCy/Bo49Y+7En12aV24wnoG3ktUF9xW/k= -github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= -github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304 h1:Jpy1PXuP99tXNrhbq2BaPz9B+jNAvH1JPQQpG/9GCXY= +github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= +github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c h1:Ho+uVpkel/udgjbwB5Lktg9BtvJSh2DT0Hi6LPSyI2w= +github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s= +github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/spf13/afero v1.0.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/ulikunitz/xz v0.5.5 h1:pFrO0lVpTBXLpYw+pnLj6TbvHuyjXMfjGeCwSqCVwok= -github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= -github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= -github.com/zclconf/go-cty v0.0.0-20190124225737-a385d646c1e9/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= -github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f h1:QdzpIo5V8FV8SHsXCXpgSXOquZEF7YozbNcYnEnGZvA= -github.com/zclconf/go-cty v0.0.0-20190130221141-d7fe3fa0020f/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= -golang.org/x/crypto v0.0.0-20180816225734-aabede6cba87/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +github.com/svanharmelen/jsonapi v0.0.0-20180618144545-0c0828c3f16d/go.mod h1:BSTlc8jOjh0niykqEGVXOLXdi9o0r0kR8tCYiMvjFgw= +github.com/terraform-providers/terraform-provider-aws v1.29.0/go.mod h1:uvqaeKnm2ydZ2LuKuW1NDNBu6heC/7IDGXWm36/6oKs= +github.com/terraform-providers/terraform-provider-openstack v1.15.0/go.mod h1:2aQ6n/BtChAl1y2S60vebhyJyZXBsuAI5G4+lHrT1Ew= +github.com/terraform-providers/terraform-provider-template v1.0.0/go.mod h1:/J+B8me5DCMa0rEBH5ic2aKPjhtpWNeScmxFJWxB1EU= +github.com/terraform-providers/terraform-provider-tls v1.2.0/go.mod h1:Mxe/v5u31LDW4m32O1z6Ursdh95dpc9Puq6otkYg7tU= +github.com/ugorji/go v0.0.0-20170107133203-ded73eae5db7/go.mod h1:hnLbHMwcvSihnDhEfx2/BzKp2xb0Y+ErdfYcrs9tkJQ= +github.com/ulikunitz/xz v0.5.4 h1:zATC2OoZ8H1TZll3FpbX+ikwmadbO699PE06cIkm9oU= +github.com/ulikunitz/xz v0.5.4/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= +github.com/xanzy/ssh-agent v0.2.0/go.mod h1:0NyE30eGUDliuLEHJgYte/zncp2zdTStcOnWhgSqHD8= +github.com/xiang90/probing v0.0.0-20160813154853-07dd2e8dfe18/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xlab/treeprint v0.0.0-20161029104018-1d6e34225557/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg= +github.com/zclconf/go-cty v0.0.0-20180302160414-49fa5e03c418 h1:uZKhc0PzQtIg+6+BqQU1m0zzcIgY2hHJk/Xwf00QUNw= +github.com/zclconf/go-cty v0.0.0-20180302160414-49fa5e03c418/go.mod h1:LnDKxj8gN4aatfXUqmUNooaDjvmDcLPbAN3hYBIVoJE= +golang.org/x/crypto v0.0.0-20180211211603-9de5f2eaf759/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b h1:+/WWzjwW6gidDJnMKWLKLX1gxn7irUTF1fLpQovfQ5M= golang.org/x/crypto v0.0.0-20190225124518-7f87c0fbb88b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181129055619-fae4c4e3ad76/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 h1:ulvT7fqt0yHWzpJwI57MezWnYDVpCAYBVuYst/L+fAY= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/net v0.0.0-20171004034648-a04bdaca5b32 h1:NjAulLPqFTaOxQu5S4qUMqscSu+mQdu+wMY0nfqSkuk= +golang.org/x/net v0.0.0-20171004034648-a04bdaca5b32/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/oauth2 v0.0.0-20170928010508-bb50c06baba3/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181213200352-4d1cda033e06/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc h1:WiYx1rIFmx8c0mXAFtv5D/mHyKe1+jmuP7PViuwqwuQ= -golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8 h1:Nw54tB0rB7hY/N0NQvRW8DG4Yk3Q6T9cu9RcFQDu1tc= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/grpc v1.14.0 h1:ArxJuB1NWfPY6r9Gp9gqwplT0Ge7nqv9msgu03lHLmo= -google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5 h1:x6r4Jo0KNzOOzYd8lbcRsqjuqEASK6ob3auvWYM4/8U= +golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/text v0.0.0-20171013141220-c01e4764d870 h1:xdgOfOjH4d435yr21ATHejC9Un1tBMu4Scm2B7DUbmI= +golang.org/x/text v0.0.0-20171013141220-c01e4764d870/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +google.golang.org/api v0.0.0-20171005000305-7a7376eff6a5/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= +google.golang.org/appengine v0.0.0-20150527042145-b667a5000b08/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/genproto v0.0.0-20171002232614-f676e0f3ac63 h1:yNBw5bwywOTguAu+h6SkCUaWdEZ7ZXgfiwb2YTN1eQw= +google.golang.org/genproto v0.0.0-20171002232614-f676e0f3ac63/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/grpc v0.0.0-20170809211603-7657092a1303 h1:C5gwSQxZkG33JZoP+ZjEclrLu6DIRLVw743KKZfIXP4= +google.golang.org/grpc v0.0.0-20170809211603-7657092a1303/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= +gopkg.in/check.v1 v1.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -howett.net/plist v0.0.0-20181124034731-591f970eefbb/go.mod h1:vMygbs4qMhSZSc4lCUl2OEE+rDiIIJAIdR4m7MiMcm0= +gopkg.in/yaml.v2 v2.0.0-20170407172122-cd8b52f8269e/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=