Merge pull request #99 from secrethub/release/v1.1.0

Release v1.1.0

.circleci/config.yml

@@ -2,6 +2,12 @@ version: 2.1
 orbs:
   secrethub: secrethub/[email protected]
 jobs:
+  lint:
+    docker:
+      - image: golangci/golangci-lint:v1.23.8-alpine
+    steps:
+      - checkout
+      - run: golangci-lint run
   build:
     docker:
       - image: circleci/golang:1.13
@@ -16,16 +22,29 @@ jobs:
           key: go-modules-{{ checksum "go.mod" }}
           paths:
             - /go/pkg/mod
+      - run:
+          name: Load GCP credentials
+          command: secrethub read -o $GOOGLE_APPLICATION_CREDENTIALS secrethub/terraform-provider/testacc/gcp/credentials.json
       - secrethub/exec:
           step-name: Run acceptance tests
           command: |
             SECRETHUB_CREDENTIAL=$TF_ACC_SECRETHUB_CREDENTIAL
             make testacc
     environment:
       GOPROXY: "https://proxy.golang.org"
+
       # SecretHub credential to use in the acceptance tests
       TF_ACC_SECRETHUB_CREDENTIAL: secrethub://secrethub/terraform-provider/testacc/secrethub/credential
-      # AWS access key id to use in the acceptance tests
+
+      # AWS credentials to use in the acceptance tests
       AWS_ACCESS_KEY_ID: secrethub://secrethub/terraform-provider/testacc/aws/access_key_id
-      # AWS secret access key to use in the acceptance tests
       AWS_SECRET_ACCESS_KEY: secrethub://secrethub/terraform-provider/testacc/aws/secret_access_key
+
+      # Location of the Google credentials file to use in the acceptance tests
+      GOOGLE_APPLICATION_CREDENTIALS: /tmp/gcp-credentials.json
+workflows:
+  version: 2
+  pipeline:
+    jobs:
+      - lint
+      - build

.golangci.yml

@@ -0,0 +1,26 @@
+linters:
+  enable:
+    - staticcheck
+    - unused
+    - gosimple
+    - structcheck
+    - typecheck
+    - govet
+    - varcheck
+    - ineffassign
+    - deadcode
+    - errcheck
+    - golint
+    - stylecheck
+    - dupl
+    - depguard
+    - nakedret
+    - prealloc
+    - gofmt
+    - goconst
+    - goimports
+    - misspell
+    - unparam
+    - unconvert
+disable-all: true
+exclude-use-defaults: false

Makefile

@@ -11,3 +11,6 @@ testacc:
 
 install:
 	go build ${BUILD_FLAGS} -o ~/.terraform.d/plugins/terraform-provider-secrethub
+
+lint:
+	@docker run --rm -t -v $$(go env GOCACHE):/cache/go -e GOCACHE=/cache/go -e GOLANGCI_LINT_CACHE=/cache/go -v $$(go env GOPATH)/pkg:/go/pkg -v ${PWD}:/app -w /app golangci/golangci-lint:v1.23.8-alpine golangci-lint run ./...

README.md

@@ -18,7 +18,8 @@
 [![](https://img.shields.io/badge/chat-on%20discord-7289da.svg?logo=discord)][discord]
 [![](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/shuaibiyy/awesome-terraform)
 
-The Terraform SecretHub Provider lets you manage your secrets using Terraform.
+The SecretHub Terraform Provider lets you manage your secrets using Terraform.
+It is officially supported and actively maintained by SecretHub, but community contributions are very welcome.
 
 ## Usage
 
@@ -92,9 +93,17 @@ To run the [acceptance tests](https://www.terraform.io/docs/extend/testing/accep
 * `SECRETHUB_TF_ACC_NAMESPACE` - a namespace registered on SecretHub. Make sure `SECRETHUB_CREDENTIAL` has admin access.
 * `SECRETHUB_TF_ACC_REPOSITORY` - a repository within `SECRETHUB_TF_ACC_NAMESPACE` to be used in the acceptance tests. Make sure `SECRETHUB_CREDENTIAL` has admin access.
 * `SECRETHUB_TF_ACC_SECOND_ACCOUNT_NAME` - an account other than the authenticated account, that is a member of the repository. It will be used to test access rules.
+
+Only for the AWS acceptance tests:
+
 * `SECRETHUB_TF_ACC_AWS_ROLE` - an AWS IAM role to use for testing AWS service accounts. The role should have decrypt permission on the key in `SECRETHUB_TF_ACC_AWS_KMS_KEY`.
 * `SECRETHUB_TF_ACC_AWS_KMS_KEY` - an AWS KMS key to use for testing AWS service accounts. The authenticated AWS user or role should have encrypt permission on this key and the `SECRETHUB_TF_ACC_AWS_ROLE` should have decrypt permission.
 
+Only for the GCP acceptance tests:
+
+* `SECRETHUB_TF_ACC_GCP_SERVICE_ACCOUNT` - a GCP service account email to use for testing SecretHub GCP service accounts. It should have decrypt permission on the key in `SECRETHUB_TF_ACC_GCP_KMS_KEY`.
+* `SECRETHUB_TF_ACC_GCP_KMS_KEY` - an GCP KMS key to use for testing GCP service accounts. The authenticated GCP user or role should have encrypt permission on this key and the `SECRETHUB_TF_ACC_GCP_SERVICE_ACCOUNT` should have decrypt permission.
+
 With the environment variables properly set up, run:
 
 ```

go.mod

@@ -3,7 +3,7 @@ module github.com/secrethub/terraform-provider-secrethub
 require (
 	github.com/aws/aws-sdk-go v1.25.49
 	github.com/hashicorp/terraform v0.12.3
-	github.com/secrethub/secrethub-go v0.27.0
+	github.com/secrethub/secrethub-go v0.30.0
 )
 
 go 1.13