Add secret data source

Author: davidfischer-ch

README.md

@@ -60,8 +60,9 @@ For running the acceptance tests you also have to set additionnal environment va
 
 * `TF_VAR_test_project_id` to an already provisioned writable project
 * `TF_VAR_test_project_ids` to already provisioned writable projects (comma separated)
-* `TF_VAR_test_abx_action_id` to an already provisioned ABX action
 * `TF_VAR_test_icon_id` to an already provisioned Icon
+* `TF_VAR_test_secret_id` to an already provisioned Secret
+* `TF_VAR_test_abx_action_id` to an already provisioned ABX action
 
 Resources generated by the acceptance tests will be generated "inside" given project.
 
@@ -77,8 +78,9 @@ export ARIA_ACCESS_TOKEN=***** # If you have one, not required
 
 export TF_VAR_test_project_id=2e34b115-dd18-48b3-a6af-f794469e5e0d
 export TF_VAR_test_project_ids=8f274902-94dc-40fd-98b5-f06c68ae1237,a9441e75-57c0-46fa-9262-c06a47acb1a9,2e34b115-dd18-48b3-a6af-f794469e5e0d
-export TF_VAR_test_abx_action_id=8a7480d38e535332018e857e0d4f3437
 export TF_VAR_test_icon_id=72a9a2c7-494e-31d7-afe8-cd27479c407e
+export TF_VAR_test_secret_id=a9af6450-a0c6-42cf-921e-14f7f8db50b3
+export TF_VAR_test_abx_action_id=8a7480d38e535332018e857e0d4f3437
 
 make testacc
 ```

docs/data-sources/secret.md

@@ -0,0 +1,38 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "aria_secret Data Source - aria"
+subcategory: ""
+description: |-
+  Secret data source
+---
+
+# aria_secret (Data Source)
+
+Secret data source
+
+## Example Usage
+
+```terraform
+data "aria_secret" "example" {
+  id = "a9af6450-a0c6-42cf-921e-14f7f8db50b3"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) Secret identifier
+
+### Read-Only
+
+- `created_at` (String) Creation date-time
+- `created_by` (String) Ask VMware
+- `description` (String) Describe the secret in few sentences
+- `name` (String) Secret name
+- `org_id` (String) Organisation ID
+- `org_scoped` (Boolean) Scoped to the organization?
+- `project_ids` (Set of String) Restrict to given projects (an empty list means all)
+- `updated_at` (String) Changed date-time
+- `updated_by` (String) Ask VMware

examples/data-sources/aria_secret/data-source.tf

@@ -0,0 +1,3 @@
+data "aria_secret" "example" {
+  id = "a9af6450-a0c6-42cf-921e-14f7f8db50b3"
+}

examples/resources/aria_abx_action/resource.tf

@@ -31,6 +31,8 @@ resource "aria_abx_action" "hello_world" {
 
   project_id = var.test_project_id
 
+  shared = true
+
   source = <<EOT
 from __future__ import annotations
 

internal/provider/models.go

@@ -347,6 +347,56 @@ type IconModel struct {
 	Content types.String `tfsdk:"content"`
 }
 
+// SecretModel describes the secret model.
+type SecretModel struct {
+	Id   types.String `tfsdk:"id"`
+	Name types.String `tfsdk:"name"`
+	// Value
+	Description types.String `tfsdk:"description"`
+	OrgId       types.String `tfsdk:"org_id"`
+	OrgScoped   types.Bool   `tfsdk:"org_scoped"`
+	ProjectIds  types.Set    `tfsdk:"project_ids"`
+	CreatedAt   types.String `tfsdk:"created_at"`
+	CreatedBy   types.String `tfsdk:"created_by"`
+	UpdatedAt   types.String `tfsdk:"updated_at"`
+	UpdatedBy   types.String `tfsdk:"updated_by"`
+}
+
+// SecretAPIModel describes the secret API model.
+type SecretAPIModel struct {
+	Id   string `json:"id"`
+	Name string `json:"name"`
+	// Value
+	Description string   `json:"description"`
+	OrgId       string   `json:"orgId"`
+	OrgScoped   bool     `json:"orgScoped"`
+	ProjectIds  []string `json:"projectIds"`
+	CreatedAt   string   `json:"createdAt"`
+	CreatedBy   string   `json:"createdBy"`
+	UpdatedAt   string   `json:"updatedAt"`
+	UpdatedBy   string   `json:"updatedBy"`
+}
+
+func (self *SecretModel) FromAPI(
+	ctx context.Context,
+	raw SecretAPIModel,
+) diag.Diagnostics {
+	projectIds, diags := types.SetValueFrom(ctx, types.StringType, raw.ProjectIds)
+
+	self.Id = types.StringValue(raw.Id)
+	self.Name = types.StringValue(raw.Name)
+	self.Description = types.StringValue(raw.Description)
+	self.OrgId = types.StringValue(raw.OrgId)
+	self.OrgScoped = types.BoolValue(raw.OrgScoped)
+	self.ProjectIds = projectIds
+	self.CreatedAt = types.StringValue(raw.CreatedAt)
+	self.CreatedBy = types.StringValue(raw.CreatedBy)
+	self.UpdatedAt = types.StringValue(raw.UpdatedAt)
+	self.UpdatedBy = types.StringValue(raw.UpdatedBy)
+
+	return diags
+}
+
 // SubscriptionModel describes the resource data model.
 type SubscriptionModel struct {
 	Id                  types.String `tfsdk:"id"`

internal/provider/provider.go

@@ -234,6 +234,7 @@ func (self *AriaProvider) DataSources(ctx context.Context) []func() datasource.D
 	return []func() datasource.DataSource{
 		NewCatalogTypeDataSource,
 		NewIconDataSource,
+		NewSecretDataSource,
 	}
 }
 

internal/provider/secret_data_source.go

@@ -0,0 +1,126 @@
+// Copyright (c) State of Geneva (Switzerland)
+// SPDX-License-Identifier: MPL-2.0
+
+package provider
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/go-resty/resty/v2"
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+)
+
+// Ensure provider defined types fully satisfy framework interfaces.
+var _ datasource.DataSource = &SecretDataSource{}
+
+func NewSecretDataSource() datasource.DataSource {
+	return &SecretDataSource{}
+}
+
+// SecretDataSource defines the data source implementation.
+type SecretDataSource struct {
+	client *resty.Client
+}
+
+func (self *SecretDataSource) Metadata(
+	ctx context.Context,
+	req datasource.MetadataRequest,
+	resp *datasource.MetadataResponse,
+) {
+	resp.TypeName = req.ProviderTypeName + "_secret"
+}
+
+func (self *SecretDataSource) Schema(
+	ctx context.Context,
+	req datasource.SchemaRequest,
+	resp *datasource.SchemaResponse,
+) {
+	resp.Schema = schema.Schema{
+		MarkdownDescription: "Secret data source",
+		Attributes: map[string]schema.Attribute{
+			"id": schema.StringAttribute{
+				MarkdownDescription: "Secret identifier",
+				Required:            true,
+			},
+			"name": schema.StringAttribute{
+				MarkdownDescription: "Secret name",
+				Computed:            true,
+			},
+			"description": schema.StringAttribute{
+				MarkdownDescription: "Describe the secret in few sentences",
+				Computed:            true,
+			},
+			"org_id": schema.StringAttribute{
+				MarkdownDescription: "Organisation ID",
+				Computed:            true,
+			},
+			"org_scoped": schema.BoolAttribute{
+				MarkdownDescription: "Scoped to the organization?",
+				Computed:            true,
+			},
+			"project_ids": schema.SetAttribute{
+				MarkdownDescription: "Restrict to given projects (an empty list means all)",
+				ElementType:         types.StringType,
+				Computed:            true,
+			},
+			"created_at": schema.StringAttribute{
+				MarkdownDescription: "Creation date-time",
+				Computed:            true,
+			},
+			"created_by": schema.StringAttribute{
+				MarkdownDescription: "Ask VMware",
+				Computed:            true,
+			},
+			"updated_at": schema.StringAttribute{
+				MarkdownDescription: "Changed date-time",
+				Computed:            true,
+			},
+			"updated_by": schema.StringAttribute{
+				MarkdownDescription: "Ask VMware",
+				Computed:            true,
+			},
+		},
+	}
+}
+
+func (self *SecretDataSource) Configure(
+	ctx context.Context,
+	req datasource.ConfigureRequest,
+	resp *datasource.ConfigureResponse,
+) {
+	self.client = GetDataSourceClient(ctx, req, resp)
+}
+
+func (self *SecretDataSource) Read(
+	ctx context.Context,
+	req datasource.ReadRequest,
+	resp *datasource.ReadResponse,
+) {
+	// Read Terraform configuration data into the model
+	var secret SecretModel
+	resp.Diagnostics.Append(req.Config.Get(ctx, &secret)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	var secretRaw SecretAPIModel
+	secretId := secret.Id.ValueString()
+	response, err := self.client.R().
+		SetResult(&secretRaw).
+		Get("/platform/api/secrets/" + secretId)
+
+	err = handleAPIResponse(ctx, response, err, 200)
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Client error",
+			fmt.Sprintf("Unable to read secret %s, got error: %s", secretId, err))
+		return
+	}
+
+	// Save updated secret into Terraform state
+	resp.Diagnostics.Append(secret.FromAPI(ctx, secretRaw)...)
+	resp.Diagnostics.Append(resp.State.Set(ctx, &secret)...)
+}

internal/provider/secret_data_source_test.go

@@ -0,0 +1,43 @@
+// Copyright (c) State of Geneva (Switzerland)
+// SPDX-License-Identifier: MPL-2.0
+
+package provider
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+func TestAccSecretDataSource(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:                 func() { testAccPreCheck(t) },
+		ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+		Steps: []resource.TestStep{
+			// Read testing
+			{
+				Config: `
+variable "test_secret_id" {
+  description = "Secret to use for testing the data source."
+  type        = string
+}
+
+data "aria_secret" "secret" {
+  id = var.test_secret_id
+}`,
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "id"),
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "name"),
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "description"),
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "org_id"),
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "org_scoped"),
+					// resource.TestCheckResourceAttrSet("data.aria_secret.secret", "project_ids"),
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "created_at"),
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "created_by"),
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "updated_at"),
+					resource.TestCheckResourceAttrSet("data.aria_secret.secret", "updated_by"),
+				),
+			},
+		},
+	})
+}