Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Get secret by name #4825

Merged
merged 5 commits into from
Oct 9, 2023
Merged

Get secret by name #4825

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
8af81cf
Get secret by name
Sep 27, 2023
22354e4
Applying review comments
Oct 4, 2023
58016fb
Added test cases for get secret by name
Oct 6, 2023
282d732
Added test cases for get secret by name
Oct 6, 2023
2f8fa7b
Updated documentation
Oct 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
60 changes: 17 additions & 43 deletions .secrets.baseline
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,8 @@
"files": "go.mod|go.sum|.*.map|^.secrets.baseline$",
"lines": null
},
"generated_at": "2023-09-19T16:31:40Z",
"generated_at": "2023-09-27T10:48:50Z",
"plugins_used": [
{
"name": "AWSKeyDetector"
},
{
"name": "ArtifactoryDetector"
},
Expand All @@ -21,12 +18,6 @@
{
"name": "BasicAuthDetector"
},
{
"name": "BoxDetector"
},
{
"name": "CloudantDetector"
},
{
"ghe_instance": "github.ibm.com",
"name": "GheDetector"
Expand All @@ -51,9 +42,6 @@
"keyword_exclude": null,
"name": "KeywordDetector"
},
{
"name": "MailchimpDetector"
},
{
"name": "NpmDetector"
},
Expand All @@ -68,12 +56,6 @@
},
{
"name": "SquareOAuthDetector"
},
{
"name": "StripeDetector"
},
{
"name": "TwilioKeyDetector"
}
],
"results": {
Expand Down Expand Up @@ -742,23 +724,23 @@
"hashed_secret": "731438016c5ab94431f61820f35e3ae5f8ad6004",
"is_secret": false,
"is_verified": false,
"line_number": 353,
"line_number": 355,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "12da2e35d6b50c902c014f1ab9e3032650368df7",
"is_secret": false,
"is_verified": false,
"line_number": 359,
"line_number": 361,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "813274ccae5b6b509379ab56982d862f7b5969b6",
"is_secret": false,
"is_verified": false,
"line_number": 1065,
"line_number": 1072,
"type": "Base64 High Entropy String",
"verified_result": null
}
Expand Down Expand Up @@ -846,15 +828,15 @@
"hashed_secret": "c8b6f5ef11b9223ac35a5663975a466ebe7ebba9",
"is_secret": false,
"is_verified": false,
"line_number": 1763,
"line_number": 1766,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "8abf4899c01104241510ba87685ad4de76b0c437",
"is_secret": false,
"is_verified": false,
"line_number": 1769,
"line_number": 1772,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -3014,15 +2996,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 177,
"line_number": 181,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 317,
"line_number": 308,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -3070,15 +3052,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 189,
"line_number": 193,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 345,
"line_number": 335,
"type": "Secret Keyword",
"verified_result": null
}
Expand All @@ -3088,15 +3070,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 227,
"line_number": 231,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 420,
"line_number": 410,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -3142,15 +3124,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 292,
"line_number": 296,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 489,
"line_number": 479,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -3272,15 +3254,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 154,
"line_number": 158,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 283,
"line_number": 274,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -4201,14 +4183,6 @@
"line_number": 24,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "69d7a780b792608707bd8579c295cb5028505f0b",
"is_secret": false,
"is_verified": false,
"line_number": 24,
"type": "Box Credentials",
"verified_result": null
}
],
"website/docs/r/en_destination_ios.html.markdown": [
Expand Down Expand Up @@ -4758,7 +4732,7 @@
}
]
},
"version": "0.13.1+ibm.52.dss",
"version": "0.13.1+ibm.61.dss",
"word_list": {
"file": null,
"hash": null
Expand Down
2 changes: 1 addition & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ require (
github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5
github.com/IBM/scc-go-sdk/v5 v5.0.2
github.com/IBM/schematics-go-sdk v0.2.1
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.0
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.1
github.com/IBM/vpc-beta-go-sdk v0.6.0
github.com/IBM/vpc-go-sdk v0.42.0
github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,8 +166,8 @@ github.com/IBM/scc-go-sdk/v5 v5.0.2 h1:OUqkzLfJqozp2aqylNurwaJd1SmY8o7KturFse6R2
github.com/IBM/scc-go-sdk/v5 v5.0.2/go.mod h1:YtAVlzq10bwR82QX4ZavhDIwa1s85RuVO9N/KmXVcuk=
github.com/IBM/schematics-go-sdk v0.2.1 h1:byATysGD+Z1k/wdtNqQmKALcAPjgSLuSyzcabh1jRAw=
github.com/IBM/schematics-go-sdk v0.2.1/go.mod h1:Tw2OSAPdpC69AxcwoyqcYYaGTTW6YpERF9uNEU+BFRQ=
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.0 h1:Lx4Bvim/MfoHEYR+n312bty5DirAJypBGGS9YZo3zCw=
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.0/go.mod h1:jagqWmjZ0zUEqh5jdGB42ApSQS40fu2LWw6pdg8JJko=
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.1 h1:0Ouu31RsuOLdH26oNsnPErEjctWTplLEIXxwExnTZT0=
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.1/go.mod h1:jagqWmjZ0zUEqh5jdGB42ApSQS40fu2LWw6pdg8JJko=
github.com/IBM/vpc-beta-go-sdk v0.6.0 h1:wfM3AcW3zOM3xsRtZ+EA6+sESlGUjQ6Yf4n5QQyz4uc=
github.com/IBM/vpc-beta-go-sdk v0.6.0/go.mod h1:fzHDAQIqH/5yJmYsKodKHLcqxMDT+yfH6vZjdiw8CQA=
github.com/Jeffail/gabs v1.1.1 h1:V0uzR08Hj22EX8+8QMhyI9sX2hwRu+/RJhJUmnwda/E=
Expand Down
37 changes: 14 additions & 23 deletions ibm/service/secretsmanager/data_source_ibm_sm_arbitrary_secret.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,9 @@ package secretsmanager
import (
"context"
"fmt"
"log"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

"github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
"github.com/IBM/secrets-manager-go-sdk/v2/secretsmanagerv2"
)
Expand All @@ -23,7 +20,8 @@ func DataSourceIbmSmArbitrarySecret() *schema.Resource {
Schema: map[string]*schema.Schema{
"secret_id": &schema.Schema{
Type: schema.TypeString,
Required: true,
Optional: true,
Computed: true,
Description: "The ID of the secret.",
},
"created_by": &schema.Schema{
Expand Down Expand Up @@ -74,6 +72,7 @@ func DataSourceIbmSmArbitrarySecret() *schema.Resource {
},
"name": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
Description: "The human-readable name of your secret.",
},
Expand All @@ -82,6 +81,11 @@ func DataSourceIbmSmArbitrarySecret() *schema.Resource {
Computed: true,
Description: "A v4 UUID identifier, or `default` secret group.",
},
"secret_group_name": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Description: "The human-readable name of your secret group.",
},
"secret_type": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Expand Down Expand Up @@ -123,29 +127,16 @@ func DataSourceIbmSmArbitrarySecret() *schema.Resource {
}

func dataSourceIbmSmArbitrarySecretRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
secretsManagerClient, err := meta.(conns.ClientSession).SecretsManagerV2()
if err != nil {
return diag.FromErr(err)
}

region := getRegion(secretsManagerClient, d)
instanceId := d.Get("instance_id").(string)
secretsManagerClient = getClientWithInstanceEndpoint(secretsManagerClient, instanceId, region, getEndpointType(secretsManagerClient, d))

getSecretOptions := &secretsmanagerv2.GetSecretOptions{}

secretId := d.Get("secret_id").(string)
getSecretOptions.SetID(secretId)

secretIntf, response, err := secretsManagerClient.GetSecretWithContext(context, getSecretOptions)
if err != nil {
log.Printf("[DEBUG] GetSecretWithContext failed %s\n%s", err, response)
return diag.FromErr(fmt.Errorf("GetSecretWithContext failed %s\n%s", err, response))
secret, region, instanceId, diagError := getSecretByIdOrByName(context, d, meta, ArbitrarySecretType)
if diagError != nil {
return diagError
}
arbitrarySecret := secretIntf.(*secretsmanagerv2.ArbitrarySecret)

d.SetId(fmt.Sprintf("%s/%s/%s", region, instanceId, secretId))
arbitrarySecret := secret.(*secretsmanagerv2.ArbitrarySecret)
d.SetId(fmt.Sprintf("%s/%s/%s", region, instanceId, *arbitrarySecret.ID))

var err error
if err = d.Set("region", region); err != nil {
return diag.FromErr(fmt.Errorf("Error setting region: %s", err))
}
Expand Down
35 changes: 13 additions & 22 deletions ibm/service/secretsmanager/data_source_ibm_sm_iam_credentials_secret.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,9 @@ package secretsmanager
import (
"context"
"fmt"
"log"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

"github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
"github.com/IBM/secrets-manager-go-sdk/v2/secretsmanagerv2"
)
Expand All @@ -23,7 +20,8 @@ func DataSourceIbmSmIamCredentialsSecret() *schema.Resource {
Schema: map[string]*schema.Schema{
"secret_id": &schema.Schema{
Type: schema.TypeString,
Required: true,
Optional: true,
Computed: true,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add ExactlyOneOf to impose the condition they need to provider either name or id

Description: "The ID of the secret.",
},
"created_by": &schema.Schema{
Expand Down Expand Up @@ -74,6 +72,7 @@ func DataSourceIbmSmIamCredentialsSecret() *schema.Resource {
},
"name": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
Description: "The human-readable name of your secret.",
},
Expand All @@ -82,6 +81,11 @@ func DataSourceIbmSmIamCredentialsSecret() *schema.Resource {
Computed: true,
Description: "A v4 UUID identifier, or `default` secret group.",
},
"secret_group_name": &schema.Schema{
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

secret_group_name can be provided only with name combination?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If its only with name can you add RequiredWith

Type: schema.TypeString,
Optional: true,
Description: "The human-readable name of your secret group.",
},
"secret_type": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Expand Down Expand Up @@ -185,29 +189,16 @@ func DataSourceIbmSmIamCredentialsSecret() *schema.Resource {
}

func dataSourceIbmSmIamCredentialsSecretRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
secretsManagerClient, err := meta.(conns.ClientSession).SecretsManagerV2()
if err != nil {
return diag.FromErr(err)
}

region := getRegion(secretsManagerClient, d)
instanceId := d.Get("instance_id").(string)
secretsManagerClient = getClientWithInstanceEndpoint(secretsManagerClient, instanceId, region, getEndpointType(secretsManagerClient, d))

getSecretOptions := &secretsmanagerv2.GetSecretOptions{}

secretId := d.Get("secret_id").(string)
getSecretOptions.SetID(secretId)

iAMCredentialsSecretIntf, response, err := secretsManagerClient.GetSecretWithContext(context, getSecretOptions)
if err != nil {
log.Printf("[DEBUG] GetSecretWithContext failed %s\n%s", err, response)
return diag.FromErr(fmt.Errorf("GetSecretWithContext failed %s\n%s", err, response))
iAMCredentialsSecretIntf, region, instanceId, diagError := getSecretByIdOrByName(context, d, meta, IAMCredentialsSecretType)
if diagError != nil {
return diagError
}

d.SetId(fmt.Sprintf("%s/%s/%s", region, instanceId, secretId))
iAMCredentialsSecret := iAMCredentialsSecretIntf.(*secretsmanagerv2.IAMCredentialsSecret)
d.SetId(fmt.Sprintf("%s/%s/%s", region, instanceId, *iAMCredentialsSecret.ID))

var err error
if err = d.Set("region", region); err != nil {
return diag.FromErr(fmt.Errorf("Error setting region: %s", err))
}
Expand Down