Add support for token based authentication

docs/index.md

@@ -23,7 +23,8 @@ provider "gocd" {
 
 ### Optional
 
-- `base_url` (String) base url of GoCD server, which this terraform provider can interact with
+- `auth_token` (String) bearer-token to be used while connecting with GoCD (API: https://api.gocd.org/current/#access-tokens, UI: https://docs.gocd.org/current/configuration/access_tokens.html) cannot co-exist with password based auth.
+- `base_url` (String) base url of GoCD server, with which this terraform provider will with (https://gocd.myself.com/go)
 - `ca_file` (String) CA file contents, to be used while connecting to GoCD server when CA based auth is enabled
 - `loglevel` (String) loglevel to be set for the api calls made to GoCD
 - `password` (String) password to be used while connecting with GoCD

examples/outputs.tf

@@ -28,5 +28,5 @@ output "yaml_plugin_settings" {
 }
 
 output "sample_kube_secret_config" {
-  value = data.gocd_secret_config.sample_kube_secret_config
+  value = data.gocd_secret_config.sample_kube_secret_config.plugin_id
 }

examples/provider.tf

@@ -8,8 +8,9 @@ terraform {
 }
 
 provider "gocd" {
-  base_url = "http://localhost:8153/go"
-  username = "admin"
-  password = "admin"
-  loglevel = "debug"
+  base_url   = "http://localhost:8153/go"
+  username   = "admin"
+//  password   = "admin"
+  auth_token = "d8fccbc997d04e917b1490af8e7bf46290ab8c99"
+  loglevel   = "debug"
 }

go.mod

@@ -7,7 +7,7 @@ require (
 	github.com/hashicorp/terraform-plugin-docs v0.13.0
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.1
 	github.com/mitchellh/mapstructure v1.5.0
-	github.com/nikhilsbhat/gocd-sdk-go v0.0.6-0.20230129100802-7c373980fcad
+	github.com/nikhilsbhat/gocd-sdk-go v0.0.9-0.20230215164616-e5498f6f001a
 )
 
 require (
@@ -63,9 +63,9 @@ require (
 	github.com/vmihailenco/tagparser v0.1.1 // indirect
 	github.com/zclconf/go-cty v1.12.1 // indirect
 	golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d // indirect
-	golang.org/x/net v0.5.0 // indirect
-	golang.org/x/sys v0.4.0 // indirect
-	golang.org/x/text v0.6.0 // indirect
+	golang.org/x/net v0.7.0 // indirect
+	golang.org/x/sys v0.5.0 // indirect
+	golang.org/x/text v0.7.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect
 	google.golang.org/grpc v1.50.1 // indirect

go.sum

@@ -205,8 +205,8 @@ github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx
 github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
 github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
-github.com/nikhilsbhat/gocd-sdk-go v0.0.6-0.20230129100802-7c373980fcad h1:qGOnKx+QY8UavzSzb6+GNtiRnHZnB6VpCtpbRt82pBU=
-github.com/nikhilsbhat/gocd-sdk-go v0.0.6-0.20230129100802-7c373980fcad/go.mod h1:3XwSMe/nFH/I0Kt2+ToKKWFyD6yvJb4HaoP0dBHytY4=
+github.com/nikhilsbhat/gocd-sdk-go v0.0.9-0.20230215164616-e5498f6f001a h1:GoDypOvoIeWtmjeLM/GyXKJWC/DSbeir9z/e/pKlFkc=
+github.com/nikhilsbhat/gocd-sdk-go v0.0.9-0.20230215164616-e5498f6f001a/go.mod h1:3XwSMe/nFH/I0Kt2+ToKKWFyD6yvJb4HaoP0dBHytY4=
 github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k+Mg7cowZ8yv4Trqw9UsJby758=
 github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
@@ -291,8 +291,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw=
-golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws=
+golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
+golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -323,16 +323,16 @@ golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18=
-golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k=
-golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=

internal/provider/provider.go

@@ -31,7 +31,7 @@ func Provider() *schema.Provider {
 				ForceNew:    true,
 				Computed:    false,
 				DefaultFunc: schema.EnvDefaultFunc("GOCD_BASE_URL", "www.gocd.com"),
-				Description: "base url of GoCD server, which this terraform provider can interact with",
+				Description: "base url of GoCD server, with which this terraform provider will with (https://gocd.myself.com/go)",
 			},
 			"ca_file": {
 				Type:        schema.TypeString,
@@ -51,12 +51,22 @@ func Provider() *schema.Provider {
 			},
 			"password": {
 				Type:        schema.TypeString,
-				Required:    true,
+				Optional:    true,
 				ForceNew:    true,
 				Computed:    false,
 				DefaultFunc: schema.EnvDefaultFunc("GOCD_PASSWORD", "password"),
 				Description: "password to be used while connecting with GoCD",
 			},
+			"auth_token": {
+				Type:          schema.TypeString,
+				Optional:      true,
+				ForceNew:      true,
+				Computed:      false,
+				DefaultFunc:   schema.EnvDefaultFunc("GOCD_AUTH_TOKEN", nil),
+				ConflictsWith: []string{"password"},
+				Description: "bearer-token to be used while connecting with GoCD (API: https://api.gocd.org/current/#access-tokens, " +
+					"UI: https://docs.gocd.org/current/configuration/access_tokens.html) cannot co-exist with password based auth.",
+			},
 			"loglevel": {
 				Type:        schema.TypeString,
 				Required:    true,

pkg/client/client.go

@@ -10,11 +10,12 @@ import (
 
 func GetGoCDClient(ctx context.Context, d *schema.ResourceData) (interface{}, diag.Diagnostics) {
 	clientCfg := struct {
-		url      string
-		username string
-		password string
-		loglevel string
-		ca       []byte
+		url         string
+		username    string
+		password    string
+		bearerToken string
+		loglevel    string
+		ca          []byte
 	}{}
 
 	if baseURL := d.Get("base_url").(string); len(baseURL) == 0 {
@@ -35,6 +36,12 @@ func GetGoCDClient(ctx context.Context, d *schema.ResourceData) (interface{}, di
 		clientCfg.password = password
 	}
 
+	if authToken, ok := d.GetOk("auth_token"); !ok {
+		diag.Errorf("'auth_token' was not set")
+	} else {
+		clientCfg.bearerToken = authToken.(string)
+	}
+
 	if caFileContent := d.Get("ca_file").(string); len(caFileContent) == 0 {
 		diag.Errorf("'ca_file' was not set")
 	} else {
@@ -47,7 +54,13 @@ func GetGoCDClient(ctx context.Context, d *schema.ResourceData) (interface{}, di
 		clientCfg.loglevel = loglevel
 	}
 
-	goCDClient := gocd.NewClient(clientCfg.url, clientCfg.username, clientCfg.password, clientCfg.loglevel, clientCfg.ca)
+	gocdAuth := gocd.Auth{
+		UserName:    clientCfg.username,
+		Password:    clientCfg.password,
+		BearerToken: clientCfg.bearerToken,
+	}
+
+	goCDClient := gocd.NewClient(clientCfg.url, gocdAuth, clientCfg.loglevel, clientCfg.ca)
 
 	return goCDClient, nil
 }