From ff9aab59fdcf585fc024b9e19ea219779a4f281f Mon Sep 17 00:00:00 2001 From: nikhilsbhat Date: Wed, 15 Feb 2023 22:43:42 +0530 Subject: [PATCH] Add support for token based authentication --- docs/index.md | 3 ++- examples/outputs.tf | 2 +- examples/provider.tf | 9 +++++---- go.mod | 8 ++++---- go.sum | 16 ++++++++-------- internal/provider/provider.go | 14 ++++++++++++-- pkg/client/client.go | 25 +++++++++++++++++++------ 7 files changed, 51 insertions(+), 26 deletions(-) diff --git a/docs/index.md b/docs/index.md index 58528c2..415e5d4 100644 --- a/docs/index.md +++ b/docs/index.md @@ -23,7 +23,8 @@ provider "gocd" { ### Optional -- `base_url` (String) base url of GoCD server, which this terraform provider can interact with +- `auth_token` (String) bearer-token to be used while connecting with GoCD (API: https://api.gocd.org/current/#access-tokens, UI: https://docs.gocd.org/current/configuration/access_tokens.html) cannot co-exist with password based auth. +- `base_url` (String) base url of GoCD server, with which this terraform provider will with (https://gocd.myself.com/go) - `ca_file` (String) CA file contents, to be used while connecting to GoCD server when CA based auth is enabled - `loglevel` (String) loglevel to be set for the api calls made to GoCD - `password` (String) password to be used while connecting with GoCD diff --git a/examples/outputs.tf b/examples/outputs.tf index c66d7fe..b5b9f94 100644 --- a/examples/outputs.tf +++ b/examples/outputs.tf @@ -28,5 +28,5 @@ output "yaml_plugin_settings" { } output "sample_kube_secret_config" { - value = data.gocd_secret_config.sample_kube_secret_config + value = data.gocd_secret_config.sample_kube_secret_config.plugin_id } \ No newline at end of file diff --git a/examples/provider.tf b/examples/provider.tf index 9ac0d67..e5ea031 100644 --- a/examples/provider.tf +++ b/examples/provider.tf @@ -8,8 +8,9 @@ terraform { } provider "gocd" { - base_url = "http://localhost:8153/go" - username = "admin" - password = "admin" - loglevel = "debug" + base_url = "http://localhost:8153/go" + username = "admin" +// password = "admin" + auth_token = "d8fccbc997d04e917b1490af8e7bf46290ab8c99" + loglevel = "debug" } \ No newline at end of file diff --git a/go.mod b/go.mod index 571fdf4..61c356c 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/hashicorp/terraform-plugin-docs v0.13.0 github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.1 github.com/mitchellh/mapstructure v1.5.0 - github.com/nikhilsbhat/gocd-sdk-go v0.0.6-0.20230129100802-7c373980fcad + github.com/nikhilsbhat/gocd-sdk-go v0.0.9-0.20230215164616-e5498f6f001a ) require ( @@ -63,9 +63,9 @@ require ( github.com/vmihailenco/tagparser v0.1.1 // indirect github.com/zclconf/go-cty v1.12.1 // indirect golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d // indirect - golang.org/x/net v0.5.0 // indirect - golang.org/x/sys v0.4.0 // indirect - golang.org/x/text v0.6.0 // indirect + golang.org/x/net v0.7.0 // indirect + golang.org/x/sys v0.5.0 // indirect + golang.org/x/text v0.7.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect google.golang.org/grpc v1.50.1 // indirect diff --git a/go.sum b/go.sum index debb94c..348b6de 100644 --- a/go.sum +++ b/go.sum @@ -205,8 +205,8 @@ github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/nikhilsbhat/gocd-sdk-go v0.0.6-0.20230129100802-7c373980fcad h1:qGOnKx+QY8UavzSzb6+GNtiRnHZnB6VpCtpbRt82pBU= -github.com/nikhilsbhat/gocd-sdk-go v0.0.6-0.20230129100802-7c373980fcad/go.mod h1:3XwSMe/nFH/I0Kt2+ToKKWFyD6yvJb4HaoP0dBHytY4= +github.com/nikhilsbhat/gocd-sdk-go v0.0.9-0.20230215164616-e5498f6f001a h1:GoDypOvoIeWtmjeLM/GyXKJWC/DSbeir9z/e/pKlFkc= +github.com/nikhilsbhat/gocd-sdk-go v0.0.9-0.20230215164616-e5498f6f001a/go.mod h1:3XwSMe/nFH/I0Kt2+ToKKWFyD6yvJb4HaoP0dBHytY4= github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k+Mg7cowZ8yv4Trqw9UsJby758= github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= @@ -291,8 +291,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw= -golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= +golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -323,16 +323,16 @@ golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18= -golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k= -golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 8eac7f2..2b391de 100755 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -31,7 +31,7 @@ func Provider() *schema.Provider { ForceNew: true, Computed: false, DefaultFunc: schema.EnvDefaultFunc("GOCD_BASE_URL", "www.gocd.com"), - Description: "base url of GoCD server, which this terraform provider can interact with", + Description: "base url of GoCD server, with which this terraform provider will with (https://gocd.myself.com/go)", }, "ca_file": { Type: schema.TypeString, @@ -51,12 +51,22 @@ func Provider() *schema.Provider { }, "password": { Type: schema.TypeString, - Required: true, + Optional: true, ForceNew: true, Computed: false, DefaultFunc: schema.EnvDefaultFunc("GOCD_PASSWORD", "password"), Description: "password to be used while connecting with GoCD", }, + "auth_token": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Computed: false, + DefaultFunc: schema.EnvDefaultFunc("GOCD_AUTH_TOKEN", nil), + ConflictsWith: []string{"password"}, + Description: "bearer-token to be used while connecting with GoCD (API: https://api.gocd.org/current/#access-tokens, " + + "UI: https://docs.gocd.org/current/configuration/access_tokens.html) cannot co-exist with password based auth.", + }, "loglevel": { Type: schema.TypeString, Required: true, diff --git a/pkg/client/client.go b/pkg/client/client.go index 258a1b9..3f91774 100644 --- a/pkg/client/client.go +++ b/pkg/client/client.go @@ -10,11 +10,12 @@ import ( func GetGoCDClient(ctx context.Context, d *schema.ResourceData) (interface{}, diag.Diagnostics) { clientCfg := struct { - url string - username string - password string - loglevel string - ca []byte + url string + username string + password string + bearerToken string + loglevel string + ca []byte }{} if baseURL := d.Get("base_url").(string); len(baseURL) == 0 { @@ -35,6 +36,12 @@ func GetGoCDClient(ctx context.Context, d *schema.ResourceData) (interface{}, di clientCfg.password = password } + if authToken, ok := d.GetOk("auth_token"); !ok { + diag.Errorf("'auth_token' was not set") + } else { + clientCfg.bearerToken = authToken.(string) + } + if caFileContent := d.Get("ca_file").(string); len(caFileContent) == 0 { diag.Errorf("'ca_file' was not set") } else { @@ -47,7 +54,13 @@ func GetGoCDClient(ctx context.Context, d *schema.ResourceData) (interface{}, di clientCfg.loglevel = loglevel } - goCDClient := gocd.NewClient(clientCfg.url, clientCfg.username, clientCfg.password, clientCfg.loglevel, clientCfg.ca) + gocdAuth := gocd.Auth{ + UserName: clientCfg.username, + Password: clientCfg.password, + BearerToken: clientCfg.bearerToken, + } + + goCDClient := gocd.NewClient(clientCfg.url, gocdAuth, clientCfg.loglevel, clientCfg.ca) return goCDClient, nil }