Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PLT-1346: Introduce Basic OCI #500

Merged
merged 9 commits into from
Sep 23, 2024
Merged

PLT-1346: Introduce Basic OCI #500

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
c39ab84
feat: introduce basic oci
wcrum Aug 15, 2024
1c813ab
fix: make reviewable, updated oci.md
wcrum Aug 15, 2024
d47d10c
fix: add read function
wcrum Aug 21, 2024
4ffaaf0
fix: default provider_type and remove space
wcrum Aug 23, 2024
cfab48a
Merge branch 'main' into PLT-1346
SivaanandM Aug 28, 2024
79ee433
Update resource_registry_oci_ecr.go
SivaanandM Aug 28, 2024
6a65df8
Merge branch 'main' into PLT-1346
SivaanandM Sep 23, 2024
465b2e3
PLT-1346: Fixed basic auth type for ecr registry
SivaanandM Sep 23, 2024
b661512
reviewble test
SivaanandM Sep 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions docs/resources/registry_oci.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ resource "spectrocloud_registry_oci" "r1" {

### Optional

- `provider_type` (String)
- `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))

### Read-Only
Expand All @@ -57,7 +58,9 @@ Optional:
- `access_key` (String)
- `arn` (String)
- `external_id` (String)
- `password` (String, Sensitive)
- `secret_key` (String, Sensitive)
- `username` (String)


<a id="nestedblock--timeouts"></a>
Expand Down
8 changes: 4 additions & 4 deletions spectrocloud/resource_registry_helm.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ func resourceRegistryHelm() *schema.Resource {
}

func resourceRegistryHelmCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
c := getV1ClientWithResourceContext(m, "")
c := getV1ClientWithResourceContext(m, "tenant")
var diags diag.Diagnostics

registry := toRegistryEntityHelm(d)
Expand All @@ -85,7 +85,7 @@ func resourceRegistryHelmCreate(ctx context.Context, d *schema.ResourceData, m i
}

func resourceRegistryHelmRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
c := getV1ClientWithResourceContext(m, "")
c := getV1ClientWithResourceContext(m, "tenant")
var diags diag.Diagnostics

registry, err := c.GetHelmRegistry(d.Id())
Expand Down Expand Up @@ -141,7 +141,7 @@ func resourceRegistryHelmRead(ctx context.Context, d *schema.ResourceData, m int
}

func resourceRegistryHelmUpdate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
c := getV1ClientWithResourceContext(m, "")
c := getV1ClientWithResourceContext(m, "tenant")
var diags diag.Diagnostics

registry := toRegistryHelm(d)
Expand All @@ -154,7 +154,7 @@ func resourceRegistryHelmUpdate(ctx context.Context, d *schema.ResourceData, m i
}

func resourceRegistryHelmDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
c := getV1ClientWithResourceContext(m, "")
c := getV1ClientWithResourceContext(m, "tenant")
var diags diag.Diagnostics
err := c.DeleteHelmRegistry(d.Id())
if err != nil {
Expand Down
220 changes: 164 additions & 56 deletions spectrocloud/resource_registry_oci_ecr.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"fmt"
"time"

"github.com/go-openapi/strfmt"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
Expand Down Expand Up @@ -34,9 +35,10 @@ func resourceRegistryOciEcr() *schema.Resource {
ForceNew: true,
},
"type": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validation.StringInSlice([]string{"ecr", "basic"}, false),
},
"is_private": {
Type: schema.TypeBool,
Expand All @@ -46,6 +48,11 @@ func resourceRegistryOciEcr() *schema.Resource {
Type: schema.TypeString,
Required: true,
},
"provider_type": {
Type: schema.TypeString,
Optional: true,
Default: "helm",
},
"credentials": {
Type: schema.TypeList,
Required: true,
Expand All @@ -55,7 +62,7 @@ func resourceRegistryOciEcr() *schema.Resource {
"credential_type": {
Type: schema.TypeString,
Required: true,
ValidateFunc: validation.StringInSlice([]string{"secret", "sts"}, false),
ValidateFunc: validation.StringInSlice([]string{"secret", "sts", "basic", "noAuth"}, false),
},
"access_key": {
Type: schema.TypeString,
Expand All @@ -74,6 +81,15 @@ func resourceRegistryOciEcr() *schema.Resource {
Type: schema.TypeString,
Optional: true,
},
"username": {
Type: schema.TypeString,
Optional: true,
},
"password": {
Type: schema.TypeString,
Optional: true,
Sensitive: true,
},
},
},
},
Expand All @@ -82,88 +98,148 @@ func resourceRegistryOciEcr() *schema.Resource {
}

func resourceRegistryEcrCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
c := getV1ClientWithResourceContext(m, "")
c := getV1ClientWithResourceContext(m, "tenant")
var diags diag.Diagnostics

registry := toRegistryEcr(d)
uid, err := c.CreateOciEcrRegistry(registry)
if err != nil {
return diag.FromErr(err)
registryType := d.Get("type").(string)

if registryType == "ecr" {
registry := toRegistryEcr(d)

uid, err := c.CreateOciEcrRegistry(registry)
if err != nil {
return diag.FromErr(err)
}
d.SetId(uid)
} else if registryType == "basic" {
registry := toRegistryBasic(d)

uid, err := c.CreateOciBasicRegistry(registry)
if err != nil {
return diag.FromErr(err)
}

d.SetId(uid)
}
d.SetId(uid)

return diags
}

func resourceRegistryEcrRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
c := getV1ClientWithResourceContext(m, "")
c := getV1ClientWithResourceContext(m, "tenant")
var diags diag.Diagnostics

registry, err := c.GetOciEcrRegistry(d.Id())
if err != nil {
return diag.FromErr(err)
} else if registry == nil {
// Deleted - Terraform will recreate it
d.SetId("")
registryType := d.Get("type").(string)

if registryType == "ecr" {
registry, err := c.GetOciEcrRegistry(d.Id())
if err != nil {
return diag.FromErr(err)
} else if registry == nil {
// Deleted - Terraform will recreate it
d.SetId("")
return diags
}

if err := d.Set("name", registry.Metadata.Name); err != nil {
return diag.FromErr(err)
}
if err := d.Set("is_private", registry.Spec.IsPrivate); err != nil {
return diag.FromErr(err)
}
if err := d.Set("endpoint", registry.Spec.Endpoint); err != nil {
return diag.FromErr(err)
}
switch registry.Spec.Credentials.CredentialType {
case models.V1AwsCloudAccountCredentialTypeSts:
credentials := make([]interface{}, 0, 1)
acc := make(map[string]interface{})
acc["arn"] = registry.Spec.Credentials.Sts.Arn
acc["external_id"] = registry.Spec.Credentials.Sts.ExternalID
acc["credential_type"] = models.V1AwsCloudAccountCredentialTypeSts
credentials = append(credentials, acc)
if err := d.Set("credentials", credentials); err != nil {
return diag.FromErr(err)
}
case models.V1AwsCloudAccountCredentialTypeSecret:
credentials := make([]interface{}, 0, 1)
acc := make(map[string]interface{})
acc["access_key"] = registry.Spec.Credentials.AccessKey
acc["credential_type"] = models.V1AwsCloudAccountCredentialTypeSecret
credentials = append(credentials, acc)
if err := d.Set("credentials", credentials); err != nil {
return diag.FromErr(err)
}
default:
errMsg := fmt.Sprintf("Registry type %s not implemented.", registry.Spec.Credentials.CredentialType)
err = errors.New(errMsg)
return diag.FromErr(err)
}
return diags
}

if err := d.Set("name", registry.Metadata.Name); err != nil {
return diag.FromErr(err)
}
if err := d.Set("is_private", registry.Spec.IsPrivate); err != nil {
return diag.FromErr(err)
}
if err := d.Set("endpoint", registry.Spec.Endpoint); err != nil {
return diag.FromErr(err)
}
switch registry.Spec.Credentials.CredentialType {
case models.V1AwsCloudAccountCredentialTypeSts:
credentials := make([]interface{}, 0, 1)
acc := make(map[string]interface{})
acc["arn"] = registry.Spec.Credentials.Sts.Arn
acc["external_id"] = registry.Spec.Credentials.Sts.ExternalID
acc["credential_type"] = models.V1AwsCloudAccountCredentialTypeSts
credentials = append(credentials, acc)
if err := d.Set("credentials", credentials); err != nil {
} else if registryType == "basic" {
registry, err := c.GetOciBasicRegistry(d.Id())
if err != nil {
return diag.FromErr(err)
} else if registry == nil {
// Deleted - Terraform will recreate it
d.SetId("")
return diags
}

if err := d.Set("name", registry.Metadata.Name); err != nil {
return diag.FromErr(err)
}
case models.V1AwsCloudAccountCredentialTypeSecret:
credentials := make([]interface{}, 0, 1)
acc := make(map[string]interface{})
acc["access_key"] = registry.Spec.Credentials.AccessKey
acc["credential_type"] = models.V1AwsCloudAccountCredentialTypeSecret
credentials = append(credentials, acc)
if err := d.Set("credentials", credentials); err != nil {
if err := d.Set("endpoint", registry.Spec.Endpoint); err != nil {
return diag.FromErr(err)
}
default:
errMsg := fmt.Sprintf("Registry type %s not implemented.", registry.Spec.Credentials.CredentialType)
err = errors.New(errMsg)
return diag.FromErr(err)
if err := d.Set("provider_type", registry.Spec.ProviderType); err != nil {
return diag.FromErr(err)
}
return diags
}

return diags
}

func resourceRegistryEcrUpdate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
c := getV1ClientWithResourceContext(m, "")
c := getV1ClientWithResourceContext(m, "tenant")
var diags diag.Diagnostics

registry := toRegistryEcr(d)
err := c.UpdateOciEcrRegistry(d.Id(), registry)
if err != nil {
return diag.FromErr(err)
registryType := d.Get("type").(string)

if registryType == "ecr" {
registry := toRegistryEcr(d)
err := c.UpdateOciEcrRegistry(d.Id(), registry)
if err != nil {
return diag.FromErr(err)
}
} else if registryType == "basic" {
registry := toRegistryBasic(d)
err := c.UpdateOciBasicRegistry(d.Id(), registry)
if err != nil {
return diag.FromErr(err)
}
}

return diags
}

func resourceRegistryEcrDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
c := getV1ClientWithResourceContext(m, "")
c := getV1ClientWithResourceContext(m, "tenant")
var diags diag.Diagnostics
err := c.DeleteOciEcrRegistry(d.Id())
if err != nil {
return diag.FromErr(err)

registryType := d.Get("type").(string)
if registryType == "ecr" {
err := c.DeleteOciEcrRegistry(d.Id())
if err != nil {
return diag.FromErr(err)
}
} else if registryType == "basic" {
err := c.DeleteOciBasicRegistry(d.Id())
if err != nil {
return diag.FromErr(err)
}
}

return diags
Expand All @@ -185,6 +261,38 @@ func toRegistryEcr(d *schema.ResourceData) *models.V1EcrRegistry {
}
}

func toRegistryBasic(d *schema.ResourceData) *models.V1BasicOciRegistry {
endpoint := d.Get("endpoint").(string)
provider := d.Get("provider_type").(string)
authConfig := d.Get("credentials").([]interface{})[0].(map[string]interface{})

var username, password string

username = authConfig["username"].(string)
password = authConfig["password"].(string)

return &models.V1BasicOciRegistry{
Metadata: &models.V1ObjectMeta{
Name: d.Get("name").(string),
},
Spec: &models.V1BasicOciRegistrySpec{
Endpoint: &endpoint,
ProviderType: &provider,
BaseContentPath: "",
Auth: &models.V1RegistryAuth{
Username: username,
Password: strfmt.Password(password),
Type: "basic",
TLS: &models.V1TLSConfiguration{
Enabled: true,
InsecureSkipVerify: false,
},
},
},
}

}

func toRegistryAwsAccountCredential(regCred map[string]interface{}) *models.V1AwsCloudAccount {
account := &models.V1AwsCloudAccount{}
if len(regCred["credential_type"].(string)) == 0 || regCred["credential_type"].(string) == "secret" {
Expand Down
Loading