[feature] Add an Okta provider (#300)

chanzuckerberg · Jun 19, 2019 · d8349ff · d8349ff
1 parent 020d294
commit d8349ff
Show file tree

Hide file tree

Showing 41 changed files with 738 additions and 20 deletions.
diff --git a/apply/golden_file_test.go b/apply/golden_file_test.go
@@ -30,6 +30,7 @@ func TestIntegration(t *testing.T) {
 		{"v2_no_aws_provider"},
 		{"snowflake_provider"},
 		{"bless_provider"},
+		{"okta_provider"},
 	}
 
 	for _, tc := range testCases {
@@ -42,6 +43,7 @@ func TestIntegration(t *testing.T) {
 			if *updateGoldenFiles {
 				// delete all files except fogg.json
 				e := afero.Walk(testdataFs, ".", func(path string, info os.FileInfo, err error) error {
+					fmt.Printf("\n\n HERE:%s \n\n", path)
 					if !info.IsDir() && path != "fogg.json" {
 						return testdataFs.Remove(path)
 					}
@@ -52,6 +54,7 @@ func TestIntegration(t *testing.T) {
 				conf, e := config.FindAndReadConfig(testdataFs, "fogg.json")
 				a.NoError(e)
 				fmt.Printf("conf %#v\n", conf)
+				fmt.Println("READ CONFIG")
 
 				w, e := conf.Validate()
 				a.NoError(e)

diff --git a/config/v2/config.go b/config/v2/config.go
@@ -71,6 +71,14 @@ type Providers struct {
 	AWS       *AWSProvider       `json:"aws,omitempty"`
 	Snowflake *SnowflakeProvider `json:"snowflake,omitempty"`
 	Bless     *BlessProvider     `json:"bless,omitempty"`
+	Okta      *OktaProvider      `json:"okta,omitempty"`
+}
+
+// OktaProvider is an okta provider
+type OktaProvider struct {
+	// the okta provider is optional (above) but if supplied you must set an OrgName
+	OrgName *string `json:"org_name,omitempty"`
+	Version *string `json:"version,omitempty"`
 }
 
 // BlessProvider allows for terraform-provider-bless configuration
@@ -152,6 +160,16 @@ func (c *Config) Generate(r *rand.Rand, size int) reflect.Value {
 		}
 	}
 
+	randOktaProvider := func(r *rand.Rand, s int) *OktaProvider {
+		if r.Float32() < 0.5 {
+			return nil
+		}
+		return &OktaProvider{
+			Version: randStringPtr(r, s),
+			OrgName: randStringPtr(r, s),
+		}
+	}
+
 	randBlessProvider := func(r *rand.Rand, s int) *BlessProvider {
 		if r.Float32() < 0.5 {
 			return nil
@@ -199,6 +217,7 @@ func (c *Config) Generate(r *rand.Rand, size int) reflect.Value {
 			Providers: &Providers{
 				AWS:       randAWSProvider(r, s),
 				Snowflake: randSnowflakeProvider(r, s),
+				Okta:      randOktaProvider(r, s),
 				Bless:     randBlessProvider(r, s),
 			},
 			TerraformVersion: randStringPtr(r, s),

diff --git a/config/v2/config_test.go b/config/v2/config_test.go
@@ -75,3 +75,24 @@ func TestReadBlessProvider(t *testing.T) {
 	r.Equal("0.0.0", *c.Defaults.Providers.Bless.Version)
 	r.Equal([]string{"a", "b"}, c.Defaults.Providers.Bless.AdditionalRegions)
 }
+
+func TestReadOktaProvider(t *testing.T) {
+	r := require.New(t)
+
+	b, e := util.TestFile("okta_provider")
+	r.NoError(e)
+	r.NotNil(b)
+
+	c, e := ReadConfig(b)
+	r.NoError(e)
+	r.NotNil(c)
+
+	w, e := c.Validate()
+	r.NoError(e)
+	r.Len(w, 0)
+
+	r.NotNil(c.Defaults.Providers)
+	r.NotNil(c.Defaults.Providers.Okta)
+	r.Equal("aversion", *c.Defaults.Providers.Okta.Version)
+	r.Equal("orgname", *c.Defaults.Providers.Okta.OrgName)
+}
diff --git a/config/v2/resolvers.go b/config/v2/resolvers.go
@@ -117,6 +117,19 @@ func ResolveSnowflakeProvider(commons ...Common) *SnowflakeProvider {
 	return nil
 }
 
+func ResolveOktaProvider(commons ...Common) *OktaProvider {
+	orgName := lastNonNil(OktaProviderOrgNameGetter, commons...)
+
+	// required fields
+	if orgName == nil {
+		return nil
+	}
+
+	return &OktaProvider{
+		OrgName: orgName,
+		Version: lastNonNil(OktaProviderVersionGetter, commons...),
+	}
+}
 func ResolveBlessProvider(commons ...Common) *BlessProvider {
 	profile := lastNonNil(BlessProviderProfileGetter, commons...)
 	region := lastNonNil(BlessProviderRegionGetter, commons...)
@@ -285,3 +298,17 @@ func BlessProviderAdditionalRegionsGetter(comm Common) []string {
 	}
 	return comm.Providers.Bless.AdditionalRegions
 }
+
+func OktaProviderVersionGetter(comm Common) *string {
+	if comm.Providers == nil || comm.Providers.Okta == nil {
+		return nil
+	}
+	return comm.Providers.Okta.Version
+}
+
+func OktaProviderOrgNameGetter(comm Common) *string {
+	if comm.Providers == nil || comm.Providers.Okta == nil {
+		return nil
+	}
+	return comm.Providers.Okta.OrgName
+}
diff --git a/config/v2/validation.go b/config/v2/validation.go
@@ -46,6 +46,7 @@ func (c *Config) Validate() ([]string, error) {
 	errs = multierror.Append(errs, c.ValidateAWSProviders())
 	errs = multierror.Append(errs, c.ValidateSnowflakeProviders())
 	errs = multierror.Append(errs, c.ValidateBlessProviders())
+	errs = multierror.Append(errs, c.ValidateOktaProviders())
 	errs = multierror.Append(errs, c.validateModules())
 
 	// refactor to make it easier to manage these
@@ -104,7 +105,21 @@ func (c *Config) ValidateAWSProviders() error {
 	return errs.ErrorOrNil()
 }
 
-func ValidateSnowflakeProvider(p *SnowflakeProvider, component string) error {
+func (p *BlessProvider) Validate(component string) error {
+	var errs *multierror.Error
+	if p == nil {
+		return nil // nothing to do
+	}
+	if p.AWSProfile == nil {
+		errs = multierror.Append(errs, fmt.Errorf("bless provider aws_profile required in %s", component))
+	}
+	if p.AWSRegion == nil {
+		errs = multierror.Append(errs, fmt.Errorf("bless provider aws_region required in %s", component))
+	}
+	return errs
+}
+
+func (p *SnowflakeProvider) Validate(component string) error {
 	var errs *multierror.Error
 	if p == nil {
 		return nil // nothing to do
@@ -125,39 +140,44 @@ func ValidateSnowflakeProvider(p *SnowflakeProvider, component string) error {
 	return errs
 }
 
-func (c *Config) ValidateSnowflakeProviders() error {
+func (o *OktaProvider) Validate(component string) error {
 	var errs *multierror.Error
+	if o == nil {
+		return nil
+	}
+	if o.OrgName == nil {
+		errs = multierror.Append(errs, fmt.Errorf("okta provider org_name required in %s", component))
+	}
+	return errs
+}
 
+func (c *Config) ValidateSnowflakeProviders() error {
+	var errs *multierror.Error
 	c.WalkComponents(func(component string, comms ...Common) {
-		v := ResolveSnowflakeProvider(comms...)
-		if e := ValidateSnowflakeProvider(v, component); e != nil {
+		p := ResolveSnowflakeProvider(comms...)
+		if e := p.Validate(component); e != nil {
 			errs = multierror.Append(errs, e)
 		}
 	})
-
 	return errs.ErrorOrNil()
 }
 
-func ValidateBlessProvider(p *BlessProvider, component string) error {
+func (c *Config) ValidateOktaProviders() error {
 	var errs *multierror.Error
-	if p == nil {
-		return nil // nothing to do
-	}
-
-	if p.AWSProfile == nil {
-		errs = multierror.Append(errs, fmt.Errorf("bless provider aws_profile required in %s", component))
-	}
-	if p.AWSRegion == nil {
-		errs = multierror.Append(errs, fmt.Errorf("bless provider aws_region required in %s", component))
-	}
+	c.WalkComponents(func(component string, comms ...Common) {
+		p := ResolveOktaProvider(comms...)
+		if err := p.Validate(component); err != nil {
+			errs = multierror.Append(errs, err)
+		}
+	})
 	return errs
 }
 
 func (c *Config) ValidateBlessProviders() error {
 	var errs *multierror.Error
 	c.WalkComponents(func(component string, comms ...Common) {
-		v := ResolveBlessProvider(comms...)
-		if err := ValidateBlessProvider(v, component); err != nil {
+		p := ResolveBlessProvider(comms...)
+		if err := p.Validate(component); err != nil {
 			errs = multierror.Append(errs, err)
 		}
 	})

diff --git a/plan/plan.go b/plan/plan.go
@@ -42,6 +42,7 @@ type Providers struct {
 	AWS       *AWSProvider       `yaml:"aws"`
 	Snowflake *SnowflakeProvider `yaml:"snowflake"`
 	Bless     *BlessProvider     `yaml:"bless"`
+	Okta      *OktaProvider      `yaml:"okta"`
 }
 
 type AWSProvider struct {
@@ -59,6 +60,11 @@ type SnowflakeProvider struct {
 	Version *string `yaml:"version,omitempty"`
 }
 
+type OktaProvider struct {
+	OrgName string  `json:"org_name,omitempty"`
+	Version *string `json:"version,omitempty"`
+}
+
 type BlessProvider struct {
 	AdditionalRegions []string `yaml:"additional_regions,omitempty"`
 	AWSProfile        string   `yaml:"aws_profile,omitempty"`
@@ -272,6 +278,15 @@ func resolveComponentCommon(commons ...v2.Common) ComponentCommon {
 		}
 	}
 
+	var oktaPlan *OktaProvider
+	oktaConfig := v2.ResolveOktaProvider(commons...)
+	if oktaConfig != nil {
+		oktaPlan = &OktaProvider{
+			OrgName: *oktaConfig.OrgName,
+			Version: oktaConfig.Version,
+		}
+	}
+
 	var blessPlan *BlessProvider
 	blessConfig := v2.ResolveBlessProvider(commons...)
 	if blessConfig != nil && blessConfig.AWSProfile != nil && blessConfig.AWSRegion != nil {
@@ -300,6 +315,7 @@ func resolveComponentCommon(commons ...v2.Common) ComponentCommon {
 			AWS:       awsPlan,
 			Snowflake: snowflakePlan,
 			Bless:     blessPlan,
+			Okta:      oktaPlan,
 		},
 		TfLint:    tfLintPlan,
 		ExtraVars: v2.ResolveStringMap(v2.ExtraVarsGetter, commons...),

diff --git a/templates/account/fogg.tf.tmpl b/templates/account/fogg.tf.tmpl
@@ -31,7 +31,9 @@
   {{ template "bless_provider" .Providers.Bless }}
 {{ end }}
 
-
+{{ if .Providers.Okta}}
+  {{ template "okta_provider" .Providers.Okta}}
+{{ end }}
 
 terraform {
   required_version = "={{ .TerraformVersion }}"

diff --git a/templates/common/okta_provider.tmpl b/templates/common/okta_provider.tmpl
@@ -0,0 +1,10 @@
+{{define "okta_provider"}}
+
+// https://github.com/articulate/terraform-provider-okta
+provider "okta" {
+  {{ if .Version -}}
+  version = "~>{{ .Version }}"
+  {{ end -}}
+  org_name = "{{ .OrgName }}"
+}
+{{ end }}
diff --git a/templates/component/terraform/fogg.tf.tmpl b/templates/component/terraform/fogg.tf.tmpl
@@ -31,6 +31,9 @@
   {{ template "bless_provider" .Providers.Bless }}
 {{ end }}
 
+{{ if .Providers.Okta}}
+  {{ template "okta_provider" .Providers.Okta}}
+{{ end }}
 
 terraform {
   required_version = "~>{{ .TerraformVersion }}"

diff --git a/templates/global/fogg.tf.tmpl b/templates/global/fogg.tf.tmpl
@@ -30,6 +30,10 @@
   {{ template "bless_provider" .Providers.Bless }}
 {{ end }}
 
+{{ if .Providers.Okta}}
+  {{ template "okta_provider" .Providers.Okta}}
+{{ end }}
+
 terraform {
   required_version = "~>{{ .TerraformVersion }}"
 

diff --git a/testdata/okta_provider/.fogg-version b/testdata/okta_provider/.fogg-version
@@ -0,0 +1 @@
+undefined+undefined+dirty
diff --git a/testdata/okta_provider/.gitattributes b/testdata/okta_provider/.gitattributes
@@ -0,0 +1,2 @@
+fogg.tf linguist-generated
+Makefile linguist-generated
diff --git a/testdata/okta_provider/.gitignore b/testdata/okta_provider/.gitignore
@@ -0,0 +1,29 @@
+# Auto-generated by fogg. Do not edit
+# Make improvements in fogg, so that everyone can benefit.
+
+# Compiled files
+*.tfstate
+*.tfstate.*.backup
+*.tfstate.backup
+*tfvars
+
+# Module directory
+.terraform/
+
+# Pycharm folder
+.idea
+
+# Editor Swap Files
+*.swp
+*.swo
+*.swn
+*.swm
+*.swl
+*.swk
+
+.fogg
+/terraform.d
+
+.DS_Store
+.vscode
+.envrc
diff --git a/testdata/okta_provider/.terraform.d/plugin-cache/.gitignore b/testdata/okta_provider/.terraform.d/plugin-cache/.gitignore
@@ -0,0 +1,5 @@
+# Auto-generated by fogg. Do not edit
+# Make improvements in fogg, so that everyone can benefit.
+
+*
+!.gitignore
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		fogg.tf linguist-generated
		Makefile linguist-generated