IN-6783-Provider-Onboarding-Resource (#165)

dome9 · Mar 30, 2023 · 03d0745 · 03d0745
1 parent e50c721
commit 03d0745
Show file tree

Hide file tree

Showing 29 changed files with 1,346 additions and 81 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -42,4 +42,7 @@ jobs:
           CLIENT_X509_CERT_URL: ${{ secrets.TEST_GCP_CLIENT_X509_CERT_URL }}
           ALIBABA_ACCESS_KEY: ${{ secrets.TEST_ALIBABA_ACCESS_KEY }}
           ALIBABA_ACCESS_SECRET: ${{ secrets.TEST_ALIBABA_ACCESS_SECRET }}
+          OCI_TENANCY_ID: ${{ secrets.OCI_TENANCY_ID }}
+          OCI_HOME_REGION: ${{ secrets.OCI_HOME_REGION }}
+          OCI_USER_OCID: ${{ secrets.OCI_USER_OCID }}
         run: go test -v -timeout 2400s ./...
diff --git a/dome9/common/resourcetype/resource_type.go b/dome9/common/resourcetype/resource_type.go
@@ -6,6 +6,8 @@ const (
 	CloudAccountAWS                              = "dome9_cloudaccount_aws"
 	CloudAccountAzure                            = "dome9_cloudaccount_azure"
 	CloudAccountGCP                              = "dome9_cloudaccount_gcp"
+	CloudAccountOCI                              = "dome9_cloudaccount_oci"
+	CloudAccountOCITempData                      = "dome9_cloudaccount_oci_temp_data"
 	CloudAccountKubernetes                       = "dome9_cloudaccount_kubernetes"
 	IPList                                       = "dome9_iplist"
 	ContinuousCompliancePolicy                   = "dome9_continuous_compliance_policy"

diff --git a/dome9/common/testing/environmentvariable/environment_variable.go b/dome9/common/testing/environmentvariable/environment_variable.go
@@ -11,6 +11,13 @@ const (
 	CloudAccountAlibabaEnvVarAccessSecret = "ALIBABA_ACCESS_SECRET"
 )
 
+// Oci environment variable
+const (
+	CloudAccountOciEnvVarTenancyId  = "OCI_TENANCY_ID"
+	CloudAccountOciEnvVarHomeRegion = "OCI_HOME_REGION"
+	CloudAccountOciEnvVarUserOcid   = "OCI_USER_OCID"
+)
+
 // AWS environment variable
 const (
 	CloudAccountAWSEnvVarArn        = "ARN"

diff --git a/dome9/common/testing/variable/variable.go b/dome9/common/testing/variable/variable.go
@@ -7,6 +7,12 @@ const (
 	CloudAccountAlibabaVendor               = "alibaba"
 )
 
+// oci resource/data source
+const (
+	CloudAccountOciCreationResourceName = "test_cloudaccount_oci"
+	CloudAccountOciVendor               = "oci"
+)
+
 // aws resource/data source
 const (
 	CloudAccountAWSCreationResourceName    = "test_cloudaccount_aws"
@@ -141,7 +147,6 @@ const (
 	}`
 
 	DataSourceSuffix                    = "Data"
-	AwsUnifiedOnbordingTemplateUrl      = `https://cloudguard-unified-onboarding-common.s3.amazonaws.com/4.5.0/templates/role_based/onboarding.yml`
 	AwsUnifiedOnbordingIamCapabilities0 = `CAPABILITY_IAM`
 	AwsUnifiedOnbordingIamCapabilities1 = `CAPABILITY_NAMED_IAM`
 	AwsUnifiedOnbordingIamCapabilities2 = `CAPABILITY_AUTO_EXPAND`

diff --git a/dome9/config.go b/dome9/config.go
@@ -6,16 +6,17 @@ import (
 
 	"github.com/dome9/dome9-sdk-go/dome9"
 	"github.com/dome9/dome9-sdk-go/services/admissioncontrol/admission_policy"
-	"github.com/dome9/dome9-sdk-go/services/imageassurance/imageassurance_policy"
 	"github.com/dome9/dome9-sdk-go/services/cloudaccounts/alibaba"
 	"github.com/dome9/dome9-sdk-go/services/cloudaccounts/aws"
 	"github.com/dome9/dome9-sdk-go/services/cloudaccounts/azure"
 	"github.com/dome9/dome9-sdk-go/services/cloudaccounts/gcp"
 	"github.com/dome9/dome9-sdk-go/services/cloudaccounts/k8s"
+	"github.com/dome9/dome9-sdk-go/services/cloudaccounts/oci"
 	"github.com/dome9/dome9-sdk-go/services/cloudsecuritygroup/securitygroupaws"
 	"github.com/dome9/dome9-sdk-go/services/cloudsecuritygroup/securitygroupazure"
 	"github.com/dome9/dome9-sdk-go/services/compliance/continuous_compliance_notification"
 	"github.com/dome9/dome9-sdk-go/services/compliance/continuous_compliance_policy"
+	"github.com/dome9/dome9-sdk-go/services/imageassurance/imageassurance_policy"
 	"github.com/dome9/dome9-sdk-go/services/iplist"
 	"github.com/dome9/dome9-sdk-go/services/organizationalunits"
 	"github.com/dome9/dome9-sdk-go/services/roles"
@@ -37,6 +38,7 @@ type Client struct {
 	cloudaccountGCP                  gcp.Service
 	cloudaccountKubernetes           k8s.Service
 	cloudaccountAlibaba              alibaba.Service
+	cloudaccountOci                  oci.Service
 	continuousCompliancePolicy       continuous_compliance_policy.Service
 	continuousComplianceNotification continuous_compliance_notification.Service
 	ruleSet                          rulebundles.Service
@@ -67,6 +69,7 @@ func (c *Config) Client() (*Client, error) {
 	client := &Client{
 		iplist:                           *iplist.New(config),
 		cloudaccountAlibaba:              *alibaba.New(config),
+		cloudaccountOci:                  *oci.New(config),
 		cloudaccountAWS:                  *aws.New(config),
 		cloudaccountAzure:                *azure.New(config),
 		cloudaccountGCP:                  *gcp.New(config),

diff --git a/dome9/data_source_dome9_cloudaccount_oci.go b/dome9/data_source_dome9_cloudaccount_oci.go
@@ -0,0 +1,107 @@
+package dome9
+
+import (
+	"github.com/dome9/dome9-sdk-go/services/cloudaccounts/oci"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/terraform-providers/terraform-provider-dome9/dome9/common/testing/variable"
+	"log"
+)
+
+func dataSourceCloudAccountOCI() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceOciRead,
+
+		Schema: map[string]*schema.Schema{
+			"id": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"tenancy_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"home_region": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"organizational_unit_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"name": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"credentials": {
+				Type:     schema.TypeMap,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"user": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"fingerprint": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"public_key": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+			"creation_date": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"organizational_unit_path": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"organizational_unit_name": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"vendor": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceOciRead(d *schema.ResourceData, meta interface{}) error {
+	d9Client := meta.(*Client)
+
+	id := d.Get("id").(string)
+	log.Printf("Getting data for cloud account %s with id %s\n", variable.CloudAccountOciVendor, id)
+
+	ociCloudAccount, _, err := d9Client.cloudaccountOci.Get(id)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(ociCloudAccount.ID)
+	_ = d.Set("name", ociCloudAccount.Name)
+	// Converting the timestamp to string in the format yyyy-MM-dd HH:mm:ss
+	_ = d.Set("creation_date", ociCloudAccount.CreationDate.Format("2006-01-02 15:04:05"))
+	_ = d.Set("tenancy_id", ociCloudAccount.TenancyId)
+	_ = d.Set("home_region", ociCloudAccount.HomeRegion)
+	_ = d.Set("organizational_unit_id", ociCloudAccount.OrganizationalUnitID)
+	_ = d.Set("credentials", setOciCredentials(ociCloudAccount.Credentials))
+	_ = d.Set("organizational_unit_path", ociCloudAccount.OrganizationalUnitPath)
+	_ = d.Set("organizational_unit_name", ociCloudAccount.OrganizationalUnitName)
+	_ = d.Set("vendor", ociCloudAccount.Vendor)
+
+	return nil
+}
+
+func setOciCredentials(credentials oci.CloudAccountCredentialsResponse) map[string]interface{} {
+	return map[string]interface{}{
+		"user":        credentials.User,
+		"fingerprint": credentials.Fingerprint,
+		"publicKey":   credentials.PublicKey,
+	}
+}
diff --git a/dome9/data_source_dome9_cloudaccount_oci_test.go b/dome9/data_source_dome9_cloudaccount_oci_test.go
@@ -0,0 +1,37 @@
+package dome9
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/terraform-providers/terraform-provider-dome9/dome9/common/resourcetype"
+	"github.com/terraform-providers/terraform-provider-dome9/dome9/common/testing/method"
+	"testing"
+)
+
+func TestAccDataSourceCloudAccountOciBasic(t *testing.T) {
+	resourceTypeAndName, dataSourceTypeAndName, generatedName := method.GenerateRandomSourcesTypeAndName(resourcetype.CloudAccountOCI)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+			testAccCloudAccountOciEnvVarsPreCheck(t)
+		},
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckCloudAccountOciDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCheckCloudAccountOciConfigure(resourceTypeAndName, generatedName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "id", resourceTypeAndName, "id"),
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "name", resourceTypeAndName, "name"),
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "tenancy_id", resourceTypeAndName, "tenancy_id"),
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "home_region", resourceTypeAndName, "home_region"),
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "organizational_unit_id", resourceTypeAndName, "organizational_unit_id"),
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "credentials", resourceTypeAndName, "credentials"),
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "organizational_unit_path", resourceTypeAndName, "organizational_unit_path"),
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "organizational_unit_name", resourceTypeAndName, "organizational_unit_name"),
+					resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "vendor", resourceTypeAndName, "vendor"),
+				),
+			},
+		},
+	})
+}
diff --git a/dome9/provider.go b/dome9/provider.go
@@ -39,6 +39,8 @@ func Provider() terraform.ResourceProvider {
 			resourcetype.IPList:                           resourceIpList(),
 			resourcetype.CloudAccountAlibaba:              resourceCloudAccountAlibaba(),
 			resourcetype.CloudAccountAWS:                  resourceCloudAccountAWS(),
+			resourcetype.CloudAccountOCI:                  resourceCloudAccountOCI(),
+			resourcetype.CloudAccountOCITempData:          resourceCloudAccountOciTempData(),
 			resourcetype.CloudAccountGCP:                  resourceCloudAccountGCP(),
 			resourcetype.CloudAccountAzure:                resourceCloudAccountAzure(),
 			resourcetype.CloudAccountKubernetes:           resourceCloudAccountKubernetes(),
@@ -64,6 +66,7 @@ func Provider() terraform.ResourceProvider {
 			resourcetype.IPList:                                       dataSourceIpList(),
 			resourcetype.CloudAccountAlibaba:                          dataSourceCloudAccountAlibaba(),
 			resourcetype.CloudAccountAWS:                              dataSourceCloudAccountAWS(),
+			resourcetype.CloudAccountOCI:                              dataSourceCloudAccountOCI(),
 			resourcetype.AwsUnifiedOnboardingUpdateVersionStackConfig: dataSourceAwsUnifiedOnboardingUpdateVersionStackConfig(),
 			resourcetype.AwsUnifiedOnboarding:                         dataSourceAwsUnifiedOnboarding(),
 			resourcetype.CloudAccountGCP:                              dataSourceCloudAccountGCP(),