Merge pull request #10 from ksoclabs/Add_Azure_Support

Add Azure Support and Make AWS use Generic Registration Endpoint
ksoclabs · Nov 10, 2023 · 730009c · 730009c
2 parents 8b03023 + 196d46f
commit 730009c
Show file tree

Hide file tree

Showing 8 changed files with 192 additions and 21 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -26,14 +26,19 @@ jobs:
       - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
         with:
           go-version-file: 'go.mod'
-          cache: true
+          cache: false
       - run: go mod download
       - run: go build -v .
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
       - name: Run linters
         uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0
         with:
           version: latest
-
 #  generate:
 #    runs-on: ubuntu-latest
 #    steps:

diff --git a/docs/resources/aws_register.md b/docs/resources/aws_register.md
@@ -3,12 +3,12 @@
 page_title: "ksoc_aws_register Resource - terraform-provider-ksoc"
 subcategory: ""
 description: |-
-  Register service with Ksoc
+  Register AWS account with Ksoc
 ---
 
 # ksoc_aws_register (Resource)
 
-Register service with Ksoc
+Register AWS account with Ksoc
 
 
 

diff --git a/docs/resources/azure_register.md b/docs/resources/azure_register.md
@@ -0,0 +1,27 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "ksoc_azure_register Resource - terraform-provider-ksoc"
+subcategory: ""
+description: |-
+  Register Azure Subscription and Tenant with Ksoc
+---
+
+# ksoc_azure_register (Resource)
+
+Register Azure Subscription and Tenant with Ksoc
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `subscription_id` (String) Subscription ID to use
+- `tenant_id` (String, Sensitive) Azure Tenant to use when gathering resources
+
+### Read-Only
+
+- `api_path` (String) Target of the API path
+- `id` (String) The ID of this resource.
+- `ksoc_registered` (Boolean) Target of the API path
diff --git a/examples/resources/azure_register/main.tf b/examples/resources/azure_register/main.tf
@@ -0,0 +1,4 @@
+resource "ksoc_azure_register" "this" {
+  subscription_id = "123"
+  tenant_id       = "456"
+}
diff --git a/go.sum b/go.sum
@@ -31,7 +31,6 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
 github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
-github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E=
 github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68=
 github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -102,7 +101,6 @@ github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq
 github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
 github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
-github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
 github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
@@ -130,7 +128,6 @@ github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2c
 github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
 github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
 github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
-github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU=
 github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8=
 github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0=
@@ -151,7 +148,6 @@ github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBO
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww=
 github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY=
-github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4=
 github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
 github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8=
 github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
@@ -176,7 +172,6 @@ github.com/vmihailenco/tagparser v0.1.2/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgq
 github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s=
 github.com/zclconf/go-cty v1.13.2 h1:4GvrUxe/QUDYuJKAav4EYqdM47/kZa672LwmXFmEKT0=
 github.com/zclconf/go-cty v1.13.2/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0=
-github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@@ -240,7 +235,6 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
-gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

diff --git a/internal/ksoc/provider.go b/internal/ksoc/provider.go
@@ -37,7 +37,8 @@ func New(version string) func() *schema.Provider {
 				},
 			},
 			ResourcesMap: map[string]*schema.Resource{
-				"ksoc_aws_register": resourceAwsRegister(),
+				"ksoc_aws_register":   resourceAwsRegister(),
+				"ksoc_azure_register": resourceAzureRegister(),
 			},
 			ConfigureContextFunc: configureProvider,
 		}
@@ -61,3 +62,23 @@ func configureProvider(ctx context.Context, d *schema.ResourceData) (interface{}
 
 	return &config, nil
 }
+
+type RegistrationPayload struct {
+	Type        string      `json:"type"`
+	Credentials Credentials `json:"credentials"`
+}
+
+type Credentials struct {
+	AzureSubscription AzureSubscriptionCredential `json:"azure_subscription"`
+	AWSAccount        AWSAccountCredential        `json:"aws_account"`
+}
+
+type AWSAccountCredential struct {
+	AWSAccountID string `db:"aws_account_id" json:"aws_account_id"`
+	AWSRoleArn   string `db:"aws_role_arn" json:"aws_role_arn"`
+}
+
+type AzureSubscriptionCredential struct {
+	TenantID       string `json:"tenant_id"`
+	SubscriptionID string `json:"subscription_id"`
+}
diff --git a/internal/ksoc/resource_aws_register.go b/internal/ksoc/resource_aws_register.go
@@ -12,7 +12,7 @@ import (
 
 func resourceAwsRegister() *schema.Resource {
 	return &schema.Resource{
-		Description: "Register service with Ksoc",
+		Description: "Register AWS account with Ksoc",
 
 		CreateContext: resourceAwsRegisterCreate,
 		ReadContext:   resourceAwsRegisterRead,
@@ -84,19 +84,19 @@ func resourceAwsRegisterGeneric(ctx context.Context, httpMethod string, d *schem
 	config := meta.(*Config)
 	apiUrlBase := config.KsocApiUrl
 
-	targetURI := apiUrlBase + "/cloud/aws/register"
+	targetURI := apiUrlBase + "/cloud/register"
 	accessKey := config.AccessKeyId
 	secretKey := config.SecretKey
 	awsAccountID := d.Get("aws_account_id").(string)
 
-	type Payload struct {
-		AwsAccountId string `json:"aws_account_id"`
-		AwsRoleArn   string `json:"aws_role_arn"`
-	}
-
-	payload := &Payload{
-		AwsAccountId: awsAccountID,
-		AwsRoleArn:   "arn:aws:iam::" + awsAccountID + ":role/ksoc-connect",
+	payload := &RegistrationPayload{
+		Type: "aws",
+		Credentials: Credentials{
+			AWSAccount: AWSAccountCredential{
+				AWSAccountID: awsAccountID,
+				AWSRoleArn:   "arn:aws:iam::" + awsAccountID + ":role/ksoc-connect",
+			},
+		},
 	}
 
 	statusCode, _, diags := request.AuthenticatedRequest(ctx, apiUrlBase, httpMethod, targetURI, accessKey, secretKey, payload)

diff --git a/internal/ksoc/resource_azure_register.go b/internal/ksoc/resource_azure_register.go
@@ -0,0 +1,120 @@
+package ksoc
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/ksoclabs/terraform-provider-ksoc/internal/request"
+)
+
+func resourceAzureRegister() *schema.Resource {
+	return &schema.Resource{
+		Description: "Register Azure Subscription and Tenant with Ksoc",
+
+		CreateContext: resourceAzureRegisterCreate,
+		ReadContext:   resourceAzureRegisterRead,
+		UpdateContext: resourceAzureRegisterUpdate,
+		DeleteContext: resourceAzureRegisterDelete,
+
+		Schema: map[string]*schema.Schema{
+			"subscription_id": {
+				Type:        schema.TypeString,
+				Description: "Subscription ID to use",
+				//ForceNew:    true,
+				Required: true,
+			},
+			"tenant_id": {
+				Type:        schema.TypeString,
+				Description: "Azure Tenant to use when gathering resources",
+				ForceNew:    true,
+				Required:    true,
+				Sensitive:   true,
+			},
+			"ksoc_registered": {
+				Type:        schema.TypeBool,
+				Description: "Target of the API path",
+				Computed:    true,
+			},
+
+			// Computed values
+			"api_path": {
+				Type:        schema.TypeString,
+				Description: "Target of the API path",
+				Computed:    true,
+			},
+		},
+	}
+}
+
+func resourceAzureRegisterCreate(ctx context.Context, d *schema.ResourceData, meta any) (diags diag.Diagnostics) {
+	config := meta.(*Config)
+	httpMethod := http.MethodPost
+	setValueOnSuccess := config.KsocApiUrl
+	diags = resourceAzureRegisterGeneric(ctx, httpMethod, d, setValueOnSuccess, meta)
+	return diags
+}
+
+func resourceAzureRegisterRead(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics {
+	config := meta.(*Config)
+	apiUrlBase := config.KsocApiUrl
+	targetURI := apiUrlBase + "/cloud/register"
+	err := d.Set("api_path", targetURI)
+	if err != nil {
+		return diag.Errorf("Error setting api_path: %s", err)
+	}
+	return nil
+}
+
+func resourceAzureRegisterUpdate(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics {
+	// Update has not yet been implemented
+	return nil
+}
+
+func resourceAzureRegisterDelete(ctx context.Context, d *schema.ResourceData, meta any) (diags diag.Diagnostics) {
+	httpMethod := http.MethodDelete
+	setValueOnSuccess := ""
+	diags = resourceAzureRegisterGeneric(ctx, httpMethod, d, setValueOnSuccess, meta)
+	return diags
+}
+
+func resourceAzureRegisterGeneric(ctx context.Context, httpMethod string, d *schema.ResourceData, setValueOnSuccess string, meta any) (diags diag.Diagnostics) {
+	config := meta.(*Config)
+	apiUrlBase := config.KsocApiUrl
+
+	targetURI := apiUrlBase + "/cloud/register"
+	accessKey := config.AccessKeyId
+	secretKey := config.SecretKey
+
+	tenantID := d.Get("tenant_id").(string)
+	subscriptionId := d.Get("subscription_id").(string)
+
+	payload := &RegistrationPayload{
+		Type: "azure",
+		Credentials: Credentials{
+			AzureSubscription: AzureSubscriptionCredential{
+				TenantID:       tenantID,
+				SubscriptionID: subscriptionId,
+			},
+		},
+	}
+
+	statusCode, _, diags := request.AuthenticatedRequest(ctx, apiUrlBase, httpMethod, targetURI, accessKey, secretKey, payload)
+	if statusCode != http.StatusOK {
+		return append(diags, diag.Errorf("Failed to register with KSOC, received HTTP status: %d", statusCode)...)
+	}
+
+	err := d.Set("api_path", targetURI)
+	if err != nil {
+		return diag.Errorf("Error setting api_path: %s", err)
+	}
+
+	if err := d.Set("ksoc_registered", statusCode == http.StatusOK); err != nil {
+		return append(diags, diag.Errorf("Error setting ksoc_registered: %s", err)...)
+	}
+
+	d.SetId(setValueOnSuccess)
+
+	return nil
+}