Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add resource and data sources for private registry GPG keys #1160

Closed
wants to merge 8 commits into from
Closed

Add resource and data sources for private registry GPG keys #1160

wants to merge 8 commits into from

Conversation

tmatilai
Copy link
Contributor

@tmatilai tmatilai commented Dec 2, 2023

Description

Add tfe_registry_gpg_key resource and data source, and tfe_registry_gpg_keys data source, for managing and retrieving private registry GPG keys.

Related to #584.

Testing plan

Create and retrieve GPG keys with the new resource and data sources.

Example configuration 
resource "tfe_organization" "foobar" {
  name  = "foobar"
  email = "[email protected]"
}

resource "tfe_registry_gpg_key" "foobar" {
  organization = tfe_organization.foobar.name

  ascii_armor = <<ASCII_ARMOR
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGKnWEYBEACsTJ9HEUrXBaBvQvXZAXEIMWloG96MVAdCj547jJviSS4TqMIQ
EST2pzDq7lEpqL+JkW3ptyLEAeQs6gJJeuhODGm2EcxjJ9/JM4ZH+p9zq2wBeXVe
0XJcP3HD8/7MesjMyGSsoX7tR7TcIhs5Y7zS+/L1xnoReYUsBgC6QdqjQwkuntaq
2y6yxdYG4gVlxb4yA0Ga6Qfy0VGIKjbCdPqCRyJ76YHE3t+Skq9oDCOV3VSiwKsU
V/ivf/MVZ1GyE03anW0+poVK38Ekogsd2+34uEjusbuoJGmHzh/20IDS8VnxQHIY
qdVwcZrW+a3O6nexL4dJJGMfXMbCdS87FxpSnC1FDGMSJ2c5cxlMuKuDboTpbRy5
Dd80p6voJQcLcpr0hKYIwwDGJYE336KMFqf/apCc6HbCFfN8kCYg3K7+4yganRWu
h/9qIhP0QaYOYEQl4RdjJTSyJSP3srAJ3F5OmrAhRXlHlLo1p00zxFxG7ZcJER6l
+uRubtL9WN2kgGbr9NDJbz/HeOTjJhCASdQuzstcL8RrFMDftE/P2K8LnkxUNIbT
dhZtwvkhnyIwOZIHwsQddeJboeHD445SlHJ+4vFsPKRTuNu5u9GhVSyZhoHmdeH0
FheD8p43+BKZ7KmD4xd+zfCQE1xO2cO9ZrCNV2hs9UVFbgZfjokqWkuHJQARAQAB
tBNmb28gPGFkbWluQHRmZS5jb20+iQJRBBMBCAA7FiEE/2esSrAATXzEQSanE9/s
yjtYzkoFAmKnWEYCGwMFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQE9/s
yjtYzkq01g/9EgnW0NBD4DdtQSHg5jya0lx5iNHLK+umwL2x7abcSQ9iTIylhbHP
+he6jS/p4yzK7Gf7S+W3D9EZ58KrTMhu85iLr0uZ947pEbC0kDlQGkIfiK0CAyq2
IDj1RFgmeM0E2LkPOYCM+JPeBC9nZduFMYY9eFhCZXJ3ua1DP37ZBdZbjuImbiQ5
abt75a89NbQI3KRaACzqEjFpRYuoxbh8RznkTFf57AFzt4yMWy+4l47GSXTE8boS
1P7ZOfvJPuh2RRN9sSe0eTPCYnnSxPPo0LvgqSnLSk9yc65nkPZmlSXVdswV5Le+
7LlKG+rTwXljfGwLmj0VNn2gGCKe5IHs8FKt3parSiQOu4MXHCHshSQDEvXyIugJ
i2V2pcw4Hi6f2Znh3YYJamL6fDwCpDcTOCxZbvFi4OuBzbWcDLP1k52k3ZyYce92
1CK84HWtoRseNlVt1rieClPZH5T4b0HMPBWKK39/r+RABJDAfdGtn2ulKXK2JugH
AYXlhY9xh9+r1O7tsqExGkEYnp7nI0ArauJhIUWZybpGpPYP99kK4F64E4DRu1si
/3eeYoqKY1jAHoebRzn3XcRg5kro/lJYQQIhT4fHt5sAc/e8gDdaQaDPIftsmu7K
w4e6pMyztiMfRw7w0ZSjGlPsl0NiXA3nuG966gx4Bnx/ddJIHrghAi25Ag0EYqdY
RgEQAOGONFP+z45+9gvnT1yd9sJLqxYhtj5QRxKkXkLARPd0Yjdyff/lVd1YPtZ7
slLuEGlBDKdB6aIeu3b1C95Ie3qbTIwIp6ZYKGqUEwGW/0sPtBqqXanVrQkrY4ho
lqejgPraFgF6sDGrSxG7b8W985NJwKcm8Lx1/x4ZwvpUrQlCL4UajJcECmjVqU/e
ofjWZFZl7eR2oYh2BBzvA8mwkVKXs6kTGWLkK7VDeR2lCRl2fk4+5DydbOMIZXxT
jmYR8iu2Mr+gt//VmvvBjlFMI05kwD9iG3SRYBwpYEXETKCE12KKqcbhP/bwahIB
bcsaQkoky9jgtp7tizduPOkjkGhT9kF8L1O0VGxek40L7+QIDEnVHMAH5hSLmgau
vJF+Bd0W/TRZbmAJXoWPreftVTmWH7xH4N7v+3dvWziIJPt+N/1HHeZXBojJJAVk
6C+t1KpsSwGzzOjdsQVCklT7D4PmWtzz6FAjImPSbk5LbiVWis/lH+SEVZS4sG7j
pR3vRjUZTjCi/8CmHTjiWXL7g9kkt//a5Av3iArQq0pv0QNPG/uPeN2QTnkz5DAo
kM/qUx/G59i8AfEH2myh9oPCOzb3yFOsK9G/2Sy05cfdLozddHwt+hJVPx1Od9Nr
HAJMQspr9AaZPB9FnAa0Bv/RNEGJv6LJwzVWJkezL2wQAZdlABEBAAGJAjYEGAEI
ACAWIQT/Z6xKsABNfMRBJqcT3+zKO1jOSgUCYqdYRgIbDAAKCRAT3+zKO1jOSq9E
D/4hlNaCwY/etk7ZvMe4pupQATzrZF58d2qjx4niMd3CvCWmbrWMmoNxBjECXc8H
kp+0NURFFc/wiCn/Q6dhrMxKVCpsWpHA1Doi/vtzQtM081Ib6uIX6L6liyUexW1l
tvJwPurqJJVBW3ikOjICCnv70tp2zaS47uQjyFGTnzglIU961EXCWdNjH1vm8bFJ
BxXN87gHXhUUw8GZ3d2V75TAJIEqRVV+eI4flXcJ4Ld+Zbt2EiMwtQ05XCc8bgsc
QzZFizw936bC5Py7Iu6aEaShFlZlz8LgYcId32UYh5PG1xGNZv0C9Z/PJECx5zcx
RJszDpm3erpmdkkJf9UBuhjjTdQ9gheFjZRDi/rVJ0JPVxD7HTzEAWd5MqFXqh0V
j2xG1FhtfxSaMf9rsJjtwewLPyZylSuz2erz1j80Hx3Q6eSIDsNjnDTtfh9Z8gXz
gvF7mSC0lZu/RvDSRyHfCw4zCQ04HieIvq3hZLy+QS11ykJTSKAePKk77EmwtoLd
Je9n9FCKhLknUp1/dsu0lsznvttOLwYy6xFP4JNPgiq6iYlVHs417oib67DrGlsI
3Ki44OESW/vL3WAC091TOF4OYgGw+TMauB8SxZo0PLXrIwKeBsQEB4tf6bX66OvJ
UFpas2r53xTaraRDpu6+u66hLY+/XV9Uf5YzETuPQnX/nw==
=bBSS
-----END PGP PUBLIC KEY BLOCK-----
ASCII_ARMOR
}

data "tfe_registry_gpg_key" "foobar" {
  organization = tfe_organization.foobar.name

  id = tfe_registry_gpg_key.foobar.id
}

data "tfe_registry_gpg_keys" "all" {
  organization = tfe_organization.foobar.name

  depends_on = [tfe_registry_gpg_key.foobar]
}

External links

Output from acceptance tests

$ make testacc TESTARGS='-run=TestAccTFERegistryGPGKey'
TF_ACC=1 TF_LOG_SDK_PROTO=OFF go test $(go list ./... |grep -v 'vendor') -v -run=TestAccTFERegistryGPGKey -timeout 15m
?       github.com/hashicorp/terraform-provider-tfe     [no test files]
testing: warning: no tests to run
PASS
ok      github.com/hashicorp/terraform-provider-tfe/internal/client     (cached) [no tests to run]
testing: warning: no tests to run
PASS
ok      github.com/hashicorp/terraform-provider-tfe/internal/logging    (cached) [no tests to run]
?       github.com/hashicorp/terraform-provider-tfe/version     [no test files]
=== RUN   TestAccTFERegistryGPGKeyDataSource_basic
--- PASS: TestAccTFERegistryGPGKeyDataSource_basic (4.29s)
=== RUN   TestAccTFERegistryGPGKeysDataSource_basic
--- PASS: TestAccTFERegistryGPGKeysDataSource_basic (3.69s)
=== RUN   TestAccTFERegistryGPGKeysDataSource_basicNoKeys
--- PASS: TestAccTFERegistryGPGKeysDataSource_basicNoKeys (2.80s)
=== RUN   TestAccTFERegistryGPGKeyResource_basic
--- PASS: TestAccTFERegistryGPGKeyResource_basic (2.74s)
PASS
ok      github.com/hashicorp/terraform-provider-tfe/internal/provider   13.854s

@tmatilai tmatilai requested a review from a team as a code owner December 2, 2023 16:27
tmatilai
tmatilai commented Dec 2, 2023
View reviewed changes
internal/provider/resource_tfe_registry_gpg_key.go
}

var organization string
resp.Diagnostics.Append(r.config.dataOrDefaultOrganization(ctx, req.State, &organization)...)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This suffers from #1152, but there seems to be no good solution to it. I tried using ModifyPlan(), but it will cause Provider produced inconsistent result after apply errors for the updated_at attribute unless it is marked as "unknown". That would be fine for one resource, but doesn't scale.

@tmatilai
Copy link
Contributor Author

tmatilai commented Dec 2, 2023

Sorry, the PR is big. But it can be reviewed a commit at a time. Or I can split it into three PRs if requested, although the data source commits depend on the first one.

@tmatilai tmatilai changed the title Add resources and data sources for private registry GPG keys Add resource and data sources for private registry GPG keys Dec 2, 2023
@brandonc
Copy link
Collaborator

brandonc commented Dec 4, 2023

@tmatilai Thanks again for the contribution! I especially appreciate that you used the provider framework. I will be reviewing and testing this sometimes this week.

@brandonc brandonc mentioned this pull request Dec 6, 2023
Merged
tmatilai and others added 6 commits December 6, 2023 10:48
@tmatilai @brandonc
Add tfe_registry_gpg_key resource
8890a9b 
Manages a public key of the GPG key pair used to sign releases of
private providers in the private registry.
@tmatilai @brandonc
Add tfe_registry_gpg_key data source
354c0f3 
Retrieves a private registry GPG key.
@tmatilai @brandonc
Add tfe_registry_gpg_keys data source
21186b5 
Retrieves all private registry GPG keys of an organization.
@tmatilai @brandonc
Add PR links to the changelog
97892a4
@brandonc
Update "Ascii" -> "ASCII"
5df9910
@brandonc
registry_gpg_key: Add plan mod for provider org default changes
d53886b
@brandonc
Copy link
Collaborator

brandonc commented Dec 6, 2023

@tmatilai oh no! I rebased and force-pushed to the wrong branch. This was meant to go to #1164

brandonc
brandonc reviewed Dec 6, 2023
View reviewed changes
Copy link
Collaborator

@brandonc brandonc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great! I'm moving these commits to a repo branch in #1164

internal/provider/resource_tfe_registry_gpg_key.go
"organization": schema.StringAttribute{
Description: "Name of the organization. If omitted, organization must be defined in the provider config.",
Optional: true,
Computed: true,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This one will need a couple of plan modifiers: RequiresReplace as well as another to detect when the provider organization changes (Thanks for the bug report!) as you pointed out. I accomplished this in d53886b by implementing ResourceWithModifyPlan interface

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, fine. I tried to do the organization change without replacing the whole resource, as the API supports it. And then I got into issues with the updated_at attribute being changed only after apply (as those attributes seem hard to set to unset in a generic way).

@tmatilai
Copy link
Contributor Author

tmatilai commented Dec 7, 2023

oh no! I rebased and force-pushed to the wrong branch

You are free to do what ever you want with this branch, too. 🙂
Thanks!

@brandonc
Copy link
Collaborator

brandonc commented Dec 7, 2023

Prefer local branch #1164

@brandonc brandonc closed this Dec 7, 2023
@tmatilai tmatilai deleted the registry-gpg-keys branch December 8, 2023 06:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brandonc brandonc brandonc left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tmatilai @brandonc