+ permanent token using for storage (#32)

* + permanent token using for storage

Author: shubinmi

docs/index.md

@@ -249,5 +249,7 @@ resource "gcore_lbmember" "lbm2" {
 - **gcore_client_id** (String) Client id
 - **gcore_platform** (String) Platform ulr is used for generate jwt
 - **gcore_storage_api** (String) Storage API
+- **ignore_creds_auth_error** (Boolean) Should be set to true when you are gonna to use storage resource with permanent API-token only.
 - **password** (String)
+- **permanent_api_token** (String, Sensitive) A permanent API-token. Implemented for Storage Terraform Resource only. https://support.gcorelabs.com/hc/en-us/articles/360018625617-API-tokens
 - **user_name** (String)

docs/resources/gcore_storage.md

@@ -3,28 +3,30 @@
 page_title: "gcore_storage Resource - terraform-provider-gcorelabs"
 subcategory: ""
 description: |-
-  Represent storage resource.
+  Represent storage resource. https://storage.gcorelabs.com/storage/list
 ---
 
 # gcore_storage (Resource)
 
-Represent storage resource.
+Represent storage resource. https://storage.gcorelabs.com/storage/list
 
 ## Example Usage
 
 ```terraform
 provider gcore {
   user_name = "test"
   password = "test"
+  permanent_api_token="123$321" // https://support.gcorelabs.com/hc/en-us/articles/360018625617-API-tokens
+  ignore_creds_auth_error=true // if you want to manage storage resource only and provide permanent_api_token without user_name & password
   gcore_platform = "https://api.gcdn.co"
   gcore_storage_api = "https://storage.gcorelabs.com/api"
 }
 
-resource "gcore_storage" "tf_example_s3" {
+resource "gcore_storage" "tf_example_sftp" {
   name = "tf_example"
-  location = "s-ed1"
-  type = "s3"
-  link_key_id = 199
+  location = "mia"
+  type = "sftp"
+  ssh_key_id = 199 // can be used for sftp type only
 }
 ```
 
@@ -41,11 +43,13 @@ resource "gcore_storage" "tf_example_s3" {
 
 - **client_id** (Number) An client id of new storage resource.
 - **expires** (String) A expires date of storage resource.
+- **generate_s3_access_key** (String) A s3 access key for new storage resource.
+- **generate_s3_secret_key** (String) A s3 secret key for new storage resource.
 - **generate_sftp_password** (Boolean) An auto generated sftp password for new storage resource.
 - **id** (String) The ID of this resource.
-- **link_key_id** (Number) An key id to link with new storage resource.
 - **server_alias** (String) An alias of storage resource.
 - **sftp_password** (String) A sftp password for new storage resource.
+- **ssh_key_id** (Number) An ssh key id to link with new sftp storage resource only. https://storage.gcorelabs.com/ssh-key/list
 - **storage_id** (Number) An id of new storage resource.
 
 

docs/resources/gcore_storage_key.md

@@ -3,12 +3,12 @@
 page_title: "gcore_storage_key Resource - terraform-provider-gcorelabs"
 subcategory: ""
 description: |-
-  Represent storage key resource.
+  Represent storage key resource. https://storage.gcorelabs.com/ssh-key/list
 ---
 
 # gcore_storage_key (Resource)
 
-Represent storage key resource.
+Represent storage key resource. https://storage.gcorelabs.com/ssh-key/list
 
 ## Example Usage
 

examples/resources/gcore_storage/resource.tf

@@ -1,13 +1,15 @@
 provider gcore {
   user_name = "test"
   password = "test"
+  permanent_api_token="123$321" // https://support.gcorelabs.com/hc/en-us/articles/360018625617-API-tokens
+  ignore_creds_auth_error=true // if you want to manage storage resource only and provide permanent_api_token without user_name & password
   gcore_platform = "https://api.gcdn.co"
   gcore_storage_api = "https://storage.gcorelabs.com/api"
 }
 
-resource "gcore_storage" "tf_example_s3" {
+resource "gcore_storage" "tf_example_sftp" {
   name = "tf_example"
-  location = "s-ed1"
-  type = "s3"
-  link_key_id = 199
+  location = "mia"
+  type = "sftp"
+  ssh_key_id = 199 // can be used for sftp type only
 }

gcore/provider.go

@@ -3,6 +3,7 @@ package gcore
 import (
 	"context"
 	"fmt"
+	"log"
 	"net/http"
 
 	storageSDK "github.com/G-Core/gcorelabs-storage-sdk-go"
@@ -14,6 +15,11 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
+const (
+	ProviderOptPermanentToken   = "permanent_api_token"
+	ProviderOptSkipCredsAuthErr = "ignore_creds_auth_error"
+)
+
 func Provider() *schema.Provider {
 	return &schema.Provider{
 		Schema: map[string]*schema.Schema{
@@ -27,6 +33,19 @@ func Provider() *schema.Provider {
 				Optional:    true,
 				DefaultFunc: schema.EnvDefaultFunc("GCORE_PASSWORD", ""),
 			},
+			ProviderOptPermanentToken: {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Sensitive:   true,
+				Description: "A permanent API-token. Implemented for Storage Terraform Resource only. https://support.gcorelabs.com/hc/en-us/articles/360018625617-API-tokens",
+				DefaultFunc: schema.EnvDefaultFunc("GCORE_PERMANENT_TOKEN", ""),
+			},
+			ProviderOptSkipCredsAuthErr: {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Description: "Should be set to true when you are gonna to use storage resource with permanent API-token only.",
+				DefaultFunc: schema.EnvDefaultFunc("GCORE_PERMANENT_TOKEN", ""),
+			},
 			"gcore_platform": &schema.Schema{
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -106,6 +125,7 @@ func Provider() *schema.Provider {
 func providerConfigure(ctx context.Context, d *schema.ResourceData) (interface{}, diag.Diagnostics) {
 	username := d.Get("user_name").(string)
 	password := d.Get("password").(string)
+	permanentToken := d.Get(ProviderOptPermanentToken).(string)
 	api := d.Get("gcore_api").(string)
 	cdnAPI := d.Get("gcore_cdn_api").(string)
 	storageAPI := d.Get("gcore_storage_api").(string)
@@ -122,8 +142,15 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData) (interface{}
 		AllowReauth: true,
 		ClientID:    clientID,
 	})
+
+	skipAuthErr, ok := d.GetOk(ProviderOptSkipCredsAuthErr)
+	if err != nil && !(ok == true || skipAuthErr.(bool) == true) {
+		return nil, diag.FromErr(fmt.Errorf("init auth client: %w", err))
+
+	}
 	if err != nil {
-		return nil, diag.FromErr(err)
+		provider = &gcorecloud.ProviderClient{}
+		log.Printf("[WARN] init auth client: %s\n", err)
 	}
 
 	cdnProvider := gcdnProvider.NewClient(cdnAPI, gcdnProvider.WithSignerFunc(func(req *http.Request) error {
@@ -138,9 +165,11 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData) (interface{}
 	}
 
 	config := Config{
-		Provider:      provider,
-		CDNClient:     cdnService,
-		StorageClient: storageSDK.NewSDK(stHost, stPath, storageSDK.WithBearerAuth(provider.AccessToken)),
+		Provider:  provider,
+		CDNClient: cdnService,
+		StorageClient: storageSDK.NewSDK(stHost, stPath,
+			storageSDK.WithBearerAuth(provider.AccessToken),
+			storageSDK.WithPermanentTokenAuth(func() string { return permanentToken })),
 	}
 
 	return &config, diags

gcore/resource_gcore_storage.go

@@ -15,13 +15,15 @@ import (
 
 const (
 	StorageSchemaGenerateSftpPassword = "generate_sftp_password"
+	StorageSchemaGenerateS3AccessKey  = "generate_s3_access_key"
+	StorageSchemaGenerateS3SecretKey  = "generate_s3_secret_key"
 	StorageSchemaLocation             = "location"
 	StorageSchemaName                 = "name"
 	StorageSchemaType                 = "type"
 	StorageSchemaId                   = "storage_id"
 	StorageSchemaClientId             = "client_id"
 	StorageSchemaSftpPassword         = "sftp_password"
-	StorageSchemaKeyId                = "link_key_id"
+	StorageSchemaKeyId                = "ssh_key_id"
 	StorageSchemaExpires              = "expires"
 	StorageSchemaServerAlias          = "server_alias"
 )
@@ -94,6 +96,18 @@ func resourceStorage() *schema.Resource {
 				Optional:    true,
 				Description: "A sftp password for new storage resource.",
 			},
+			StorageSchemaGenerateS3AccessKey: {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: "A s3 access key for new storage resource.",
+			},
+			StorageSchemaGenerateS3SecretKey: {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: "A s3 secret key for new storage resource.",
+			},
 			StorageSchemaGenerateSftpPassword: {
 				Type:        schema.TypeBool,
 				Optional:    true,
@@ -102,14 +116,14 @@ func resourceStorage() *schema.Resource {
 			StorageSchemaKeyId: {
 				Type:        schema.TypeInt,
 				Optional:    true,
-				Description: "An key id to link with new storage resource.",
+				Description: "An ssh key id to link with new sftp storage resource only. https://storage.gcorelabs.com/ssh-key/list",
 			},
 		},
 		CreateContext: resourceStorageCreate,
 		ReadContext:   resourceStorageRead,
 		UpdateContext: resourceStorageUpdate,
 		DeleteContext: resourceStorageDelete,
-		Description:   "Represent storage resource.",
+		Description:   "Represent storage resource. https://storage.gcorelabs.com/storage/list",
 	}
 }
 
@@ -151,6 +165,15 @@ func resourceStorageCreate(ctx context.Context, d *schema.ResourceData, m interf
 		dErr = resourceStorageRead(ctx, d, m)
 	}()
 	*id = int(result.ID)
+	if result.Credentials.SftpPassword != "" {
+		_ = d.Set(StorageSchemaSftpPassword, result.Credentials.SftpPassword)
+	}
+	if result.Credentials.S3.AccessKey != "" {
+		_ = d.Set(StorageSchemaGenerateS3AccessKey, result.Credentials.S3.AccessKey)
+	}
+	if result.Credentials.S3.SecretKey != "" {
+		_ = d.Set(StorageSchemaGenerateS3SecretKey, result.Credentials.S3.SecretKey)
+	}
 
 	keyId := d.Get(StorageSchemaKeyId).(int)
 	if keyId == 0 {
@@ -192,10 +215,6 @@ func resourceStorageRead(ctx context.Context, d *schema.ResourceData, m interfac
 	}
 	st := result[0]
 
-	sftpPass := ""
-	if st.Credentials != nil {
-		sftpPass = st.Credentials.SftpPassword
-	}
 	nameParts := strings.Split(st.Name, "-")
 	if len(nameParts) > 1 {
 		clientID, _ := strconv.ParseInt(nameParts[0], 10, 64)
@@ -209,7 +228,6 @@ func resourceStorageRead(ctx context.Context, d *schema.ResourceData, m interfac
 	_ = d.Set(StorageSchemaId, st.ID)
 	_ = d.Set(StorageSchemaType, st.Type)
 	_ = d.Set(StorageSchemaLocation, st.Location)
-	_ = d.Set(StorageSchemaSftpPassword, sftpPass)
 
 	return nil
 }

gcore/resource_gcore_storage_key.go

@@ -44,7 +44,7 @@ func resourceStorageKey() *schema.Resource {
 		CreateContext: resourceStorageKeyCreate,
 		ReadContext:   resourceStorageKeyRead,
 		DeleteContext: resourceStorageKeyDelete,
-		Description:   "Represent storage key resource.",
+		Description:   "Represent storage key resource. https://storage.gcorelabs.com/ssh-key/list",
 	}
 }
 

go.mod

@@ -3,7 +3,7 @@ module github.com/terraform-providers/terraform-provider-gcorelabs
 go 1.14
 
 require (
-	github.com/G-Core/gcorelabs-storage-sdk-go v0.0.7
+	github.com/G-Core/gcorelabs-storage-sdk-go v0.0.8
 	github.com/G-Core/gcorelabscdn-go v0.0.0-20210503173228-b4ac8b2402ff
 	github.com/G-Core/gcorelabscloud-go v0.4.6
 	github.com/google/uuid v1.1.2 // indirect

go.sum

@@ -41,8 +41,8 @@ github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6L
 github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
-github.com/G-Core/gcorelabs-storage-sdk-go v0.0.7 h1:HeKhqd9PvSHX2BMWPkKb8QxtHeitVZxfG6jLxUAHmcM=
-github.com/G-Core/gcorelabs-storage-sdk-go v0.0.7/go.mod h1:BZef79y4G28n8ic3x6iQWbW+mtpHPSUyJRfIRSkeAJw=
+github.com/G-Core/gcorelabs-storage-sdk-go v0.0.8 h1:+HF1Jv8vR8LSJ0VYiJBeYXj1Qu4d85BoizLLMReq9zk=
+github.com/G-Core/gcorelabs-storage-sdk-go v0.0.8/go.mod h1:BZef79y4G28n8ic3x6iQWbW+mtpHPSUyJRfIRSkeAJw=
 github.com/G-Core/gcorelabscdn-go v0.0.0-20210503173228-b4ac8b2402ff h1:kIH66Shwb0Y9kvBgykpzmQn2soiHDTCJ/Rr5cQQ1cOk=
 github.com/G-Core/gcorelabscdn-go v0.0.0-20210503173228-b4ac8b2402ff/go.mod h1:iSGXaTvZBzDHQW+rKFS918BgFVpONcyLEijwh8WsXpE=
 github.com/G-Core/gcorelabscloud-go v0.4.6 h1:+pNeTKWuhR52Qavnzt+r6rCDJWumymkJTjKQV4+Tl5Y=