Merge 6f0d884 into 982fc94

Author: spbsoluble

.github/config/environments.tf

@@ -0,0 +1,33 @@
+module "keyfactor_github_test_environment_ad_10_5_0" {
+  source = "git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git?ref=main"
+
+  gh_environment_name = "KFC_10_5_0"
+  gh_repo_name        = data.github_repository.repo.name
+  keyfactor_hostname  = var.keyfactor_hostname_10_5_0
+  keyfactor_username  = var.keyfactor_username_10_5_0
+  keyfactor_password  = var.keyfactor_password_10_5_0
+}
+
+# module "keyfactor_github_test_environment_11_5_0_kc" {
+#   source = "git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-kc.git?ref=main"
+#
+#   gh_environment_name       = "KFC_11_5_0_KC"
+#   gh_repo_name              = data.github_repository.repo.name
+#   keyfactor_hostname        = var.keyfactor_hostname_11_5_0_KC
+#   keyfactor_client_id       = var.keyfactor_client_id_11_5_0
+#   keyfactor_client_secret   = var.keyfactor_client_secret_11_5_0
+#   keyfactor_auth_hostname   = var.keyfactor_auth_hostname_11_5_0_KC
+#   keyfactor_tls_skip_verify = true
+# }
+
+module "keyfactor_github_test_environment_12_3_0_kc" {
+  source = "git::ssh://[email protected]/Keyfactor/terraform-module-keyfactor-github-test-environment-ad.git?ref=main"
+
+  gh_environment_name       = "KFC_12_3_0_KC"
+  gh_repo_name              = data.github_repository.repo.name
+  keyfactor_hostname        = var.keyfactor_hostname_12_3_0_KC
+  keyfactor_auth_token_url  = var.keyfactor_auth_token_url_12_3_0_KC
+  keyfactor_client_id       = var.keyfactor_client_id_12_3_0
+  keyfactor_client_secret   = var.keyfactor_client_secret_12_3_0
+  keyfactor_tls_skip_verify = true
+}

.github/config/providers.tf

@@ -0,0 +1,20 @@
+terraform {
+  required_version = ">= 1.0"
+  required_providers {
+    github = {
+      source = "integrations/github"
+      version = ">=6.2"
+    }
+  }
+  backend "azurerm" {
+    resource_group_name  = "integrations-infra"
+    storage_account_name = "integrationstfstate"
+    container_name       = "tfstate"
+    key                  = "github/repos/keyfactor-auth-client-go.tfstate"
+  }
+}
+
+provider "github" {
+  # Configuration options
+  owner = "Keyfactor"
+}

.github/config/repo.tf

@@ -0,0 +1,3 @@
+data "github_repository" "repo" {
+  name = "keyfactor-auth-client-go"
+}

.github/config/variables.tf

@@ -0,0 +1,38 @@
+variable "keyfactor_hostname_10_5_0" {
+  description = "The hostname of the Keyfactor instance"
+  type        = string
+  default     = "integrations1050-lab.kfdelivery.com"
+}
+
+variable "keyfactor_username_10_5_0" {
+  description = "The username to authenticate with the Keyfactor instance"
+  type        = string
+}
+
+variable "keyfactor_password_10_5_0" {
+  description = "The password to authenticate with the Keyfactor instance"
+  type        = string
+}
+
+variable "keyfactor_client_id_12_3_0" {
+  description = "The client ID to authenticate with the Keyfactor instance using Keycloak client credentials"
+  type        = string
+}
+
+variable "keyfactor_client_secret_12_3_0" {
+  description = "The client secret to authenticate with the Keyfactor instance using Keycloak client credentials"
+  type        = string
+}
+
+variable "keyfactor_hostname_12_3_0_KC" {
+  description = "The hostname of the Keyfactor instance"
+  type        = string
+  default     = "int-oidc-lab.eastus2.cloudapp.azure.com"
+}
+
+variable "keyfactor_auth_token_url_12_3_0_KC" {
+  description = "The hostname of the KeyCloak instance to authenticate to for a Keyfactor Command access token"
+  type        = string
+  default     = "https://int-oidc-lab.eastus2.cloudapp.azure.com:8444/realms/Keyfactor/protocol/openid-connect/token"
+}
+

.github/dependabot.yml

@@ -0,0 +1,12 @@
+# See GitHub's documentation for more information on this file:
+# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/go_tests.yml

@@ -0,0 +1,35 @@
+name: Go Test Workflow
+
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  test:
+    name: Run tests
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        environment: [ "KFC_10_5_0", "KFC_12_3_0_KC"]
+    environment: ${{ matrix.environment }}
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.22
+
+      - name: Run tests
+        run: go test -v -cover ./auth_providers/...
+        env:
+          KEYFACTOR_PASSWORD: ${{ secrets.KEYFACTOR_PASSWORD }}
+          KEYFACTOR_USERNAME: ${{ secrets.KEYFACTOR_USERNAME }}
+          KEYFACTOR_AUTH_CLIENT_ID: ${{ secrets.KEYFACTOR_AUTH_CLIENT_ID }}
+          KEYFACTOR_AUTH_CLIENT_SECRET: ${{ secrets.KEYFACTOR_AUTH_CLIENT_SECRET }}
+          KEYFACTOR_HOSTNAME: ${{ vars.KEYFACTOR_HOSTNAME }}
+          KEYFACTOR_AUTH_HOSTNAME: ${{ vars.KEYFACTOR_AUTH_HOSTNAME }}
+          KEYFACTOR_SKIP_VERIFY: ${{ vars.KEYFACTOR_SKIP_VERIFY }}
+          TEST_KEYFACTOR_AD_AUTH: ${{ vars.TEST_KEYFACTOR_AD_AUTH }}
+          TEST_KEYFACTOR_KC_AUTH: ${{ vars.TEST_KEYFACTOR_KC_AUTH }}

.github/workflows/keyfactor-starter-workflow.yml

@@ -0,0 +1,19 @@
+name: Keyfactor Bootstrap Workflow
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [ opened, closed, synchronize, edited, reopened ]
+  push:
+  create:
+    branches:
+      - 'release-*.*'
+
+jobs:
+  call-starter-workflow:
+    uses: keyfactor/actions/.github/workflows/starter.yml@v3
+    secrets:
+      token: ${{ secrets.V2BUILDTOKEN}}
+      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
+      gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}

.gitignore

@@ -0,0 +1,139 @@
+### JetBrains template
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/usage.statistics.xml
+.idea/**/dictionaries
+.idea/**/shelf
+
+# AWS User-specific
+.idea/**/aws.xml
+
+# Generated files
+.idea/**/contentModel.xml
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Gradle and Maven with auto-import
+# When using Gradle or Maven with auto-import, you should exclude module files,
+# since they will be recreated, and may cause churn.  Uncomment if using
+# auto-import.
+# .idea/artifacts
+# .idea/compiler.xml
+# .idea/jarRepositories.xml
+# .idea/modules.xml
+# .idea/*.iml
+# .idea/modules
+# *.iml
+# *.ipr
+
+# CMake
+cmake-build-*/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# SonarLint plugin
+.idea/sonarlint/
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests
+
+# Android studio 3.1+ serialized cache file
+.idea/caches/build_file_checksums.ser
+
+### Terraform template
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+### Go template
+# If you prefer the allow list template instead of the deny list, see community template:
+# https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
+#
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# vendor/
+
+# Go workspace file
+go.work
+
+*.env*

Makefile

@@ -0,0 +1,80 @@
+PROVIDER_DIR := $(PWD)
+TEST?=$$(go list ./... | grep -v 'vendor')
+HOSTNAME=keyfactor.com
+GOFMT_FILES  := $$(find $(PROVIDER_DIR) -name '*.go' |grep -v vendor)
+NAMESPACE=keyfactor
+WEBSITE_REPO=https://github.com/Keyfactor/keyfactor-auth-client
+NAME=keyfactor-auth-client
+BINARY=${NAME}
+VERSION := $(GITHUB_REF_NAME)
+ifeq ($(VERSION),)
+	VERSION := v1.0.0
+endif
+OS_ARCH := $(shell go env GOOS)_$(shell go env GOARCH)
+BASEDIR := ${HOME}/go/bin
+INSTALLDIR := ${BASEDIR}
+MARKDOWN_FILE := README.md
+TEMP_TOC_FILE := temp_toc.md
+
+
+
+default: build
+
+build: fmt
+	go install
+
+release:
+	GOOS=darwin GOARCH=amd64 go build -o ./bin/${BINARY}_${VERSION}_darwin_amd64 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=freebsd GOARCH=386 go build -o ./bin/${BINARY}_${VERSION}_freebsd_386 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=freebsd GOARCH=amd64 go build -o ./bin/${BINARY}_${VERSION}_freebsd_amd64 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$(git rev-parse HEAD)'"
+	GOOS=freebsd GOARCH=arm go build -o ./bin/${BINARY}_${VERSION}_freebsd_arm -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=linux GOARCH=386 go build -o ./bin/${BINARY}_${VERSION}_linux_386 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=linux GOARCH=amd64 go build -o ./bin/${BINARY}_${VERSION}_linux_amd64 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=linux GOARCH=arm go build -o ./bin/${BINARY}_${VERSION}_linux_arm -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=openbsd GOARCH=386 go build -o ./bin/${BINARY}_${VERSION}_openbsd_386 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=openbsd GOARCH=amd64 go build -o ./bin/${BINARY}_${VERSION}_openbsd_amd64 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=solaris GOARCH=amd64 go build -o ./bin/${BINARY}_${VERSION}_solaris_amd64 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=windows GOARCH=386 go build -o ./bin/${BINARY}_${VERSION}_windows_386 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+	GOOS=windows GOARCH=amd64 go build -o ./bin/${BINARY}_${VERSION}_windows_amd64 -ldflags "-X 'keyfactor_auth_client/pkg.Version=${VERSION}' -X 'keyfactor_auth_client/pkg.BuildTime=$$(date)' -X 'keyfactor_auth_client/pkg.CommitHash=$$(git rev-parse HEAD)'"
+
+install: fmt
+	go build -o ${BINARY}
+	rm -rf ${INSTALLDIR}/${BINARY}
+	mkdir -p ${INSTALLDIR}
+	chmod oug+x ${BINARY}
+	cp ${BINARY} ${INSTALLDIR}
+	mkdir -p ${HOME}/.local/bin || true
+	mv ${BINARY} ${HOME}/.local/bin/${BINARY}
+
+vendor:
+	go mod vendor
+
+version:
+	@echo ${VERSION}
+
+setversion:
+	sed -i '' -e 's/VERSION = ".*"/VERSION = "$(VERSION)"/' pkg/version/version.go
+
+test:
+	go test -i $(TEST) || exit 1
+	echo $(TEST) | xargs -t -n4 go test $(TESTARGS) -timeout=30s -parallel=4
+
+fmt:
+	gofmt -w $(GOFMT_FILES)
+
+prerelease: fmt setversion
+	git tag -d $(VERSION) || true
+	git push origin :$(VERSION) || true
+	git tag $(VERSION)
+	git push origin $(VERSION)
+
+check_toc:
+	@grep -q 'TOC_START' $(MARKDOWN_FILE) && echo "TOC already exists." || (echo "TOC not found. Generating..." && $(MAKE) generate_toc)
+
+generate_toc:
+	# check if markdown-toc is installed and if not install it
+	@command -v markdown-toc >/dev/null 2>&1 || (echo "markdown-toc is not installed. Installing..." && npm install -g markdown-toc)
+	markdown-toc -i $(MARKDOWN_FILE) --skip 'Table of Contents'
+
+
+.PHONY: build prerelease release install test fmt vendor version setversion