Terraform Support 1.12.x (#91)

* Moved pipeline authentication bootstrapping from shell scripts to go, using client-go SDK.

* Added missing https protocol to HOST env var.

* Fixed error in copying PROJECT_NAME to env var within bootstrap_pipeline.go.

* Fixed to use existing password when attempting to update password within bootstrap_pipeline.go. Removed NEW_PASSWORD env var, as it is now unused due to replacing use with PASSWORD.

* Specified type BOOLEAN for parameter for disabling NVD mirroring.

* Moved TF acceptance testing to a composite action.

* Moved actions/action-test.yml to actions/test/action.yml in line with docs.

* Specified shell as bash within actions/test composite action.

* Split test into 2 sub steps, based on whether using client certs. Added 1.12.* to list of Terraform versions tested against.

* Added env value to disable telemtry that was accidentally removed when trimming down comments in workflow.

* Update README, and CHANGELOG.

Author: SolarFactories

.github/actions/test/action.yml

@@ -0,0 +1,56 @@
+name: "Parametrised Terraform Acceptance Test"
+description: "Relies on existing service containers for DependencyTrack API, and actions/checkout having run"
+
+inputs:
+  terraform_version:
+    description: "Version of Terraform to be used to run tests."
+    required: true
+  provider_config_key:
+    description: "Config key to determine which provider config to use, as defined within provider_test.go."
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      with:
+        go-version-file: 'go.mod'
+        cache: true
+    - name: Bootstrap authentication
+      shell: bash
+      run: |
+        set -eu
+        export API_KEY="$(go run ./scripts/bootstrap_pipeline.go)"
+        echo "DEPENDENCYTRACK_API_KEY=${API_KEY}" >> $GITHUB_ENV
+      env:
+        HOST: "http://localhost:8081"
+        USERNAME: "admin"
+        CURRENT_PASSWORD: "admin"
+        PASSWORD: "pipeline"
+        TEAM_NAME: "Pipeline ${{ inputs.terraform }}"
+        PROJECT_NAME: "Project_Data_Test"
+        PROJECT_VERSION: "1"
+
+    - name: Setup Nginx
+      shell: bash
+      run: |
+        set -eu
+        openssl req -newkey rsa:4096 -noenc -keyout /opt/server_key.pem -x509 -days 1 -out /opt/server_cert.pem -subj '/OU=DT_API /CN=localhost' -addext "subjectAltName=DNS:localhost"
+        openssl req -newkey rsa:4096 -noenc -keyout /opt/client_key.pem -x509 -days 1 -out /opt/client_cert.pem -subj '/OU=DT_Provider'
+        sudo apt-get install nginx
+        sudo mkdir -p /etc/nginx
+        sudo cp nginx.conf /etc/nginx/
+        sudo nginx
+
+    - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
+      with:
+        terraform_version: ${{ inputs.terraform }}
+        terraform_wrapper: false
+    - run: go mod download
+      shell: bash
+    - run: go test -v -cover ./internal/provider/
+      shell: bash
+      env:
+        TF_ACC: "1"
+        DEPENDENCYTRACK_TEST_PROVIDER: ${{ inputs.provider_config_key }}
+        #TF_LOG: "info"

.github/workflows/test.yml

@@ -1,8 +1,5 @@
-# Terraform Provider testing workflow.
 name: Tests
 
-# This GitHub action runs your tests for each pull request and push.
-# Optionally, you can turn it on using a schedule for regular testing.
 on:
   pull_request:
     paths-ignore:
@@ -89,31 +86,15 @@ jobs:
       fail-fast: false
       matrix:
         api:
-# TODO: Adjust logic according to versions to allow supporting older API versions.
-#          - "4.0.1"
-#          - "4.1.0"
-#          - "4.2.2"
-#          - "4.3.6"
-#          - "4.4.2"
-#          - "4.5.0"
-#          - "4.6.3"
-#          - "4.7.1"
-#          - "4.8.2"
-#          - "4.9.1"
-#          - "4.10.1"
+# TODO: Adjust logic according to versions to allow supporting older API versions, as required.
           - "4.11.7"
           - "4.12.7"
           - "4.13.0"
           - "4.13.1"
           - "4.13.2"
-#          - "latest"
-#          - "snapshot"
         provider:
           - "default"
           - "rootCA"
-          - "mtls"
-          - "rootCA+mtls"
-        # list whatever Terraform versions here you would like to support
         terraform:
           - '1.0.*'
           - '1.1.*'
@@ -127,59 +108,55 @@ jobs:
           - '1.9.*'
           - '1.10.*'
           - '1.11.*'
+          - '1.12.*'
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - name: Bootstrap authentication
-        shell: bash
-        run: |
-          set -euo pipefail
-          ./scripts/change-password.sh
-          export TOKEN="$(./scripts/login.sh)"
-          ./scripts/disable-settings.sh
-          export TEAM_UUID="$(./scripts/create-team.sh | jq -r '.uuid')"
-          PERMISSIONS="$(./scripts/get-valid-permissions.sh | jq -r '.[].name')"
-          for perm in ${PERMISSIONS}; do
-            PERMISSION="${perm}" ./scripts/assign-permission.sh
-          done
-          export PROJECT_UUID="$(./scripts/create-project.sh | jq -r '.uuid')"
-          GROUP_NAME="Group1" PROPERTY_NAME="Name1" PROPERTY_VALUE="Value1" PROPERTY_TYPE="STRING" DESCRIPTION="Description1" ./scripts/create-project-property.sh
-          GROUP_NAME="Group2" PROPERTY_NAME="Name2" PROPERTY_VALUE="2" PROPERTY_TYPE="INTEGER" DESCRIPTION="Description2" ./scripts/create-project-property.sh
-          export API_KEY="$(./scripts/create-token.sh | jq -r '.key')"
-          echo "DEPENDENCYTRACK_API_KEY=${API_KEY}" >> $GITHUB_ENV
+      - uses: ./.github/actions/test
+        with:
+          terraform_version: ${{ matrix.terraform }}
+          provider_config_key: ${{ matrix.provider }}
 
+  test_mtls:
+    name: Terraform Provider Acceptance Tests
+    needs: build
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    services:
+      api:
+        image: dependencytrack/apiserver:${{ matrix.api }}
         env:
-          HOST: "localhost:8081"
-          USERNAME: "admin"
-          CURRENT_PASSWORD: "admin"
-          NEW_PASSWORD: "pipeline"
-          PASSWORD: "pipeline"
-          TEAM_NAME: "Pipeline ${{ matrix.terraform }}"
-          PROJECT_NAME: "Project_Data_Test"
-          PROJECT_VERSION: "1"
-
-      - name: Setup Nginx
-        shell: bash
-        run: |
-          set -eu
-          openssl req -newkey rsa:4096 -noenc -keyout /opt/server_key.pem -x509 -days 1 -out /opt/server_cert.pem -subj '/OU=DT_API /CN=localhost' -addext "subjectAltName=DNS:localhost"
-          openssl req -newkey rsa:4096 -noenc -keyout /opt/client_key.pem -x509 -days 1 -out /opt/client_cert.pem -subj '/OU=DT_Provider'
-          sudo apt-get install nginx
-          sudo mkdir -p /etc/nginx
-          sudo cp nginx.conf /etc/nginx/
-          sudo nginx
-
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
-        with:
-          go-version-file: 'go.mod'
-          cache: true
-      - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
+          TELEMETRY_SUBMISSION_ENABLED_DEFAULT: false
+        ports:
+          - 8081:8080
+    strategy:
+      fail-fast: false
+      matrix:
+        api:
+          - "4.11.7"
+          - "4.12.7"
+          - "4.13.0"
+          - "4.13.1"
+          - "4.13.2"
+        provider:
+          - "mtls"
+          - "rootCA+mtls"
+        terraform:
+          - '1.0.*'
+          - '1.1.*'
+          - '1.2.*'
+          - '1.3.*'
+          - '1.4.*'
+          - '1.5.*'
+          - '1.6.*'
+          - '1.7.*'
+          - '1.8.*'
+          - '1.9.*'
+          - '1.10.*'
+          - '1.11.*'
+          - '1.12.*'
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: ./.github/actions/test
         with:
           terraform_version: ${{ matrix.terraform }}
-          terraform_wrapper: false
-      - run: go mod download
-      - env:
-          TF_ACC: "1"
-          DEPENDENCYTRACK_TEST_PROVIDER: ${{ matrix.provider }}
-          #TF_LOG: "info"
-        run: go test -v -cover ./internal/provider/
-        timeout-minutes: 10
+          provider_config_key: ${{ matrix.provider }}

.golangci.yml

@@ -464,6 +464,13 @@ linters:
     warn-unused: true # Default false
     presets: [] # Default []
     rules:
+      - path: scripts/bootstrap_pipeline.go
+        linters:
+          - err113
+          - cyclop
+          - gochecknoglobals
+          - exhaustruct
+          - forbidigo
       - path: internal/provider/
         linters:
           - wsl

CHANGELOG.md

@@ -1,3 +1,18 @@
+## 1.12.4
+
+#### FEATURES
+- Add explicit support and testing for Terraform `1.12.x`.
+
+#### MISC
+- Replaced pipeline bootstrapping shell scripts with `scripts/bootstrap_pipeline.go` to use `client-go` SDK.
+- Move Terraform Acceptance Test GitHub workflow out of `test.yml`, into a composite action.
+- Split TF Acceptance tests to bypass limit of 256 jobs per matrix.
+- Trimmed down commented out DependencyTrack API versions within workflow.
+
+#### DEPENDENCIES
+- `github.com/hashicorp/terraform-plugin-testing` `1.13.0` -> `1.13.1`
+- `github.com/hashicorp/terraform-plugin-go` `0.27.0` -> `0.28.0`
+
 ## 1.12.3
 
 #### FEATURES

README.md

@@ -48,5 +48,5 @@ Other API versions may work, with a subset of functionality, but are not guarant
 The latest patch version within a minor release is supported, even if it might not be tested - PR's to update would always be welcome.
 The list of API Versions will grow as functionality adapts to allow tests to pass, which at present is only a small subset.
 The latest 2 patches within the latest minor version will be tested, and supported to allow for continued support while migrating.
-- Terraform: `1.0` -> `1.11`
+- Terraform: `1.0` -> `1.12`
 - DependencyTrack: `4.11.7`, `4.12.7`, `4.13.0`, `4.13.1`, `4.13.2`

internal/provider/http_client.go

@@ -19,7 +19,7 @@ const (
 )
 
 var (
-	projectPropertyURLRegex *regexp.Regexp = regexp.MustCompile("^/api/v1/project/" + uuidRegex + "/property$")
+	projectPropertyURLRegex = regexp.MustCompile("^/api/v1/project/" + uuidRegex + "/property$")
 )
 
 type (