Implement certificate_template resource

aidy · aidy · commit e25826e77a20 · 2024-11-13T12:09:34.000Z
diff --git a/docs/resources/certificate_template.md b/docs/resources/certificate_template.md
@@ -0,0 +1,27 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "tlspc_certificate_template Resource - tlspc"
+subcategory: ""
+description: |-
+  
+---
+
+# tlspc_certificate_template (Resource)
+
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `ca_product_id` (String)
+- `ca_type` (String)
+- `key_reuse` (Boolean)
+- `name` (String)
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
diff --git a/internal/provider/certificate_template_resource.go b/internal/provider/certificate_template_resource.go
@@ -0,0 +1,250 @@
+// Copyright (c) Venafi, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package provider
+
+import (
+	"context"
+	"fmt"
+
+	"terraform-provider-tlspc/internal/tlspc"
+
+	"github.com/hashicorp/terraform-plugin-framework/path"
+	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+)
+
+var (
+	_ resource.Resource                = &certificateTemplateResource{}
+	_ resource.ResourceWithConfigure   = &certificateTemplateResource{}
+	_ resource.ResourceWithImportState = &certificateTemplateResource{}
+)
+
+type certificateTemplateResource struct {
+	client *tlspc.Client
+}
+
+func NewCertificateTemplateResource() resource.Resource {
+	return &certificateTemplateResource{}
+}
+
+func (r *certificateTemplateResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_certificate_template"
+}
+
+func (r *certificateTemplateResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		Attributes: map[string]schema.Attribute{
+			"id": schema.StringAttribute{
+				Computed: true,
+			},
+			"name": schema.StringAttribute{
+				Required: true,
+			},
+			"ca_type": schema.StringAttribute{
+				Required: true,
+			},
+			"ca_product_id": schema.StringAttribute{
+				Required: true,
+			},
+			"key_reuse": schema.BoolAttribute{
+				Required: true,
+			},
+			/*
+				"key_types": schema.SetAttribute{
+					Required:    true,
+					ElementType: types.MapType,
+				},
+			*/
+		},
+	}
+}
+
+func (r *certificateTemplateResource) Configure(_ context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) {
+	if req.ProviderData == nil {
+		return
+	}
+
+	client, ok := req.ProviderData.(*tlspc.Client)
+
+	if !ok {
+		resp.Diagnostics.AddError(
+			"Unexpected Data Source Configure Type",
+			fmt.Sprintf("Expected *tlspc.Client, got: %T. Please report this issue to the provider developers.", req.ProviderData),
+		)
+
+		return
+	}
+
+	r.client = client
+}
+
+type certificateTemplateResourceModel struct {
+	ID          types.String `tfsdk:"id"`
+	Name        types.String `tfsdk:"name"`
+	CAType      types.String `tfsdk:"ca_type"`
+	CAProductID types.String `tfsdk:"ca_product_id"`
+	KeyReuse    types.Bool   `tfsdk:"key_reuse"`
+	//KeyTypes    []types.Map  `tfsdk:"key_types"`
+}
+
+func (r *certificateTemplateResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+	var plan certificateTemplateResourceModel
+	diags := req.Plan.Get(ctx, &plan)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	pt, err := r.client.GetCAProductOptionByID(plan.CAType.ValueString(), plan.CAProductID.ValueString())
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error creating certificate template",
+			"CA Product ID not found: "+err.Error(),
+		)
+		return
+	}
+
+	ct := tlspc.CertificateTemplate{
+		Name:                                plan.Name.ValueString(),
+		CertificateAuthorityType:            plan.CAType.ValueString(),
+		CertificateAuthorityProductOptionID: plan.CAProductID.ValueString(),
+		Product:                             pt.Details.Template,
+		KeyReuse:                            plan.KeyReuse.ValueBool(),
+		KeyTypes: []tlspc.KeyType{
+			{
+				Type:       "RSA",
+				KeyLengths: []int32{2048, 3072, 4096},
+			},
+		},
+		SANRegexes:       []string{".*"},
+		SubjectCNRegexes: []string{".*"},
+		SubjectCValues:   []string{".*"},
+		SubjectLRegexes:  []string{".*"},
+		SubjectORegexes:  []string{".*"},
+		SubjectOURegexes: []string{".*"},
+		SubjectSTRegexes: []string{".*"},
+	}
+
+	created, err := r.client.CreateCertificateTemplate(ct)
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error creating certificate template",
+			"Could not create certificate template, unexpected error: "+err.Error(),
+		)
+		return
+	}
+	plan.ID = types.StringValue(created.ID)
+	diags = resp.State.Set(ctx, plan)
+	resp.Diagnostics.Append(diags...)
+}
+
+func (r *certificateTemplateResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+	var state certificateTemplateResourceModel
+
+	diags := req.State.Get(ctx, &state)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	ct, err := r.client.GetCertificateTemplate(state.ID.ValueString())
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error Reading Certificate Template",
+			"Could not read Certificate Template ID "+state.ID.ValueString()+": "+err.Error(),
+		)
+		return
+	}
+
+	state.ID = types.StringValue(ct.ID)
+	state.CAType = types.StringValue(ct.CertificateAuthorityType)
+	state.CAProductID = types.StringValue(ct.CertificateAuthorityProductOptionID)
+	state.KeyReuse = types.BoolValue(ct.KeyReuse)
+
+	diags = resp.State.Set(ctx, state)
+	resp.Diagnostics.Append(diags...)
+}
+
+func (r *certificateTemplateResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+	var plan, state certificateTemplateResourceModel
+
+	diags := req.State.Get(ctx, &state)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+	diags = req.Plan.Get(ctx, &plan)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	pt, err := r.client.GetCAProductOptionByID(plan.CAType.ValueString(), plan.CAProductID.ValueString())
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error creating certificate template",
+			"CA Product ID not found: "+err.Error(),
+		)
+		return
+	}
+
+	ct := tlspc.CertificateTemplate{
+		ID:                                  state.ID.ValueString(),
+		Name:                                plan.Name.ValueString(),
+		CertificateAuthorityType:            plan.CAType.ValueString(),
+		CertificateAuthorityProductOptionID: plan.CAProductID.ValueString(),
+		Product:                             pt.Details.Template,
+		KeyReuse:                            plan.KeyReuse.ValueBool(),
+		KeyTypes: []tlspc.KeyType{
+			{
+				Type:       "RSA",
+				KeyLengths: []int32{2048, 3072, 4096},
+			},
+		},
+		SANRegexes:       []string{".*"},
+		SubjectCNRegexes: []string{".*"},
+		SubjectCValues:   []string{".*"},
+		SubjectLRegexes:  []string{".*"},
+		SubjectORegexes:  []string{".*"},
+		SubjectOURegexes: []string{".*"},
+		SubjectSTRegexes: []string{".*"},
+	}
+
+	updated, err := r.client.UpdateCertificateTemplate(ct)
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error updating certificate template",
+			"Could not update certificate template, unexpected error: "+err.Error(),
+		)
+		return
+	}
+	plan.ID = types.StringValue(updated.ID)
+	diags = resp.State.Set(ctx, plan)
+	resp.Diagnostics.Append(diags...)
+}
+
+func (r *certificateTemplateResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+	var state certificateTemplateResourceModel
+
+	diags := req.State.Get(ctx, &state)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	err := r.client.DeleteCertificateTemplate(state.ID.ValueString())
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Error Deleting Certificate Template",
+			"Could not delete Certificate Template ID "+state.ID.ValueString()+": "+err.Error(),
+		)
+		return
+	}
+}
+
+func (r *certificateTemplateResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
+	// Retrieve import ID and save to id attribute
+	resource.ImportStatePassthroughID(ctx, path.Root("id"), req, resp)
+}
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
@@ -86,6 +86,7 @@ func (p *tlspcProvider) Resources(ctx context.Context) []func() resource.Resourc
 		NewServiceAccountResource,
 		NewRegistryAccountResource,
 		NewPluginResource,
+		NewCertificateTemplateResource,
 	}
 }
 
diff --git a/internal/tlspc/tlspc.go b/internal/tlspc/tlspc.go

Original file line number	Diff line number	Diff line change
`@@ -86,6 +86,7 @@ func (p *tlspcProvider) Resources(ctx context.Context) []func() resource.Resourc`
`86`	`86`	`NewServiceAccountResource,`
`87`	`87`	`NewRegistryAccountResource,`
`88`	`88`	`NewPluginResource,`
	`89`	`+ NewCertificateTemplateResource,`
`89`	`90`	`}`
`90`	`91`	`}`
`91`	`92`