feature/CU 86c57xgjy Support for Landing Zones in meshStack Terraform Provider

.gitignore

@@ -24,6 +24,7 @@ website/node_modules
 *.iml
 *.test
 *.iml
+/terraform-provider-meshstack
 
 website/vendor
 

client/client.go

@@ -42,6 +42,7 @@ type endpoints struct {
 	WorkspaceGroupBindings *url.URL `json:"meshworkspacegroupbindings"`
 	Tenants                *url.URL `json:"meshtenants"`
 	TagDefinitions         *url.URL `json:"meshtagdefinitions"`
+	LandingZones           *url.URL `json:"meshlandingzones"`
 }
 
 type loginResponse struct {
@@ -71,6 +72,7 @@ func NewClient(rootUrl *url.URL, apiKey string, apiSecret string) (*MeshStackPro
 		WorkspaceGroupBindings: rootUrl.JoinPath(apiMeshObjectsRoot, "meshworkspacebindings", "groupbindings"),
 		Tenants:                rootUrl.JoinPath(apiMeshObjectsRoot, "meshtenants"),
 		TagDefinitions:         rootUrl.JoinPath(apiMeshObjectsRoot, "meshtagdefinitions"),
+		LandingZones:           rootUrl.JoinPath(apiMeshObjectsRoot, "meshlandingzones"),
 	}
 
 	return client, nil

client/landingzone.go

@@ -0,0 +1,181 @@
+package client
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+)
+
+const CONTENT_TYPE_LANDINGZONE = "application/vnd.meshcloud.api.meshlandingzone.v1-preview.hal+json"
+
+type MeshLandingZone struct {
+	ApiVersion string                  `json:"apiVersion" tfsdk:"api_version"`
+	Kind       string                  `json:"kind" tfsdk:"kind"`
+	Metadata   MeshLandingZoneMetadata `json:"metadata" tfsdk:"metadata"`
+	Spec       MeshLandingZoneSpec     `json:"spec" tfsdk:"spec"`
+	Status     MeshLandingZoneStatus   `json:"status" tfsdk:"status"`
+}
+
+type MeshLandingZoneMetadata struct {
+	Name string              `json:"name" tfsdk:"name"`
+	Tags map[string][]string `json:"tags" tfsdk:"tags"`
+}
+
+type MeshLandingZoneSpec struct {
+	DisplayName                 string              `json:"displayName" tfsdk:"display_name"`
+	Description                 string              `json:"description" tfsdk:"description"`
+	AutomateDeletionApproval    bool                `json:"automateDeletionApproval" tfsdk:"automate_deletion_approval"`
+	AutomateDeletionReplication bool                `json:"automateDeletionReplication" tfsdk:"automate_deletion_replication"`
+	InfoLink                    string              `json:"infoLink" tfsdk:"info_link"`
+	PlatformRef                 PlatformRef         `json:"platformRef" tfsdk:"platform_ref"`
+	PlatformProperties          *PlatformProperties `json:"platformProperties,omitempty" tfsdk:"platform_properties"`
+}
+
+type MeshLandingZoneStatus struct {
+	Disabled   bool `json:"disabled" tfsdk:"disabled"`
+	Restricted bool `json:"restricted" tfsdk:"restricted"`
+}
+
+type PlatformRef struct {
+	Uuid string `json:"uuid" tfsdk:"uuid"`
+	Kind string `json:"kind" tfsdk:"kind"`
+}
+
+type PlatformProperties struct {
+	Type       string                        `json:"type" tfsdk:"type"`
+	Aws        *AwsPlatformProperties        `json:"aws" tfsdk:"aws"`
+	Aks        *AksPlatformProperties        `json:"aks" tfsdk:"aks"`
+	Azure      *AzurePlatformProperties      `json:"azure" tfsdk:"azure"`
+	AzureRg    *AzureRgPlatformProperties    `json:"azurerg" tfsdk:"azurerg"`
+	Gcp        *GcpPlatformProperties        `json:"gcp" tfsdk:"gcp"`
+	Kubernetes *KubernetesPlatformProperties `json:"kubernetes" tfsdk:"kubernetes"`
+	OpenShift  *OpenShiftPlatformProperties  `json:"openshift" tfsdk:"openshift"`
+}
+
+type MeshLandingZoneCreate struct {
+	ApiVersion string                  `json:"apiVersion" tfsdk:"api_version"`
+	Metadata   MeshLandingZoneMetadata `json:"metadata" tfsdk:"metadata"`
+	Spec       MeshLandingZoneSpec     `json:"spec" tfsdk:"spec"`
+}
+
+func (c *MeshStackProviderClient) urlForLandingZone(name string) *url.URL {
+	return c.endpoints.LandingZones.JoinPath(name)
+}
+
+func (c *MeshStackProviderClient) ReadLandingZone(name string) (*MeshLandingZone, error) {
+	targetUrl := c.urlForLandingZone(name)
+	req, err := http.NewRequest("GET", targetUrl.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Accept", CONTENT_TYPE_LANDINGZONE)
+
+	res, err := c.doAuthenticatedRequest(req)
+	if err != nil {
+		return nil, err
+	}
+
+	defer res.Body.Close()
+
+	if res.StatusCode == http.StatusNotFound {
+		return nil, nil // Not found is not an error
+	}
+
+	data, err := io.ReadAll(res.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if !isSuccessHTTPStatus(res) {
+		return nil, fmt.Errorf("unexpected status code: %d, %s", res.StatusCode, data)
+	}
+
+	var landingZone MeshLandingZone
+	err = json.Unmarshal(data, &landingZone)
+	if err != nil {
+		return nil, err
+	}
+	return &landingZone, nil
+}
+
+func (c *MeshStackProviderClient) CreateLandingZone(landingZone *MeshLandingZoneCreate) (*MeshLandingZone, error) {
+	payload, err := json.Marshal(landingZone)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("POST", c.endpoints.LandingZones.String(), bytes.NewBuffer(payload))
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Content-Type", CONTENT_TYPE_LANDINGZONE)
+	req.Header.Set("Accept", CONTENT_TYPE_LANDINGZONE)
+
+	res, err := c.doAuthenticatedRequest(req)
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+
+	data, err := io.ReadAll(res.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if !isSuccessHTTPStatus(res) {
+		return nil, fmt.Errorf("unexpected status code: %d, %s", res.StatusCode, data)
+	}
+
+	var createdLandingZone MeshLandingZone
+	err = json.Unmarshal(data, &createdLandingZone)
+	if err != nil {
+		return nil, err
+	}
+	return &createdLandingZone, nil
+}
+
+func (c *MeshStackProviderClient) UpdateLandingZone(name string, landingZone *MeshLandingZoneCreate) (*MeshLandingZone, error) {
+	targetUrl := c.urlForLandingZone(name)
+
+	payload, err := json.Marshal(landingZone)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("PUT", targetUrl.String(), bytes.NewBuffer(payload))
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Content-Type", CONTENT_TYPE_LANDINGZONE)
+	req.Header.Set("Accept", CONTENT_TYPE_LANDINGZONE)
+
+	res, err := c.doAuthenticatedRequest(req)
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+
+	data, err := io.ReadAll(res.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if !isSuccessHTTPStatus(res) {
+		return nil, fmt.Errorf("unexpected status code: %d, %s", res.StatusCode, data)
+	}
+
+	var updatedLandingZone MeshLandingZone
+	err = json.Unmarshal(data, &updatedLandingZone)
+	if err != nil {
+		return nil, err
+	}
+	return &updatedLandingZone, nil
+}
+
+func (c *MeshStackProviderClient) DeleteLandingZone(name string) error {
+	targetUrl := c.urlForLandingZone(name)
+	return c.deleteMeshObject(*targetUrl, 204)
+}

client/platform_properties_aks.go

@@ -0,0 +1,10 @@
+package client
+
+type AksPlatformProperties struct {
+	KubernetesRoleMappings []KubernetesRoleMapping `json:"kubernetesRoleMappings" tfsdk:"kubernetes_role_mappings"`
+}
+
+type KubernetesRoleMapping struct {
+	MeshProjectRoleRef MeshProjectRoleRefV2 `json:"projectRoleRef" tfsdk:"project_role_ref"`
+	PlatformRoles      []string             `json:"platformRoles" tfsdk:"platform_roles"`
+}

client/platform_properties_aws.go

@@ -0,0 +1,14 @@
+package client
+
+type AwsPlatformProperties struct {
+	AwsTargetOrgUnitId string           `json:"awsTargetOrgUnitId" tfsdk:"aws_target_org_unit_id"`
+	AwsEnrollAccount   bool             `json:"awsEnrollAccount" tfsdk:"aws_enroll_account"`
+	AwsLambdaArn       *string          `json:"awsLambdaArn" tfsdk:"aws_lambda_arn"`
+	AwsRoleMappings    []AwsRoleMapping `json:"awsRoleMappings" tfsdk:"aws_role_mappings"`
+}
+
+type AwsRoleMapping struct {
+	MeshProjectRoleRef MeshProjectRoleRefV2 `json:"projectRoleRef" tfsdk:"project_role_ref"`
+	PlatformRole       string               `json:"platformRole" tfsdk:"platform_role"`
+	Policies           []string             `json:"policies" tfsdk:"policies"`
+}

client/platform_properties_azure.go

@@ -0,0 +1,17 @@
+package client
+
+type AzurePlatformProperties struct {
+	AzureRoleMappings      []AzureRoleMapping `json:"azureRoleMappings" tfsdk:"azure_role_mappings"`
+	AzureManagementGroupId string             `json:"azureManagementGroupId" tfsdk:"azure_management_group_id"`
+}
+
+type AzureRoleMapping struct {
+	MeshProjectRoleRef   MeshProjectRoleRefV2  `json:"projectRoleRef" tfsdk:"project_role_ref"`
+	AzureGroupSuffix     string                `json:"azureGroupSuffix" tfsdk:"azure_group_suffix"`
+	AzureRoleDefinitions []AzureRoleDefinition `json:"azureRoleDefinitions" tfsdk:"azure_role_definitions"`
+}
+
+type AzureRoleDefinition struct {
+	AzureRoleDefinitionId string  `json:"azureRoleDefinitionId" tfsdk:"azure_role_definition_id"`
+	AbacCondition         *string `json:"abacCondition" tfsdk:"abac_condition"`
+}

client/platform_properties_azurerg.go

@@ -0,0 +1,18 @@
+package client
+
+type AzureRgPlatformProperties struct {
+	AzureRgLocation     string               `json:"azureRgLocation" tfsdk:"azure_rg_location"`
+	AzureRgRoleMappings []AzureRgRoleMapping `json:"azureRgRoleMappings" tfsdk:"azure_rg_role_mappings"`
+	AzureFunction       *AzureFunction       `json:"azureFunction,omitempty" tfsdk:"azure_function"`
+}
+
+type AzureRgRoleMapping struct {
+	MeshProjectRoleRef     MeshProjectRoleRefV2 `json:"projectRoleRef" tfsdk:"project_role_ref"`
+	AzureGroupSuffix       string               `json:"azureGroupSuffix" tfsdk:"azure_group_suffix"`
+	AzureRoleDefinitionIds []string             `json:"azureRoleDefinitionIds" tfsdk:"azure_role_definition_ids"`
+}
+
+type AzureFunction struct {
+	AzureFunctionUrl   string `json:"azureFunctionUrl" tfsdk:"azure_function_url"`
+	AzureFunctionScope string `json:"azureFunctionScope" tfsdk:"azure_function_scope"`
+}

client/platform_properties_gcp.go

@@ -0,0 +1,12 @@
+package client
+
+type GcpPlatformProperties struct {
+	GcpCloudFunctionUrl *string          `json:"gcpCloudFunctionUrl,omitempty" tfsdk:"gcp_cloud_function_url"`
+	GcpFolderId         *string          `json:"gcpFolderId,omitempty" tfsdk:"gcp_folder_id"`
+	GcpRoleMappings     []GcpRoleMapping `json:"gcpRoleMappings" tfsdk:"gcp_role_mappings"`
+}
+
+type GcpRoleMapping struct {
+	MeshProjectRoleRef MeshProjectRoleRefV2 `json:"projectRoleRef" tfsdk:"project_role_ref"`
+	PlatformRoles      []string             `json:"platformRoles" tfsdk:"platform_roles"`
+}

client/platform_properties_kubernetes.go

@@ -0,0 +1,5 @@
+package client
+
+type KubernetesPlatformProperties struct {
+	KubernetesRoleMappings []KubernetesRoleMapping `json:"kubernetesRoleMappings" tfsdk:"kubernetes_role_mappings"`
+}

client/platform_properties_openshift.go

@@ -0,0 +1,5 @@
+package client
+
+type OpenShiftPlatformProperties struct {
+	OpenShiftTemplate *string `json:"openShiftTemplate,omitempty" tfsdk:"openshift_template"`
+}

client/project_binding.go

@@ -22,10 +22,17 @@ type MeshProjectBindingMetadata struct {
 	Name string `json:"name" tfsdk:"name"`
 }
 
+// Deprecated: Use MeshProjectRoleRefV2 if possible. The convention is to also provide the `kind`,
+// so this struct should only be used for meshobjects that violate our API conventions.
 type MeshProjectRoleRef struct {
 	Name string `json:"name" tfsdk:"name"`
 }
 
+type MeshProjectRoleRefV2 struct {
+	Name string `json:"name" tfsdk:"name"`
+	Kind string `json:"kind" tfsdk:"kind"`
+}
+
 type MeshProjectTargetRef struct {
 	Name             string `json:"name" tfsdk:"name"`
 	OwnedByWorkspace string `json:"ownedByWorkspace" tfsdk:"owned_by_workspace"`

client/workspace.go

@@ -81,12 +81,12 @@ func (c *MeshStackProviderClient) ReadWorkspace(name string) (*MeshWorkspace, er
 }
 
 func (c *MeshStackProviderClient) CreateWorkspace(workspace *MeshWorkspaceCreate) (*MeshWorkspace, error) {
-	paylod, err := json.Marshal(workspace)
+	payload, err := json.Marshal(workspace)
 	if err != nil {
 		return nil, err
 	}
 
-	req, err := http.NewRequest("POST", c.endpoints.Workspaces.String(), bytes.NewBuffer(paylod))
+	req, err := http.NewRequest("POST", c.endpoints.Workspaces.String(), bytes.NewBuffer(payload))
 	if err != nil {
 		return nil, err
 	}
@@ -119,12 +119,12 @@ func (c *MeshStackProviderClient) CreateWorkspace(workspace *MeshWorkspaceCreate
 func (c *MeshStackProviderClient) UpdateWorkspace(name string, workspace *MeshWorkspaceCreate) (*MeshWorkspace, error) {
 	targetUrl := c.urlForWorkspace(name)
 
-	paylod, err := json.Marshal(workspace)
+	payload, err := json.Marshal(workspace)
 	if err != nil {
 		return nil, err
 	}
 
-	req, err := http.NewRequest("PUT", targetUrl.String(), bytes.NewBuffer(paylod))
+	req, err := http.NewRequest("PUT", targetUrl.String(), bytes.NewBuffer(payload))
 	if err != nil {
 		return nil, err
 	}