Added - Support get secret content

Author: jotruon

examples/vault_secret/main.tf

@@ -18,11 +18,10 @@ variable "region" {
 variable "compartment_ocid" {
 }
 
-variable "secret_id" {
+variable "kms_vault_ocid" {
 }
 
-variable "vault_id" {
-}
+variable "kms_key_ocid" {}
 
 provider "oci" {
   tenancy_ocid     = var.tenancy_ocid
@@ -32,13 +31,42 @@ provider "oci" {
   region           = var.region
 }
 
-data "oci_vault_secret" "test_secret" {
-  secret_id = var.secret_id
+data "oci_vault_secrets" "test_secrets" {
+  compartment_id = var.compartment_ocid
+  state          = "ACTIVE"
+  vault_id       = var.kms_vault_ocid
 }
 
-data "oci_vault_secrets" "test_secrets" {
+resource "oci_vault_secret" "test_secret" {
+  #Required
   compartment_id = var.compartment_ocid
-  state          = "Active"
-  vault_id       = var.vault_id
+  secret_content {
+    #Required
+    content_type = "BASE64"
+
+    #Optional
+    content = "PHZhcj4mbHQ7YmFzZTY0X2VuY29kZWRfc2VjcmV0X2NvbnRlbnRzJmd0OzwvdmFyPg=="
+    name    = "name"
+    stage   = "CURRENT"
+  }
+  key_id = var.kms_key_ocid
+  secret_name = "TFsample1"
+  vault_id    = var.kms_vault_ocid
+}
+
+
+data "oci_vault_secret" "test_secret" {
+  secret_id = oci_vault_secret.test_secret.id
+}
+
+data "oci_secrets_secretbundle_versions" "test_secretbundle_versions" {
+  #Required
+  secret_id = oci_vault_secret.test_secret.id
 }
 
+// Get Secret content
+data "oci_secrets_secretbundle" "test_secretbundles" {
+  #Required
+  secret_id = oci_vault_secret.test_secret.id
+  stage               = "CURRENT"
+}

internal/client/secrets_clients.go

@@ -0,0 +1,34 @@
+// Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+package client
+
+import (
+	oci_secrets "github.com/oracle/oci-go-sdk/v58/secrets"
+
+	oci_common "github.com/oracle/oci-go-sdk/v58/common"
+)
+
+func init() {
+	RegisterOracleClient("oci_secrets.SecretsClient", &OracleClient{InitClientFn: initSecretsSecretsClient})
+}
+
+func initSecretsSecretsClient(configProvider oci_common.ConfigurationProvider, configureClient ConfigureClient, serviceClientOverrides ServiceClientOverrides) (interface{}, error) {
+	client, err := oci_secrets.NewSecretsClientWithConfigurationProvider(configProvider)
+	if err != nil {
+		return nil, err
+	}
+	err = configureClient(&client.BaseClient)
+	if err != nil {
+		return nil, err
+	}
+
+	if serviceClientOverrides.HostUrlOverride != "" {
+		client.Host = serviceClientOverrides.HostUrlOverride
+	}
+	return &client, nil
+}
+
+func (m *OracleClients) SecretsClient() *oci_secrets.SecretsClient {
+	return m.GetClient("oci_secrets.SecretsClient").(*oci_secrets.SecretsClient)
+}

internal/integrationtest/secrets_secretbundle_test.go

@@ -0,0 +1,64 @@
+// Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+package integrationtest
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+
+	"github.com/terraform-providers/terraform-provider-oci/httpreplay"
+	"github.com/terraform-providers/terraform-provider-oci/internal/acctest"
+
+	"github.com/terraform-providers/terraform-provider-oci/internal/utils"
+)
+
+var (
+	secretbundleSingularDataSourceRepresentation = map[string]interface{}{
+		"secret_id":           acctest.Representation{RepType: acctest.Required, Create: `${oci_vault_secret.test_secret.id}`},
+		"secret_version_name": acctest.Representation{RepType: acctest.Optional, Create: `name`},
+		"stage":               acctest.Representation{RepType: acctest.Optional, Create: `CURRENT`},
+		"version_number":      acctest.Representation{RepType: acctest.Optional, Create: `1`},
+	}
+
+	SecretbundleResourceConfig = acctest.GenerateResourceFromRepresentationMap("oci_vault_secret", "test_secret", acctest.Required, acctest.Create, secretRepresentation)
+)
+
+// issue-routing-tag: secrets/default
+func TestSecretsSecretbundleResource_basic(t *testing.T) {
+	httpreplay.SetScenario("TestSecretsSecretbundleResource_basic")
+	defer httpreplay.SaveScenario()
+
+	config := acctest.ProviderTestConfig()
+
+	compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid")
+	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
+
+	vaultId := utils.GetEnvSettingWithBlankDefault("kms_vault_ocid")
+	vaultIdVariableStr := fmt.Sprintf("variable \"vault_id\" { default = \"%s\" }\n", vaultId)
+
+	keyId := utils.GetEnvSettingWithBlankDefault("kms_key_ocid")
+	keyIdVariableStr := fmt.Sprintf("variable \"key_id\" { default = \"%s\" }\n", keyId)
+
+	singularDatasourceName := "data.oci_secrets_secretbundle.test_secretbundle"
+
+	acctest.SaveConfigContent("", "", "", t)
+
+	acctest.ResourceTest(t, nil, []resource.TestStep{
+		// verify singular datasource
+		{
+			Config: config + vaultIdVariableStr + keyIdVariableStr +
+				acctest.GenerateDataSourceFromRepresentationMap("oci_secrets_secretbundle", "test_secretbundle", acctest.Required, acctest.Create, secretbundleSingularDataSourceRepresentation) +
+				compartmentIdVariableStr + SecretbundleResourceConfig,
+			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "secret_id"),
+
+				resource.TestCheckResourceAttr(singularDatasourceName, "secret_bundle_content.#", "1"),
+				resource.TestCheckResourceAttr(singularDatasourceName, "stages.#", "2"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "time_created"),
+			),
+		},
+	})
+}

internal/integrationtest/secrets_secretbundle_version_test.go

@@ -0,0 +1,63 @@
+// Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+package integrationtest
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+
+	"github.com/terraform-providers/terraform-provider-oci/httpreplay"
+	"github.com/terraform-providers/terraform-provider-oci/internal/acctest"
+
+	"github.com/terraform-providers/terraform-provider-oci/internal/utils"
+)
+
+var (
+	secretbundleVersionDataSourceRepresentation = map[string]interface{}{
+		"secret_id": acctest.Representation{RepType: acctest.Required, Create: `${oci_vault_secret.test_secret.id}`},
+	}
+
+	SecretbundleVersionResourceConfig = acctest.GenerateResourceFromRepresentationMap("oci_vault_secret", "test_secret", acctest.Required, acctest.Create, secretRepresentation)
+)
+
+// issue-routing-tag: secrets/default
+func TestSecretsSecretbundleVersionResource_basic(t *testing.T) {
+	httpreplay.SetScenario("TestSecretsSecretbundleVersionResource_basic")
+	defer httpreplay.SaveScenario()
+
+	config := acctest.ProviderTestConfig()
+
+	compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid")
+	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
+
+	vaultId := utils.GetEnvSettingWithBlankDefault("kms_vault_ocid")
+	vaultIdVariableStr := fmt.Sprintf("variable \"vault_id\" { default = \"%s\" }\n", vaultId)
+
+	keyId := utils.GetEnvSettingWithBlankDefault("kms_key_ocid")
+	keyIdVariableStr := fmt.Sprintf("variable \"key_id\" { default = \"%s\" }\n", keyId)
+
+	datasourceName := "data.oci_secrets_secretbundle_versions.test_secretbundle_versions"
+
+	acctest.SaveConfigContent("", "", "", t)
+
+	acctest.ResourceTest(t, nil, []resource.TestStep{
+		// verify datasource
+		{
+			Config: config + vaultIdVariableStr + keyIdVariableStr +
+				acctest.GenerateDataSourceFromRepresentationMap("oci_secrets_secretbundle_versions", "test_secretbundle_versions", acctest.Required, acctest.Create, secretbundleVersionDataSourceRepresentation) +
+				compartmentIdVariableStr + SecretbundleVersionResourceConfig,
+			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
+				resource.TestCheckResourceAttrSet(datasourceName, "secret_id"),
+
+				resource.TestCheckResourceAttrSet(datasourceName, "secret_bundle_versions.#"),
+				resource.TestCheckResourceAttrSet(datasourceName, "secret_bundle_versions.0.secret_id"),
+				resource.TestCheckResourceAttr(datasourceName, "secret_bundle_versions.0.stages.#", "2"),
+				resource.TestCheckResourceAttrSet(datasourceName, "secret_bundle_versions.0.time_created"),
+				resource.TestCheckResourceAttrSet(datasourceName, "secret_bundle_versions.0.version_number"),
+			),
+		},
+	})
+}

internal/provider/register_datasource.go

@@ -71,6 +71,7 @@ import (
 	tf_osp_gateway "github.com/terraform-providers/terraform-provider-oci/internal/service/osp_gateway"
 	tf_resourcemanager "github.com/terraform-providers/terraform-provider-oci/internal/service/resourcemanager"
 	tf_sch "github.com/terraform-providers/terraform-provider-oci/internal/service/sch"
+	tf_secrets "github.com/terraform-providers/terraform-provider-oci/internal/service/secrets"
 	tf_service_catalog "github.com/terraform-providers/terraform-provider-oci/internal/service/service_catalog"
 	tf_service_manager_proxy "github.com/terraform-providers/terraform-provider-oci/internal/service/service_manager_proxy"
 	tf_streaming "github.com/terraform-providers/terraform-provider-oci/internal/service/streaming"
@@ -954,6 +955,9 @@ func init() {
 	// sch service
 	RegisterDatasource("oci_sch_service_connector", tf_sch.SchServiceConnectorDataSource())
 	RegisterDatasource("oci_sch_service_connectors", tf_sch.SchServiceConnectorsDataSource())
+	// secrets service
+	RegisterDatasource("oci_secrets_secretbundle", tf_secrets.SecretsSecretbundleDataSource())
+	RegisterDatasource("oci_secrets_secretbundle_versions", tf_secrets.SecretsSecretbundleVersionsDataSource())
 	// service_catalog service
 	RegisterDatasource("oci_service_catalog_private_application", tf_service_catalog.ServiceCatalogPrivateApplicationDataSource())
 	RegisterDatasource("oci_service_catalog_private_application_package", tf_service_catalog.ServiceCatalogPrivateApplicationPackageDataSource())

internal/provider/register_resource.go

@@ -501,6 +501,7 @@ func init() {
 	// resourcemanager service
 	// sch service
 	RegisterResource("oci_sch_service_connector", tf_sch.SchServiceConnectorResource())
+	// secrets service
 	// service_catalog service
 	RegisterResource("oci_service_catalog_private_application", tf_service_catalog.ServiceCatalogPrivateApplicationResource())
 	RegisterResource("oci_service_catalog_service_catalog", tf_service_catalog.ServiceCatalogServiceCatalogResource())