feat(datasource): Add Notification Channel data source

Signed-off-by: Federico Barcelona <[email protected]>

Author: tembleking

sysdig/data_source_notification_channel.go

@@ -0,0 +1,135 @@
+package sysdig
+
+import (
+	"regexp"
+	"strconv"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+)
+
+func dataSourceSysdigSecureNotificationChannel() *schema.Resource {
+	timeout := 30 * time.Second
+
+	return &schema.Resource{
+		Read: dataSourceSysdigNotificationChannelRead,
+
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(timeout),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"enabled": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+			"type": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"recipients": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"topics": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"api_key": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"routing_key": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"url": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"channel": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"account": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"service_key": {
+				Type:      schema.TypeString,
+				Computed:  true,
+				Sensitive: true,
+			},
+			"service_name": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"notify_when_ok": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+			"notify_when_resolved": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+			"version": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
+			"send_test_notification": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+		},
+	}
+}
+
+// Retrieves the information of a resource form the file and loads it in Terraform
+func dataSourceSysdigNotificationChannelRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*SysdigClients).sysdigSecureClient
+
+	nc, err := client.GetNotificationChannelByName(d.Get("name").(string))
+	if err != nil {
+		return err
+	}
+
+	d.SetId(strconv.Itoa(nc.ID))
+	d.Set("version", nc.Version)
+	d.Set("name", nc.Name)
+	d.Set("enabled", nc.Enabled)
+	d.Set("type", nc.Type)
+	d.Set("recipients", nc.Options.EmailRecipients)
+	d.Set("topics", nc.Options.SnsTopicARNs)
+	d.Set("api_key", nc.Options.APIKey)
+	d.Set("url", nc.Options.Url)
+	d.Set("channel", nc.Options.Channel)
+	d.Set("account", nc.Options.Account)
+	d.Set("service_key", nc.Options.ServiceKey)
+	d.Set("service_name", nc.Options.ServiceName)
+	d.Set("routing_key", nc.Options.RoutingKey)
+	d.Set("notify_when_ok", nc.Options.NotifyOnOk)
+	d.Set("notify_when_resolved", nc.Options.NotifyOnResolve)
+	d.Set("send_test_notification", nc.Options.SendTestNotification)
+
+	// When we receive a notification channel of type OpsGenie,
+	// the API sends us the URL, but we are configuring the API
+	// key in the file, so terraform identifies this as a change in
+	// the resource and tries to update it remotely even if it
+	// didn't change at all.
+	// We need to extract the key from the url the API gives us
+	// to avoid this Terraform's behaviour.
+	if nc.Type == opsgenie {
+		regex, err := regexp.Compile("apiKey=(.*)?$")
+		if err != nil {
+			return err
+		}
+		key := regex.FindStringSubmatch(nc.Options.Url)[1]
+		d.Set("api_key", key)
+		d.Set("url", "")
+	}
+	return nil
+}

sysdig/data_source_notification_channel_test.go

@@ -0,0 +1,49 @@
+package sysdig_test
+
+import (
+	"fmt"
+	"os"
+	"testing"
+
+	"github.com/draios/terraform-provider-sysdig/sysdig"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/terraform"
+)
+
+func TestAccNotificationChannelDataSource(t *testing.T) {
+	rText := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			if v := os.Getenv("SYSDIG_SECURE_API_TOKEN"); v == "" {
+				t.Fatal("SYSDIG_SECURE_API_TOKEN must be set for acceptance tests")
+			}
+		},
+		Providers: map[string]terraform.ResourceProvider{
+			"sysdig": sysdig.Provider(),
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: notificationChannelEmailWithNameAndDatasource(rText),
+			},
+		},
+	})
+}
+
+func notificationChannelEmailWithNameAndDatasource(name string) string {
+	return fmt.Sprintf(`
+resource "sysdig_secure_notification_channel" "sample_email" {
+	name = "%s"
+	enabled = true
+	type = "EMAIL"
+	recipients = "[email protected]"
+	notify_when_ok = false
+	notify_when_resolved = false
+}
+
+data "sysdig_secure_notification_channel" "sample_email" {
+	name = sysdig_secure_notification_channel.sample_email.name
+}
+`, name)
+}

sysdig/provider.go

@@ -35,6 +35,8 @@ func Provider() terraform.ResourceProvider {
 			},
 		},
 		ResourcesMap: map[string]*schema.Resource{
+			"sysdig_user": resourceSysdigUser(),
+
 			"sysdig_secure_policy":               resourceSysdigSecurePolicy(),
 			"sysdig_secure_notification_channel": resourceSysdigSecureNotificationChannel(),
 			"sysdig_secure_rule_container":       resourceSysdigSecureRuleContainer(),
@@ -43,7 +45,6 @@ func Provider() terraform.ResourceProvider {
 			"sysdig_secure_rule_process":         resourceSysdigSecureRuleProcess(),
 			"sysdig_secure_rule_syscall":         resourceSysdigSecureRuleSyscall(),
 			"sysdig_secure_rule_falco":           resourceSysdigSecureRuleFalco(),
-			"sysdig_user":                        resourceSysdigUser(),
 			"sysdig_secure_team":                 resourceSysdigSecureTeam(),
 
 			"sysdig_monitor_alert_downtime":      resourceSysdigMonitorAlertDowntime(),
@@ -52,6 +53,9 @@ func Provider() terraform.ResourceProvider {
 			"sysdig_monitor_alert_anomaly":       resourceSysdigMonitorAlertAnomaly(),
 			"sysdig_monitor_alert_group_outlier": resourceSysdigMonitorAlertGroupOutlier(),
 		},
+		DataSourcesMap: map[string]*schema.Resource{
+			"sysdig_secure_notification_channel": dataSourceSysdigSecureNotificationChannel(),
+		},
 		ConfigureFunc: providerConfigure,
 	}
 }

sysdig/secure/client.go

@@ -20,6 +20,7 @@ type SysdigSecureClient interface {
 
 	CreateNotificationChannel(NotificationChannel) (NotificationChannel, error)
 	GetNotificationChannelById(int) (NotificationChannel, error)
+	GetNotificationChannelByName(string) (NotificationChannel, error)
 	DeleteNotificationChannel(int) error
 	UpdateNotificationChannel(NotificationChannel) (NotificationChannel, error)
 

sysdig/secure/models.go

@@ -101,6 +101,17 @@ func NotificationChannelFromJSON(body []byte) NotificationChannel {
 	return result.NotificationChannel
 }
 
+func NotificationChannelListFromJSON(body []byte) []NotificationChannel {
+	var result notificationChannelListWrapper
+	json.Unmarshal(body, &result)
+
+	return result.NotificationChannels
+}
+
+type notificationChannelListWrapper struct {
+	NotificationChannels []NotificationChannel `json:"notificationChannels"`
+}
+
 type notificationChannelWrapper struct {
 	NotificationChannel NotificationChannel `json:"notificationChannel"`
 }

sysdig/secure/notification_channels.go

@@ -30,6 +30,33 @@ func (client *sysdigSecureClient) GetNotificationChannelById(id int) (nc Notific
 	return
 }
 
+func (client *sysdigSecureClient) GetNotificationChannelByName(name string) (nc NotificationChannel, err error) {
+	response, err := client.doSysdigSecureRequest(http.MethodGet, client.GetNotificationChannelsUrl(), nil)
+	if err != nil {
+		return
+	}
+	defer response.Body.Close()
+
+	body, _ := ioutil.ReadAll(response.Body)
+
+	if response.StatusCode != http.StatusOK {
+		err = errors.New(response.Status)
+		return
+	}
+
+	ncList := NotificationChannelListFromJSON(body)
+
+	for _, channel := range ncList {
+		if channel.Name == name {
+			nc = channel
+			return
+		}
+	}
+
+	err = fmt.Errorf("Notification channel with Name: %s does not exist", name)
+	return
+}
+
 func (client *sysdigSecureClient) CreateNotificationChannel(ncRequest NotificationChannel) (nc NotificationChannel, err error) {
 	response, err := client.doSysdigSecureRequest(http.MethodPost, client.GetNotificationChannelsUrl(), ncRequest.ToJSON())
 	if err != nil {