rundeck_private_key resource type.

This commit is contained in:
Martin Atkins 2015-06-22 10:01:00 -07:00
parent aba9698cf8
commit bb42821f74
3 changed files with 207 additions and 1 deletions

View File

@ -32,7 +32,7 @@ func Provider() terraform.ResourceProvider {
ResourcesMap: map[string]*schema.Resource{
"rundeck_project": resourceRundeckProject(),
//"rundeck_job": resourceRundeckJob(),
//"rundeck_private_key": resourceRundeckPrivateKey(),
"rundeck_private_key": resourceRundeckPrivateKey(),
"rundeck_public_key": resourceRundeckPublicKey(),
},

View File

@ -0,0 +1,114 @@
package rundeck
import (
"crypto/sha1"
"encoding/hex"
"github.com/hashicorp/terraform/helper/schema"
"github.com/apparentlymart/go-rundeck-api/rundeck"
)
func resourceRundeckPrivateKey() *schema.Resource {
return &schema.Resource{
Create: CreateOrUpdatePrivateKey,
Update: CreateOrUpdatePrivateKey,
Delete: DeletePrivateKey,
Exists: PrivateKeyExists,
Read: ReadPrivateKey,
Schema: map[string]*schema.Schema{
"path": &schema.Schema{
Type: schema.TypeString,
Required: true,
Description: "Path to the key within the key store",
ForceNew: true,
},
"key_material": &schema.Schema{
Type: schema.TypeString,
Required: true,
Description: "The private key material to store, in PEM format",
StateFunc: func(v interface{}) string {
switch v.(type) {
case string:
hash := sha1.Sum([]byte(v.(string)))
return hex.EncodeToString(hash[:])
default:
return ""
}
},
},
},
}
}
func CreateOrUpdatePrivateKey(d *schema.ResourceData, meta interface{}) error {
client := meta.(*rundeck.Client)
path := d.Get("path").(string)
keyMaterial := d.Get("key_material").(string)
var err error
if d.Id() != "" {
err = client.ReplacePrivateKey(path, keyMaterial)
} else {
err = client.CreatePrivateKey(path, keyMaterial)
}
if err != nil {
return err
}
d.SetId(path)
return ReadPrivateKey(d, meta)
}
func DeletePrivateKey(d *schema.ResourceData, meta interface{}) error {
client := meta.(*rundeck.Client)
path := d.Id()
// The only "delete" call we have is oblivious to key type, but
// that's okay since our Exists implementation makes sure that we
// won't try to delete a key of the wrong type since we'll pretend
// that it's already been deleted.
err := client.DeleteKey(path)
if err != nil {
return err
}
d.SetId("")
return nil
}
func ReadPrivateKey(d *schema.ResourceData, meta interface{}) error {
// Nothing to read for a private key: existence is all we need to
// worry about, and PrivateKeyExists took care of that.
return nil
}
func PrivateKeyExists(d *schema.ResourceData, meta interface{}) (bool, error) {
client := meta.(*rundeck.Client)
path := d.Id()
key, err := client.GetKeyMeta(path)
if err != nil {
if _, ok := err.(rundeck.NotFoundError); ok {
err = nil
}
return false, err
}
if key.KeyType != "private" {
// If the key type isn't public then as far as this resource is
// concerned it doesn't exist. (We'll fail properly when we try to
// create a key where one already exists.)
return false, nil
}
return true, nil
}

View File

@ -0,0 +1,92 @@
package rundeck
import (
"fmt"
"strings"
"testing"
"github.com/apparentlymart/go-rundeck-api/rundeck"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccPrivateKey_basic(t *testing.T) {
var key rundeck.KeyMeta
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccPrivateKeyCheckDestroy(&key),
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccPrivateKeyConfig_basic,
Check: resource.ComposeTestCheckFunc(
testAccPrivateKeyCheckExists("rundeck_private_key.test", &key),
func(s *terraform.State) error {
if expected := "keys/terraform_acceptance_tests/private_key"; key.Path != expected {
return fmt.Errorf("wrong path; expected %v, got %v", expected, key.Path)
}
if !strings.HasSuffix(key.URL, "/storage/keys/terraform_acceptance_tests/private_key") {
return fmt.Errorf("wrong URL; expected to end with the key path")
}
if expected := "file"; key.ResourceType != expected {
return fmt.Errorf("wrong resource type; expected %v, got %v", expected, key.ResourceType)
}
if expected := "private"; key.KeyType != expected {
return fmt.Errorf("wrong key type; expected %v, got %v", expected, key.KeyType)
}
// Rundeck won't let us re-retrieve a private key payload, so we can't test
// that the key material was submitted and stored correctly.
return nil
},
),
},
},
})
}
func testAccPrivateKeyCheckDestroy(key *rundeck.KeyMeta) resource.TestCheckFunc {
return func(s *terraform.State) error {
client := testAccProvider.Meta().(*rundeck.Client)
_, err := client.GetKeyMeta(key.Path)
if err == nil {
return fmt.Errorf("key still exists")
}
if _, ok := err.(*rundeck.NotFoundError); !ok {
return fmt.Errorf("got something other than NotFoundError (%v) when getting key", err)
}
return nil
}
}
func testAccPrivateKeyCheckExists(rn string, key *rundeck.KeyMeta) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[rn]
if !ok {
return fmt.Errorf("resource not found: %s", rn)
}
if rs.Primary.ID == "" {
return fmt.Errorf("key id not set")
}
client := testAccProvider.Meta().(*rundeck.Client)
gotKey, err := client.GetKeyMeta(rs.Primary.ID)
if err != nil {
return fmt.Errorf("error getting key metadata: %s", err)
}
*key = *gotKey
return nil
}
}
const testAccPrivateKeyConfig_basic = `
resource "rundeck_private_key" "test" {
path = "terraform_acceptance_tests/private_key"
key_material = "this is not a real private key"
}
`