ENG-7100: IdP Integration resource needs to register integration in e…

…tcd (#128)

cyral/provider.go

@@ -96,18 +96,18 @@ func Provider() *schema.Provider {
 			"cyral_integration_pager_duty":      resourceIntegrationPagerDuty(),
 			"cyral_integration_slack_alerts":    resourceIntegrationSlackAlerts(),
 			"cyral_integration_splunk":          resourceIntegrationSplunk(),
-			"cyral_integration_idp_aad":         resourceIntegrationIDP("aad", ""),
-			"cyral_integration_idp_adfs":        resourceIntegrationIDP("adfs-2016", ""),
-			"cyral_integration_idp_forgerock":   resourceIntegrationIDP("forgerock", ""),
-			"cyral_integration_idp_gsuite":      resourceIntegrationIDP("gsuite", ""),
-			"cyral_integration_idp_okta":        resourceIntegrationIDP("okta", ""),
-			"cyral_integration_idp_ping_one":    resourceIntegrationIDP("pingone", ""),
-			"cyral_integration_sso_aad":         resourceIntegrationIDP("aad", "Use 'cyral_integration_idp_aad' instead"),
-			"cyral_integration_sso_adfs":        resourceIntegrationIDP("adfs-2016", "Use 'cyral_integration_idp_adfs' instead"),
-			"cyral_integration_sso_forgerock":   resourceIntegrationIDP("forgerock", "Use 'cyral_integration_idp_forgerock' instead"),
-			"cyral_integration_sso_gsuite":      resourceIntegrationIDP("gsuite", "Use 'cyral_integration_idp_gsuite' instead"),
-			"cyral_integration_sso_okta":        resourceIntegrationIDP("okta", "Use 'cyral_integration_idp_okta' instead"),
-			"cyral_integration_sso_ping_one":    resourceIntegrationIDP("pingone", "Use 'cyral_integration_idp_ping_one' instead"),
+			"cyral_integration_idp_aad":         resourceIntegrationIdP("aad", ""),
+			"cyral_integration_idp_adfs":        resourceIntegrationIdP("adfs-2016", ""),
+			"cyral_integration_idp_forgerock":   resourceIntegrationIdP("forgerock", ""),
+			"cyral_integration_idp_gsuite":      resourceIntegrationIdP("gsuite", ""),
+			"cyral_integration_idp_okta":        resourceIntegrationIdP("okta", ""),
+			"cyral_integration_idp_ping_one":    resourceIntegrationIdP("pingone", ""),
+			"cyral_integration_sso_aad":         resourceIntegrationIdP("aad", "Use 'cyral_integration_idp_aad' instead"),
+			"cyral_integration_sso_adfs":        resourceIntegrationIdP("adfs-2016", "Use 'cyral_integration_idp_adfs' instead"),
+			"cyral_integration_sso_forgerock":   resourceIntegrationIdP("forgerock", "Use 'cyral_integration_idp_forgerock' instead"),
+			"cyral_integration_sso_gsuite":      resourceIntegrationIdP("gsuite", "Use 'cyral_integration_idp_gsuite' instead"),
+			"cyral_integration_sso_okta":        resourceIntegrationIdP("okta", "Use 'cyral_integration_idp_okta' instead"),
+			"cyral_integration_sso_ping_one":    resourceIntegrationIdP("pingone", "Use 'cyral_integration_idp_ping_one' instead"),
 			"cyral_integration_sumo_logic":      resourceIntegrationSumoLogic(),
 			"cyral_policy":                      resourcePolicy(),
 			"cyral_policy_rule":                 resourcePolicyRule(),

cyral/resource_cyral_integration_idp.go

@@ -1,56 +1,23 @@
 package cyral
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"net/http"
 
 	"github.com/cyralinc/terraform-provider-cyral/client"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
-func resourceIntegrationIDP(identityProvider, deprecationMessage string) *schema.Resource {
+func resourceIntegrationIdP(identityProvider, deprecationMessage string) *schema.Resource {
 	return &schema.Resource{
 		DeprecationMessage: deprecationMessage,
-		CreateContext: CreateResource(
-			ResourceOperationConfig{
-				Name:       "resourceIntegrationIDPCreate",
-				HttpMethod: http.MethodPost,
-				CreateURL: func(d *schema.ResourceData, c *client.Client) string {
-					return fmt.Sprintf("https://%s/v1/integrations/saml", c.ControlPlane)
-				},
-				ResourceData: &SAMLIntegrationData{
-					SAMLSetting: &SAMLSetting{
-						IdentityProvider: identityProvider,
-					},
-				},
-				ResponseData: &AliasBasedResponse{},
-			}, readSAMLIntegrationConfig,
-		),
-		ReadContext: ReadResource(readSAMLIntegrationConfig),
-		UpdateContext: UpdateResource(
-			ResourceOperationConfig{
-				Name:       "resourceIntegrationIDPUpdate",
-				HttpMethod: http.MethodPut,
-				CreateURL: func(d *schema.ResourceData, c *client.Client) string {
-					return fmt.Sprintf("https://%s/v1/integrations/saml/%s", c.ControlPlane, d.Id())
-				},
-				ResourceData: &SAMLIntegrationData{
-					SAMLSetting: &SAMLSetting{
-						IdentityProvider: identityProvider,
-					},
-				},
-			}, readSAMLIntegrationConfig,
-		),
-		DeleteContext: DeleteResource(
-			ResourceOperationConfig{
-				Name:       "resourceIntegrationIDPDelete",
-				HttpMethod: http.MethodDelete,
-				CreateURL: func(d *schema.ResourceData, c *client.Client) string {
-					return fmt.Sprintf("https://%s/v1/integrations/saml/%s", c.ControlPlane, d.Id())
-				},
-			},
-		),
+		CreateContext:      resourceIntegrationIdPCreate(identityProvider),
+		ReadContext:        resourceIntegrationIdPRead,
+		UpdateContext:      resourceIntegrationIdPUpdate(identityProvider),
+		DeleteContext:      resourceIntegrationIdPDelete,
 
 		Schema: map[string]*schema.Schema{
 			"draft_alias": {
@@ -249,15 +216,122 @@ func resourceIntegrationIDP(identityProvider, deprecationMessage string) *schema
 	}
 }
 
-var readSAMLIntegrationConfig = ResourceOperationConfig{
-	Name:       "resourceIntegrationIDPRead",
+func resourceIntegrationIdPCreate(identityProvider string) schema.CreateContextFunc {
+	return func(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
+		diag := CreateResource(
+			ResourceOperationConfig{
+				Name:       "resourceIntegrationIdPCreate - Integration",
+				HttpMethod: http.MethodPost,
+				CreateURL: func(d *schema.ResourceData, c *client.Client) string {
+					return fmt.Sprintf("https://%s/v1/integrations/saml", c.ControlPlane)
+				},
+				ResourceData: &SAMLIntegrationData{
+					SAMLSetting: &SAMLSetting{
+						IdentityProvider: identityProvider,
+					},
+				},
+				ResponseData: &AliasBasedResponse{},
+			}, readIntegrationIdPConfig,
+		)(ctx, d, m)
+
+		if !diag.HasError() {
+			diag = CreateResource(
+				ResourceOperationConfig{
+					Name:       "resourceIntegrationIdPCreate - IdentityProvider",
+					HttpMethod: http.MethodPost,
+					CreateURL: func(d *schema.ResourceData, c *client.Client) string {
+						return fmt.Sprintf("https://%s/v1/conf/identityProviders/%s", c.ControlPlane, d.Id())
+					},
+					ResourceData: &IdentityProviderData{},
+					ResponseData: &IdentityProviderData{},
+				}, readIdentityProviderConfig,
+			)(ctx, d, m)
+
+			if diag.HasError() {
+				// Clean Up Integration IdP
+				DeleteResource(deleteIntegrationIdPConfig)(ctx, d, m)
+			}
+		}
+
+		return diag
+	}
+}
+
+func resourceIntegrationIdPRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
+	diag := ReadResource(readIntegrationIdPConfig)(ctx, d, m)
+
+	if !diag.HasError() {
+		diag = ReadResource(readIdentityProviderConfig)(ctx, d, m)
+	}
+
+	return diag
+}
+
+func resourceIntegrationIdPUpdate(identityProvider string) schema.UpdateContextFunc {
+	return func(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
+		diag := UpdateResource(
+			ResourceOperationConfig{
+				Name:       "resourceIntegrationIdPUpdate - Integration",
+				HttpMethod: http.MethodPut,
+				CreateURL: func(d *schema.ResourceData, c *client.Client) string {
+					return fmt.Sprintf("https://%s/v1/integrations/saml/%s", c.ControlPlane, d.Id())
+				},
+				ResourceData: &SAMLIntegrationData{
+					SAMLSetting: &SAMLSetting{
+						IdentityProvider: identityProvider,
+					},
+				},
+			}, readIntegrationIdPConfig,
+		)(ctx, d, m)
+
+		return diag
+	}
+}
+
+func resourceIntegrationIdPDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
+	diag := DeleteResource(deleteIntegrationIdPConfig)(ctx, d, m)
+
+	if !diag.HasError() {
+		diag = DeleteResource(
+			ResourceOperationConfig{
+				Name:       "resourceIntegrationIdPDelete - IdentityProvider",
+				HttpMethod: http.MethodDelete,
+				CreateURL: func(d *schema.ResourceData, c *client.Client) string {
+					return fmt.Sprintf("https://%s/v1/conf/identityProviders/%s", c.ControlPlane, d.Id())
+				},
+			},
+		)(ctx, d, m)
+	}
+
+	return diag
+}
+
+var readIntegrationIdPConfig = ResourceOperationConfig{
+	Name:       "resourceIntegrationIdPRead - Integration",
 	HttpMethod: http.MethodGet,
 	CreateURL: func(d *schema.ResourceData, c *client.Client) string {
 		return fmt.Sprintf("https://%s/v1/integrations/saml/%s", c.ControlPlane, d.Id())
 	},
 	ResponseData: &SAMLIntegrationData{},
 }
 
+var readIdentityProviderConfig = ResourceOperationConfig{
+	Name:       "resourceIntegrationIdPRead - IdentityProvider",
+	HttpMethod: http.MethodGet,
+	CreateURL: func(d *schema.ResourceData, c *client.Client) string {
+		return fmt.Sprintf("https://%s/v1/conf/identityProviders/%s", c.ControlPlane, d.Id())
+	},
+	ResponseData: &IdentityProviderData{},
+}
+
+var deleteIntegrationIdPConfig = ResourceOperationConfig{
+	Name:       "resourceIntegrationIdPDelete - Integration",
+	HttpMethod: http.MethodDelete,
+	CreateURL: func(d *schema.ResourceData, c *client.Client) string {
+		return fmt.Sprintf("https://%s/v1/integrations/saml/%s", c.ControlPlane, d.Id())
+	},
+}
+
 var (
 	defaultValuesMap = map[string]interface{}{
 		"display_name":                          "",
@@ -434,3 +508,13 @@ func (response AliasBasedResponse) WriteToSchema(d *schema.ResourceData) {
 }
 
 func (response *AliasBasedResponse) ReadFromSchema(d *schema.ResourceData) {}
+
+type KeycloakProvider struct{}
+
+type IdentityProviderData struct {
+	Keycloak KeycloakProvider `json:"keycloakProvider"`
+}
+
+func (data IdentityProviderData) WriteToSchema(d *schema.ResourceData) {}
+
+func (data *IdentityProviderData) ReadFromSchema(d *schema.ResourceData) {}