From d0c53d5a336aa510f29885b93ff25203dab5c230 Mon Sep 17 00:00:00 2001 From: Wilson de Carvalho <796900+wcmjunior@users.noreply.github.com> Date: Mon, 25 Nov 2024 11:31:38 -0800 Subject: [PATCH 1/4] Fix docs templates (#581) --- docs/guides/mongodb_cluster_okta_idp.md | 4 --- docs/guides/setup_cp_and_deploy_sidecar.md | 5 ---- docs/guides/smart_ports.md | 10 ------- examples/guides/iam_auth_rds_pg.tf | 8 ++--- .../mongodb_cluster/okta_idp_sidecar.tf | 27 ++--------------- examples/guides/s3_browser_and_aws_cli.tf | 9 +++--- .../guides/setup_cp_and_deploy_sidecar.tf | 29 ++----------------- examples/guides/smart_ports_1.tf | 27 ++--------------- examples/guides/smart_ports_2.tf | 27 ++--------------- .../cyral_integration_logging/cloudwatch.tf | 2 +- templates/index.md.tmpl | 2 +- 11 files changed, 20 insertions(+), 130 deletions(-) diff --git a/docs/guides/mongodb_cluster_okta_idp.md b/docs/guides/mongodb_cluster_okta_idp.md index aa7e4d07..ffd75b26 100644 --- a/docs/guides/mongodb_cluster_okta_idp.md +++ b/docs/guides/mongodb_cluster_okta_idp.md @@ -77,8 +77,6 @@ locals { # Set to true if you want a sidecar deployed with an # internet-facing load balancer (requires a public subnet). public_sidecar = false - # Set the desired sidecar version. - sidecar_version = "v4.7.0" # Set the AWS region that the sidecar will be deployed to region = "" @@ -245,8 +243,6 @@ module "cyral_sidecar" { # Use the module version that is compatible with your sidecar. version = "~> 5.0" - sidecar_version = local.sidecar.sidecar_version - sidecar_id = cyral_sidecar.sidecar.id control_plane = local.control_plane_host diff --git a/docs/guides/setup_cp_and_deploy_sidecar.md b/docs/guides/setup_cp_and_deploy_sidecar.md index 22979867..76acecaa 100644 --- a/docs/guides/setup_cp_and_deploy_sidecar.md +++ b/docs/guides/setup_cp_and_deploy_sidecar.md @@ -50,9 +50,6 @@ locals { # internet-facing load balancer (requires a public subnet). public_sidecar = false - # Set the desired sidecar version. - sidecar_version = "v4.7.0" - # Set the AWS region that the sidecar will be deployed to region = "" # Set the ID of VPC that the sidecar will be deployed to @@ -150,8 +147,6 @@ module "cyral_sidecar" { # Use the module version that is compatible with your sidecar. version = "~> 5.0" - sidecar_version = local.sidecar.sidecar_version - sidecar_id = cyral_sidecar.sidecar.id control_plane = local.control_plane_host diff --git a/docs/guides/smart_ports.md b/docs/guides/smart_ports.md index 213995ac..80d66b4f 100644 --- a/docs/guides/smart_ports.md +++ b/docs/guides/smart_ports.md @@ -73,9 +73,6 @@ locals { # internet-facing load balancer (requires a public subnet). public_sidecar = false - # Set the desired sidecar version. - sidecar_version = "v4.7.0" - # Set the AWS region that the sidecar will be deployed to region = "" # Set the ID of VPC that the sidecar will be deployed to @@ -307,8 +304,6 @@ module "cyral_sidecar" { # Use the module version that is compatible with your sidecar. version = "~> 5.0" - sidecar_version = local.sidecar.sidecar_version - sidecar_id = cyral_sidecar.sidecar.id control_plane = local.control_plane_host @@ -391,9 +386,6 @@ locals { # internet-facing load balancer (requires a public subnet). public_sidecar = false - # Set the desired sidecar version. - sidecar_version = "v4.7.0" - # Set the AWS region that the sidecar will be deployed to region = "" # Set the ID of VPC that the sidecar will be deployed to @@ -561,8 +553,6 @@ module "cyral_sidecar" { # Use the module version that is compatible with your sidecar. version = "~> 5.0" - sidecar_version = local.sidecar.sidecar_version - sidecar_id = cyral_sidecar.sidecar.id control_plane = local.control_plane_host diff --git a/examples/guides/iam_auth_rds_pg.tf b/examples/guides/iam_auth_rds_pg.tf index 624f9fba..7383ab39 100644 --- a/examples/guides/iam_auth_rds_pg.tf +++ b/examples/guides/iam_auth_rds_pg.tf @@ -217,7 +217,7 @@ module "cyral_sidecar" { source = "cyralinc/sidecar-ec2/aws" # Use the module version that is compatible with your sidecar. - version = "~> 4.3" + version = "~> 5.0" sidecar_id = cyral_sidecar.sidecar.id control_plane = local.control_plane_host @@ -236,10 +236,10 @@ module "cyral_sidecar" { load_balancer_scheme = local.sidecar.public_sidecar ? "internet-facing" : "internal" associate_public_ip_address = local.sidecar.public_sidecar - sidecar_dns_hosted_zone_id = local.sidecar.dns_hosted_zone_id - sidecar_dns_name = local.sidecar.dns_name + dns_hosted_zone_id = local.sidecar.dns_hosted_zone_id + dns_name = local.sidecar.dns_name } output "sidecar_load_balancer_dns" { - value = module.cyral_sidecar.sidecar_load_balancer_dns + value = module.cyral_sidecar.load_balancer_dns } diff --git a/examples/guides/mongodb_cluster/okta_idp_sidecar.tf b/examples/guides/mongodb_cluster/okta_idp_sidecar.tf index 2ab7a78c..8a6dd514 100644 --- a/examples/guides/mongodb_cluster/okta_idp_sidecar.tf +++ b/examples/guides/mongodb_cluster/okta_idp_sidecar.tf @@ -3,8 +3,6 @@ locals { # Set to true if you want a sidecar deployed with an # internet-facing load balancer (requires a public subnet). public_sidecar = false - # Set the desired sidecar version. - sidecar_version = "v4.7.0" # Set the AWS region that the sidecar will be deployed to region = "" @@ -24,17 +22,6 @@ locals { # Name of the CloudWatch log group used to push logs cloudwatch_log_group_name = "cyral-example-loggroup" - # Set the parameters to access the private Cyral container - # registry. These parameters can be found in the sidecar - # Terraform template downloaded from the UI. Use the - # commented values to locate the variables and copy the - # values from the downloaded template. - container_registry = { - name = "" # container_registry - username = "" # container_registry_username - registry_key = "" # container_registry_key - } - # Specify the maximum number of nodes you expect this cluster to # have, taking into consideration future growth. This number must be # at least equal to the number of nodes currently in your @@ -180,9 +167,7 @@ module "cyral_sidecar" { source = "cyralinc/sidecar-ec2/aws" # Use the module version that is compatible with your sidecar. - version = "~> 4.0" - - sidecar_version = local.sidecar.sidecar_version + version = "~> 5.0" sidecar_id = cyral_sidecar.sidecar.id @@ -206,20 +191,14 @@ module "cyral_sidecar" { load_balancer_scheme = local.sidecar.public_sidecar ? "internet-facing" : "internal" associate_public_ip_address = local.sidecar.public_sidecar - deploy_secrets = true - secrets_location = "/cyral/sidecars/${cyral_sidecar.sidecar.id}/secrets" - - container_registry = local.sidecar.container_registry.name - container_registry_username = local.sidecar.container_registry.username - container_registry_key = local.sidecar.container_registry.registry_key client_id = cyral_sidecar_credentials.sidecar_credentials.client_id client_secret = cyral_sidecar_credentials.sidecar_credentials.client_secret } output "sidecar_dns" { - value = module.cyral_sidecar.sidecar_dns + value = module.cyral_sidecar.dns } output "sidecar_load_balancer_dns" { - value = module.cyral_sidecar.sidecar_load_balancer_dns + value = module.cyral_sidecar.load_balancer_dns } diff --git a/examples/guides/s3_browser_and_aws_cli.tf b/examples/guides/s3_browser_and_aws_cli.tf index 1691e23d..93006879 100644 --- a/examples/guides/s3_browser_and_aws_cli.tf +++ b/examples/guides/s3_browser_and_aws_cli.tf @@ -232,7 +232,7 @@ module "cyral_sidecar" { source = "cyralinc/sidecar-ec2/aws" # Use the module version that is compatible with your sidecar. - version = "~> 4.3" + version = "~> 5.0" sidecar_id = cyral_sidecar.sidecar.id control_plane = local.control_plane_host @@ -251,16 +251,15 @@ module "cyral_sidecar" { load_balancer_scheme = local.sidecar.public_sidecar ? "internet-facing" : "internal" associate_public_ip_address = local.sidecar.public_sidecar - load_balancer_certificate_arn = local.sidecar.load_balancer_certificate_arn load_balancer_tls_ports = [ local.repos.s3.browser_port ] - sidecar_dns_hosted_zone_id = local.sidecar.dns_hosted_zone_id - sidecar_dns_name = local.sidecar.dns_name + dns_hosted_zone_id = local.sidecar.dns_hosted_zone_id + dns_name = local.sidecar.dns_name } output "sidecar_load_balancer_dns" { - value = module.cyral_sidecar.sidecar_load_balancer_dns + value = module.cyral_sidecar.load_balancer_dns } diff --git a/examples/guides/setup_cp_and_deploy_sidecar.tf b/examples/guides/setup_cp_and_deploy_sidecar.tf index e26eeb6e..4657abe1 100644 --- a/examples/guides/setup_cp_and_deploy_sidecar.tf +++ b/examples/guides/setup_cp_and_deploy_sidecar.tf @@ -35,9 +35,6 @@ locals { # internet-facing load balancer (requires a public subnet). public_sidecar = false - # Set the desired sidecar version. - sidecar_version = "v4.7.0" - # Set the AWS region that the sidecar will be deployed to region = "" # Set the ID of VPC that the sidecar will be deployed to @@ -55,17 +52,6 @@ locals { # Set the allowed CIDR block for monitoring requests to the # sidecar monitoring_inbound_cidr = ["0.0.0.0/0"] - - # Set the parameters to access the private Cyral container - # registry. These parameters can be found in the sidecar - # Terraform template downloaded from the UI. Use the - # commented values to locate the variables and copy the - # values from the downloaded template. - container_registry = { - name = "" # container_registry - username = "" # container_registry_username - registry_key = "" # container_registry_key - } } } @@ -144,9 +130,7 @@ module "cyral_sidecar" { source = "cyralinc/sidecar-ec2/aws" # Use the module version that is compatible with your sidecar. - version = "~> 4.0" - - sidecar_version = local.sidecar.sidecar_version + version = "~> 5.0" sidecar_id = cyral_sidecar.sidecar.id @@ -166,21 +150,14 @@ module "cyral_sidecar" { load_balancer_scheme = local.sidecar.public_sidecar ? "internet-facing" : "internal" associate_public_ip_address = local.sidecar.public_sidecar - deploy_secrets = true - secrets_location = "/cyral/sidecars/${cyral_sidecar.sidecar.id}/secrets" - - container_registry = local.sidecar.container_registry.name - container_registry_username = local.sidecar.container_registry.username - container_registry_key = local.sidecar.container_registry.registry_key - client_id = cyral_sidecar_credentials.sidecar_credentials.client_id client_secret = cyral_sidecar_credentials.sidecar_credentials.client_secret } output "sidecar_dns" { - value = module.cyral_sidecar.sidecar_dns + value = module.cyral_sidecar.dns } output "sidecar_load_balancer_dns" { - value = module.cyral_sidecar.sidecar_load_balancer_dns + value = module.cyral_sidecar.load_balancer_dns } diff --git a/examples/guides/smart_ports_1.tf b/examples/guides/smart_ports_1.tf index 60682750..e8275fa5 100644 --- a/examples/guides/smart_ports_1.tf +++ b/examples/guides/smart_ports_1.tf @@ -46,9 +46,6 @@ locals { # internet-facing load balancer (requires a public subnet). public_sidecar = false - # Set the desired sidecar version. - sidecar_version = "v4.7.0" - # Set the AWS region that the sidecar will be deployed to region = "" # Set the ID of VPC that the sidecar will be deployed to @@ -66,17 +63,6 @@ locals { # Set the allowed CIDR block for monitoring requests to the # sidecar monitoring_inbound_cidr = ["0.0.0.0/0"] - - # Set the parameters to access the private Cyral container - # registry. These parameters can be found in the sidecar - # Terraform template downloaded from the UI. Use the - # commented values to locate the variables and copy the - # values from the downloaded template. - container_registry = { - name = "" # container_registry - username = "" # container_registry_username - registry_key = "" # container_registry_key - } } } @@ -289,9 +275,7 @@ module "cyral_sidecar" { source = "cyralinc/sidecar-ec2/aws" # Use the module version that is compatible with your sidecar. - version = "~> 4.0" - - sidecar_version = local.sidecar.sidecar_version + version = "~> 5.0" sidecar_id = cyral_sidecar.sidecar.id @@ -309,17 +293,10 @@ module "cyral_sidecar" { load_balancer_scheme = local.sidecar.public_sidecar ? "internet-facing" : "internal" associate_public_ip_address = local.sidecar.public_sidecar - deploy_secrets = true - secrets_location = "/cyral/sidecars/${cyral_sidecar.sidecar.id}/secrets" - - container_registry = local.sidecar.container_registry.name - container_registry_username = local.sidecar.container_registry.username - container_registry_key = local.sidecar.container_registry.registry_key - client_id = cyral_sidecar_credentials.sidecar_credentials.client_id client_secret = cyral_sidecar_credentials.sidecar_credentials.client_secret } output "sidecar_load_balancer_dns" { - value = module.cyral_sidecar.sidecar_load_balancer_dns + value = module.cyral_sidecar.load_balancer_dns } diff --git a/examples/guides/smart_ports_2.tf b/examples/guides/smart_ports_2.tf index d41cd4bb..8ae5922f 100644 --- a/examples/guides/smart_ports_2.tf +++ b/examples/guides/smart_ports_2.tf @@ -52,9 +52,6 @@ locals { # internet-facing load balancer (requires a public subnet). public_sidecar = false - # Set the desired sidecar version. - sidecar_version = "v4.7.0" - # Set the AWS region that the sidecar will be deployed to region = "" # Set the ID of VPC that the sidecar will be deployed to @@ -72,17 +69,6 @@ locals { # Set the allowed CIDR block for monitoring requests to the # sidecar monitoring_inbound_cidr = ["0.0.0.0/0"] - - # Set the parameters to access the private Cyral container - # registry. These parameters can be found in the sidecar - # Terraform template downloaded from the UI. Use the - # commented values to locate the variables and copy the - # values from the downloaded template. - container_registry = { - name = "" # container_registry - username = "" # container_registry_username - registry_key = "" # container_registry_key - } } } @@ -231,9 +217,7 @@ module "cyral_sidecar" { source = "cyralinc/sidecar-ec2/aws" # Use the module version that is compatible with your sidecar. - version = "~> 4.0" - - sidecar_version = local.sidecar.sidecar_version + version = "~> 5.0" sidecar_id = cyral_sidecar.sidecar.id @@ -251,17 +235,10 @@ module "cyral_sidecar" { load_balancer_scheme = local.sidecar.public_sidecar ? "internet-facing" : "internal" associate_public_ip_address = local.sidecar.public_sidecar - deploy_secrets = true - secrets_location = "/cyral/sidecars/${cyral_sidecar.sidecar.id}/secrets" - - container_registry = local.sidecar.container_registry.name - container_registry_username = local.sidecar.container_registry.username - container_registry_key = local.sidecar.container_registry.registry_key - client_id = cyral_sidecar_credentials.sidecar_credentials.client_id client_secret = cyral_sidecar_credentials.sidecar_credentials.client_secret } output "sidecar_load_balancer_dns" { - value = module.cyral_sidecar.sidecar_load_balancer_dns + value = module.cyral_sidecar.load_balancer_dns } diff --git a/examples/resources/cyral_integration_logging/cloudwatch.tf b/examples/resources/cyral_integration_logging/cloudwatch.tf index 127279ac..babd980b 100644 --- a/examples/resources/cyral_integration_logging/cloudwatch.tf +++ b/examples/resources/cyral_integration_logging/cloudwatch.tf @@ -25,7 +25,7 @@ resource "cyral_sidecar_credentials" "creds" { module "cyral_sidecar" { source = "cyralinc/sidecar-ec2/aws" - version = "~> 4.0" + version = "~> 5.0" sidecar_id = cyral_sidecar.sidecar.id diff --git a/templates/index.md.tmpl b/templates/index.md.tmpl index dba83be0..55a84775 100644 --- a/templates/index.md.tmpl +++ b/templates/index.md.tmpl @@ -37,7 +37,7 @@ terraform { required_providers { cyral = { source = "cyralinc/cyral" - version = "~> 4.1" + version = "~> 4.0" } } } From 88c397a42747ab575856a3666b3b01031b3eacbc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 14:12:44 -0800 Subject: [PATCH 2/4] Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#578) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.9.0...v1.10.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index e58df671..2e5e951e 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/hashicorp/terraform-plugin-docs v0.19.4 github.com/hashicorp/terraform-plugin-log v0.9.0 github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0 - github.com/stretchr/testify v1.9.0 + github.com/stretchr/testify v1.10.0 golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 golang.org/x/oauth2 v0.23.0 ) diff --git a/go.sum b/go.sum index e1cd799c..8d1862ef 100644 --- a/go.sum +++ b/go.sum @@ -183,8 +183,8 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= From 2da8c93ebf6a794ed95199172cd0c9c497aa761a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 14:13:00 -0800 Subject: [PATCH 3/4] Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 (#577) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.23.0 to 0.24.0. - [Commits](https://github.com/golang/oauth2/compare/v0.23.0...v0.24.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 2e5e951e..485f3a39 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0 github.com/stretchr/testify v1.10.0 golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 - golang.org/x/oauth2 v0.23.0 + golang.org/x/oauth2 v0.24.0 ) require ( diff --git a/go.sum b/go.sum index 8d1862ef..b6d026c7 100644 --- a/go.sum +++ b/go.sum @@ -222,8 +222,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= -golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= -golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= +golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= From 84614d45f2c663bbd007e017af78a1e6ff57409d Mon Sep 17 00:00:00 2001 From: Wilson de Carvalho <796900+wcmjunior@users.noreply.github.com> Date: Mon, 25 Nov 2024 14:41:22 -0800 Subject: [PATCH 4/4] Add CODEOWNERS --- .github/CODEOWNERS | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 00000000..80e20955 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @cyral-bot