From 02c972572fbb8aac9703ea1a9546d2103532eecb Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Mon, 14 Aug 2023 16:37:51 +0200 Subject: [PATCH 01/11] ENG-12292 - Added SQL Server settings to listener. SQL Server settings has one attribute: version. This is mandatory for listeners that are multiplexed. --- Makefile | 5 + cyral/data_source_cyral_sidecar_listener.go | 18 +- cyral/resource_cyral_sidecar_listener.go | 87 ++++++-- docs/data-sources/sidecar_listener.md | 9 + docs/resources/sidecar_listener.md | 9 + go.mod | 64 +++--- go.sum | 235 +++++++------------- 7 files changed, 220 insertions(+), 207 deletions(-) diff --git a/Makefile b/Makefile index d6ca1452..cb914fd2 100644 --- a/Makefile +++ b/Makefile @@ -87,3 +87,8 @@ docker-compose/docs: sweep: @echo "WARNING: This will destroy infrastructure. Use only for development control planes." go test $(SWEEPDIR) -v -sweep=dummy-region $(SWEEPARGS) -timeout 15m + +# update module and test dependencies to latest minor and patch level +up-deps: + $(GOGET) -u ./... + $(GOGET) -t ./... diff --git a/cyral/data_source_cyral_sidecar_listener.go b/cyral/data_source_cyral_sidecar_listener.go index 4d30a19d..17466a71 100644 --- a/cyral/data_source_cyral_sidecar_listener.go +++ b/cyral/data_source_cyral_sidecar_listener.go @@ -8,8 +8,9 @@ import ( "github.com/google/uuid" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - "github.com/cyralinc/terraform-provider-cyral/client" "golang.org/x/exp/slices" + + "github.com/cyralinc/terraform-provider-cyral/client" ) const ( @@ -33,13 +34,14 @@ func (data ReadDataSourceSidecarListenerAPIResponse) WriteToSchema(d *schema.Res if (repoTypeFilter == "" || slices.Contains(listenerConfig.RepoTypes, repoTypeFilter)) && (portFilter == 0 || listenerConfig.NetworkAddress.Port == portFilter) { listener := map[string]any{ - ListenerIDKey: listenerConfig.ListenerId, - SidecarIDKey: d.Get(SidecarIDKey).(string), - RepoTypesKey: listenerConfig.RepoTypes, - NetworkAddressKey: listenerConfig.NetworkAddressAsInterface(), - MySQLSettingsKey: listenerConfig.MySQLSettingsAsInterface(), - S3SettingsKey: listenerConfig.S3SettingsAsInterface(), - DynamoDbSettingsKey: listenerConfig.DynamoDbSettingsAsInterface(), + ListenerIDKey: listenerConfig.ListenerId, + SidecarIDKey: d.Get(SidecarIDKey).(string), + RepoTypesKey: listenerConfig.RepoTypes, + NetworkAddressKey: listenerConfig.NetworkAddressAsInterface(), + MySQLSettingsKey: listenerConfig.MySQLSettingsAsInterface(), + S3SettingsKey: listenerConfig.S3SettingsAsInterface(), + DynamoDbSettingsKey: listenerConfig.DynamoDbSettingsAsInterface(), + SQLServerSettingsKey: listenerConfig.SQLServerSettingsAsInterface(), } log.Printf("[DEBUG] listener: %q", listener) listenersList = append(listenersList, listener) diff --git a/cyral/resource_cyral_sidecar_listener.go b/cyral/resource_cyral_sidecar_listener.go index b094ebca..db665cf4 100644 --- a/cyral/resource_cyral_sidecar_listener.go +++ b/cyral/resource_cyral_sidecar_listener.go @@ -14,25 +14,28 @@ import ( // create a constant block for schema keys const ( - RepoTypesKey = "repo_types" - NetworkAddressKey = "network_address" - MySQLSettingsKey = "mysql_settings" - DbVersionKey = "db_version" - CharacterSetKey = "character_set" - S3SettingsKey = "s3_settings" - ProxyModeKey = "proxy_mode" - DynamoDbSettingsKey = "dynamodb_settings" + RepoTypesKey = "repo_types" + NetworkAddressKey = "network_address" + MySQLSettingsKey = "mysql_settings" + DbVersionKey = "db_version" + CharacterSetKey = "character_set" + S3SettingsKey = "s3_settings" + ProxyModeKey = "proxy_mode" + DynamoDbSettingsKey = "dynamodb_settings" + SQLServerSettingsKey = "sqlserver_settings" + VersionKey = "version" ) // SidecarListener struct for sidecar listener. type SidecarListener struct { - SidecarId string `json:"-"` - ListenerId string `json:"id"` - RepoTypes []string `json:"repoTypes"` - NetworkAddress *NetworkAddress `json:"address,omitempty"` - MySQLSettings *MySQLSettings `json:"mysqlSettings,omitempty"` - S3Settings *S3Settings `json:"s3Settings,omitempty"` - DynamoDbSettings *DynamoDbSettings `json:"dynamoDbSettings,omitempty"` + SidecarId string `json:"-"` + ListenerId string `json:"id"` + RepoTypes []string `json:"repoTypes"` + NetworkAddress *NetworkAddress `json:"address,omitempty"` + MySQLSettings *MySQLSettings `json:"mysqlSettings,omitempty"` + S3Settings *S3Settings `json:"s3Settings,omitempty"` + DynamoDbSettings *DynamoDbSettings `json:"dynamoDbSettings,omitempty"` + SQLServerSettings *SQLServerSettings `json:"sqlServerSettings,omitempty"` } type NetworkAddress struct { Host string `json:"host,omitempty"` @@ -49,6 +52,10 @@ type DynamoDbSettings struct { ProxyMode bool `json:"proxyMode,omitempty"` } +type SQLServerSettings struct { + Version string `json:"version,omitempty"` +} + var ReadSidecarListenersConfig = ResourceOperationConfig{ Name: "SidecarListenersResourceRead", HttpMethod: http.MethodGet, @@ -83,6 +90,7 @@ func (data ReadSidecarListenerAPIResponse) WriteToSchema(d *schema.ResourceData) _ = d.Set(S3SettingsKey, data.ListenerConfig.S3SettingsAsInterface()) _ = d.Set(MySQLSettingsKey, data.ListenerConfig.MySQLSettingsAsInterface()) _ = d.Set(DynamoDbSettingsKey, data.ListenerConfig.DynamoDbSettingsAsInterface()) + _ = d.Set(SQLServerSettingsKey, data.ListenerConfig.SQLServerSettingsAsInterface()) } log.Printf("[DEBUG] End ReadSidecarListenerAPIResponse.WriteToSchema") return nil @@ -175,6 +183,22 @@ func (l *SidecarListener) DynamoDbSettingsFromInterface(anInterface []interface{ ProxyMode: anInterface[0].(map[string]interface{})[ProxyModeKey].(bool), } } +func (l *SidecarListener) SQLServerSettingsAsInterface() []interface{} { + if l.SQLServerSettings == nil { + return nil + } + return []interface{}{map[string]interface{}{ + VersionKey: l.SQLServerSettings.Version, + }} +} +func (l *SidecarListener) SQLServerSettingsFromInterface(anInterface []interface{}) { + if len(anInterface) == 0 { + return + } + l.SQLServerSettings = &SQLServerSettings{ + Version: anInterface[0].(map[string]interface{})[VersionKey].(string), + } +} // SidecarListenerResource represents the payload of a create or update a listener request type SidecarListenerResource struct { @@ -192,6 +216,7 @@ func (s *SidecarListenerResource) ReadFromSchema(d *schema.ResourceData) error { s.ListenerConfig.MySQLSettingsFromInterface(d.Get(MySQLSettingsKey).(*schema.Set).List()) s.ListenerConfig.S3SettingsFromInterface(d.Get(S3SettingsKey).(*schema.Set).List()) s.ListenerConfig.DynamoDbSettingsFromInterface(d.Get(DynamoDbSettingsKey).(*schema.Set).List()) + s.ListenerConfig.SQLServerSettingsFromInterface(d.Get(SQLServerSettingsKey).(*schema.Set).List()) return nil } @@ -315,7 +340,7 @@ func getSidecarListenerSchema() map[string]*schema.Schema { Optional: true, // Notice the MaxItems: 1 here. This ensures that the user can only specify one this block. MaxItems: 1, - ConflictsWith: []string{S3SettingsKey, DynamoDbSettingsKey}, + ConflictsWith: []string{S3SettingsKey, DynamoDbSettingsKey, SQLServerSettingsKey}, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ DbVersionKey: { @@ -352,7 +377,7 @@ func getSidecarListenerSchema() map[string]*schema.Schema { Optional: true, // Notice the MaxItems: 1 here. This ensures that the user can only specify one this block. MaxItems: 1, - ConflictsWith: []string{MySQLSettingsKey, DynamoDbSettingsKey}, + ConflictsWith: []string{MySQLSettingsKey, DynamoDbSettingsKey, SQLServerSettingsKey}, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ ProxyModeKey: { @@ -402,5 +427,33 @@ func getSidecarListenerSchema() map[string]*schema.Schema { }, }, }, + SQLServerSettingsKey: { + Description: "SQL Server settings.", + Type: schema.TypeSet, + Optional: true, + // Notice the MaxItems: 1 here. This ensures that the user can only specify one this block. + MaxItems: 1, + ConflictsWith: []string{S3SettingsKey, MySQLSettingsKey, DynamoDbSettingsKey}, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + VersionKey: { + Description: "Advertised SQL Server version. Required (and only relevant) for " + + "Listeners of type 'sqlserver' " + + "The format of the version should be .. " + + "API will validate that the version is a valid version number. " + + "Major version is an integer in range 0-255. " + + "Minor version is an integer in range 0-255. " + + "Build number is an integer in range 0-65535. " + + "Example: 16.0.1000 " + + "To get the version of the SQL Server runtime, run the following query: " + + "SELECT SERVERPROPERTY('productversion') " + + "Note: If the query returns a four part version number, only the first three parts " + + "should be used. Example: 16.0.1000.6 -> 16.0.1000", + Type: schema.TypeString, + Optional: true, + }, + }, + }, + }, } } diff --git a/docs/data-sources/sidecar_listener.md b/docs/data-sources/sidecar_listener.md index 727fe1c9..3276a65d 100644 --- a/docs/data-sources/sidecar_listener.md +++ b/docs/data-sources/sidecar_listener.md @@ -55,6 +55,7 @@ Read-Only: - `repo_types` (List of String) - `s3_settings` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--s3_settings)) - `sidecar_id` (String) +- `sqlserver_settings` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--sqlserver_settings)) @@ -89,3 +90,11 @@ Read-Only: Read-Only: - `proxy_mode` (Boolean) + + + +### Nested Schema for `listener_list.sqlserver_settings` + +Read-Only: + +- `version` (String) diff --git a/docs/resources/sidecar_listener.md b/docs/resources/sidecar_listener.md index 44312719..8faf0c8f 100644 --- a/docs/resources/sidecar_listener.md +++ b/docs/resources/sidecar_listener.md @@ -106,6 +106,7 @@ resource "cyral_sidecar_listener" "listener_dynamodb" { - `dynamodb_settings` (Block Set, Max: 1) DynamoDB settings. (see [below for nested schema](#nestedblock--dynamodb_settings)) - `mysql_settings` (Block Set, Max: 1) MySQL settings represents the listener settings for a [`mysql`, `galera`, `mariadb`] data repository. (see [below for nested schema](#nestedblock--mysql_settings)) - `s3_settings` (Block Set, Max: 1) S3 settings. (see [below for nested schema](#nestedblock--s3_settings)) +- `sqlserver_settings` (Block Set, Max: 1) SQL Server settings. (see [below for nested schema](#nestedblock--sqlserver_settings)) ### Read-Only @@ -148,3 +149,11 @@ Optional: Optional: - `proxy_mode` (Boolean) S3 proxy mode. Only relevant for S3 listeners. Allowed values: [true, false]. Defaults to `false`. When `true`, instructs the sidecar to operate as an HTTP Proxy server. Client applications need to be explicitly configured to send the traffic through an HTTP proxy server, represented by the Cyral sidecar endpoint + the S3 listening port. It is indicated when connecting from CLI applications, such as `aws cli`, or through the AWS SDK. This listener mode is functional for client applications using either AWS native credentials, e.g. Access Key ID/Secret Access Key, or Cyral-Provided access tokens (Single Sign-On connections). When `false`, instructs the sidecar to mimic the actual behavior of AWS S3, meaning client applications will not be aware of a middleware HTTP proxy in the path to S3. This listener mode is only compatible with applications using Cyral-Provided access tokens and is must used when configuring the Cyral S3 Browser. This mode is currently not recommended for any other use besides the Cyral S3 Browser. + + + +### Nested Schema for `sqlserver_settings` + +Optional: + +- `version` (String) Advertised SQL Server version. Required (and only relevant) for Listeners of type 'sqlserver' The format of the version should be .. API will validate that the version is a valid version number. Major version is an integer in range 0-255. Minor version is an integer in range 0-255. Build number is an integer in range 0-65535. Example: 16.0.1000 To get the version of the SQL Server runtime, run the following query: SELECT SERVERPROPERTY('productversion') Note: If the query returns a four part version number, only the first three parts should be used. Example: 16.0.1000.6 -> 16.0.1000 diff --git a/go.mod b/go.mod index 38f94b01..cba9e1d5 100644 --- a/go.mod +++ b/go.mod @@ -3,74 +3,76 @@ module github.com/cyralinc/terraform-provider-cyral go 1.19 require ( - github.com/aws/aws-sdk-go v1.39.4 + github.com/aws/aws-sdk-go v1.44.322 github.com/google/uuid v1.3.0 github.com/hashicorp/terraform-plugin-docs v0.14.1 - github.com/hashicorp/terraform-plugin-sdk/v2 v2.25.0 + github.com/hashicorp/terraform-plugin-sdk/v2 v2.27.0 github.com/stretchr/testify v1.8.4 - golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 - golang.org/x/oauth2 v0.4.0 + golang.org/x/exp v0.0.0-20230811145659-89c5cff77bcb + golang.org/x/oauth2 v0.11.0 ) require ( github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver/v3 v3.1.1 // indirect github.com/Masterminds/sprig/v3 v3.2.2 // indirect - github.com/agext/levenshtein v1.2.2 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect + github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/bgentry/speakeasy v0.1.0 // indirect + github.com/cloudflare/circl v1.3.3 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/fatih/color v1.13.0 // indirect - github.com/golang/protobuf v1.5.2 // indirect + github.com/fatih/color v1.15.0 // indirect + github.com/golang/protobuf v1.5.3 // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-checkpoint v0.5.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect - github.com/hashicorp/go-hclog v1.4.0 // indirect + github.com/hashicorp/go-hclog v1.5.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-plugin v1.4.8 // indirect + github.com/hashicorp/go-plugin v1.4.10 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.6.0 // indirect - github.com/hashicorp/hc-install v0.5.0 // indirect - github.com/hashicorp/hcl/v2 v2.16.1 // indirect + github.com/hashicorp/hc-install v0.5.2 // indirect + github.com/hashicorp/hcl/v2 v2.17.0 // indirect github.com/hashicorp/logutils v1.0.0 // indirect github.com/hashicorp/terraform-exec v0.18.1 // indirect - github.com/hashicorp/terraform-json v0.15.0 // indirect - github.com/hashicorp/terraform-plugin-go v0.14.3 // indirect - github.com/hashicorp/terraform-plugin-log v0.8.0 // indirect - github.com/hashicorp/terraform-registry-address v0.1.0 // indirect - github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 // indirect - github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d // indirect + github.com/hashicorp/terraform-json v0.17.0 // indirect + github.com/hashicorp/terraform-plugin-go v0.18.0 // indirect + github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect + github.com/hashicorp/terraform-registry-address v0.2.2 // indirect + github.com/hashicorp/terraform-svchost v0.1.1 // indirect + github.com/hashicorp/yamux v0.1.1 // indirect github.com/huandu/xstrings v1.3.2 // indirect github.com/imdario/mergo v0.3.13 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.16 // indirect + github.com/mattn/go-isatty v0.0.19 // indirect github.com/mitchellh/cli v1.1.5 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect - github.com/mitchellh/go-wordwrap v1.0.0 // indirect + github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect - github.com/oklog/run v1.0.0 // indirect + github.com/oklog/run v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/posener/complete v1.2.3 // indirect github.com/russross/blackfriday v1.6.0 // indirect github.com/shopspring/decimal v1.3.1 // indirect github.com/spf13/cast v1.5.0 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect - github.com/vmihailenco/msgpack/v4 v4.3.12 // indirect - github.com/vmihailenco/tagparser v0.1.1 // indirect - github.com/zclconf/go-cty v1.13.0 // indirect - golang.org/x/crypto v0.6.0 // indirect - golang.org/x/mod v0.7.0 // indirect - golang.org/x/net v0.7.0 // indirect - golang.org/x/sys v0.5.0 // indirect - golang.org/x/text v0.7.0 // indirect + github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect + github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect + github.com/zclconf/go-cty v1.13.2 // indirect + golang.org/x/crypto v0.12.0 // indirect + golang.org/x/mod v0.11.0 // indirect + golang.org/x/net v0.14.0 // indirect + golang.org/x/sys v0.11.0 // indirect + golang.org/x/text v0.12.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect - google.golang.org/grpc v1.53.0 // indirect - google.golang.org/protobuf v1.28.1 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577 // indirect + google.golang.org/grpc v1.57.0 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index ba6d45a2..909b0a3c 100644 --- a/go.sum +++ b/go.sum @@ -1,4 +1,3 @@ -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= @@ -6,57 +5,44 @@ github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0 github.com/Masterminds/sprig/v3 v3.2.1/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8= github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= -github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= -github.com/Microsoft/go-winio v0.4.16 h1:FtSW/jqD+l4ba5iPBj9CODVtgfYAD8w2wS923g/cFDk= -github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 h1:YoJbenK9C67SkzkDfmQuVln04ygHj3vjZfd9FL+GmQQ= -github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= -github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= -github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= -github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE= -github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= -github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= +github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= +github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ= +github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= +github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/aws/aws-sdk-go v1.39.4 h1:nXBChUaG5cinrl3yg4/rUyssOOLH/ohk4S9K03kJirE= -github.com/aws/aws-sdk-go v1.39.4/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= +github.com/aws/aws-sdk-go v1.44.322 h1:7JfwifGRGQMHd99PvfXqxBaZsjuRaOF6e3X9zRx2uYo= +github.com/aws/aws-sdk-go v1.44.322/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= +github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= +github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs= +github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg= -github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= +github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= +github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= -github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= -github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= -github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= -github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= -github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= -github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= +github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= +github.com/go-git/go-git/v5 v5.6.1 h1:q4ZRqQl4pR/ZJHc1L5CFjGA1a10u76aV1iC+nh+bHsk= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= @@ -71,75 +57,64 @@ github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brv github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU= github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= -github.com/hashicorp/go-hclog v1.4.0 h1:ctuWFGrhFha8BnnzxqeRGidlEcQkDyL5u8J8t5eA11I= -github.com/hashicorp/go-hclog v1.4.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.4.8 h1:CHGwpxYDOttQOY7HOWgETU9dyVjOXzniXDqJcYJE1zM= -github.com/hashicorp/go-plugin v1.4.8/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= +github.com/hashicorp/go-plugin v1.4.10 h1:xUbmA4jC6Dq163/fWcp8P3JuHilrHHMLNRxzGQJ9hNk= +github.com/hashicorp/go-plugin v1.4.10/go.mod h1:6/1TEzT0eQznvI/gV2CM29DLSkAK/e58mUWKVsPaph0= github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/hc-install v0.5.0 h1:D9bl4KayIYKEeJ4vUDe9L5huqxZXczKaykSRcmQ0xY0= -github.com/hashicorp/hc-install v0.5.0/go.mod h1:JyzMfbzfSBSjoDCRPna1vi/24BEDxFaCPfdHtM5SCdo= -github.com/hashicorp/hcl/v2 v2.16.1 h1:BwuxEMD/tsYgbhIW7UuI3crjovf3MzuFWiVgiv57iHg= -github.com/hashicorp/hcl/v2 v2.16.1/go.mod h1:JRmR89jycNkrrqnMmvPDMd56n1rQJ2Q6KocSLCMCXng= +github.com/hashicorp/hc-install v0.5.2 h1:SfwMFnEXVVirpwkDuSF5kymUOhrUxrTq3udEseZdOD0= +github.com/hashicorp/hc-install v0.5.2/go.mod h1:9QISwe6newMWIfEiXpzuu1k9HAGtQYgnSH8H9T8wmoI= +github.com/hashicorp/hcl/v2 v2.17.0 h1:z1XvSUyXd1HP10U4lrLg5e0JMVz6CPaJvAgxM0KNZVY= +github.com/hashicorp/hcl/v2 v2.17.0/go.mod h1:gJyW2PTShkJqQBKpAmPO3yxMxIuoXkOF2TpqXzrQyx4= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/terraform-exec v0.18.1 h1:LAbfDvNQU1l0NOQlTuudjczVhHj061fNX5H8XZxHlH4= github.com/hashicorp/terraform-exec v0.18.1/go.mod h1:58wg4IeuAJ6LVsLUeD2DWZZoc/bYi6dzhLHzxM41980= -github.com/hashicorp/terraform-json v0.15.0 h1:/gIyNtR6SFw6h5yzlbDbACyGvIhKtQi8mTsbkNd79lE= -github.com/hashicorp/terraform-json v0.15.0/go.mod h1:+L1RNzjDU5leLFZkHTFTbJXaoqUC6TqXlFgDoOXrtvk= +github.com/hashicorp/terraform-json v0.17.0 h1:EiA1Wp07nknYQAiv+jIt4dX4Cq5crgP+TsTE45MjMmM= +github.com/hashicorp/terraform-json v0.17.0/go.mod h1:Huy6zt6euxaY9knPAFKjUITn8QxUFIe9VuSzb4zn/0o= github.com/hashicorp/terraform-plugin-docs v0.14.1 h1:MikFi59KxrP/ewrZoaowrB9he5Vu4FtvhamZFustiA4= github.com/hashicorp/terraform-plugin-docs v0.14.1/go.mod h1:k2NW8+t113jAus6bb5tQYQgEAX/KueE/u8X2Z45V1GM= -github.com/hashicorp/terraform-plugin-go v0.14.3 h1:nlnJ1GXKdMwsC8g1Nh05tK2wsC3+3BL/DBBxFEki+j0= -github.com/hashicorp/terraform-plugin-go v0.14.3/go.mod h1:7ees7DMZ263q8wQ6E4RdIdR6nHHJtrdt4ogX5lPkX1A= -github.com/hashicorp/terraform-plugin-log v0.8.0 h1:pX2VQ/TGKu+UU1rCay0OlzosNKe4Nz1pepLXj95oyy0= -github.com/hashicorp/terraform-plugin-log v0.8.0/go.mod h1:1myFrhVsBLeylQzYYEV17VVjtG8oYPRFdaZs7xdW2xs= -github.com/hashicorp/terraform-plugin-sdk/v2 v2.25.0 h1:iNRjaJCatQS1rIbHs/vDvJ0GECsaGgxx780chA2Irpk= -github.com/hashicorp/terraform-plugin-sdk/v2 v2.25.0/go.mod h1:XnVNLIS6bdMJbjSDujhX4Rlk24QpbGKbnrVFM4tZ7OU= -github.com/hashicorp/terraform-registry-address v0.1.0 h1:W6JkV9wbum+m516rCl5/NjKxCyTVaaUBbzYcMzBDO3U= -github.com/hashicorp/terraform-registry-address v0.1.0/go.mod h1:EnyO2jYO6j29DTHbJcm00E5nQTFeTtyZH3H5ycydQ5A= -github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 h1:HKLsbzeOsfXmKNpr3GiT18XAblV0BjCbzL8KQAMZGa0= -github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg= -github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d h1:kJCB4vdITiW1eC1vq2e6IsrXKrZit1bv/TDYFGMp4BQ= -github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= +github.com/hashicorp/terraform-plugin-go v0.18.0 h1:IwTkOS9cOW1ehLd/rG0y+u/TGLK9y6fGoBjXVUquzpE= +github.com/hashicorp/terraform-plugin-go v0.18.0/go.mod h1:l7VK+2u5Kf2y+A+742GX0ouLut3gttudmvMgN0PA74Y= +github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= +github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.27.0 h1:I8efBnjuDrgPjNF1MEypHy48VgcTIUY4X6rOFunrR3Y= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.27.0/go.mod h1:cUEP4ly/nxlHy5HzD6YRrHydtlheGvGRJDhiWqqVik4= +github.com/hashicorp/terraform-registry-address v0.2.2 h1:lPQBg403El8PPicg/qONZJDC6YlgCVbWDtNmmZKtBno= +github.com/hashicorp/terraform-registry-address v0.2.2/go.mod h1:LtwNbCihUoUZ3RYriyS2wF/lGPB6gF9ICLRtuDk7hSo= +github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= +github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= +github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= +github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= -github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck= -github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= @@ -148,28 +123,26 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= +github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= -github.com/mitchellh/go-wordwrap v1.0.0 h1:6GlHJ/LTGMrIJbwgdqdl2eEH8o+Exx/0m8ir9Gns0u4= -github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= +github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= -github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= +github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= +github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -179,148 +152,108 @@ github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSg github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= -github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/skeema/knownhosts v1.1.0 h1:Wvr9V0MxhjRbl3f9nMnKnFfiWTJmtECJ9Njkea3ysW0= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= -github.com/vmihailenco/msgpack/v4 v4.3.12 h1:07s4sz9IReOgdikxLTKNbBdqDMLsjPKXwvCazn8G65U= -github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= -github.com/vmihailenco/tagparser v0.1.1 h1:quXMXlA39OCbd2wAdTsGDlK9RkOk6Wuw+x37wVyIuWY= -github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= -github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= -github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= +github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU= +github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q/V5KbhBonMG9jc= +github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= +github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= +github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= -github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= -github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.13.0 h1:It5dfKTTZHe9aeppbNOda3mN7Ag7sg6QkBNm6TkyFa0= -github.com/zclconf/go-cty v1.13.0/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= -github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= -golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +github.com/zclconf/go-cty v1.13.2 h1:4GvrUxe/QUDYuJKAav4EYqdM47/kZa672LwmXFmEKT0= +github.com/zclconf/go-cty v1.13.2/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= -golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= -golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc= -golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= +golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk= +golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= +golang.org/x/exp v0.0.0-20230811145659-89c5cff77bcb h1:mIKbk8weKhSeLH2GmUTrvx8CjkyJmnU1wFmg59CUjFA= +golang.org/x/exp v0.0.0-20230811145659-89c5cff77bcb/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.7.0 h1:LapD9S96VoQRhi/GrNTqeBJFrUjs5UHCAtTlgwA5oZA= -golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU= +golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191009170851-d66e71096ffb/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= -golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= -golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M= -golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= +golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14= +golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= +golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU= +golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= +golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc= +golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f h1:BWUVssLB0HVOSY78gIdvk1dTVYtT1y8SBWtPYuTJ/6w= -google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/grpc v1.53.0 h1:LAv2ds7cmFV/XTS3XG1NneeENYrXGmorPxsBbptIjNc= -google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577 h1:wukfNtZmZUurLN/atp2hiIeTKn7QJWIQdHzqmsOnAOk= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= +google.golang.org/grpc v1.57.0 h1:kfzNeI/klCGD2YPMUlaGNT3pxvYfga7smW3Vth8Zsiw= +google.golang.org/grpc v1.57.0/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= -google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= -gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= From beee09c33cf01fc4be7a8727f0320391d52a8daa Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Tue, 15 Aug 2023 10:59:28 +0200 Subject: [PATCH 02/11] ENG-12292 - added listener attributes; override repo client tls settings and tls mode --- cyral/resource_cyral_sidecar_listener.go | 73 +++++++++++++++++------- docs/data-sources/sidecar_listener.md | 2 + docs/resources/sidecar_listener.md | 7 ++- go.mod | 4 +- go.sum | 4 ++ 5 files changed, 66 insertions(+), 24 deletions(-) diff --git a/cyral/resource_cyral_sidecar_listener.go b/cyral/resource_cyral_sidecar_listener.go index db665cf4..59dc0e5f 100644 --- a/cyral/resource_cyral_sidecar_listener.go +++ b/cyral/resource_cyral_sidecar_listener.go @@ -14,28 +14,40 @@ import ( // create a constant block for schema keys const ( - RepoTypesKey = "repo_types" - NetworkAddressKey = "network_address" - MySQLSettingsKey = "mysql_settings" - DbVersionKey = "db_version" - CharacterSetKey = "character_set" - S3SettingsKey = "s3_settings" - ProxyModeKey = "proxy_mode" - DynamoDbSettingsKey = "dynamodb_settings" - SQLServerSettingsKey = "sqlserver_settings" - VersionKey = "version" + RepoTypesKey = "repo_types" + NetworkAddressKey = "network_address" + MySQLSettingsKey = "mysql_settings" + DbVersionKey = "db_version" + CharacterSetKey = "character_set" + S3SettingsKey = "s3_settings" + ProxyModeKey = "proxy_mode" + DynamoDbSettingsKey = "dynamodb_settings" + SQLServerSettingsKey = "sqlserver_settings" + VersionKey = "version" + OverrideRepoClientTlsSettingsKey = "override_repo_client_tls_settings" + TlsModeKey = "tls_mode" ) +func tlsModes() []string { + return []string{ + "allow", // default, must be kept at position 0 + "require", + "disable", + } +} + // SidecarListener struct for sidecar listener. type SidecarListener struct { - SidecarId string `json:"-"` - ListenerId string `json:"id"` - RepoTypes []string `json:"repoTypes"` - NetworkAddress *NetworkAddress `json:"address,omitempty"` - MySQLSettings *MySQLSettings `json:"mysqlSettings,omitempty"` - S3Settings *S3Settings `json:"s3Settings,omitempty"` - DynamoDbSettings *DynamoDbSettings `json:"dynamoDbSettings,omitempty"` - SQLServerSettings *SQLServerSettings `json:"sqlServerSettings,omitempty"` + SidecarId string `json:"-"` + ListenerId string `json:"id"` + RepoTypes []string `json:"repoTypes"` + NetworkAddress *NetworkAddress `json:"address,omitempty"` + MySQLSettings *MySQLSettings `json:"mysqlSettings,omitempty"` + S3Settings *S3Settings `json:"s3Settings,omitempty"` + DynamoDbSettings *DynamoDbSettings `json:"dynamoDbSettings,omitempty"` + SQLServerSettings *SQLServerSettings `json:"sqlServerSettings,omitempty"` + OverrideRepoClientTlsSettings bool `json:"overrideRepoClientTlsSettings,omitempty"` + TlsMode string `json:"tlsMode,omitempty"` } type NetworkAddress struct { Host string `json:"host,omitempty"` @@ -91,6 +103,8 @@ func (data ReadSidecarListenerAPIResponse) WriteToSchema(d *schema.ResourceData) _ = d.Set(MySQLSettingsKey, data.ListenerConfig.MySQLSettingsAsInterface()) _ = d.Set(DynamoDbSettingsKey, data.ListenerConfig.DynamoDbSettingsAsInterface()) _ = d.Set(SQLServerSettingsKey, data.ListenerConfig.SQLServerSettingsAsInterface()) + _ = d.Set(OverrideRepoClientTlsSettingsKey, data.ListenerConfig.OverrideRepoClientTlsSettings) + _ = d.Set(TlsModeKey, data.ListenerConfig.TlsMode) } log.Printf("[DEBUG] End ReadSidecarListenerAPIResponse.WriteToSchema") return nil @@ -208,8 +222,10 @@ type SidecarListenerResource struct { // ReadFromSchema populates the SidecarListenerResource from the schema func (s *SidecarListenerResource) ReadFromSchema(d *schema.ResourceData) error { s.ListenerConfig = SidecarListener{ - SidecarId: d.Get(SidecarIDKey).(string), - ListenerId: d.Get(ListenerIDKey).(string), + SidecarId: d.Get(SidecarIDKey).(string), + ListenerId: d.Get(ListenerIDKey).(string), + OverrideRepoClientTlsSettings: d.Get(OverrideRepoClientTlsSettingsKey).(bool), + TlsMode: d.Get(TlsModeKey).(string), } s.ListenerConfig.RepoTypesFromInterface(d.Get(RepoTypesKey).([]interface{})) s.ListenerConfig.NetworkAddressFromInterface(d.Get(NetworkAddressKey).(*schema.Set).List()) @@ -217,6 +233,7 @@ func (s *SidecarListenerResource) ReadFromSchema(d *schema.ResourceData) error { s.ListenerConfig.S3SettingsFromInterface(d.Get(S3SettingsKey).(*schema.Set).List()) s.ListenerConfig.DynamoDbSettingsFromInterface(d.Get(DynamoDbSettingsKey).(*schema.Set).List()) s.ListenerConfig.SQLServerSettingsFromInterface(d.Get(SQLServerSettingsKey).(*schema.Set).List()) + return nil } @@ -230,7 +247,7 @@ func resourceSidecarListener() *schema.Resource { return &schema.Resource{ Description: "Manages [sidecar listeners](https://cyral.com/docs/sidecars/sidecar-listeners)." + "\n~> **Warning** Multiple listeners can be associated to a single sidecar as long as " + - "`host` and `port` are unique. If `host` is ommitted, then `port` must be unique.", + "`host` and `port` are unique. If `host` is omitted, then `port` must be unique.", CreateContext: CreateResource( ResourceOperationConfig{ Name: "SidecarListenersResourceCreate", @@ -455,5 +472,19 @@ func getSidecarListenerSchema() map[string]*schema.Schema { }, }, }, + OverrideRepoClientTlsSettingsKey: { + Description: "Override TLS settings defined in the repo", + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + TlsModeKey: { + Description: "TLS mode. Optional. Defaults to '" + tlsModes()[0] + "'. " + + "Allowed values: " + supportedTypesMarkdown(tlsModes()) + ". " + + "Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port.", + Type: schema.TypeString, + Optional: true, + Default: tlsModes()[0], + }, } } diff --git a/docs/data-sources/sidecar_listener.md b/docs/data-sources/sidecar_listener.md index 3276a65d..efed4119 100644 --- a/docs/data-sources/sidecar_listener.md +++ b/docs/data-sources/sidecar_listener.md @@ -52,10 +52,12 @@ Read-Only: - `listener_id` (String) - `mysql_settings` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--mysql_settings)) - `network_address` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--network_address)) +- `override_repo_client_tls_settings` (Boolean) - `repo_types` (List of String) - `s3_settings` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--s3_settings)) - `sidecar_id` (String) - `sqlserver_settings` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--sqlserver_settings)) +- `tls_mode` (String) diff --git a/docs/resources/sidecar_listener.md b/docs/resources/sidecar_listener.md index 8faf0c8f..b3421ae1 100644 --- a/docs/resources/sidecar_listener.md +++ b/docs/resources/sidecar_listener.md @@ -1,7 +1,7 @@ # cyral_sidecar_listener (Resource) Manages [sidecar listeners](https://cyral.com/docs/sidecars/sidecar-listeners). -~> **Warning** Multiple listeners can be associated to a single sidecar as long as `host` and `port` are unique. If `host` is ommitted, then `port` must be unique. +~> **Warning** Multiple listeners can be associated to a single sidecar as long as `host` and `port` are unique. If `host` is omitted, then `port` must be unique. -> Import ID syntax is `{sidecar_id}/{listener_id}`. @@ -105,8 +105,13 @@ resource "cyral_sidecar_listener" "listener_dynamodb" { - `dynamodb_settings` (Block Set, Max: 1) DynamoDB settings. (see [below for nested schema](#nestedblock--dynamodb_settings)) - `mysql_settings` (Block Set, Max: 1) MySQL settings represents the listener settings for a [`mysql`, `galera`, `mariadb`] data repository. (see [below for nested schema](#nestedblock--mysql_settings)) +- `override_repo_client_tls_settings` (Boolean) Override TLS settings defined in the repo - `s3_settings` (Block Set, Max: 1) S3 settings. (see [below for nested schema](#nestedblock--s3_settings)) - `sqlserver_settings` (Block Set, Max: 1) SQL Server settings. (see [below for nested schema](#nestedblock--sqlserver_settings)) +- `tls_mode` (String) TLS mode. Optional. Defaults to 'allow'. Allowed values: + - `allow` + - `require` + - `disable`. Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port. ### Read-Only diff --git a/go.mod b/go.mod index cba9e1d5..1d27d544 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/cyralinc/terraform-provider-cyral go 1.19 require ( - github.com/aws/aws-sdk-go v1.44.322 + github.com/aws/aws-sdk-go v1.44.323 github.com/google/uuid v1.3.0 github.com/hashicorp/terraform-plugin-docs v0.14.1 github.com/hashicorp/terraform-plugin-sdk/v2 v2.27.0 @@ -71,7 +71,7 @@ require ( golang.org/x/sys v0.11.0 // indirect golang.org/x/text v0.12.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230814215434-ca7cfce7776a // indirect google.golang.org/grpc v1.57.0 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index 909b0a3c..d703839f 100644 --- a/go.sum +++ b/go.sum @@ -19,6 +19,8 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/aws/aws-sdk-go v1.44.322 h1:7JfwifGRGQMHd99PvfXqxBaZsjuRaOF6e3X9zRx2uYo= github.com/aws/aws-sdk-go v1.44.322/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go v1.44.323 h1:97/dn93DWrN1VfhAWQ2tV+xuE6oO/LO9rSsEsuC4PLU= +github.com/aws/aws-sdk-go v1.44.323/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= @@ -240,6 +242,8 @@ google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6 google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577 h1:wukfNtZmZUurLN/atp2hiIeTKn7QJWIQdHzqmsOnAOk= google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230814215434-ca7cfce7776a h1:5rTPHLf5eLPfqGvw3fLpEmUpko2Ky91ft14LxGs5BZc= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230814215434-ca7cfce7776a/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/grpc v1.57.0 h1:kfzNeI/klCGD2YPMUlaGNT3pxvYfga7smW3Vth8Zsiw= google.golang.org/grpc v1.57.0/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= From 08689a0cccc5b9a46e8a8e0bae649d41f2411ef2 Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Tue, 15 Aug 2023 11:11:31 +0200 Subject: [PATCH 03/11] ENG-12292 - minor doc updates --- cyral/resource_cyral_sidecar_listener.go | 4 ++-- docs/resources/sidecar_listener.md | 4 ++-- go.sum | 4 ---- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/cyral/resource_cyral_sidecar_listener.go b/cyral/resource_cyral_sidecar_listener.go index 59dc0e5f..964c7d4a 100644 --- a/cyral/resource_cyral_sidecar_listener.go +++ b/cyral/resource_cyral_sidecar_listener.go @@ -480,8 +480,8 @@ func getSidecarListenerSchema() map[string]*schema.Schema { }, TlsModeKey: { Description: "TLS mode. Optional. Defaults to '" + tlsModes()[0] + "'. " + - "Allowed values: " + supportedTypesMarkdown(tlsModes()) + ". " + - "Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port.", + "Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port. " + + "Allowed values: " + supportedTypesMarkdown(tlsModes()) + ".", Type: schema.TypeString, Optional: true, Default: tlsModes()[0], diff --git a/docs/resources/sidecar_listener.md b/docs/resources/sidecar_listener.md index b3421ae1..9af6c8c4 100644 --- a/docs/resources/sidecar_listener.md +++ b/docs/resources/sidecar_listener.md @@ -108,10 +108,10 @@ resource "cyral_sidecar_listener" "listener_dynamodb" { - `override_repo_client_tls_settings` (Boolean) Override TLS settings defined in the repo - `s3_settings` (Block Set, Max: 1) S3 settings. (see [below for nested schema](#nestedblock--s3_settings)) - `sqlserver_settings` (Block Set, Max: 1) SQL Server settings. (see [below for nested schema](#nestedblock--sqlserver_settings)) -- `tls_mode` (String) TLS mode. Optional. Defaults to 'allow'. Allowed values: +- `tls_mode` (String) TLS mode. Optional. Defaults to 'allow'. Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port. Allowed values: - `allow` - `require` - - `disable`. Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port. + - `disable`. ### Read-Only diff --git a/go.sum b/go.sum index d703839f..ef0c1e8c 100644 --- a/go.sum +++ b/go.sum @@ -17,8 +17,6 @@ github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkE github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/aws/aws-sdk-go v1.44.322 h1:7JfwifGRGQMHd99PvfXqxBaZsjuRaOF6e3X9zRx2uYo= -github.com/aws/aws-sdk-go v1.44.322/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go v1.44.323 h1:97/dn93DWrN1VfhAWQ2tV+xuE6oO/LO9rSsEsuC4PLU= github.com/aws/aws-sdk-go v1.44.323/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= @@ -240,8 +238,6 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577 h1:wukfNtZmZUurLN/atp2hiIeTKn7QJWIQdHzqmsOnAOk= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/genproto/googleapis/rpc v0.0.0-20230814215434-ca7cfce7776a h1:5rTPHLf5eLPfqGvw3fLpEmUpko2Ky91ft14LxGs5BZc= google.golang.org/genproto/googleapis/rpc v0.0.0-20230814215434-ca7cfce7776a/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/grpc v1.57.0 h1:kfzNeI/klCGD2YPMUlaGNT3pxvYfga7smW3Vth8Zsiw= From eecb689382e297dd73bee7c901e5094210b71e6d Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Tue, 15 Aug 2023 12:48:14 +0200 Subject: [PATCH 04/11] ENG-12292 - Setting slq settings to required since API mandates a specific version (parent element is optional though). Added computed to the two optional elements "override repo client tls settings" and "tls mode" since these are populated by API if not provided. --- cyral/resource_cyral_sidecar_listener.go | 20 +++++++----- cyral/resource_cyral_sidecar_listener_test.go | 32 +++++++++++++++++++ docs/resources/sidecar_listener.md | 6 ++-- 3 files changed, 47 insertions(+), 11 deletions(-) diff --git a/cyral/resource_cyral_sidecar_listener.go b/cyral/resource_cyral_sidecar_listener.go index 964c7d4a..b30eeb52 100644 --- a/cyral/resource_cyral_sidecar_listener.go +++ b/cyral/resource_cyral_sidecar_listener.go @@ -467,24 +467,28 @@ func getSidecarListenerSchema() map[string]*schema.Schema { "Note: If the query returns a four part version number, only the first three parts " + "should be used. Example: 16.0.1000.6 -> 16.0.1000", Type: schema.TypeString, - Optional: true, + Optional: false, + Required: true, }, }, }, }, OverrideRepoClientTlsSettingsKey: { - Description: "Override TLS settings defined in the repo", - Type: schema.TypeBool, - Optional: true, - Default: false, + Description: "Override TLS settings defined in the repo. " + + "Default value generated by API if not provided. ", + Type: schema.TypeBool, + Optional: true, + Computed: true, }, TlsModeKey: { - Description: "TLS mode. Optional. Defaults to '" + tlsModes()[0] + "'. " + - "Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port. " + + Description: "TLS mode. " + + "Default value generated by API if not provided. " + + "Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener " + + "is a SMART port (enabled in more than one binding). " + "Allowed values: " + supportedTypesMarkdown(tlsModes()) + ".", Type: schema.TypeString, Optional: true, - Default: tlsModes()[0], + Computed: true, }, } } diff --git a/cyral/resource_cyral_sidecar_listener_test.go b/cyral/resource_cyral_sidecar_listener_test.go index 6ff97665..432bc098 100644 --- a/cyral/resource_cyral_sidecar_listener_test.go +++ b/cyral/resource_cyral_sidecar_listener_test.go @@ -68,6 +68,19 @@ func updateTest() []resource.TestStep { DbVersion: "3.4.0", }, } + // Override repo client TLS settings. + overrideRepoClientTLS := SidecarListener{ + RepoTypes: []string{"mysql"}, + NetworkAddress: &NetworkAddress{ + Port: 443, + Host: "https://s3.test.com", + }, + MySQLSettings: &MySQLSettings{ + DbVersion: "3.4.0", + }, + OverrideRepoClientTlsSettings: true, + TlsMode: "require", + } return []resource.TestStep{ setupSidecarListenerTestStep( @@ -86,6 +99,10 @@ func updateTest() []resource.TestStep { "update_test", addSettings, ), + setupSidecarListenerTestStep( + "update_test", + overrideRepoClientTLS, + ), } } @@ -135,6 +152,17 @@ func settingsTest() []resource.TestStep { ProxyMode: true, }, } + // SQL Server settings test step + sqlServerSettings := SidecarListener{ + RepoTypes: []string{"sqlserver"}, + NetworkAddress: &NetworkAddress{ + Port: 8004, + Host: "https://sqlserver.test.com", + }, + SQLServerSettings: &SQLServerSettings{ + Version: "16.0.1000", + }, + } return []resource.TestStep{ setupSidecarListenerTestStep( @@ -153,6 +181,10 @@ func settingsTest() []resource.TestStep { "dynamo_db_with_proxy", dynamodb, ), + setupSidecarListenerTestStep( + "sql_server_settings", + sqlServerSettings, + ), } } diff --git a/docs/resources/sidecar_listener.md b/docs/resources/sidecar_listener.md index 9af6c8c4..85742f32 100644 --- a/docs/resources/sidecar_listener.md +++ b/docs/resources/sidecar_listener.md @@ -105,10 +105,10 @@ resource "cyral_sidecar_listener" "listener_dynamodb" { - `dynamodb_settings` (Block Set, Max: 1) DynamoDB settings. (see [below for nested schema](#nestedblock--dynamodb_settings)) - `mysql_settings` (Block Set, Max: 1) MySQL settings represents the listener settings for a [`mysql`, `galera`, `mariadb`] data repository. (see [below for nested schema](#nestedblock--mysql_settings)) -- `override_repo_client_tls_settings` (Boolean) Override TLS settings defined in the repo +- `override_repo_client_tls_settings` (Boolean) Override TLS settings defined in the repo. Default value generated by API if not provided. - `s3_settings` (Block Set, Max: 1) S3 settings. (see [below for nested schema](#nestedblock--s3_settings)) - `sqlserver_settings` (Block Set, Max: 1) SQL Server settings. (see [below for nested schema](#nestedblock--sqlserver_settings)) -- `tls_mode` (String) TLS mode. Optional. Defaults to 'allow'. Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port. Allowed values: +- `tls_mode` (String) TLS mode. Default value generated by API if not provided. Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port (enabled in more than one binding). Allowed values: - `allow` - `require` - `disable`. @@ -159,6 +159,6 @@ Optional: ### Nested Schema for `sqlserver_settings` -Optional: +Required: - `version` (String) Advertised SQL Server version. Required (and only relevant) for Listeners of type 'sqlserver' The format of the version should be .. API will validate that the version is a valid version number. Major version is an integer in range 0-255. Minor version is an integer in range 0-255. Build number is an integer in range 0-65535. Example: 16.0.1000 To get the version of the SQL Server runtime, run the following query: SELECT SERVERPROPERTY('productversion') Note: If the query returns a four part version number, only the first three parts should be used. Example: 16.0.1000.6 -> 16.0.1000 From 1ec20327a11288ddcfbf31b1ac8d0a2df07b4673 Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Tue, 15 Aug 2023 13:25:03 +0200 Subject: [PATCH 05/11] ENG-12292 - Added population of override client tls settings and tls mode in listener data source --- cyral/data_source_cyral_sidecar_listener.go | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/cyral/data_source_cyral_sidecar_listener.go b/cyral/data_source_cyral_sidecar_listener.go index 17466a71..45550c4d 100644 --- a/cyral/data_source_cyral_sidecar_listener.go +++ b/cyral/data_source_cyral_sidecar_listener.go @@ -34,14 +34,16 @@ func (data ReadDataSourceSidecarListenerAPIResponse) WriteToSchema(d *schema.Res if (repoTypeFilter == "" || slices.Contains(listenerConfig.RepoTypes, repoTypeFilter)) && (portFilter == 0 || listenerConfig.NetworkAddress.Port == portFilter) { listener := map[string]any{ - ListenerIDKey: listenerConfig.ListenerId, - SidecarIDKey: d.Get(SidecarIDKey).(string), - RepoTypesKey: listenerConfig.RepoTypes, - NetworkAddressKey: listenerConfig.NetworkAddressAsInterface(), - MySQLSettingsKey: listenerConfig.MySQLSettingsAsInterface(), - S3SettingsKey: listenerConfig.S3SettingsAsInterface(), - DynamoDbSettingsKey: listenerConfig.DynamoDbSettingsAsInterface(), - SQLServerSettingsKey: listenerConfig.SQLServerSettingsAsInterface(), + ListenerIDKey: listenerConfig.ListenerId, + SidecarIDKey: d.Get(SidecarIDKey).(string), + RepoTypesKey: listenerConfig.RepoTypes, + NetworkAddressKey: listenerConfig.NetworkAddressAsInterface(), + MySQLSettingsKey: listenerConfig.MySQLSettingsAsInterface(), + S3SettingsKey: listenerConfig.S3SettingsAsInterface(), + DynamoDbSettingsKey: listenerConfig.DynamoDbSettingsAsInterface(), + SQLServerSettingsKey: listenerConfig.SQLServerSettingsAsInterface(), + OverrideRepoClientTlsSettingsKey: listenerConfig.OverrideRepoClientTlsSettings, + TlsModeKey: listenerConfig.TlsMode, } log.Printf("[DEBUG] listener: %q", listener) listenersList = append(listenersList, listener) From 453304a0fb717765d3432079028c0fd8dda6891e Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Mon, 21 Aug 2023 10:17:00 +0200 Subject: [PATCH 06/11] ENG-12292 -Remove tls settings; these are handled in separate PRs. --- cyral/data_source_cyral_sidecar_listener.go | 18 +++-- cyral/resource_cyral_sidecar_listener.go | 65 ++++++------------- cyral/resource_cyral_sidecar_listener_test.go | 17 ----- docs/data-sources/sidecar_listener.md | 2 - docs/resources/sidecar_listener.md | 5 -- 5 files changed, 28 insertions(+), 79 deletions(-) diff --git a/cyral/data_source_cyral_sidecar_listener.go b/cyral/data_source_cyral_sidecar_listener.go index 45550c4d..17466a71 100644 --- a/cyral/data_source_cyral_sidecar_listener.go +++ b/cyral/data_source_cyral_sidecar_listener.go @@ -34,16 +34,14 @@ func (data ReadDataSourceSidecarListenerAPIResponse) WriteToSchema(d *schema.Res if (repoTypeFilter == "" || slices.Contains(listenerConfig.RepoTypes, repoTypeFilter)) && (portFilter == 0 || listenerConfig.NetworkAddress.Port == portFilter) { listener := map[string]any{ - ListenerIDKey: listenerConfig.ListenerId, - SidecarIDKey: d.Get(SidecarIDKey).(string), - RepoTypesKey: listenerConfig.RepoTypes, - NetworkAddressKey: listenerConfig.NetworkAddressAsInterface(), - MySQLSettingsKey: listenerConfig.MySQLSettingsAsInterface(), - S3SettingsKey: listenerConfig.S3SettingsAsInterface(), - DynamoDbSettingsKey: listenerConfig.DynamoDbSettingsAsInterface(), - SQLServerSettingsKey: listenerConfig.SQLServerSettingsAsInterface(), - OverrideRepoClientTlsSettingsKey: listenerConfig.OverrideRepoClientTlsSettings, - TlsModeKey: listenerConfig.TlsMode, + ListenerIDKey: listenerConfig.ListenerId, + SidecarIDKey: d.Get(SidecarIDKey).(string), + RepoTypesKey: listenerConfig.RepoTypes, + NetworkAddressKey: listenerConfig.NetworkAddressAsInterface(), + MySQLSettingsKey: listenerConfig.MySQLSettingsAsInterface(), + S3SettingsKey: listenerConfig.S3SettingsAsInterface(), + DynamoDbSettingsKey: listenerConfig.DynamoDbSettingsAsInterface(), + SQLServerSettingsKey: listenerConfig.SQLServerSettingsAsInterface(), } log.Printf("[DEBUG] listener: %q", listener) listenersList = append(listenersList, listener) diff --git a/cyral/resource_cyral_sidecar_listener.go b/cyral/resource_cyral_sidecar_listener.go index b30eeb52..49eae62a 100644 --- a/cyral/resource_cyral_sidecar_listener.go +++ b/cyral/resource_cyral_sidecar_listener.go @@ -14,18 +14,16 @@ import ( // create a constant block for schema keys const ( - RepoTypesKey = "repo_types" - NetworkAddressKey = "network_address" - MySQLSettingsKey = "mysql_settings" - DbVersionKey = "db_version" - CharacterSetKey = "character_set" - S3SettingsKey = "s3_settings" - ProxyModeKey = "proxy_mode" - DynamoDbSettingsKey = "dynamodb_settings" - SQLServerSettingsKey = "sqlserver_settings" - VersionKey = "version" - OverrideRepoClientTlsSettingsKey = "override_repo_client_tls_settings" - TlsModeKey = "tls_mode" + RepoTypesKey = "repo_types" + NetworkAddressKey = "network_address" + MySQLSettingsKey = "mysql_settings" + DbVersionKey = "db_version" + CharacterSetKey = "character_set" + S3SettingsKey = "s3_settings" + ProxyModeKey = "proxy_mode" + DynamoDbSettingsKey = "dynamodb_settings" + SQLServerSettingsKey = "sqlserver_settings" + VersionKey = "version" ) func tlsModes() []string { @@ -38,16 +36,14 @@ func tlsModes() []string { // SidecarListener struct for sidecar listener. type SidecarListener struct { - SidecarId string `json:"-"` - ListenerId string `json:"id"` - RepoTypes []string `json:"repoTypes"` - NetworkAddress *NetworkAddress `json:"address,omitempty"` - MySQLSettings *MySQLSettings `json:"mysqlSettings,omitempty"` - S3Settings *S3Settings `json:"s3Settings,omitempty"` - DynamoDbSettings *DynamoDbSettings `json:"dynamoDbSettings,omitempty"` - SQLServerSettings *SQLServerSettings `json:"sqlServerSettings,omitempty"` - OverrideRepoClientTlsSettings bool `json:"overrideRepoClientTlsSettings,omitempty"` - TlsMode string `json:"tlsMode,omitempty"` + SidecarId string `json:"-"` + ListenerId string `json:"id"` + RepoTypes []string `json:"repoTypes"` + NetworkAddress *NetworkAddress `json:"address,omitempty"` + MySQLSettings *MySQLSettings `json:"mysqlSettings,omitempty"` + S3Settings *S3Settings `json:"s3Settings,omitempty"` + DynamoDbSettings *DynamoDbSettings `json:"dynamoDbSettings,omitempty"` + SQLServerSettings *SQLServerSettings `json:"sqlServerSettings,omitempty"` } type NetworkAddress struct { Host string `json:"host,omitempty"` @@ -103,8 +99,6 @@ func (data ReadSidecarListenerAPIResponse) WriteToSchema(d *schema.ResourceData) _ = d.Set(MySQLSettingsKey, data.ListenerConfig.MySQLSettingsAsInterface()) _ = d.Set(DynamoDbSettingsKey, data.ListenerConfig.DynamoDbSettingsAsInterface()) _ = d.Set(SQLServerSettingsKey, data.ListenerConfig.SQLServerSettingsAsInterface()) - _ = d.Set(OverrideRepoClientTlsSettingsKey, data.ListenerConfig.OverrideRepoClientTlsSettings) - _ = d.Set(TlsModeKey, data.ListenerConfig.TlsMode) } log.Printf("[DEBUG] End ReadSidecarListenerAPIResponse.WriteToSchema") return nil @@ -222,10 +216,8 @@ type SidecarListenerResource struct { // ReadFromSchema populates the SidecarListenerResource from the schema func (s *SidecarListenerResource) ReadFromSchema(d *schema.ResourceData) error { s.ListenerConfig = SidecarListener{ - SidecarId: d.Get(SidecarIDKey).(string), - ListenerId: d.Get(ListenerIDKey).(string), - OverrideRepoClientTlsSettings: d.Get(OverrideRepoClientTlsSettingsKey).(bool), - TlsMode: d.Get(TlsModeKey).(string), + SidecarId: d.Get(SidecarIDKey).(string), + ListenerId: d.Get(ListenerIDKey).(string), } s.ListenerConfig.RepoTypesFromInterface(d.Get(RepoTypesKey).([]interface{})) s.ListenerConfig.NetworkAddressFromInterface(d.Get(NetworkAddressKey).(*schema.Set).List()) @@ -473,22 +465,5 @@ func getSidecarListenerSchema() map[string]*schema.Schema { }, }, }, - OverrideRepoClientTlsSettingsKey: { - Description: "Override TLS settings defined in the repo. " + - "Default value generated by API if not provided. ", - Type: schema.TypeBool, - Optional: true, - Computed: true, - }, - TlsModeKey: { - Description: "TLS mode. " + - "Default value generated by API if not provided. " + - "Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener " + - "is a SMART port (enabled in more than one binding). " + - "Allowed values: " + supportedTypesMarkdown(tlsModes()) + ".", - Type: schema.TypeString, - Optional: true, - Computed: true, - }, } } diff --git a/cyral/resource_cyral_sidecar_listener_test.go b/cyral/resource_cyral_sidecar_listener_test.go index 432bc098..4810c751 100644 --- a/cyral/resource_cyral_sidecar_listener_test.go +++ b/cyral/resource_cyral_sidecar_listener_test.go @@ -68,19 +68,6 @@ func updateTest() []resource.TestStep { DbVersion: "3.4.0", }, } - // Override repo client TLS settings. - overrideRepoClientTLS := SidecarListener{ - RepoTypes: []string{"mysql"}, - NetworkAddress: &NetworkAddress{ - Port: 443, - Host: "https://s3.test.com", - }, - MySQLSettings: &MySQLSettings{ - DbVersion: "3.4.0", - }, - OverrideRepoClientTlsSettings: true, - TlsMode: "require", - } return []resource.TestStep{ setupSidecarListenerTestStep( @@ -99,10 +86,6 @@ func updateTest() []resource.TestStep { "update_test", addSettings, ), - setupSidecarListenerTestStep( - "update_test", - overrideRepoClientTLS, - ), } } diff --git a/docs/data-sources/sidecar_listener.md b/docs/data-sources/sidecar_listener.md index efed4119..3276a65d 100644 --- a/docs/data-sources/sidecar_listener.md +++ b/docs/data-sources/sidecar_listener.md @@ -52,12 +52,10 @@ Read-Only: - `listener_id` (String) - `mysql_settings` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--mysql_settings)) - `network_address` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--network_address)) -- `override_repo_client_tls_settings` (Boolean) - `repo_types` (List of String) - `s3_settings` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--s3_settings)) - `sidecar_id` (String) - `sqlserver_settings` (Set of Object) (see [below for nested schema](#nestedobjatt--listener_list--sqlserver_settings)) -- `tls_mode` (String) diff --git a/docs/resources/sidecar_listener.md b/docs/resources/sidecar_listener.md index 85742f32..d7b6fc43 100644 --- a/docs/resources/sidecar_listener.md +++ b/docs/resources/sidecar_listener.md @@ -105,13 +105,8 @@ resource "cyral_sidecar_listener" "listener_dynamodb" { - `dynamodb_settings` (Block Set, Max: 1) DynamoDB settings. (see [below for nested schema](#nestedblock--dynamodb_settings)) - `mysql_settings` (Block Set, Max: 1) MySQL settings represents the listener settings for a [`mysql`, `galera`, `mariadb`] data repository. (see [below for nested schema](#nestedblock--mysql_settings)) -- `override_repo_client_tls_settings` (Boolean) Override TLS settings defined in the repo. Default value generated by API if not provided. - `s3_settings` (Block Set, Max: 1) S3 settings. (see [below for nested schema](#nestedblock--s3_settings)) - `sqlserver_settings` (Block Set, Max: 1) SQL Server settings. (see [below for nested schema](#nestedblock--sqlserver_settings)) -- `tls_mode` (String) TLS mode. Default value generated by API if not provided. Note! This field is in effect only if OverrideRepoClientTlsSettings is set to true or the listener is a SMART port (enabled in more than one binding). Allowed values: - - `allow` - - `require` - - `disable`. ### Read-Only From 5d8aa7bf6fdb92ad42bec74e3f71f98e818ba582 Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Tue, 22 Aug 2023 12:09:08 +0200 Subject: [PATCH 07/11] ENG-12292 - Review comments; re-arrange imports, renamed version constant --- cyral/data_source_cyral_sidecar_listener.go | 1 - cyral/resource_cyral_sidecar_listener.go | 16 ++++------------ 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/cyral/data_source_cyral_sidecar_listener.go b/cyral/data_source_cyral_sidecar_listener.go index 17466a71..894fc067 100644 --- a/cyral/data_source_cyral_sidecar_listener.go +++ b/cyral/data_source_cyral_sidecar_listener.go @@ -7,7 +7,6 @@ import ( "github.com/google/uuid" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - "golang.org/x/exp/slices" "github.com/cyralinc/terraform-provider-cyral/client" diff --git a/cyral/resource_cyral_sidecar_listener.go b/cyral/resource_cyral_sidecar_listener.go index 49eae62a..4809c121 100644 --- a/cyral/resource_cyral_sidecar_listener.go +++ b/cyral/resource_cyral_sidecar_listener.go @@ -23,17 +23,9 @@ const ( ProxyModeKey = "proxy_mode" DynamoDbSettingsKey = "dynamodb_settings" SQLServerSettingsKey = "sqlserver_settings" - VersionKey = "version" + SQLServerVersionKey = "version" ) -func tlsModes() []string { - return []string{ - "allow", // default, must be kept at position 0 - "require", - "disable", - } -} - // SidecarListener struct for sidecar listener. type SidecarListener struct { SidecarId string `json:"-"` @@ -196,7 +188,7 @@ func (l *SidecarListener) SQLServerSettingsAsInterface() []interface{} { return nil } return []interface{}{map[string]interface{}{ - VersionKey: l.SQLServerSettings.Version, + SQLServerVersionKey: l.SQLServerSettings.Version, }} } func (l *SidecarListener) SQLServerSettingsFromInterface(anInterface []interface{}) { @@ -204,7 +196,7 @@ func (l *SidecarListener) SQLServerSettingsFromInterface(anInterface []interface return } l.SQLServerSettings = &SQLServerSettings{ - Version: anInterface[0].(map[string]interface{})[VersionKey].(string), + Version: anInterface[0].(map[string]interface{})[SQLServerVersionKey].(string), } } @@ -445,7 +437,7 @@ func getSidecarListenerSchema() map[string]*schema.Schema { ConflictsWith: []string{S3SettingsKey, MySQLSettingsKey, DynamoDbSettingsKey}, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ - VersionKey: { + SQLServerVersionKey: { Description: "Advertised SQL Server version. Required (and only relevant) for " + "Listeners of type 'sqlserver' " + "The format of the version should be .. " + From d0576c6e9798fceccca86a0eb9356c0114a33459 Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Wed, 23 Aug 2023 11:56:43 +0200 Subject: [PATCH 08/11] ENG-12292 - Review comments; added listener settings conflicts with validation. Updated setupSidecarListenerConfig method to support constructing faulty configurations (switch -> multiple if statements) --- cyral/resource_cyral_sidecar_listener_test.go | 92 +++++++++++++++++-- 1 file changed, 83 insertions(+), 9 deletions(-) diff --git a/cyral/resource_cyral_sidecar_listener_test.go b/cyral/resource_cyral_sidecar_listener_test.go index 4810c751..02f82b8c 100644 --- a/cyral/resource_cyral_sidecar_listener_test.go +++ b/cyral/resource_cyral_sidecar_listener_test.go @@ -2,6 +2,7 @@ package cyral import ( "fmt" + "regexp" "strconv" "testing" @@ -19,9 +20,9 @@ func sidecarListenerSidecarConfig() string { "docker", "", ) } - func TestSidecarListenerResource(t *testing.T) { testSteps := make([]resource.TestStep, 0, 10) + testSteps = append(testSteps, settingsConflictsTest()...) testSteps = append(testSteps, updateTest()...) testSteps = append(testSteps, settingsTest()...) testSteps = append(testSteps, multipleListenersAndImportTest()...) @@ -165,7 +166,7 @@ func settingsTest() []resource.TestStep { dynamodb, ), setupSidecarListenerTestStep( - "sql_server_settings", + "sqlserver_settings", sqlServerSettings, ), } @@ -226,6 +227,67 @@ func multipleListenersAndImportTest() []resource.TestStep { } } +// settingsConflictsTest generates a test matrix to ensure that conflicting settings +// for different repository types produce appropriate errors. +func settingsConflictsTest() []resource.TestStep { + // List of repo types with conflicting settings + repoTypes := []string{ + "mysql", + "s3", + "dynamodb", + "sqlserver", + } + var testSteps []resource.TestStep + // Generate test steps for every pair of conflicting repo types + for i := 0; i < len(repoTypes); i++ { + for j := i + 1; j < len(repoTypes); j++ { + // Create a listener with both all types + // Downstream test code will cut at [0], but this is fine for what we are testing here + listener := SidecarListener{ + RepoTypes: repoTypes, + NetworkAddress: &NetworkAddress{ + Port: 8000, + Host: "https://mysql.test.com", + }, + } + // Apply conflicting settings to the listener + appendSetting(&listener, repoTypes[i]) + appendSetting(&listener, repoTypes[j]) + // Create a test step with the listener + testSteps = append(testSteps, resource.TestStep{ + Config: sidecarListenerSidecarConfig() + setupSidecarListenerConfig("settings_conflict", listener), + ExpectError: regexp.MustCompile( + ".*conflicts with.*", + ), + }) + } + } + return testSteps +} + +// appendSetting applies settings for a given repository type to the provided listener. +// The listener's repository types are updated accordingly using default values. +func appendSetting(listener *SidecarListener, repoType string) { + switch repoType { + case "mysql": + listener.MySQLSettings = &MySQLSettings{ + DbVersion: "5.7", + } + case "s3": + listener.S3Settings = &S3Settings{ + ProxyMode: true, + } + case "dynamodb": + listener.DynamoDbSettings = &DynamoDbSettings{ + ProxyMode: true, + } + case "sqlserver": + listener.SQLServerSettings = &SQLServerSettings{ + Version: "16.0.1000", + } + } +} + func setupSidecarListenerTestStep(resName string, listener SidecarListener) resource.TestStep { return resource.TestStep{ Config: sidecarListenerSidecarConfig() + @@ -370,8 +432,8 @@ func setupSidecarListenerConfig(resourceName string, listener SidecarListener) s } var settings string - switch { - case listener.MySQLSettings != nil: + + if listener.MySQLSettings != nil { dbVersion, charSet := "null", "null" if listener.MySQLSettings.CharacterSet != "" { charSet = fmt.Sprintf(`"%s"`, listener.MySQLSettings.CharacterSet) @@ -379,28 +441,40 @@ func setupSidecarListenerConfig(resourceName string, listener SidecarListener) s if listener.MySQLSettings.DbVersion != "" { dbVersion = fmt.Sprintf(`"%s"`, listener.MySQLSettings.DbVersion) } - settings = fmt.Sprintf( + settings += fmt.Sprintf( ` mysql_settings { db_version = %s character_set = %s }`, dbVersion, charSet, ) - case listener.DynamoDbSettings != nil: - settings = fmt.Sprintf( + } + + if listener.DynamoDbSettings != nil { + settings += fmt.Sprintf( ` dynamodb_settings { proxy_mode = %s }`, strconv.FormatBool(listener.DynamoDbSettings.ProxyMode), ) - case listener.S3Settings != nil: - settings = fmt.Sprintf( + } + + if listener.S3Settings != nil { + settings += fmt.Sprintf( ` s3_settings { proxy_mode = %s }`, strconv.FormatBool(listener.S3Settings.ProxyMode), ) } + if listener.SQLServerSettings != nil { + settings += fmt.Sprintf( + ` + sqlserver_settings { + version = "%s" + }`, listener.SQLServerSettings.Version, + ) + } config += fmt.Sprintf( ` From 40776c9a1f44ca11773ddd06916fc6ae7aecbc3e Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Wed, 23 Aug 2023 11:58:30 +0200 Subject: [PATCH 09/11] ENG-12292 - comment update --- cyral/resource_cyral_sidecar_listener_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cyral/resource_cyral_sidecar_listener_test.go b/cyral/resource_cyral_sidecar_listener_test.go index 02f82b8c..26b2c34d 100644 --- a/cyral/resource_cyral_sidecar_listener_test.go +++ b/cyral/resource_cyral_sidecar_listener_test.go @@ -241,7 +241,7 @@ func settingsConflictsTest() []resource.TestStep { // Generate test steps for every pair of conflicting repo types for i := 0; i < len(repoTypes); i++ { for j := i + 1; j < len(repoTypes); j++ { - // Create a listener with both all types + // Create a listener with all conflicting repo types // Downstream test code will cut at [0], but this is fine for what we are testing here listener := SidecarListener{ RepoTypes: repoTypes, From 1519e70608d10acb737d071f9ed6edb3c036afd5 Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Mon, 11 Sep 2023 13:33:42 +0200 Subject: [PATCH 10/11] ENG-12292 - Review comment: Fixed incorrect conflicts with clause --- cyral/resource_cyral_sidecar_listener.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cyral/resource_cyral_sidecar_listener.go b/cyral/resource_cyral_sidecar_listener.go index 4809c121..d9c83434 100644 --- a/cyral/resource_cyral_sidecar_listener.go +++ b/cyral/resource_cyral_sidecar_listener.go @@ -408,7 +408,7 @@ func getSidecarListenerSchema() map[string]*schema.Schema { Optional: true, // Notice the MaxItems: 1 here. This ensures that the user can only specify one this block. MaxItems: 1, - ConflictsWith: []string{S3SettingsKey, MySQLSettingsKey}, + ConflictsWith: []string{S3SettingsKey, MySQLSettingsKey, SQLServerSettingsKey}, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ ProxyModeKey: { From 6643e84313edaa39c3f162999b110065b4127e94 Mon Sep 17 00:00:00 2001 From: gengdahlcyral Date: Tue, 12 Sep 2023 08:34:49 +0200 Subject: [PATCH 11/11] ENG-12292 - Review comment: removed redundant schema flag (optional=false) --- cyral/resource_cyral_sidecar_listener.go | 1 - 1 file changed, 1 deletion(-) diff --git a/cyral/resource_cyral_sidecar_listener.go b/cyral/resource_cyral_sidecar_listener.go index d9c83434..4e91275c 100644 --- a/cyral/resource_cyral_sidecar_listener.go +++ b/cyral/resource_cyral_sidecar_listener.go @@ -451,7 +451,6 @@ func getSidecarListenerSchema() map[string]*schema.Schema { "Note: If the query returns a four part version number, only the first three parts " + "should be used. Example: 16.0.1000.6 -> 16.0.1000", Type: schema.TypeString, - Optional: false, Required: true, }, },