diff --git a/cyral/internal/policy/v2/constants.go b/cyral/internal/policy/constants.go similarity index 82% rename from cyral/internal/policy/v2/constants.go rename to cyral/internal/policy/constants.go index 761313fe..3368a409 100644 --- a/cyral/internal/policy/v2/constants.go +++ b/cyral/internal/policy/constants.go @@ -1,4 +1,4 @@ -package policyv2 +package policy const ( resourceName = "cyral_policy_v2" diff --git a/cyral/internal/policy/v2/datasource.go b/cyral/internal/policy/datasource.go similarity index 99% rename from cyral/internal/policy/v2/datasource.go rename to cyral/internal/policy/datasource.go index 604bc870..f4e186d3 100644 --- a/cyral/internal/policy/v2/datasource.go +++ b/cyral/internal/policy/datasource.go @@ -1,4 +1,4 @@ -package policyv2 +package policy import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" diff --git a/cyral/internal/policy/v2/model.go b/cyral/internal/policy/model.go similarity index 99% rename from cyral/internal/policy/v2/model.go rename to cyral/internal/policy/model.go index 3ad70f19..4e563d3c 100644 --- a/cyral/internal/policy/v2/model.go +++ b/cyral/internal/policy/model.go @@ -1,4 +1,4 @@ -package policyv2 +package policy import ( "context" diff --git a/cyral/internal/policy/v2/resource.go b/cyral/internal/policy/resource.go similarity index 99% rename from cyral/internal/policy/v2/resource.go rename to cyral/internal/policy/resource.go index 58f9893b..9e9ba135 100644 --- a/cyral/internal/policy/v2/resource.go +++ b/cyral/internal/policy/resource.go @@ -1,4 +1,4 @@ -package policyv2 +package policy import ( "context" diff --git a/cyral/internal/policy/v2/resource_test.go b/cyral/internal/policy/resource_test.go similarity index 99% rename from cyral/internal/policy/v2/resource_test.go rename to cyral/internal/policy/resource_test.go index 9c002f0b..c80f30a6 100644 --- a/cyral/internal/policy/v2/resource_test.go +++ b/cyral/internal/policy/resource_test.go @@ -1,4 +1,4 @@ -package policyv2_test +package policy_test import ( "fmt" diff --git a/cyral/internal/policy/v2/schema_loader.go b/cyral/internal/policy/schema_loader.go similarity index 96% rename from cyral/internal/policy/v2/schema_loader.go rename to cyral/internal/policy/schema_loader.go index e4aecccd..08797044 100644 --- a/cyral/internal/policy/v2/schema_loader.go +++ b/cyral/internal/policy/schema_loader.go @@ -1,4 +1,4 @@ -package policyv2 +package policy import "github.com/cyralinc/terraform-provider-cyral/cyral/core" diff --git a/cyral/internal/policyset/constants.go b/cyral/internal/policy/set/constants.go similarity index 100% rename from cyral/internal/policyset/constants.go rename to cyral/internal/policy/set/constants.go diff --git a/cyral/internal/policyset/datasource.go b/cyral/internal/policy/set/datasource.go similarity index 100% rename from cyral/internal/policyset/datasource.go rename to cyral/internal/policy/set/datasource.go diff --git a/cyral/internal/policyset/model.go b/cyral/internal/policy/set/model.go similarity index 100% rename from cyral/internal/policyset/model.go rename to cyral/internal/policy/set/model.go diff --git a/cyral/internal/policyset/resource.go b/cyral/internal/policy/set/resource.go similarity index 100% rename from cyral/internal/policyset/resource.go rename to cyral/internal/policy/set/resource.go diff --git a/cyral/internal/policyset/resource_test.go b/cyral/internal/policy/set/resource_test.go similarity index 100% rename from cyral/internal/policyset/resource_test.go rename to cyral/internal/policy/set/resource_test.go diff --git a/cyral/internal/policyset/schema_loader.go b/cyral/internal/policy/set/schema_loader.go similarity index 99% rename from cyral/internal/policyset/schema_loader.go rename to cyral/internal/policy/set/schema_loader.go index 229e9642..37d4a9f3 100644 --- a/cyral/internal/policyset/schema_loader.go +++ b/cyral/internal/policy/set/schema_loader.go @@ -17,7 +17,6 @@ func (p *packageSchema) Schemas() []*core.SchemaDescriptor { Type: core.DataSourceSchemaType, Schema: dataSourceSchema, }, - { Name: resourceName, Type: core.ResourceSchemaType, diff --git a/cyral/internal/policy/wizard/constants.go b/cyral/internal/policy/wizard/constants.go new file mode 100644 index 00000000..b8f73ed6 --- /dev/null +++ b/cyral/internal/policy/wizard/constants.go @@ -0,0 +1,5 @@ +package wizard + +const ( + dataSourceName = "cyral_policy_wizards" +) diff --git a/cyral/internal/policy/wizard/datasource.go b/cyral/internal/policy/wizard/datasource.go new file mode 100644 index 00000000..993c7f07 --- /dev/null +++ b/cyral/internal/policy/wizard/datasource.go @@ -0,0 +1,64 @@ +package wizard + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/cyralinc/terraform-provider-cyral/cyral/core" + "github.com/cyralinc/terraform-provider-cyral/cyral/core/types/resourcetype" +) + +var dsContextHandler = core.ContextHandler{ + ResourceName: dataSourceName, + ResourceType: resourcetype.DataSource, + Read: readPolicyWizards, +} + +func dataSourceSchema() *schema.Resource { + return &schema.Resource{ + Description: "This data source provides information policy wizards", + ReadContext: dsContextHandler.ReadContext, + Schema: map[string]*schema.Schema{ + "wizard_id": { + Description: "id of the policy wizard of interest.", + Type: schema.TypeString, + Optional: true, + }, + "wizards": { + Description: "Set of supported policy wizards.", + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Resource{ + Description: "Information about a policy wizard.", + Schema: map[string]*schema.Schema{ + "id": { + Description: "Identifier for the policy wizard, use as the value of wizard_id parameter in the policy set resource.", + Type: schema.TypeString, + Required: true, + }, + "name": { + Description: "Name of the policy wizard.", + Type: schema.TypeString, + Computed: true, + }, + "description": { + Description: "Description of the policy wizard.", + Type: schema.TypeString, + Computed: true, + }, + "tags": { + Description: "Tags associated with the policy wizard.", + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "parameter_schema": { + Description: "JSON schema for the policy wizard parameters.", + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + } +} diff --git a/cyral/internal/policy/wizard/datasource_test.go b/cyral/internal/policy/wizard/datasource_test.go new file mode 100644 index 00000000..89c1cdba --- /dev/null +++ b/cyral/internal/policy/wizard/datasource_test.go @@ -0,0 +1,80 @@ +package wizard_test + +import ( + "testing" + + "github.com/cyralinc/terraform-provider-cyral/cyral/provider" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccPolicyWizardsDataSource(t *testing.T) { + dsName := "data.cyral_policy_wizards.wizard_list" + resource.ParallelTest(t, resource.TestCase{ + ProviderFactories: provider.ProviderFactories, + Steps: []resource.TestStep{ + { + Config: ` +data "cyral_policy_wizards" "wizard_list" { +} +`, + Check: checkAllWizards(dsName), + }, + { + Config: ` +data "cyral_policy_wizards" "wizard_list" { + wizard_id = "data-firewall" +} +`, + Check: checkOneWizard(dsName, "data-firewall"), + }, + { + Config: ` +data "cyral_policy_wizards" "wizard_list" { + wizard_id = "XXX" +} +`, + Check: resource.TestCheckResourceAttr(dsName, "wizards.#", "0"), + }, + }, + }) +} + +// checkAllWizards ensures that a few well known wizard ids are present in the +// datasource state. It does not attempt to make very exhaustive checks because +// wizard names, descriptions (and even the wizard list) is subject to change. +func checkAllWizards(dsName string) resource.TestCheckFunc { + return resource.ComposeTestCheckFunc( + resource.TestCheckTypeSetElemNestedAttrs( + dsName, "wizards.*", + map[string]string{ + "id": "data-firewall", + }, + ), + resource.TestCheckTypeSetElemNestedAttrs( + dsName, "wizards.*", + map[string]string{ + "id": "data-masking", + }, + ), + resource.TestCheckTypeSetElemNestedAttrs( + dsName, "wizards.*", + map[string]string{ + "id": "user-segmentation", + }, + ), + ) +} + +// checkOneWizard ensures that the data source state contains only one wizard +// with the given id. +func checkOneWizard(dsName, id string) resource.TestCheckFunc { + return resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(dsName, "wizards.#", "1"), + resource.TestCheckTypeSetElemNestedAttrs( + dsName, "wizards.*", + map[string]string{ + "id": id, + }, + ), + ) +} diff --git a/cyral/internal/policy/wizard/model.go b/cyral/internal/policy/wizard/model.go new file mode 100644 index 00000000..d7eebc0d --- /dev/null +++ b/cyral/internal/policy/wizard/model.go @@ -0,0 +1,66 @@ +package wizard + +import ( + "context" + + methods "buf.build/gen/go/cyral/policy/grpc/go/policy/v1/policyv1grpc" + msg "buf.build/gen/go/cyral/policy/protocolbuffers/go/policy/v1" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" + + "github.com/cyralinc/terraform-provider-cyral/cyral/client" +) + +func readPolicyWizards(ctx context.Context, cl *client.Client, rd *schema.ResourceData) error { + var wizardList []*msg.PolicyWizard + + wizId := rd.Get("wizard_id").(string) + grpcClient := methods.NewPolicyWizardServiceClient(cl.GRPCClient()) + if wizId != "" { + req := &msg.ReadPolicyWizardRequest{ + Id: wizId, + } + resp, err := grpcClient.ReadPolicyWizard(ctx, req) + if err != nil && status.Code(err) != codes.NotFound { + return err + } + if status.Code(err) != codes.NotFound { + wizardList = []*msg.PolicyWizard{resp.GetPolicyWizard()} + } + } else { + req := &msg.ListPolicyWizardsRequest{} + resp, err := grpcClient.ListPolicyWizards(ctx, req) + if err != nil { + return err + } + wizardList = resp.GetPolicyWizards() + } + updateSchema(wizardList, rd) + return nil +} + +func wizardToMap(wiz *msg.PolicyWizard) map[string]any { + return map[string]any{ + "id": wiz.GetId(), + "name": wiz.GetName(), + "description": wiz.GetDescription(), + "parameter_schema": wiz.GetParameterSchema(), + "tags": func() []any { + tags := make([]any, 0, len(wiz.GetTags())) + for _, t := range wiz.GetTags() { + tags = append(tags, t) + } + return tags + }(), + } +} + +func updateSchema(wizards []*msg.PolicyWizard, rd *schema.ResourceData) { + wizardList := make([]any, 0, len(wizards)) + for _, wiz := range wizards { + wizardList = append(wizardList, wizardToMap(wiz)) + } + rd.Set("wizards", wizardList) + rd.SetId("cyral-wizard-list") +} diff --git a/cyral/internal/policy/wizard/schema_loader.go b/cyral/internal/policy/wizard/schema_loader.go new file mode 100644 index 00000000..25c77562 --- /dev/null +++ b/cyral/internal/policy/wizard/schema_loader.go @@ -0,0 +1,24 @@ +package wizard + +import "github.com/cyralinc/terraform-provider-cyral/cyral/core" + +type packageSchema struct { +} + +func (p *packageSchema) Name() string { + return "policyset" +} + +func (p *packageSchema) Schemas() []*core.SchemaDescriptor { + return []*core.SchemaDescriptor{ + { + Name: dataSourceName, + Type: core.DataSourceSchemaType, + Schema: dataSourceSchema, + }, + } +} + +func PackageSchema() core.PackageSchema { + return &packageSchema{} +} diff --git a/cyral/provider/provider.go b/cyral/provider/provider.go index 7d174974..41708dfe 100644 --- a/cyral/provider/provider.go +++ b/cyral/provider/provider.go @@ -180,8 +180,6 @@ func getCredentials(d *schema.ResourceData) (string, string, diag.Diagnostics) { return clientID, clientSecret, diags } -var provider = Provider() - var ProviderFactories = map[string]func() (*schema.Provider, error){ "cyral": func() (*schema.Provider, error) { return Provider(), nil diff --git a/cyral/provider/schema_loader.go b/cyral/provider/schema_loader.go index 9c01d263..3e86fa42 100644 --- a/cyral/provider/schema_loader.go +++ b/cyral/provider/schema_loader.go @@ -15,8 +15,9 @@ import ( integration_slack "github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/slack" integration_teams "github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/teams" "github.com/cyralinc/terraform-provider-cyral/cyral/internal/permission" - policyv2 "github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy/v2" - "github.com/cyralinc/terraform-provider-cyral/cyral/internal/policyset" + "github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy" + policyset "github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy/set" + policywizard "github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy/wizard" "github.com/cyralinc/terraform-provider-cyral/cyral/internal/regopolicy" "github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository" repository_accessgateway "github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/accessgateway" @@ -56,8 +57,9 @@ func packagesSchemas() []core.PackageSchema { integration_slack.PackageSchema(), integration_teams.PackageSchema(), permission.PackageSchema(), - policyv2.PackageSchema(), + policy.PackageSchema(), policyset.PackageSchema(), + policywizard.PackageSchema(), regopolicy.PackageSchema(), repository.PackageSchema(), repository_accessgateway.PackageSchema(), diff --git a/docs/data-sources/policy_wizards.md b/docs/data-sources/policy_wizards.md new file mode 100644 index 00000000..98fcbf32 --- /dev/null +++ b/docs/data-sources/policy_wizards.md @@ -0,0 +1,36 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "cyral_policy_wizards Data Source - terraform-provider-cyral" +subcategory: "" +description: |- + This data source provides information policy wizards +--- + +# cyral_policy_wizards (Data Source) + +This data source provides information policy wizards + + + +## Schema + +### Optional + +- `wizard_id` (String) id of the policy wizard of interest. + +### Read-Only + +- `id` (String) The ID of this resource. +- `wizards` (Set of Object) Set of supported policy wizards. (see [below for nested schema](#nestedatt--wizards)) + + + +### Nested Schema for `wizards` + +Read-Only: + +- `description` (String) +- `id` (String) +- `name` (String) +- `parameter_schema` (String) +- `tags` (List of String)