cyralinc · wcmjunior · Dec 18, 2024 · Dec 13, 2024 · Dec 13, 2024 · Dec 13, 2024
@@ -0,0 +1,6 @@
+package policyset
+
+const (
+	policySetResourceName   = "cyral_policy_set"
+	policySetDataSourceName = policySetResourceName
+)
@@ -7,16 +7,16 @@ import (
 	"github.com/cyralinc/terraform-provider-cyral/cyral/core/types/resourcetype"
 )
 
-var dsContextHandler = core.ContextHandler{
-	ResourceName: dataSourceName,
+var policySetDataSourceContextHandler = core.ContextHandler{
+	ResourceName: policySetDataSourceName,
 	ResourceType: resourcetype.DataSource,
 	Read:         readPolicySet,
 }
 
-func dataSourceSchema() *schema.Resource {
+func policySetDataSourceSchema() *schema.Resource {
 	return &schema.Resource{
 		Description: "This data source provides information about a policy set.",
-		ReadContext: dsContextHandler.ReadContext,
+		ReadContext: policySetDataSourceContextHandler.ReadContext,
 		Schema: map[string]*schema.Schema{
 			"id": {
 				Description: "Identifier for the policy set.",

@@ -47,8 +47,8 @@ func scopeToMap(s *msg.Scope) []map[string]interface{} {
 	}
 }
 
-// updateSchema writes the policy set data to the schema
-func updateSchema(ps *msg.PolicySet, d *schema.ResourceData) error {
+// updatePolicySetSchema writes the policy set data to the schema
+func updatePolicySetSchema(ps *msg.PolicySet, d *schema.ResourceData) error {
 	if err := d.Set("id", ps.GetId()); err != nil {
 		return fmt.Errorf("error setting 'id' field: %w", err)
 	}
@@ -141,7 +141,7 @@ func readPolicySet(ctx context.Context, cl *client.Client, rd *schema.ResourceDa
 	if err != nil {
 		return err
 	}
-	return updateSchema(resp.GetPolicySet(), rd)
+	return updatePolicySetSchema(resp.GetPolicySet(), rd)
 }
 
 func updatePolicySet(ctx context.Context, cl *client.Client, rd *schema.ResourceData) error {
@@ -155,7 +155,7 @@ func updatePolicySet(ctx context.Context, cl *client.Client, rd *schema.Resource
 	if err != nil {
 		return err
 	}
-	return updateSchema(resp.GetPolicySet(), rd)
+	return updatePolicySetSchema(resp.GetPolicySet(), rd)
 }
 
 func deletePolicySet(ctx context.Context, cl *client.Client, rd *schema.ResourceData) error {

@@ -9,22 +9,22 @@ import (
 	"github.com/cyralinc/terraform-provider-cyral/cyral/core/types/resourcetype"
 )
 
-var resourceContextHandler = core.ContextHandler{
-	ResourceName: resourceName,
+var policySetResourceContextHandler = core.ContextHandler{
+	ResourceName: policySetResourceName,
 	ResourceType: resourcetype.Resource,
 	Create:       createPolicySet,
 	Read:         readPolicySet,
 	Update:       updatePolicySet,
 	Delete:       deletePolicySet,
 }
 
-func resourceSchema() *schema.Resource {
+func policySetResourceSchema() *schema.Resource {
 	return &schema.Resource{
 		Description:   "This resource allows management of policy sets in the Cyral platform.",
-		CreateContext: resourceContextHandler.CreateContext,
-		ReadContext:   resourceContextHandler.ReadContext,
-		UpdateContext: resourceContextHandler.UpdateContext,
-		DeleteContext: resourceContextHandler.DeleteContext,
+		CreateContext: policySetResourceContextHandler.CreateContext,
+		ReadContext:   policySetResourceContextHandler.ReadContext,
+		UpdateContext: policySetResourceContextHandler.UpdateContext,
+		DeleteContext: policySetResourceContextHandler.DeleteContext,
 		Importer: &schema.ResourceImporter{
 			StateContext: importPolicySetStateContext,
 		},

@@ -13,15 +13,14 @@ func (p *packageSchema) Schemas() []*core.SchemaDescriptor {
 	return []*core.SchemaDescriptor{
 
 		{
-			Name:   dataSourceName,
+			Name:   policySetDataSourceName,
 			Type:   core.DataSourceSchemaType,
-			Schema: dataSourceSchema,
+			Schema: policySetDataSourceSchema,
 		},
-
 		{
-			Name:   resourceName,
+			Name:   policySetResourceName,
 			Type:   core.ResourceSchemaType,
-			Schema: resourceSchema,
+			Schema: policySetResourceSchema,
 		},
 	}
 }

@@ -0,0 +1,5 @@
+package wizard
+
+const (
+	policyWizardsDataSourceName = "cyral_policy_wizards"
+)
@@ -0,0 +1,64 @@
+package wizard
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	"github.com/cyralinc/terraform-provider-cyral/cyral/core"
+	"github.com/cyralinc/terraform-provider-cyral/cyral/core/types/resourcetype"
+)
+
+var policyWizardsDataSourceContextHandler = core.ContextHandler{
+	ResourceName: policyWizardsDataSourceName,
+	ResourceType: resourcetype.DataSource,
+	Read:         readPolicyWizards,
+}
+
+func policyWizardsDataSourceSchema() *schema.Resource {
+	return &schema.Resource{
+		Description: "This data source provides information policy wizards",
+		ReadContext: policyWizardsDataSourceContextHandler.ReadContext,
+		Schema: map[string]*schema.Schema{
+			"wizard_id": {
+				Description: "id of the policy wizard of interest.",
+				Type:        schema.TypeString,
+				Optional:    true,
+			},
+			"wizards": {
+				Description: "Set of supported policy wizards.",
+				Type:        schema.TypeSet,
+				Computed:    true,
+				Elem: &schema.Resource{
+					Description: "Information about a policy wizard.",
+					Schema: map[string]*schema.Schema{
+						"id": {
+							Description: "Identifier for the policy wizard, use as the value of wizard_id parameter in the policy set resource.",
+							Type:        schema.TypeString,
+							Required:    true,
+						},
+						"name": {
+							Description: "Name of the policy wizard.",
+							Type:        schema.TypeString,
+							Computed:    true,
+						},
+						"description": {
+							Description: "Description of the policy wizard.",
+							Type:        schema.TypeString,
+							Computed:    true,
+						},
+						"tags": {
+							Description: "Tags associated with the policy wizard.",
+							Type:        schema.TypeList,
+							Computed:    true,
+							Elem:        &schema.Schema{Type: schema.TypeString},
+						},
+						"parameter_schema": {
+							Description: "JSON schema for the policy wizard parameters.",
+							Type:        schema.TypeString,
+							Computed:    true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
@@ -0,0 +1,80 @@
+package wizard_test
+
+import (
+	"testing"
+
+	"github.com/cyralinc/terraform-provider-cyral/cyral/provider"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccPolicyWizardsDataSource(t *testing.T) {
+	dsName := "data.cyral_policy_wizards.wizard_list"
+	resource.ParallelTest(t, resource.TestCase{
+		ProviderFactories: provider.ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: `
+data "cyral_policy_wizards" "wizard_list" {
+}
+`,
+				Check: checkAllWizards(dsName),
+			},
+			{
+				Config: `
+data "cyral_policy_wizards" "wizard_list" {
+  wizard_id = "data-firewall"
+}
+`,
+				Check: checkOneWizard(dsName, "data-firewall"),
+			},
+			{
+				Config: `
+data "cyral_policy_wizards" "wizard_list" {
+  wizard_id = "XXX"
+}
+`,
+				Check: resource.TestCheckResourceAttr(dsName, "wizards.#", "0"),
+			},
+		},
+	})
+}
+
+// checkAllWizards ensures that a few well known wizard ids are present in the
+// datasource state. It does not attempt to make very exhaustive checks because
+// wizard names, descriptions (and even the wizard list) is subject to change.
+func checkAllWizards(dsName string) resource.TestCheckFunc {
+	return resource.ComposeTestCheckFunc(
+		resource.TestCheckTypeSetElemNestedAttrs(
+			dsName, "wizards.*",
+			map[string]string{
+				"id": "data-firewall",
+			},
+		),
+		resource.TestCheckTypeSetElemNestedAttrs(
+			dsName, "wizards.*",
+			map[string]string{
+				"id": "data-masking",
+			},
+		),
+		resource.TestCheckTypeSetElemNestedAttrs(
+			dsName, "wizards.*",
+			map[string]string{
+				"id": "user-segmentation",
+			},
+		),
+	)
+}
+
+// checkOneWizard ensures that the data source state contains only one wizard
+// with the given id.
+func checkOneWizard(dsName, id string) resource.TestCheckFunc {
+	return resource.ComposeTestCheckFunc(
+		resource.TestCheckResourceAttr(dsName, "wizards.#", "1"),
+		resource.TestCheckTypeSetElemNestedAttrs(
+			dsName, "wizards.*",
+			map[string]string{
+				"id": id,
+			},
+		),
+	)
+}
@@ -0,0 +1,66 @@
+package wizard
+
+import (
+	"context"
+
+	methods "buf.build/gen/go/cyral/policy/grpc/go/policy/v1/policyv1grpc"
+	msg "buf.build/gen/go/cyral/policy/protocolbuffers/go/policy/v1"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+
+	"github.com/cyralinc/terraform-provider-cyral/cyral/client"
+)
+
+func readPolicyWizards(ctx context.Context, cl *client.Client, rd *schema.ResourceData) error {
+	var wizardList []*msg.PolicyWizard
+
+	wizId := rd.Get("wizard_id").(string)
+	grpcClient := methods.NewPolicyWizardServiceClient(cl.GRPCClient())
+	if wizId != "" {
+		req := &msg.ReadPolicyWizardRequest{
+			Id: wizId,
+		}
+		resp, err := grpcClient.ReadPolicyWizard(ctx, req)
+		if err != nil && status.Code(err) != codes.NotFound {
+			return err
+		}
+		if status.Code(err) != codes.NotFound {
+			wizardList = []*msg.PolicyWizard{resp.GetPolicyWizard()}
+		}
+	} else {
+		req := &msg.ListPolicyWizardsRequest{}
+		resp, err := grpcClient.ListPolicyWizards(ctx, req)
+		if err != nil {
+			return err
+		}
+		wizardList = resp.GetPolicyWizards()
+	}
+	updatePolicyWizardsSchema(wizardList, rd)
+	return nil
+}
+
+func wizardToMap(wiz *msg.PolicyWizard) map[string]any {
+	return map[string]any{
+		"id":               wiz.GetId(),
+		"name":             wiz.GetName(),
+		"description":      wiz.GetDescription(),
+		"parameter_schema": wiz.GetParameterSchema(),
+		"tags": func() []any {
+			tags := make([]any, 0, len(wiz.GetTags()))
+			for _, t := range wiz.GetTags() {
+				tags = append(tags, t)
+			}
+			return tags
+		}(),
+	}
+}
+
+func updatePolicyWizardsSchema(wizards []*msg.PolicyWizard, rd *schema.ResourceData) {
+	wizardList := make([]any, 0, len(wizards))
+	for _, wiz := range wizards {
+		wizardList = append(wizardList, wizardToMap(wiz))
+	}
+	rd.Set("wizards", wizardList)
+	rd.SetId("cyral-wizard-list")
+}
@@ -0,0 +1,24 @@
+package wizard
+
+import "github.com/cyralinc/terraform-provider-cyral/cyral/core"
+
+type packageSchema struct {
+}
+
+func (p *packageSchema) Name() string {
+	return "policyset"
+}
+
+func (p *packageSchema) Schemas() []*core.SchemaDescriptor {
+	return []*core.SchemaDescriptor{
+		{
+			Name:   policyWizardsDataSourceName,
+			Type:   core.DataSourceSchemaType,
+			Schema: policyWizardsDataSourceSchema,
+		},
+	}
+}
+
+func PackageSchema() core.PackageSchema {
+	return &packageSchema{}
+}
@@ -180,8 +180,6 @@ func getCredentials(d *schema.ResourceData) (string, string, diag.Diagnostics) {
 	return clientID, clientSecret, diags
 }
 
-var provider = Provider()
-
 var ProviderFactories = map[string]func() (*schema.Provider, error){
 	"cyral": func() (*schema.Provider, error) {
 		return Provider(), nil

@@ -15,8 +15,9 @@ import (
 	integration_slack "github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/slack"
 	integration_teams "github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/teams"
 	"github.com/cyralinc/terraform-provider-cyral/cyral/internal/permission"
+	policyset "github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy/set"
 	policyv2 "github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy/v2"
-	"github.com/cyralinc/terraform-provider-cyral/cyral/internal/policyset"
+	policywizard "github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy/wizard"
 	"github.com/cyralinc/terraform-provider-cyral/cyral/internal/regopolicy"
 	"github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository"
 	repository_accessgateway "github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/accessgateway"
@@ -58,6 +59,7 @@ func packagesSchemas() []core.PackageSchema {
 		permission.PackageSchema(),
 		policyv2.PackageSchema(),
 		policyset.PackageSchema(),
+		policywizard.PackageSchema(),
 		regopolicy.PackageSchema(),
 		repository.PackageSchema(),
 		repository_accessgateway.PackageSchema(),