Merge pull request #66 from humanitec/azure-secrefref-private-git

Add secret_refs|azure|private git|ssh_key
humanitec · Feb 28, 2024 · 04dff4f · 04dff4f
2 parents e331840 + c1a00a0
commit 04dff4f
Show file tree

Hide file tree

Showing 4 changed files with 103 additions and 10 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -21,25 +21,25 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Unshallow
         run: git fetch --prune --unshallow
       - name: Set up Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
           go-version-file: 'go.mod'
           cache: true
       - name: Import GPG key
-        uses: crazy-max/ghaction-import-gpg@v5
+        uses: crazy-max/ghaction-import-gpg@v6
         id: import_gpg
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.PASSPHRASE }}
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v3.2.0
+        uses: goreleaser/goreleaser-action@v5
         with:
           version: latest
-          args: release --rm-dist
+          args: release --clean
         env:
           GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
           # GitHub sets this automatically

diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -7,8 +7,8 @@ jobs:
     name: Acceptance Tests
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
         with:
           go-version-file: "go.mod"
           cache: true
@@ -24,9 +24,16 @@ jobs:
     name: Unit Tests
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
         with:
           go-version-file: "go.mod"
           cache: true
-      - run: go test -v -cover ./...
+      - name: Tidy go.mod file
+        run: go mod tidy
+      - name: Generate docs
+        run: go generate ./...
+      - name: Check git diff is clean (all files generated should be committed)
+        run: git diff --exit-code
+      - name: Run tests
+        run: go test -v -cover ./...
diff --git a/docs/resources/resource_definition.md b/docs/resources/resource_definition.md
@@ -64,6 +64,49 @@ resource "humanitec_resource_definition" "gke" {
     })
   }
 }
+
+resource "humanitec_resource_definition" "azure-blob" {
+  driver_type = "humanitec/terraform"
+  id          = "azure-blob"
+  name        = "azure-blob"
+  type        = "azure-blob"
+
+  driver_inputs = {
+    secret_refs = jsonencode({
+      variables = {
+        client_id = {
+          ref   = var.client_id_secret_reference_key
+          store = var.secret_store
+        }
+        client_secret = {
+          ref   = var.client_secret_secret_reference_key
+          store = var.secret_store
+        }
+      }
+
+      source = {
+        ssh_key = {
+          ref   = var.ssh_key_secret_reference_key
+          store = var.secret_store
+        }
+      }
+    })
+
+    values_string = jsonencode({
+      source = {
+        path = var.tf_module_github_path
+        rev  = var.tf_module_github_ref
+        url  = var.tf_module_github_url
+      }
+
+      variables = {
+        tenant_id           = var.tenant_id
+        subscription_id     = var.subscription_id
+        resource_group_name = var.resource_group_name
+      }
+    })
+  }
+}
 ```
 
 <!-- schema generated by tfplugindocs -->

diff --git a/examples/resources/humanitec_resource_definition/resource.tf b/examples/resources/humanitec_resource_definition/resource.tf
@@ -49,3 +49,46 @@ resource "humanitec_resource_definition" "gke" {
     })
   }
 }
+
+resource "humanitec_resource_definition" "azure-blob" {
+  driver_type = "humanitec/terraform"
+  id          = "azure-blob"
+  name        = "azure-blob"
+  type        = "azure-blob"
+
+  driver_inputs = {
+    secret_refs = jsonencode({
+      variables = {
+        client_id = {
+          ref   = var.client_id_secret_reference_key
+          store = var.secret_store
+        }
+        client_secret = {
+          ref   = var.client_secret_secret_reference_key
+          store = var.secret_store
+        }
+      }
+
+      source = {
+        ssh_key = {
+          ref   = var.ssh_key_secret_reference_key
+          store = var.secret_store
+        }
+      }
+    })
+
+    values_string = jsonencode({
+      source = {
+        path = var.tf_module_github_path
+        rev  = var.tf_module_github_ref
+        url  = var.tf_module_github_url
+      }
+
+      variables = {
+        tenant_id           = var.tenant_id
+        subscription_id     = var.subscription_id
+        resource_group_name = var.resource_group_name
+      }
+    })
+  }
+}