Private key with passphrase, lint fix

go.mod

@@ -4,12 +4,13 @@ go 1.19
 
 require (
 	github.com/hashicorp/terraform-plugin-docs v0.16.0
-	github.com/hashicorp/terraform-plugin-framework v1.3.5
-	github.com/hashicorp/terraform-plugin-go v0.18.0
+	github.com/hashicorp/terraform-plugin-framework v1.4.2
+	github.com/hashicorp/terraform-plugin-go v0.19.0
 	github.com/hashicorp/terraform-plugin-log v0.9.0
-	github.com/melbahja/goph v1.3.1
-	github.com/spf13/cast v1.5.0
-	golang.org/x/crypto v0.11.0
+	github.com/melbahja/goph v1.4.0
+	github.com/spf13/cast v1.5.1
+	golang.org/x/crypto v0.15.0
+	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -22,47 +23,46 @@ require (
 	github.com/armon/go-radix v1.0.0 // indirect
 	github.com/bgentry/speakeasy v0.1.0 // indirect
 	github.com/cloudflare/circl v1.3.3 // indirect
-	github.com/fatih/color v1.14.1 // indirect
+	github.com/fatih/color v1.16.0 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/uuid v1.3.0 // indirect
+	github.com/google/uuid v1.3.1 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-checkpoint v0.5.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-hclog v1.5.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/go-plugin v1.4.10 // indirect
+	github.com/hashicorp/go-plugin v1.6.0 // indirect
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/hashicorp/go-version v1.6.0 // indirect
 	github.com/hashicorp/hc-install v0.5.2 // indirect
 	github.com/hashicorp/terraform-exec v0.18.1 // indirect
 	github.com/hashicorp/terraform-json v0.17.1 // indirect
-	github.com/hashicorp/terraform-registry-address v0.2.1 // indirect
+	github.com/hashicorp/terraform-registry-address v0.2.3 // indirect
 	github.com/hashicorp/terraform-svchost v0.1.1 // indirect
-	github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d // indirect
+	github.com/hashicorp/yamux v0.1.1 // indirect
 	github.com/huandu/xstrings v1.4.0 // indirect
 	github.com/imdario/mergo v0.3.13 // indirect
 	github.com/kr/fs v0.1.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.17 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mitchellh/cli v1.1.5 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
-	github.com/oklog/run v1.0.0 // indirect
+	github.com/oklog/run v1.1.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pkg/sftp v1.13.5 // indirect
+	github.com/pkg/sftp v1.13.6 // indirect
 	github.com/posener/complete v1.2.3 // indirect
 	github.com/russross/blackfriday v1.6.0 // indirect
 	github.com/shopspring/decimal v1.3.1 // indirect
-	github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect
+	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/zclconf/go-cty v1.13.2 // indirect
-	golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect
-	golang.org/x/mod v0.11.0 // indirect
-	golang.org/x/net v0.12.0 // indirect
-	golang.org/x/sys v0.10.0 // indirect
-	golang.org/x/text v0.11.0 // indirect
-	google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
-	google.golang.org/grpc v1.56.1 // indirect
+	golang.org/x/mod v0.14.0 // indirect
+	golang.org/x/net v0.18.0 // indirect
+	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
+	google.golang.org/grpc v1.59.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 )

internal/client/client_manager.go

@@ -31,11 +31,12 @@ func (c ClientManager) connection(typeName string, settings map[string]string) (
 	switch typeName {
 	case "ssh":
 		return &SSHConnection{
-			host:       settings["host"],
-			user:       settings["user"],
-			privateKey: settings["private_key"],
-			port:       cast.ToInt(settings["port"]),
-			secure:     cast.ToBool(settings["secure"]),
+			host:                 settings["host"],
+			user:                 settings["user"],
+			privateKey:           settings["private_key"],
+			privateKeyPassphrase: settings["private_key_passphrase"],
+			port:                 cast.ToInt(settings["port"]),
+			secure:               cast.ToBool(settings["secure"]),
 		}, nil
 	case "aws-ssm":
 		return &AWSSSMConnection{

internal/client/connection_ssh.go

@@ -11,12 +11,13 @@ import (
 type SSHConnection struct {
 	client *goph.Client
 
-	host       string
-	user       string
-	passphrase string
-	privateKey string
-	port       int
-	secure     bool
+	host                 string
+	user                 string
+	passphrase           string
+	privateKey           string
+	privateKeyPassphrase string
+	port                 int
+	secure               bool
 }
 
 func (s *SSHConnection) Connect() error {
@@ -32,9 +33,20 @@ func (s *SSHConnection) Connect() error {
 	if s.port == 0 {
 		s.port = 22
 	}
-	signer, err := ssh.ParsePrivateKey([]byte(s.privateKey))
-	if err != nil {
-		return fmt.Errorf("ssh: cannot parse private key: %w", err)
+	var (
+		signer ssh.Signer
+		err    error
+	)
+	if s.passphrase != "" {
+		signer, err = ssh.ParsePrivateKeyWithPassphrase([]byte(s.privateKey), []byte(s.passphrase))
+		if err != nil {
+			return fmt.Errorf("ssh: cannot parse private key with passphrase: %w", err)
+		}
+	} else {
+		signer, err = ssh.ParsePrivateKey([]byte(s.privateKey))
+		if err != nil {
+			return fmt.Errorf("ssh: cannot parse private key: %w", err)
+		}
 	}
 	var callback ssh.HostKeyCallback
 	if s.secure {

internal/provider/instance_client.go

@@ -157,7 +157,7 @@ func (ic *InstanceClient) launch() error {
 	return nil
 }
 
-// TODO consider using "delete --kill"
+// TODO consider using "delete --kill".
 func (ic *InstanceClient) terminate() error {
 	tflog.Info(ic.ctx, "Terminating AEM instance(s)")
 	if err := ic.runServiceAction("stop"); err != nil {

internal/provider/instance_resource.go

@@ -150,13 +150,13 @@ func (r *InstanceResource) Schema(ctx context.Context, req resource.SchemaReques
 
 				Attributes: map[string]schema.Attribute{
 					"download": schema.BoolAttribute{
-						MarkdownDescription: fmt.Sprintf("Toggle automatic AEM Compose CLI wrapper download. If set to false, assume the wrapper is present in the data directory."),
+						MarkdownDescription: "Toggle automatic AEM Compose CLI wrapper download. If set to false, assume the wrapper is present in the data directory.",
 						Computed:            true,
 						Optional:            true,
 						Default:             booldefault.StaticBool(true),
 					},
 					"version": schema.StringAttribute{
-						MarkdownDescription: fmt.Sprintf("Version of AEM Compose tool to use on remote AEM machine."),
+						MarkdownDescription: "Version of AEM Compose tool to use on remote AEM machine.",
 						Computed:            true,
 						Optional:            true,
 						Default:             stringdefault.StaticString("1.5.8"),

internal/provider/provider_test.go

@@ -14,10 +14,13 @@ import (
 // acceptance testing. The factory function will be invoked for every Terraform
 // CLI command executed to create a provider server to which the CLI can
 // reattach.
+
+//nolint:all // TODO tmp
 var testAccProtoV6ProviderFactories = map[string]func() (tfprotov6.ProviderServer, error){
 	"aem": providerserver.NewProtocol6WithError(New("test")()),
 }
 
+//nolint:all // TODO tmp
 func testAccPreCheck(t *testing.T) {
 	// You can add code here to run prior to any test case execution, for example assertions
 	// about the appropriate environment variables being set are common to see in a pre-check