terraform-provider-garage/garage/resource_bucket_key.go
Marc 'risson' Schmitt 2b61749be3
Add key, bucket, bucket_key, bucket_global_alias and bucket_local_alias resources
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@prologin.org>
2022-12-10 17:48:33 +01:00

126 lines
3.1 KiB
Go

package garage
import (
"context"
"fmt"
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)
func schemaBucketKey() map[string]*schema.Schema {
return map[string]*schema.Schema{
"bucket_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"access_key_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"read": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"write": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"owner": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
}
}
func resourceBucketKey() *schema.Resource {
return &schema.Resource{
Description: "This resource can be used to manage Garage bucket global aliases.",
CreateContext: resourceBucketKeyCreateOrUpdate,
ReadContext: resourceBucketKeyRead,
UpdateContext: resourceBucketKeyCreateOrUpdate,
DeleteContext: resourceBucketKeyDelete,
Schema: schemaBucketKey(),
}
}
func resourceBucketKeyCreateOrUpdate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
p := m.(*garageProvider)
var diags diag.Diagnostics
bucketID := d.Get("bucket_id").(string)
accessKeyID := d.Get("access_key_id").(string)
read := d.Get("read").(bool)
write := d.Get("write").(bool)
owner := d.Get("owner").(bool)
allowBucketKeyRequest := garage.AllowBucketKeyRequest{
BucketId: bucketID,
AccessKeyId: accessKeyID,
Permissions: garage.AllowBucketKeyRequestPermissions{
Read: read,
Write: write,
Owner: owner,
},
}
denyBucketKeyRequest := garage.AllowBucketKeyRequest{
BucketId: bucketID,
AccessKeyId: accessKeyID,
Permissions: garage.AllowBucketKeyRequestPermissions{
Read: !read,
Write: !write,
Owner: !owner,
},
}
_, _, err := p.client.BucketApi.AllowBucketKey(updateContext(ctx, p)).AllowBucketKeyRequest(allowBucketKeyRequest).Execute()
if err != nil {
return diag.FromErr(err)
}
_, _, err = p.client.BucketApi.DenyBucketKey(updateContext(ctx, p)).AllowBucketKeyRequest(denyBucketKeyRequest).Execute()
if err != nil {
return diag.FromErr(err)
}
d.SetId(fmt.Sprintf("%s/%s", bucketID, accessKeyID))
return diags
}
func resourceBucketKeyRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
var diags diag.Diagnostics
// Noop
return diags
}
func resourceBucketKeyDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
p := m.(*garageProvider)
var diags diag.Diagnostics
bucketID := d.Get("bucket_id").(string)
accessKeyID := d.Get("access_key_id").(string)
denyBucketKeyRequest := garage.AllowBucketKeyRequest{
BucketId: bucketID,
AccessKeyId: accessKeyID,
Permissions: garage.AllowBucketKeyRequestPermissions{
Read: true,
Write: true,
Owner: true,
},
}
_, _, err := p.client.BucketApi.DenyBucketKey(updateContext(ctx, p)).AllowBucketKeyRequest(denyBucketKeyRequest).Execute()
if err != nil {
return diag.FromErr(err)
}
return diags
}