chore(onboarding): create secure onboarding client

Author: cgeers

sysdig/data_source_sysdig_secure_trusted_cloud_identity.go renamed to sysdig/data_source_sysdig_secure_onboarding.go

@@ -6,11 +6,16 @@ import (
 	"time"
 
 	"github.com/aws/aws-sdk-go/aws/arn"
+	v2 "github.com/draios/terraform-provider-sysdig/sysdig/internal/client/v2"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 )
 
+func getSecureOnboardingClient(c SysdigClients) (v2.OnboardingSecureInterface, error) {
+	return c.sysdigSecureClientV2()
+}
+
 func dataSourceSysdigSecureTrustedCloudIdentity() *schema.Resource {
 	timeout := 5 * time.Minute
 
@@ -53,7 +58,7 @@ func dataSourceSysdigSecureTrustedCloudIdentity() *schema.Resource {
 
 // Retrieves the information of a resource form the file and loads it in Terraform
 func dataSourceSysdigSecureTrustedCloudIdentityRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
-	client, err := getSecureCloudAccountClient(meta.(SysdigClients))
+	client, err := getSecureOnboardingClient(meta.(SysdigClients))
 	if err != nil {
 		return diag.FromErr(err)
 	}
@@ -88,3 +93,43 @@ func dataSourceSysdigSecureTrustedCloudIdentityRead(ctx context.Context, d *sche
 	}
 	return nil
 }
+
+func dataSourceSysdigSecureTenantExternalID() *schema.Resource {
+	timeout := 5 * time.Minute
+
+	return &schema.Resource{
+		ReadContext: dataSourceSysdigSecureTenantExternalIDRead,
+
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(timeout),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"external_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+// Retrieves the information of a resource form the file and loads it in Terraform
+func dataSourceSysdigSecureTenantExternalIDRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client, err := getSecureOnboardingClient(meta.(SysdigClients))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	externalId, err := client.GetTenantExternalIDSecure(ctx)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	d.SetId(externalId)
+	err = d.Set("external_id", externalId)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}

sysdig/data_source_sysdig_secure_trusted_cloud_identity_test.go renamed to sysdig/data_source_sysdig_secure_onboarding_test.go

@@ -61,3 +61,23 @@ data "sysdig_secure_trusted_cloud_identity" "trusted_identity" {
 }
 `
 }
+
+func TestAccTenantExternalIDDataSource(t *testing.T) {
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			if v := os.Getenv("SYSDIG_SECURE_API_TOKEN"); v == "" {
+				t.Fatal("SYSDIG_SECURE_API_TOKEN must be set for acceptance tests")
+			}
+		},
+		ProviderFactories: map[string]func() (*schema.Provider, error){
+			"sysdig": func() (*schema.Provider, error) {
+				return sysdig.Provider(), nil
+			},
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: `data "sysdig_secure_tenant_external_id" "external_id" {}`,
+			},
+		},
+	})
+}

sysdig/data_source_sysdig_secure_tenant_external_id.go

@@ -11,8 +11,6 @@ const (
 	cloudAccountsWithExternalIDPath = "%s/api/cloud/v2/accounts?includeExternalID=true&upsert=true"
 	cloudAccountPath                = "%s/api/cloud/v2/accounts/%s"
 	cloudAccountWithExternalIDPath  = "%s/api/cloud/v2/accounts/%s?includeExternalID=true"
-	onboardingTrustedIdentityPath   = "%s/api/secure/onboarding/v2/trustedIdentity?provider=%s"
-	onboardingTenantExternaIDPath   = "%s/api/secure/onboarding/v2/externalID"
 	providersPath                   = "%v/api/v2/providers"
 )
 
@@ -22,8 +20,6 @@ type CloudAccountSecureInterface interface {
 	GetCloudAccountSecure(ctx context.Context, accountID string) (*CloudAccountSecure, error)
 	DeleteCloudAccountSecure(ctx context.Context, accountID string) error
 	UpdateCloudAccountSecure(ctx context.Context, accountID string, cloudAccount *CloudAccountSecure) (*CloudAccountSecure, error)
-	GetTrustedCloudIdentitySecure(ctx context.Context, provider string) (string, error)
-	GetTenantExternalIDSecure(ctx context.Context) (string, error)
 }
 
 type CloudAccountMonitorInterface interface {
@@ -101,34 +97,6 @@ func (client *Client) UpdateCloudAccountSecure(ctx context.Context, accountID st
 	return Unmarshal[*CloudAccountSecure](response.Body)
 }
 
-func (client *Client) GetTrustedCloudIdentitySecure(ctx context.Context, provider string) (string, error) {
-	response, err := client.requester.Request(ctx, http.MethodGet, fmt.Sprintf(onboardingTrustedIdentityPath, client.config.url, provider), nil)
-	if err != nil {
-		return "", err
-	}
-	defer response.Body.Close()
-
-	if response.StatusCode != http.StatusOK {
-		return "", client.ErrorFromResponse(response)
-	}
-
-	return Unmarshal[string](response.Body)
-}
-
-func (client *Client) GetTenantExternalIDSecure(ctx context.Context) (string, error) {
-	response, err := client.requester.Request(ctx, http.MethodGet, fmt.Sprintf(onboardingTenantExternaIDPath, client.config.url), nil)
-	if err != nil {
-		return "", err
-	}
-	defer response.Body.Close()
-
-	if response.StatusCode != http.StatusOK {
-		return "", client.ErrorFromResponse(response)
-	}
-
-	return Unmarshal[string](response.Body)
-}
-
 func (client *Client) cloudAccountsURL(includeExternalID bool) string {
 	if includeExternalID {
 		return fmt.Sprintf(cloudAccountsWithExternalIDPath, client.config.url)

sysdig/data_source_sysdig_secure_tenant_external_id_test.go

@@ -0,0 +1,46 @@
+package v2
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+)
+
+const (
+	onboardingTrustedIdentityPath = "%s/api/secure/onboarding/v2/trustedIdentity?provider=%s"
+	onboardingTenantExternaIDPath = "%s/api/secure/onboarding/v2/externalID"
+)
+
+type OnboardingSecureInterface interface {
+	Base
+	GetTrustedCloudIdentitySecure(ctx context.Context, provider string) (string, error)
+	GetTenantExternalIDSecure(ctx context.Context) (string, error)
+}
+
+func (client *Client) GetTrustedCloudIdentitySecure(ctx context.Context, provider string) (string, error) {
+	response, err := client.requester.Request(ctx, http.MethodGet, fmt.Sprintf(onboardingTrustedIdentityPath, client.config.url, provider), nil)
+	if err != nil {
+		return "", err
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusOK {
+		return "", client.ErrorFromResponse(response)
+	}
+
+	return Unmarshal[string](response.Body)
+}
+
+func (client *Client) GetTenantExternalIDSecure(ctx context.Context) (string, error) {
+	response, err := client.requester.Request(ctx, http.MethodGet, fmt.Sprintf(onboardingTenantExternaIDPath, client.config.url), nil)
+	if err != nil {
+		return "", err
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusOK {
+		return "", client.ErrorFromResponse(response)
+	}
+
+	return Unmarshal[string](response.Body)
+}

sysdig/internal/client/v2/cloud_account.go

@@ -48,6 +48,7 @@ type SysdigSecure interface {
 	OrganizationSecureInterface
 	CloudauthAccountComponentSecureInterface
 	CloudauthAccountFeatureSecureInterface
+	OnboardingSecureInterface
 }
 
 func (sr *SysdigRequest) Request(ctx context.Context, method string, url string, payload io.Reader) (*http.Response, error) {