feat(plugins,domain): Implement Alicloud IAM plugin to dummy branch (#…

…187)

* feat(plugins,domain): Implement MVP for Alicloud IAM plugin

* feat(plugins,domain): Implement MVP for Alicloud IAM plugin patch

* feat(plugins,domain): Implement Alicloud IAM plugin to dummy branch patch 2

* feat(plugins,domain): Implement Alicloud IAM plugin to dummy branch patch 3

* feat(plugins,domain): Implement Alicloud IAM plugin to dummy branch patch 4

* feat(plugins,domain): Implement Alicloud IAM plugin to dummy branch patch 5

* feat(plugins,domain): Implement Alicloud IAM plugin to dummy branch patch 6

* feat(plugins,domain): Implement Alicloud IAM plugin to dummy branch patch 7

Makefile

@@ -3,7 +3,7 @@ COMMIT := $(shell git rev-parse --short HEAD)
 TAG := "$(shell git rev-list --tags --max-count=1)"
 VERSION := "$(shell git describe --tags ${TAG})-next"
 BUILD_DIR=dist
-PROTON_COMMIT := "526e657b03d243a4c9f880e6c4ffbe15b116afd5"
+PROTON_COMMIT := "5709addd6a1a35b6c085eca96ae2c1deaf3842cf"
 
 .PHONY: all build clean test tidy vet proto setup format generate
 

api/handler/v1beta1/adapter.go

@@ -61,6 +61,7 @@ func (a *adapter) FromProviderConfigProto(pc *guardianv1beta1.ProviderConfig) *d
 					ID:          roleProto.GetId(),
 					Name:        roleProto.GetName(),
 					Description: roleProto.GetDescription(),
+					Type:        roleProto.GetType(),
 				}
 
 				if roleProto.Permissions != nil {
@@ -204,6 +205,7 @@ func (a *adapter) ToRole(role *domain.Role) (*guardianv1beta1.Role, error) {
 		Id:          role.ID,
 		Name:        role.Name,
 		Description: role.Description,
+		Type:        role.Type,
 	}
 
 	if role.Permissions != nil {

api/handler/v1beta1/provider_test.go

@@ -336,6 +336,7 @@ func (s *GrpcHandlersSuite) TestCreateProvider() {
 							{
 								ID:   "test-role-id",
 								Name: "test-name",
+								Type: "test-type",
 							},
 						},
 					},
@@ -374,6 +375,7 @@ func (s *GrpcHandlersSuite) TestCreateProvider() {
 								{
 									Id:   "test-role-id",
 									Name: "test-name",
+									Type: "test-type",
 								},
 							},
 						},
@@ -418,6 +420,7 @@ func (s *GrpcHandlersSuite) TestCreateProvider() {
 							{
 								Id:   "test-role-id",
 								Name: "test-name",
+								Type: "test-type",
 							},
 						},
 					},

domain/provider.go

@@ -7,17 +7,18 @@ import (
 )
 
 const (
-	ProviderTypeBigQuery  = "bigquery"
-	ProviderTypeMetabase  = "metabase"
-	ProviderTypeGrafana   = "grafana"
-	ProviderTypeTableau   = "tableau"
-	ProviderTypeGCloudIAM = "gcloud_iam"
-	ProviderTypeNoOp      = "noop"
-	ProviderTypeGCS       = "gcs"
-	ProviderTypePolicyTag = "dataplex"
-	ProviderTypeShield    = "shield"
-	ProviderTypeGitlab    = "gitlab"
-	ProviderTypeGate      = "gate"
+	ProviderTypeAliCloudIAM = "alicloud_iam"
+	ProviderTypeBigQuery    = "bigquery"
+	ProviderTypeMetabase    = "metabase"
+	ProviderTypeGrafana     = "grafana"
+	ProviderTypeTableau     = "tableau"
+	ProviderTypeGCloudIAM   = "gcloud_iam"
+	ProviderTypeNoOp        = "noop"
+	ProviderTypeGCS         = "gcs"
+	ProviderTypePolicyTag   = "dataplex"
+	ProviderTypeShield      = "shield"
+	ProviderTypeGitlab      = "gitlab"
+	ProviderTypeGate        = "gate"
 )
 
 // Role is the configuration to define a role and mapping the permissions in the provider
@@ -26,6 +27,7 @@ type Role struct {
 	Name        string        `json:"name" yaml:"name" validate:"required"`
 	Description string        `json:"description,omitempty" yaml:"description"`
 	Permissions []interface{} `json:"permissions" yaml:"permissions" validate:"required"`
+	Type        string        `json:"type,omitempty" yaml:"type"` // not required to support backward compatible to other provider
 }
 
 // GetOrderedPermissions returns the permissions as a string slice
@@ -57,8 +59,9 @@ type AppealConfig struct {
 	AllowPermanentAccess         bool   `json:"allow_permanent_access" yaml:"allow_permanent_access"`
 	AllowActiveAccessExtensionIn string `json:"allow_active_access_extension_in" yaml:"allow_active_access_extension_in" validate:"required"`
 }
+
 type ProviderConfig struct {
-	Type                string               `json:"type" yaml:"type" validate:"required,oneof=google_bigquery metabase grafana tableau gcloud_iam noop gcs"`
+	Type                string               `json:"type" yaml:"type" validate:"required,oneof=alicloud_iam google_bigquery metabase grafana tableau gcloud_iam noop gcs"`
 	URN                 string               `json:"urn" yaml:"urn" validate:"required"`
 	AllowedAccountTypes []string             `json:"allowed_account_types" yaml:"allowed_account_types" validate:"omitempty,min=1"`
 	Labels              map[string]string    `json:"labels,omitempty" yaml:"labels,omitempty"`

go.mod

@@ -9,7 +9,12 @@ require (
 	cloud.google.com/go/storage v1.30.1
 	github.com/DATA-DOG/go-sqlmock v1.5.2
 	github.com/MakeNowJust/heredoc v1.0.0
+	github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.10
+	github.com/alibabacloud-go/ram-20150501/v2 v2.1.0
+	github.com/alibabacloud-go/tea-utils/v2 v2.0.6
+	github.com/aliyun/credentials-go v1.4.2
 	github.com/antonmedv/expr v1.15.3
+	github.com/bearaujus/bptr v0.0.2
 	github.com/envoyproxy/protoc-gen-validate v1.0.2
 	github.com/go-playground/validator/v10 v10.4.1
 	github.com/golang-migrate/migrate/v4 v4.15.2
@@ -45,7 +50,7 @@ require (
 	go.opentelemetry.io/otel/metric v1.29.0
 	go.opentelemetry.io/otel/sdk v1.29.0
 	go.opentelemetry.io/otel/sdk/metric v1.27.0
-	golang.org/x/net v0.22.0
+	golang.org/x/net v0.23.0
 	golang.org/x/oauth2 v0.22.0
 	golang.org/x/sync v0.4.0
 	google.golang.org/api v0.128.0
@@ -67,13 +72,21 @@ require (
 	github.com/Microsoft/go-winio v0.5.2 // indirect
 	github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect
 	github.com/alecthomas/chroma v0.8.2 // indirect
+	github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5 // indirect
+	github.com/alibabacloud-go/debug v1.0.1 // indirect
+	github.com/alibabacloud-go/endpoint-util v1.1.0 // indirect
+	github.com/alibabacloud-go/openapi-util v0.1.0 // indirect
+	github.com/alibabacloud-go/tea v1.2.2 // indirect
+	github.com/alibabacloud-go/tea-utils v1.3.1 // indirect
+	github.com/alibabacloud-go/tea-xml v1.1.3 // indirect
 	github.com/andybalholm/brotli v1.0.4 // indirect
 	github.com/apache/arrow/go/v12 v12.0.0 // indirect
 	github.com/apache/thrift v0.16.0 // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/briandowns/spinner v1.18.0 // indirect
 	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
 	github.com/charmbracelet/glamour v0.3.0 // indirect
+	github.com/clbanning/mxj/v2 v2.5.5 // indirect
 	github.com/cli/safeexec v1.0.0 // indirect
 	github.com/containerd/continuity v0.3.0 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
@@ -117,6 +130,7 @@ require (
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/jmoiron/sqlx v1.3.5 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/asmfmt v1.3.2 // indirect
 	github.com/klauspost/compress v1.15.9 // indirect
 	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
@@ -132,6 +146,8 @@ require (
 	github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3 // indirect
 	github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect
 	github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/muesli/reflow v0.2.0 // indirect
 	github.com/muesli/termenv v0.9.0 // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
@@ -160,6 +176,7 @@ require (
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tidwall/sjson v1.2.5 // indirect
+	github.com/tjfoc/gmsm v1.4.1 // indirect
 	github.com/tklauser/go-sysconf v0.3.14 // indirect
 	github.com/tklauser/numcpus v0.8.0 // indirect
 	github.com/uptrace/opentelemetry-go-extra/otelsql v0.2.4 // indirect
@@ -186,6 +203,6 @@ require (
 	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect
-	gopkg.in/ini.v1 v1.62.0 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 )