Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(pki): Add support for ACME configuration #2157

Merged
merged 2 commits into from
Nov 25, 2024
Merged

feat(pki): Add support for ACME configuration #2157

merged 2 commits into from
Nov 25, 2024
+418 −0

Conversation

Viper61
Copy link
Contributor

@Viper61 Viper61 commented Feb 26, 2024

Description

This PR adds a new resource to enable ACME configuration of a PKI (vault_pki_secret_backend_config_acme).

Relates #1947

Checklist

  • Added CHANGELOG entry (only for user-facing changes)
  • Acceptance tests where run against all supported Vault Versions

Output from acceptance testing:

Vault 1.13 
$ VAULT_ADDR=http://172.20.0.1:8213 TESTARGS="--run TestPkiSecretBackendConfigACME_basic" make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test --run TestPkiSecretBackendConfigACME_basic -timeout 30m ./...
?       github.com/hashicorp/terraform-provider-vault   [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/coverage      [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/generate      [no test files]
?       github.com/hashicorp/terraform-provider-vault/helper    [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/consts   [no test files]
ok      github.com/hashicorp/terraform-provider-vault/codegen   0.010s [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/group   [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/mfa     [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/pki      [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/identity/entity  0.032s [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/sync     [no test files]
?       github.com/hashicorp/terraform-provider-vault/schema    [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/provider 0.040s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/testutil  0.006s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/util      0.007s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/vault     0.026s
Vault 1.14.0 
$ VAULT_ADDR=http://172.20.0.1:8214 TESTARGS="--run TestPkiSecretBackendConfigACME_basic" make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test --run TestPkiSecretBackendConfigACME_basic -timeout 30m ./...
?       github.com/hashicorp/terraform-provider-vault   [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/coverage      [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/generate      [no test files]
?       github.com/hashicorp/terraform-provider-vault/helper    [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/consts   [no test files]
ok      github.com/hashicorp/terraform-provider-vault/codegen   0.011s [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/group   [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/mfa     [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/pki      [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/identity/entity  0.025s [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/sync     [no test files]
?       github.com/hashicorp/terraform-provider-vault/schema    [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/provider 0.028s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/testutil  0.012s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/util      0.005s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/vault     3.727s
Vault 1.14 
$ VAULT_ADDR=http://172.20.0.1:8314 TESTARGS="--run TestPkiSecretBackendConfigACME_basic" make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test --run TestPkiSecretBackendConfigACME_basic -timeout 30m ./...
?       github.com/hashicorp/terraform-provider-vault   [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/coverage      [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/generate      [no test files]
?       github.com/hashicorp/terraform-provider-vault/helper    [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/consts   [no test files]
ok      github.com/hashicorp/terraform-provider-vault/codegen   0.006s [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/group   [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/mfa     [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/pki      [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/identity/entity  0.049s [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/sync     [no test files]
?       github.com/hashicorp/terraform-provider-vault/schema    [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/provider 0.030s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/testutil  0.006s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/util      0.004s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/vault     3.848s
Vault 1.15 
$ VAULT_ADDR=http://172.20.0.1:8215 TESTARGS="--run TestPkiSecretBackendConfigACME_basic" make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test --run TestPkiSecretBackendConfigACME_basic -timeout 30m ./...
?       github.com/hashicorp/terraform-provider-vault   [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/coverage      [no test files]
?       github.com/hashicorp/terraform-provider-vault/cmd/generate      [no test files]
?       github.com/hashicorp/terraform-provider-vault/helper    [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/consts   [no test files]
ok      github.com/hashicorp/terraform-provider-vault/codegen   0.007s [no tests to run]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/group   [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/identity/mfa     [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/pki      [no test files]
?       github.com/hashicorp/terraform-provider-vault/internal/sync     [no test files]
?       github.com/hashicorp/terraform-provider-vault/schema    [no test files]
ok      github.com/hashicorp/terraform-provider-vault/internal/identity/entity  0.048s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/internal/provider 0.055s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/testutil  0.007s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/util      0.005s [no tests to run]
ok      github.com/hashicorp/terraform-provider-vault/vault     3.807s

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

@igor-nikiforov
Copy link

@fairclothjm Could you please review this PR? Thanks!

@igor-nikiforov
Copy link

@benashz friendly reminder.

stevendpclark
stevendpclark requested changes Nov 15, 2024
View reviewed changes
Copy link
Contributor

@stevendpclark stevendpclark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @Viper61, this is wonderful, thank you for taking the time to submit this.

I know it has been a while since you submitted this, sorry about that. I'm happy to take this over and bring it across the line or if you can spare the cycles to address the conflicts and my feedback, please let me know either way.

Once again thank you for your efforts on this!

vault/resource_pki_secret_backend_config_acme.go Outdated Show resolved Hide resolved
internal/consts/consts.go Outdated Show resolved Hide resolved
vault/resource_pki_secret_backend_config_acme.go Show resolved Hide resolved
vault/resource_pki_secret_backend_config_acme.go Outdated Show resolved Hide resolved
vault/resource_pki_secret_backend_config_acme.go Outdated Show resolved Hide resolved
@Viper61
imprv(pki): Remove ValidateFunc, check for 1.14.1. Simplify StateCont…
ce620fc 
…ext. Return error message if response is nil, nil
@Viper61 Viper61 requested a review from a team as a code owner November 24, 2024 17:46
@Viper61
Copy link
Contributor Author

Viper61 commented Nov 24, 2024

Hi @stevendpclark, Thanks for your review.
The rebase and requested updates are complete.
Let me know if you think any further changes are needed.

stevendpclark
stevendpclark approved these changes Nov 25, 2024
View reviewed changes
Copy link
Contributor

@stevendpclark stevendpclark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great to me! Thanks @Viper61 for making all the requested changes.

@stevendpclark stevendpclark merged commit 879bb54 into hashicorp:main Nov 25, 2024
1 check passed
@stevendpclark stevendpclark mentioned this pull request Nov 25, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevendpclark stevendpclark stevendpclark approved these changes

Assignees
No one assigned
Labels
documentation feature-parity pki pki-enhancements size/XL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Viper61 @igor-nikiforov @stevendpclark @vinay-gopalan