From 49ba175a3ba1b8d06cea387460e2b5c715360935 Mon Sep 17 00:00:00 2001
From: Salim Afiune Maya <afiune@lacework.net>
Date: Mon, 10 May 2021 08:49:12 -0700
Subject: [PATCH] feat: understand Lacework CLI config v2

Signed-off-by: Salim Afiune Maya <afiune@lacework.net>
---
 lacework/provider.go | 37 +++++++++++++------------------------
 1 file changed, 13 insertions(+), 24 deletions(-)

diff --git a/lacework/provider.go b/lacework/provider.go
index a1ebe95b..bbd630d4 100644
--- a/lacework/provider.go
+++ b/lacework/provider.go
@@ -4,14 +4,12 @@ import (
 	"fmt"
 	"log"
 	"os"
-	"path"
 
-	"github.com/BurntSushi/toml"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
-	homedir "github.com/mitchellh/go-homedir"
 	"github.com/pkg/errors"
 
 	"github.com/lacework/go-sdk/api"
+	"github.com/lacework/go-sdk/lwconfig"
 	"github.com/lacework/go-sdk/lwlogger"
 )
 
@@ -118,27 +116,22 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 
 	log.Printf("[INFO] Missing credentials, loading '%s' profile from the Lacework configuration file\n", profile)
 
-	// read config file $HOME/.lacework.toml
-	home, err := homedir.Dir()
+	cPath, err := lwconfig.DefaultConfigPath()
 	if err != nil {
 		return nil, err
 	}
 
-	var (
-		profiles = Profiles{}
-		cPath    = path.Join(home, ".lacework.toml")
-	)
-
 	// if the Lacework configuration file doesn't exist, we are unable to proceed
 	if !fileExist(cPath) {
 		return nil, errors.New(providerMisconfiguredErrorMessage())
 	}
 
-	if _, err := toml.DecodeFile(cPath, &profiles); err != nil {
-		return nil, errors.Wrap(err, "unable to decode profiles from config")
+	profiles, err := lwconfig.LoadProfilesFrom(cPath)
+	if err != nil {
+		return nil, err
 	}
 
-	creds, ok := profiles[profile]
+	config, ok := profiles[profile]
 	if !ok {
 		return nil, errors.Errorf(
 			"profile '%s' not found.\n\nTry using the Lacework CLI command 'lacework configure --profile %s'.",
@@ -148,13 +141,17 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 	// Once we have the right credentials loaded from the configuration file,
 	// we need to verify if any static setting was provided
 	if account == "" {
-		account = creds.Account
+		account = config.Account
+		if config.Version == 2 && config.Subaccount != "" {
+			log.Printf("[INFO] Lacework v2 config. Overriding account '%s' with subaccount '%s'\n", config.Account, config.Subaccount)
+			account = config.Subaccount
+		}
 	}
 	if key == "" {
-		key = creds.ApiKey
+		key = config.ApiKey
 	}
 	if secret == "" {
-		secret = creds.ApiSecret
+		secret = config.ApiSecret
 	}
 
 	apiOpts = append(apiOpts, api.WithApiKeys(key, secret))
@@ -174,11 +171,3 @@ func fileExist(name string) bool {
 	_, err := os.Stat(name)
 	return !os.IsNotExist(err)
 }
-
-type Profiles map[string]credsDetails
-
-type credsDetails struct {
-	Account   string `toml:"account"`
-	ApiKey    string `toml:"api_key"`
-	ApiSecret string `toml:"api_secret"`
-}