tmp refactor

main.go

@@ -3,15 +3,11 @@ package main
 import (
  "context"
  "flag"
- "github.com/hashicorp/terraform-plugin-go/tfprotov6/tf6server"
- "github.com/okta/terraform-provider-oktapam/oktapam/fwprovider"
  "log"
 
- "github.com/hashicorp/terraform-plugin-framework/providerserver"
- "github.com/hashicorp/terraform-plugin-go/tfprotov6"
- "github.com/hashicorp/terraform-plugin-mux/tf5to6server"
- "github.com/hashicorp/terraform-plugin-mux/tf6muxserver"
  "github.com/okta/terraform-provider-oktapam/oktapam"
+
+ "github.com/hashicorp/terraform-plugin-go/tfprotov6/tf6server"
 )
 
 // Run the docs generation tool, check its repository for more information on how it works and how docs
@@ -26,35 +22,7 @@ func main() {
 
  ctx := context.Background()
 
- // SDKV2 used for tf plugin development is designed for maintaining tf plugins that are compatible with Plugin
- // Protocol version 5. Plugins need to communicate with Terraform CLI, protocol version 5 is supported by CLI version
- // 0.12 and later. Protocol version 6 support tf cli version 1.0 or later.
-
- // To start using new TF Plugin Framework(https://developer.hashicorp.com/terraform/plugin/framework) we have two options -
- // Option 1: Downgrade new plugin framework server to support protocol version 5
- // Option 2: Upgrade old SDKV2 provider server to support protocol version 6
- // If we go with Option 1, then will not be able to use some of the newer features like Nested Attributes:
- // https://developer.hashicorp.com/terraform/plugin/framework/handling-data/attributes#nested-attribute-types
-
- //Going with option 2, that will require upgrading tf cli version to 1.0+.
-
- // tf5to6server enables translating a protocol version 5 provider server into a protocol version 6 provider server.
- upgradedSdkProvider, err := tf5to6server.UpgradeServer(
- ctx,
- oktapam.Provider().GRPCProvider,
- )
-
- // Combine Providers
- // Refer: https://developer.hashicorp.com/terraform/plugin/mux/combining-protocol-version-6-providers
- providers := []func() tfprotov6.ProviderServer{
- func() tfprotov6.ProviderServer {
- return upgradedSdkProvider
- },
-
- providerserver.NewProtocol6(fwprovider.New()()),
- }
-
- muxServer, err := tf6muxserver.NewMuxServer(ctx, providers...)
+ muxServer, err := oktapam.ProviderServerFactoryV6(ctx, nil, nil)
  if err != nil {
  log.Fatal(err)
  }
@@ -65,13 +33,9 @@ func main() {
  serveOpts = append(serveOpts, tf6server.WithManagedDebug())
  }
 
- err = tf6server.Serve(
+ _ = tf6server.Serve(
  "registry.terraform.io/okta.com/pam/oktapam",
- muxServer.ProviderServer,
+ muxServer,
  serveOpts...,
  )
-
- if err != nil {
- log.Fatal(err)
- }
 }

oktapam/client/okta_pam_client.go

@@ -230,3 +230,8 @@ func CreateSDKClient(providerConfig *OktaPAMProviderConfig) (*pam.APIClient, err
  }
  return pamClient, nil
 }
+
+// Deprecated: Use getSDKClientFromMetadata instead of using local client
+func GetLocalClientFromMetadata(meta interface{}) *OktaPAMClient {
+ return meta.(*APIClients).LocalClient
+}

oktapam/client/pam_sdk_client.go

@@ -45,3 +45,7 @@ func createErrorForInvalidCodeFromSDK(resp *http.Response, allowed ...int) error
 
  return fmt.Errorf("call resulted in status of %d, expected one of %v.\nResponse Body: %s", received, allowed, body)
 }
+
+func GetSDKClientFromMetadata(meta interface{}) SDKClientWrapper {
+ return meta.(*APIClients).SDKClient
+}

oktapam/client/server_checkout_settings.go

@@ -0,0 +1 @@
+package client

oktapam/client/wrappers/database.go

@@ -2,6 +2,7 @@ package wrappers
 
 import (
  "fmt"
+
  "github.com/atko-pam/pam-sdk-go/client/pam"
  "github.com/okta/terraform-provider-oktapam/oktapam/constants/attributes"
 )

oktapam/constants/configs/constants.go

@@ -0,0 +1,60 @@
+package configs
+
+const (
+ ApiHostSchemaEnvVar = "OKTAPAM_API_HOST"
+ ApiKeySchemaEnvVar = "OKTAPAM_KEY"
+ ApiKeySecretSchemaEnvVar = "OKTAPAM_SECRET"
+ TeamSchemaEnvVar = "OKTAPAM_TEAM"
+
+ ApiHostKey = "oktapam_api_host"
+ ApiKeyKey = "oktapam_key"
+ ApiKeySecretKey = "oktapam_secret"
+ TeamKey = "oktapam_team"
+
+ DefaultAPIBaseURL = "https://app.scaleft.com"
+)
+
+const (
+ MySqlBasicAuth = "mysql.basic_auth"
+)
+
+const (
+ ProviderADCertificateObjectKey = "oktapam_ad_certificate_object"
+ ProviderADCertificateRequestKey = "oktapam_ad_certificate_request"
+ ProviderADConnectionKey = "oktapam_ad_connection"
+ ProviderADConnectionsKey = "oktapam_ad_connections"
+ ProviderADTaskSettingsKey = "oktapam_ad_task_settings"
+ ProviderADUserSyncTaskSettingsKey = "oktapam_ad_user_sync_task_settings"
+ ProviderADUserSyncTaskSettingsIDListKey = "oktapam_ad_user_sync_task_settings_id_list"
+ ProviderCurrentUser = "oktapam_current_user"
+ ProviderDatabaseKey = "oktapam_database"
+ ProviderDatabasePasswordSettings = "oktapam_database_password_settings"
+ ProviderGatewaysKey = "oktapam_gateways"
+ ProviderGatewaySetupTokenKey = "oktapam_gateway_setup_token"
+ ProviderGatewaySetupTokensKey = "oktapam_gateway_setup_tokens"
+ ProviderGroupKey = "oktapam_group"
+ ProviderGroupsKey = "oktapam_groups"
+ ProviderKubernetesClusterKey = "oktapam_kubernetes_cluster"
+ ProviderKubernetesClusterConnectionKey = "oktapam_kubernetes_cluster_connection"
+ ProviderKubernetesClusterGroupKey = "oktapam_kubernetes_cluster_group"
+ ProviderPasswordSettingsKey = "oktapam_password_settings"
+ ProviderProjectKey = "oktapam_project"
+ ProviderProjectsKey = "oktapam_projects"
+ ProviderProjectGroupKey = "oktapam_project_group"
+ ProviderProjectGroupsKey = "oktapam_project_groups"
+ ProviderResourceGroupKey = "oktapam_resource_group"
+ ProviderResourceGroupsKey = "oktapam_resource_groups"
+ ProviderResourceGroupProjectKey = "oktapam_resource_group_project"
+ ProviderResourceGroupProjectsKey = "oktapam_resource_group_projects"
+ ProviderResourceGroupServerEnrollmentTokenKey = "oktapam_resource_group_server_enrollment_token"
+ ProviderResourceGroupServerEnrollmentTokensKey = "oktapam_resource_group_server_enrollment_tokens"
+ ProviderSecretFolderKey = "oktapam_secret_folder"
+ ProviderSecretFoldersKey = "oktapam_secret_folders"
+ ProviderSecurityPoliciesKey = "oktapam_security_policies"
+ ProviderSecurityPolicyKey = "oktapam_security_policy"
+ ProviderServerEnrollmentTokenKey = "oktapam_server_enrollment_token"
+ ProviderServerEnrollmentTokensKey = "oktapam_server_enrollment_tokens"
+ ProviderTeamSettingsKey = "oktapam_team_settings"
+ ProviderUserGroupAttachmentKey = "oktapam_user_group_attachment"
+ ProviderUserKey = "oktapam_user"
+)

oktapam/factory.go

@@ -0,0 +1,70 @@
+package oktapam
+
+import (
+ "context"
+ "log"
+
+ "github.com/hashicorp/terraform-plugin-framework/provider"
+ "github.com/hashicorp/terraform-plugin-framework/providerserver"
+ "github.com/hashicorp/terraform-plugin-go/tfprotov6"
+ "github.com/hashicorp/terraform-plugin-mux/tf5to6server"
+ "github.com/hashicorp/terraform-plugin-mux/tf6muxserver"
+ "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ "github.com/okta/terraform-provider-oktapam/oktapam/fwprovider"
+ "github.com/okta/terraform-provider-oktapam/oktapam/sdkv2"
+)
+
+func ProviderServerFactoryV6(ctx context.Context, sdkV2Provider *schema.Provider, fwProvider *fwprovider.OktapamFrameworkProvider) (func() tfprotov6.ProviderServer, error) {
+ var v5Provider *schema.Provider
+ if sdkV2Provider == nil {
+ v5Provider = sdkv2.Provider()
+ } else {
+ v5Provider = sdkV2Provider
+ }
+
+ var v6Provider provider.Provider
+ if fwProvider == nil {
+ v6Provider = fwprovider.New()()
+ } else {
+ v6Provider = fwProvider
+ }
+
+ // SDKV2 used for tf plugin development is designed for maintaining tf plugins that are compatible with Plugin
+ // Protocol version 5. Plugins need to communicate with Terraform CLI, protocol version 5 is supported by CLI version
+ // 0.12 and later. Protocol version 6 support tf cli version 1.0 or later.
+
+ // To start using new TF Plugin Framework(https://developer.hashicorp.com/terraform/plugin/framework) we have two options -
+ // Option 1: Downgrade new plugin framework server to support protocol version 5
+ // Option 2: Upgrade old SDKV2 provider server to support protocol version 6
+ // If we go with Option 1, then will not be able to use some of the newer features like Nested Attributes:
+ // https://developer.hashicorp.com/terraform/plugin/framework/handling-data/attributes#nested-attribute-types
+
+ //Going with option 2, that will require upgrading tf cli version to 1.0+.
+
+ // tf5to6server enables translating a protocol version 5 provider server into a protocol version 6 provider server.
+ upgradedV5Provider, err := tf5to6server.UpgradeServer(
+ ctx,
+ v5Provider.GRPCProvider,
+ )
+
+ if err != nil {
+ return nil, err
+ }
+
+ // Combine Providers
+ // Refer: https://developer.hashicorp.com/terraform/plugin/mux/combining-protocol-version-6-providers
+ providers := []func() tfprotov6.ProviderServer{
+ func() tfprotov6.ProviderServer {
+ return upgradedV5Provider
+ },
+ providerserver.NewProtocol6(v6Provider),
+ }
+
+ muxServer, err := tf6muxserver.NewMuxServer(ctx, providers...)
+ if err != nil {
+ log.Fatal(err)
+ return nil, err
+ }
+
+ return muxServer.ProviderServer, nil
+}

oktapam/fwprovider/framework_provider.go

@@ -8,26 +8,13 @@ import (
  "github.com/hashicorp/terraform-plugin-framework/provider/schema"
  "github.com/hashicorp/terraform-plugin-framework/types"
  "github.com/okta/terraform-provider-oktapam/oktapam/client"
+ "github.com/okta/terraform-provider-oktapam/oktapam/constants/configs"
 
  "github.com/hashicorp/terraform-plugin-framework/datasource"
  "github.com/hashicorp/terraform-plugin-framework/provider"
  "github.com/hashicorp/terraform-plugin-framework/resource"
 )
 
-const (
- apiHostSchemaEnvVar = "OKTAPAM_API_HOST"
- apiKeySchemaEnvVar = "OKTAPAM_KEY"
- apiKeySecretSchemaEnvVar = "OKTAPAM_SECRET"
- teamSchemaEnvVar = "OKTAPAM_TEAM"
-
- apiHostKey = "oktapam_api_host"
- apiKeyKey = "oktapam_key"
- apiKeySecretKey = "oktapam_secret"
- teamKey = "oktapam_team"
-
- DefaultAPIBaseURL = "https://app.scaleft.com"
-)
-
 func New() func() provider.Provider {
  return func() provider.Provider {
  return &OktapamFrameworkProvider{}
@@ -48,19 +35,19 @@ type OktapamFrameworkProviderModel struct {
 func (p *OktapamFrameworkProvider) Schema(_ context.Context, _ provider.SchemaRequest, resp *provider.SchemaResponse) {
  resp.Schema = schema.Schema{
  Attributes: map[string]schema.Attribute{
- apiHostKey: schema.StringAttribute{
+ configs.ApiHostKey: schema.StringAttribute{
  Optional: true,
  Description: "Okta PAM API Host",
  },
- apiKeyKey: schema.StringAttribute{
+ configs.ApiKeyKey: schema.StringAttribute{
  Optional: true,
  Description: "Okta PAM API Key",
  },
- apiKeySecretKey: schema.StringAttribute{
+ configs.ApiKeySecretKey: schema.StringAttribute{
  Optional: true,
  Description: "Okta PAM API Secret",
  },
- teamKey: schema.StringAttribute{
+ configs.TeamKey: schema.StringAttribute{
  Optional: true,
  Description: "Okta PAM Team",
  },
@@ -124,27 +111,27 @@ func (p *OktapamFrameworkProvider) ConfigureConfigDefaults(config *OktapamFramew
  var diags diag.Diagnostics
 
  if config.OktapamApiKey.IsNull() {
- if apiKey := os.Getenv(apiKeySchemaEnvVar); apiKey != "" {
+ if apiKey := os.Getenv(configs.ApiKeySchemaEnvVar); apiKey != "" {
  config.OktapamApiKey = types.StringValue(apiKey)
  }
  }
 
  if config.OktapamApiHost.IsNull() {
- if apiHost := os.Getenv(apiHostSchemaEnvVar); apiHost != "" {
+ if apiHost := os.Getenv(configs.ApiHostSchemaEnvVar); apiHost != "" {
  config.OktapamApiHost = types.StringValue(apiHost)
  } else {
- config.OktapamApiHost = types.StringValue(DefaultAPIBaseURL)
+ config.OktapamApiHost = types.StringValue(configs.DefaultAPIBaseURL)
  }
  }
 
  if config.OktapamSecret.IsNull() {
- if apiSecret := os.Getenv(apiKeySecretSchemaEnvVar); apiSecret != "" {
+ if apiSecret := os.Getenv(configs.ApiKeySecretSchemaEnvVar); apiSecret != "" {
  config.OktapamSecret = types.StringValue(apiSecret)
  }
  }
 
  if config.OktapamTeam.IsNull() {
- if apiTeam := os.Getenv(teamSchemaEnvVar); apiTeam != "" {
+ if apiTeam := os.Getenv(configs.TeamSchemaEnvVar); apiTeam != "" {
  config.OktapamTeam = types.StringValue(apiTeam)
  }
  }