Skip to content

Commit

Permalink
Get secret by name (#4825)
Browse files Browse the repository at this point in the history
* Get secret by name

* Applying review comments

* Added test cases for get secret by name

* Added test cases for get secret by name

* Updated documentation

---------

Co-authored-by: Avi Ribchinsky <[email protected]>
  • Loading branch information
avirib and Avi Ribchinsky authored Oct 9, 2023
1 parent 8126a34 commit 3e4bfa9
Show file tree
Hide file tree
Showing 24 changed files with 462 additions and 292 deletions.
60 changes: 17 additions & 43 deletions .secrets.baseline
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,8 @@
"files": "go.mod|go.sum|.*.map|^.secrets.baseline$",
"lines": null
},
"generated_at": "2023-09-19T16:31:40Z",
"generated_at": "2023-09-27T10:48:50Z",
"plugins_used": [
{
"name": "AWSKeyDetector"
},
{
"name": "ArtifactoryDetector"
},
Expand All @@ -21,12 +18,6 @@
{
"name": "BasicAuthDetector"
},
{
"name": "BoxDetector"
},
{
"name": "CloudantDetector"
},
{
"ghe_instance": "github.ibm.com",
"name": "GheDetector"
Expand All @@ -51,9 +42,6 @@
"keyword_exclude": null,
"name": "KeywordDetector"
},
{
"name": "MailchimpDetector"
},
{
"name": "NpmDetector"
},
Expand All @@ -68,12 +56,6 @@
},
{
"name": "SquareOAuthDetector"
},
{
"name": "StripeDetector"
},
{
"name": "TwilioKeyDetector"
}
],
"results": {
Expand Down Expand Up @@ -742,23 +724,23 @@
"hashed_secret": "731438016c5ab94431f61820f35e3ae5f8ad6004",
"is_secret": false,
"is_verified": false,
"line_number": 353,
"line_number": 355,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "12da2e35d6b50c902c014f1ab9e3032650368df7",
"is_secret": false,
"is_verified": false,
"line_number": 359,
"line_number": 361,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "813274ccae5b6b509379ab56982d862f7b5969b6",
"is_secret": false,
"is_verified": false,
"line_number": 1065,
"line_number": 1072,
"type": "Base64 High Entropy String",
"verified_result": null
}
Expand Down Expand Up @@ -846,15 +828,15 @@
"hashed_secret": "c8b6f5ef11b9223ac35a5663975a466ebe7ebba9",
"is_secret": false,
"is_verified": false,
"line_number": 1763,
"line_number": 1766,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "8abf4899c01104241510ba87685ad4de76b0c437",
"is_secret": false,
"is_verified": false,
"line_number": 1769,
"line_number": 1772,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -3014,15 +2996,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 177,
"line_number": 181,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 317,
"line_number": 308,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -3070,15 +3052,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 189,
"line_number": 193,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 345,
"line_number": 335,
"type": "Secret Keyword",
"verified_result": null
}
Expand All @@ -3088,15 +3070,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 227,
"line_number": 231,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 420,
"line_number": 410,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -3142,15 +3124,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 292,
"line_number": 296,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 489,
"line_number": 479,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -3272,15 +3254,15 @@
"hashed_secret": "3046d9f6cfaaeea6eed9bb7a4ab010fe49b0cfd4",
"is_secret": false,
"is_verified": false,
"line_number": 154,
"line_number": 158,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f",
"is_secret": false,
"is_verified": false,
"line_number": 283,
"line_number": 274,
"type": "Secret Keyword",
"verified_result": null
}
Expand Down Expand Up @@ -4201,14 +4183,6 @@
"line_number": 24,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "69d7a780b792608707bd8579c295cb5028505f0b",
"is_secret": false,
"is_verified": false,
"line_number": 24,
"type": "Box Credentials",
"verified_result": null
}
],
"website/docs/r/en_destination_ios.html.markdown": [
Expand Down Expand Up @@ -4758,7 +4732,7 @@
}
]
},
"version": "0.13.1+ibm.52.dss",
"version": "0.13.1+ibm.61.dss",
"word_list": {
"file": null,
"hash": null
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ require (
github.com/IBM/push-notifications-go-sdk v0.0.0-20210310100607-5790b96c47f5
github.com/IBM/scc-go-sdk/v5 v5.1.2
github.com/IBM/schematics-go-sdk v0.2.1
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.0
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.1
github.com/IBM/vpc-beta-go-sdk v0.6.0
github.com/IBM/vpc-go-sdk v0.42.0
github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -166,8 +166,8 @@ github.com/IBM/scc-go-sdk/v5 v5.1.2 h1:9axGtNlP3bHhoE9yJgCuc+g5/VdyhYqfhZ5oS3ovC
github.com/IBM/scc-go-sdk/v5 v5.1.2/go.mod h1:YtAVlzq10bwR82QX4ZavhDIwa1s85RuVO9N/KmXVcuk=
github.com/IBM/schematics-go-sdk v0.2.1 h1:byATysGD+Z1k/wdtNqQmKALcAPjgSLuSyzcabh1jRAw=
github.com/IBM/schematics-go-sdk v0.2.1/go.mod h1:Tw2OSAPdpC69AxcwoyqcYYaGTTW6YpERF9uNEU+BFRQ=
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.0 h1:Lx4Bvim/MfoHEYR+n312bty5DirAJypBGGS9YZo3zCw=
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.0/go.mod h1:jagqWmjZ0zUEqh5jdGB42ApSQS40fu2LWw6pdg8JJko=
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.1 h1:0Ouu31RsuOLdH26oNsnPErEjctWTplLEIXxwExnTZT0=
github.com/IBM/secrets-manager-go-sdk/v2 v2.0.1/go.mod h1:jagqWmjZ0zUEqh5jdGB42ApSQS40fu2LWw6pdg8JJko=
github.com/IBM/vpc-beta-go-sdk v0.6.0 h1:wfM3AcW3zOM3xsRtZ+EA6+sESlGUjQ6Yf4n5QQyz4uc=
github.com/IBM/vpc-beta-go-sdk v0.6.0/go.mod h1:fzHDAQIqH/5yJmYsKodKHLcqxMDT+yfH6vZjdiw8CQA=
github.com/Jeffail/gabs v1.1.1 h1:V0uzR08Hj22EX8+8QMhyI9sX2hwRu+/RJhJUmnwda/E=
Expand Down
51 changes: 23 additions & 28 deletions ibm/service/secretsmanager/data_source_ibm_sm_arbitrary_secret.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,9 @@ package secretsmanager
import (
"context"
"fmt"
"log"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

"github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
"github.com/IBM/secrets-manager-go-sdk/v2/secretsmanagerv2"
)
Expand All @@ -22,9 +19,11 @@ func DataSourceIbmSmArbitrarySecret() *schema.Resource {

Schema: map[string]*schema.Schema{
"secret_id": &schema.Schema{
Type: schema.TypeString,
Required: true,
Description: "The ID of the secret.",
Type: schema.TypeString,
Optional: true,
Computed: true,
ExactlyOneOf: []string{"secret_id", "name"},
Description: "The ID of the secret.",
},
"created_by": &schema.Schema{
Type: schema.TypeString,
Expand Down Expand Up @@ -73,15 +72,24 @@ func DataSourceIbmSmArbitrarySecret() *schema.Resource {
Description: "The number of locks of the secret.",
},
"name": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "The human-readable name of your secret.",
Type: schema.TypeString,
Optional: true,
Computed: true,
ExactlyOneOf: []string{"secret_id", "name"},
RequiredWith: []string{"secret_group_name"},
Description: "The human-readable name of your secret.",
},
"secret_group_id": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Description: "A v4 UUID identifier, or `default` secret group.",
},
"secret_group_name": &schema.Schema{
Type: schema.TypeString,
Optional: true,
RequiredWith: []string{"name"},
Description: "The human-readable name of your secret group.",
},
"secret_type": &schema.Schema{
Type: schema.TypeString,
Computed: true,
Expand Down Expand Up @@ -123,29 +131,16 @@ func DataSourceIbmSmArbitrarySecret() *schema.Resource {
}

func dataSourceIbmSmArbitrarySecretRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
secretsManagerClient, err := meta.(conns.ClientSession).SecretsManagerV2()
if err != nil {
return diag.FromErr(err)
}

region := getRegion(secretsManagerClient, d)
instanceId := d.Get("instance_id").(string)
secretsManagerClient = getClientWithInstanceEndpoint(secretsManagerClient, instanceId, region, getEndpointType(secretsManagerClient, d))

getSecretOptions := &secretsmanagerv2.GetSecretOptions{}

secretId := d.Get("secret_id").(string)
getSecretOptions.SetID(secretId)

secretIntf, response, err := secretsManagerClient.GetSecretWithContext(context, getSecretOptions)
if err != nil {
log.Printf("[DEBUG] GetSecretWithContext failed %s\n%s", err, response)
return diag.FromErr(fmt.Errorf("GetSecretWithContext failed %s\n%s", err, response))
secret, region, instanceId, diagError := getSecretByIdOrByName(context, d, meta, ArbitrarySecretType)
if diagError != nil {
return diagError
}
arbitrarySecret := secretIntf.(*secretsmanagerv2.ArbitrarySecret)

d.SetId(fmt.Sprintf("%s/%s/%s", region, instanceId, secretId))
arbitrarySecret := secret.(*secretsmanagerv2.ArbitrarySecret)
d.SetId(fmt.Sprintf("%s/%s/%s", region, instanceId, *arbitrarySecret.ID))

var err error
if err = d.Set("region", region); err != nil {
return diag.FromErr(fmt.Errorf("Error setting region: %s", err))
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ func TestAccIbmSmArbitrarySecretDataSourceBasic(t *testing.T) {
resource.TestCheckResourceAttrSet("data.ibm_sm_arbitrary_secret.sm_arbitrary_secret", "secret_type"),
resource.TestCheckResourceAttrSet("data.ibm_sm_arbitrary_secret.sm_arbitrary_secret", "updated_at"),
resource.TestCheckResourceAttrSet("data.ibm_sm_arbitrary_secret.sm_arbitrary_secret", "versions_total"),
resource.TestCheckResourceAttrSet("data.ibm_sm_arbitrary_secret.sm_arbitrary_secret_by_name", "name"),
resource.TestCheckResourceAttrSet("data.ibm_sm_arbitrary_secret.sm_arbitrary_secret_by_name", "secret_group_name"),
),
},
},
Expand All @@ -53,5 +55,12 @@ func testAccCheckIbmSmArbitrarySecretDataSourceConfigBasic() string {
region = "%s"
secret_id = ibm_sm_arbitrary_secret.sm_arbitrary_secret_instance.secret_id
}
`, acc.SecretsManagerInstanceID, acc.SecretsManagerInstanceRegion, acc.SecretsManagerInstanceID, acc.SecretsManagerInstanceRegion)
data "ibm_sm_arbitrary_secret" "sm_arbitrary_secret_by_name" {
instance_id = "%s"
region = "%s"
name = ibm_sm_arbitrary_secret.sm_arbitrary_secret_instance.name
secret_group_name = "default"
}
`, acc.SecretsManagerInstanceID, acc.SecretsManagerInstanceRegion, acc.SecretsManagerInstanceID, acc.SecretsManagerInstanceRegion, acc.SecretsManagerInstanceID, acc.SecretsManagerInstanceRegion)
}
Loading

0 comments on commit 3e4bfa9

Please sign in to comment.