cbs_array_azure release

Author: ps-dbutler

CHANGELOG.md

@@ -1,3 +1,8 @@
+## 0.2.0 (March 9, 2021)
+
+* Release of CBS on Azure support through the cbs_array_azure resource
+* Various docs updates and typo fixes
+
 ## 0.1.0 (February 9, 2021)
 
 * Initial Release. Support for AWS CBS instances only.

README.md

@@ -18,14 +18,52 @@ go mod download
 ```shell
 make
 ```
-Note: The provider has only been tested on Linux and may not work on other platforms
+Note: The provider has only been tested on Linux and might not work on other platforms.
 
 ### AWS Credentials
 
 The provider is built using AWS SDK for Go, and will require the AWS credentials configured
 in the sytem. for more information about setting up the SDK, refer to this page:
 https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html
 
+### Azure Credentials
+
+The provider can be authenticated to Azure using either the Azure CLI or an Azure Service Principal. For Azure CLI,
+Terraform only supports authenticating using the `az` CLI (and this must be available on your PATH). Authenticating
+using the older `azure` CLI or PowerShell Cmdlets are not supported.
+Login to the Azure CLI:
+```shell
+az login
+```
+
+And list the Subscriptions associated with the account:
+```shell
+az account list
+```
+
+You can specify the Subscription to be default if you have more than one Subscription:
+```shell
+az account set --subscription="SUBSCRIPTION_ID"
+```
+
+Terraform can be authenticated with a Service Principal in the provider configuration:
+```hcl
+provider "cbs" {
+    azure {
+        client_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+        client_secret = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+        subscription_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+        tenant_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+    }
+}
+```
+Alternatively, those values can also be supplied to the provider through the following environment variables:
+```shell
+export ARM_CLIENT_ID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+export ARM_CLIENT_SECRET="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+export ARM_SUBSCRIPTION_ID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+export ARM_TENANT_ID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+```
 ## Using the Provider
 
 [Provider Documentation](https://registry.terraform.io/providers/PureStorage-OpenConnect/cbs/latest/docs)
@@ -35,12 +73,15 @@ Example terraform configuration templates can be found in the examples/ subdirec
 ## Testing
 
 To run acceptance tests, a JSON config file must be specified to supply the input parameters to
-the test CBS instances. An example config file can be found at `testing/example_aws_config`.
+the test CBS instances. An example config file for AWS can be found at `testing/example_aws_config`.
 The config file is passed to the test using the `TEST_ACC_AWS_PARAMS_PATH` environment variable.
+An example config file for Azure can be found at `testing/example_azure_config`.
+The config file is passed to the test using the `TEST_ACC_AZURE_PARAMS_PATH` environment variable.
 
 Acceptance tests can be run with `make testacc`:
 ```shell
 export TEST_ACC_AWS_PARAMS_PATH=<path to config file>
+export TEST_ACC_AZURE_PARAMS_PATH=<path to config file>
 make testacc
 ```
 

cbs/cbs_service.go

@@ -0,0 +1,134 @@
+/*
+
+	Copyright 2021, Pure Storage Inc.
+
+	Licensed under the Apache License, Version 2.0 (the "License");
+	you may not use this file except in compliance with the License.
+	You may obtain a copy of the License at
+
+		http://www.apache.org/licenses/LICENSE-2.0
+
+	Unless required by applicable law or agreed to in writing, software
+	distributed under the License is distributed on an "AS IS" BASIS,
+	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	See the License for the specific language governing permissions and
+	limitations under the License.
+
+*/
+
+package cbs
+
+import (
+	"fmt"
+
+	"github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-07-01/managedapplications"
+	"github.com/Azure/go-autorest/autorest"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/cloudformation"
+
+	"github.com/hashicorp/go-azure-helpers/authentication"
+	"github.com/hashicorp/go-azure-helpers/sender"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+)
+
+type CbsService struct {
+	CloudFormation *cloudformation.CloudFormation
+	AzureClient    *AzureClient
+}
+
+type AzureClient struct {
+	ApplicationsClient *managedapplications.ApplicationsClient
+	GroupsClient       *graphrbac.GroupsClient
+}
+
+func (m *CbsService) CloudFormationService() (*cloudformation.CloudFormation, diag.Diagnostics) {
+	if m.CloudFormation == nil {
+		cftSvc, diags := buildSession(awsRegionStr)
+		if diags.HasError() {
+			return nil, diags
+		}
+		m.CloudFormation = cftSvc
+	}
+
+	return m.CloudFormation, nil
+}
+
+func (m *CbsService) AzureClientService() (*AzureClient, diag.Diagnostics) {
+	if m.AzureClient == nil {
+		azureClient, diags := buildAzureClient(azureBuilder)
+		if diags.HasError() {
+			return nil, diags
+		}
+		m.AzureClient = azureClient
+	}
+
+	return m.AzureClient, nil
+}
+
+func buildSession(region string) (*cloudformation.CloudFormation, diag.Diagnostics) {
+	var diags diag.Diagnostics
+	if region == "" {
+		diags = append(diags, diag.Diagnostic{
+			Severity: diag.Error,
+			Summary: fmt.Sprintf("No AWS region specified. The AWS region must be provided either in "+
+				"the provider configuration block or with the %s environment variable.", awsRegionVar),
+		})
+		return nil, diags
+	}
+	sess, err := session.NewSession(&aws.Config{
+		Region: aws.String(region)},
+	)
+	if err != nil {
+		return nil, diag.FromErr(err)
+	}
+
+	cftSvc := cloudformation.New(sess)
+	return cftSvc, nil
+}
+
+func buildAzureClient(builder *authentication.Builder) (*AzureClient, diag.Diagnostics) {
+	var azureClient AzureClient
+	config, err := builder.Build()
+	if err != nil {
+		return nil, diag.FromErr(err)
+	}
+
+	env, err := authentication.DetermineEnvironment(config.Environment)
+	if err != nil {
+		return nil, diag.FromErr(err)
+	}
+
+	// This indicates that a 429 response should not be included as a retry attempt
+	// so that we continue to retry until it succeeds. Set this behavior to keep
+	// consistent with azurerm provider.
+	autorest.Count429AsRetry = false
+
+	oauthConfig, err := config.BuildOAuthConfig(env.ActiveDirectoryEndpoint)
+	if err != nil {
+		return nil, diag.FromErr(err)
+	}
+	sender := sender.BuildSender("cbs")
+	auth, err := config.GetAuthorizationToken(sender, oauthConfig, env.TokenAudience)
+	if err != nil {
+		return nil, diag.FromErr(err)
+	}
+	graphAuth, err := config.GetAuthorizationToken(sender, oauthConfig, env.GraphEndpoint)
+	if err != nil {
+		return nil, diag.FromErr(err)
+	}
+
+	// Create applications client
+	client := managedapplications.NewApplicationsClient(config.SubscriptionID)
+	client.SubscriptionID = config.SubscriptionID
+	client.Client.Authorizer = auth
+	// Create groups client
+	groupClient := graphrbac.NewGroupsClient(config.TenantID)
+	groupClient.Client.Authorizer = graphAuth
+
+	azureClient.ApplicationsClient = &client
+	azureClient.GroupsClient = &groupClient
+	return &azureClient, nil
+}

cbs/common.go

@@ -0,0 +1,59 @@
+/*
+
+	Copyright 2021, Pure Storage Inc.
+
+	Licensed under the Apache License, Version 2.0 (the "License");
+	you may not use this file except in compliance with the License.
+	You may obtain a copy of the License at
+
+		http://www.apache.org/licenses/LICENSE-2.0
+
+	Unless required by applicable law or agreed to in writing, software
+	distributed under the License is distributed on an "AS IS" BASIS,
+	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	See the License for the specific language governing permissions and
+	limitations under the License.
+
+*/
+
+package cbs
+
+import (
+	"regexp"
+	"strings"
+
+	"github.com/iancoleman/strcase"
+)
+
+func toSnake(s string) string {
+	snakeStr := strcase.ToSnake(s)
+	// Post process the string to correct some edge cases
+	if strings.Contains(snakeStr, "i_scsi") {
+		snakeStr = strings.ReplaceAll(snakeStr, "i_scsi", "iscsi")
+	}
+	exp := regexp.MustCompile("ct_([0,1])")
+	if exp.MatchString(snakeStr) {
+		snakeStr = exp.ReplaceAllString(snakeStr, "ct${1}")
+	}
+	return snakeStr
+}
+
+// returns the corresponding terraform schema parameter name given a template
+// parameter name and renamed string map.
+func templateToTFParam(cftParam string, renamedMap map[string]string) string {
+	var tfParam string
+	if renamedParam, ok := renamedMap[cftParam]; ok {
+		tfParam = renamedParam
+	} else {
+		tfParam = toSnake(cftParam)
+	}
+	return tfParam
+}
+
+func convertToStringSlice(vals []interface{}) []string {
+	strs := make([]string, len(vals))
+	for i := range vals {
+		strs[i] = vals[i].(string)
+	}
+	return strs
+}

cbs/common_test.go

@@ -0,0 +1,40 @@
+/*
+
+	Copyright 2021, Pure Storage Inc.
+
+	Licensed under the Apache License, Version 2.0 (the "License");
+	you may not use this file except in compliance with the License.
+	You may obtain a copy of the License at
+
+		http://www.apache.org/licenses/LICENSE-2.0
+
+	Unless required by applicable law or agreed to in writing, software
+	distributed under the License is distributed on an "AS IS" BASIS,
+	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	See the License for the specific language governing permissions and
+	limitations under the License.
+
+*/
+
+package cbs
+
+import (
+	"testing"
+)
+
+func TestCbs_toSnake(t *testing.T) {
+
+	m := map[string]string{
+		"ArrayName":              "array_name",
+		"ISCSISubnet":            "iscsi_subnet",
+		"ReplicationEndpointCT0": "replication_endpoint_ct0",
+		"iSCSIEndpointCT1":       "iscsi_endpoint_ct1",
+	}
+
+	for camel, snakeExp := range m {
+		snakeStr := toSnake(camel)
+		if snakeStr != snakeExp {
+			t.Errorf("error converting camel case to snake case, expected: %s, actual: %s", snakeExp, snakeStr)
+		}
+	}
+}