diff --git a/internal/schema/connection.go b/internal/schema/connection.go new file mode 100644 index 000000000..2f9029586 --- /dev/null +++ b/internal/schema/connection.go @@ -0,0 +1,103 @@ +package schema + +import ( + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func GetConnectionResource(keyName string) *schema.Resource { + username := makePathRef(keyName, "username") + password := makePathRef(keyName, "password") + caFile := makePathRef(keyName, "ca_file") + caData := makePathRef(keyName, "ca_data") + certFile := makePathRef(keyName, "cert_file") + certData := makePathRef(keyName, "cert_data") + keyFile := makePathRef(keyName, "key_file") + keyData := makePathRef(keyName, "key_data") + + return &schema.Resource{ + Schema: map[string]*schema.Schema{ + "username": { + Description: "A username to use for API authentication to Elasticsearch.", + Type: schema.TypeString, + Optional: true, + RequiredWith: []string{password}, + }, + "password": { + Description: "A password to use for API authentication to Elasticsearch.", + Type: schema.TypeString, + Optional: true, + Sensitive: true, + RequiredWith: []string{username}, + }, + "api_key": { + Description: "API Key to use for authentication to Elasticsearch", + Type: schema.TypeString, + Optional: true, + Sensitive: true, + ConflictsWith: []string{username, password}, + }, + "endpoints": { + Description: "A list of endpoints the Terraform provider will point to. They must include the http(s) schema and port number.", + Type: schema.TypeList, + Optional: true, + Sensitive: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + "insecure": { + Description: "Disable TLS certificate validation", + Type: schema.TypeBool, + Optional: true, + DefaultFunc: schema.EnvDefaultFunc("ELASTICSEARCH_INSECURE", false), + }, + "ca_file": { + Description: "Path to a custom Certificate Authority certificate", + Type: schema.TypeString, + Optional: true, + ConflictsWith: []string{caData}, + }, + "ca_data": { + Description: "PEM-encoded custom Certificate Authority certificate", + Type: schema.TypeString, + Optional: true, + ConflictsWith: []string{caFile}, + }, + "cert_file": { + Description: "Path to a file containing the PEM encoded certificate for client auth", + Type: schema.TypeString, + Optional: true, + RequiredWith: []string{keyFile}, + ConflictsWith: []string{certData, keyData}, + }, + "key_file": { + Description: "Path to a file containing the PEM encoded private key for client auth", + Type: schema.TypeString, + Optional: true, + RequiredWith: []string{certFile}, + ConflictsWith: []string{certData, keyData}, + }, + "cert_data": { + Description: "PEM encoded certificate for client auth", + Type: schema.TypeString, + Optional: true, + RequiredWith: []string{keyData}, + ConflictsWith: []string{certFile, keyFile}, + }, + "key_data": { + Description: "PEM encoded private key for client auth", + Type: schema.TypeString, + Optional: true, + Sensitive: true, + RequiredWith: []string{certData}, + ConflictsWith: []string{certFile, keyFile}, + }, + }, + } +} + +func makePathRef(keyName string, keyValue string) string { + return fmt.Sprintf("%s.0.%s", keyName, keyValue) +} diff --git a/internal/utils/utils.go b/internal/utils/utils.go index 46dd0dbed..1b6b08a48 100644 --- a/internal/utils/utils.go +++ b/internal/utils/utils.go @@ -11,6 +11,7 @@ import ( "time" "github.com/elastic/go-elasticsearch/v7/esapi" + providerSchema "github.com/elastic/terraform-provider-elasticstack/internal/schema" "github.com/hashicorp/terraform-plugin-log/tflog" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -123,90 +124,14 @@ func IsEmpty(v interface{}) bool { // Returns the common connection schema for all the Elasticsearch resources, // which defines the fields which can be used to configure the API access func AddConnectionSchema(providedSchema map[string]*schema.Schema) { - providedSchema["elasticsearch_connection"] = &schema.Schema{ + connectionKeyName := "elasticsearch_connection" + + providedSchema[connectionKeyName] = &schema.Schema{ Description: "Used to establish connection to Elasticsearch server. Overrides environment variables if present.", Type: schema.TypeList, Optional: true, MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "username": { - Description: "A username to use for API authentication to Elasticsearch.", - Type: schema.TypeString, - Optional: true, - RequiredWith: []string{"elasticsearch_connection.0.password"}, - }, - "password": { - Description: "A password to use for API authentication to Elasticsearch.", - Type: schema.TypeString, - Optional: true, - Sensitive: true, - RequiredWith: []string{"elasticsearch_connection.0.username"}, - }, - "api_key": { - Description: "API Key to use for authentication to Elasticsearch", - Type: schema.TypeString, - Optional: true, - Sensitive: true, - ConflictsWith: []string{"elasticsearch_connection.0.username", "elasticsearch_connection.0.password"}, - }, - "endpoints": { - Description: "A list of endpoints the Terraform provider will point to. They must include the http(s) schema and port number.", - Type: schema.TypeList, - Optional: true, - Sensitive: true, - Elem: &schema.Schema{ - Type: schema.TypeString, - }, - }, - "insecure": { - Description: "Disable TLS certificate validation", - Type: schema.TypeBool, - Optional: true, - Default: false, - }, - "ca_file": { - Description: "Path to a custom Certificate Authority certificate", - Type: schema.TypeString, - Optional: true, - ConflictsWith: []string{"elasticsearch_connection.0.ca_data"}, - }, - "ca_data": { - Description: "PEM-encoded custom Certificate Authority certificate", - Type: schema.TypeString, - Optional: true, - ConflictsWith: []string{"elasticsearch_connection.0.ca_file"}, - }, - "cert_file": { - Description: "Path to a file containing the PEM encoded certificate for client auth", - Type: schema.TypeString, - Optional: true, - RequiredWith: []string{"elasticsearch_connection.0.key_file"}, - ConflictsWith: []string{"elasticsearch_connection.0.cert_data", "elasticsearch_connection.0.key_data"}, - }, - "key_file": { - Description: "Path to a file containing the PEM encoded private key for client auth", - Type: schema.TypeString, - Optional: true, - RequiredWith: []string{"elasticsearch_connection.0.cert_file"}, - ConflictsWith: []string{"elasticsearch_connection.0.cert_data", "elasticsearch_connection.0.key_data"}, - }, - "cert_data": { - Description: "PEM encoded certificate for client auth", - Type: schema.TypeString, - Optional: true, - RequiredWith: []string{"elasticsearch_connection.0.key_data"}, - ConflictsWith: []string{"elasticsearch_connection.0.cert_file", "elasticsearch_connection.0.key_file"}, - }, - "key_data": { - Description: "PEM encoded private key for client auth", - Type: schema.TypeString, - Optional: true, - RequiredWith: []string{"elasticsearch_connection.0.cert_data"}, - ConflictsWith: []string{"elasticsearch_connection.0.cert_file", "elasticsearch_connection.0.key_file"}, - }, - }, - }, + Elem: providerSchema.GetConnectionResource(connectionKeyName), } } diff --git a/provider/provider.go b/provider/provider.go index b5b1e63a9..a671fb8d9 100644 --- a/provider/provider.go +++ b/provider/provider.go @@ -7,6 +7,7 @@ import ( "github.com/elastic/terraform-provider-elasticstack/internal/elasticsearch/ingest" "github.com/elastic/terraform-provider-elasticstack/internal/elasticsearch/logstash" "github.com/elastic/terraform-provider-elasticstack/internal/elasticsearch/security" + providerSchema "github.com/elastic/terraform-provider-elasticstack/internal/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" ) @@ -17,95 +18,18 @@ func init() { } func New(version string) func() *schema.Provider { + esKeyName := "elasticsearch" + return func() *schema.Provider { p := &schema.Provider{ Schema: map[string]*schema.Schema{ - "elasticsearch": { + esKeyName: { Description: "Default Elasticsearch connection configuration block.", Type: schema.TypeList, MaxItems: 1, Optional: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "username": { - Description: "Username to use for API authentication to Elasticsearch.", - Type: schema.TypeString, - Optional: true, - DefaultFunc: schema.EnvDefaultFunc("ELASTICSEARCH_USERNAME", nil), - }, - "password": { - Description: "Password to use for API authentication to Elasticsearch.", - Type: schema.TypeString, - Optional: true, - Sensitive: true, - DefaultFunc: schema.EnvDefaultFunc("ELASTICSEARCH_PASSWORD", nil), - }, - "api_key": { - Description: "API Key to use for authentication to Elasticsearch", - Type: schema.TypeString, - Optional: true, - Sensitive: true, - DefaultFunc: schema.EnvDefaultFunc("ELASTICSEARCH_API_KEY", nil), - }, - "endpoints": { - Description: "A comma-separated list of endpoints where the terraform provider will point to, this must include the http(s) schema and port number.", - Type: schema.TypeList, - Optional: true, - Sensitive: true, - Elem: &schema.Schema{ - Type: schema.TypeString, - }, - }, - "insecure": { - Description: "Disable TLS certificate validation", - Type: schema.TypeBool, - Optional: true, - DefaultFunc: schema.EnvDefaultFunc("ELASTICSEARCH_INSECURE", false), - }, - "ca_file": { - Description: "Path to a custom Certificate Authority certificate", - Type: schema.TypeString, - Optional: true, - ConflictsWith: []string{"elasticsearch.0.ca_data"}, - }, - "ca_data": { - Description: "PEM-encoded custom Certificate Authority certificate", - Type: schema.TypeString, - Optional: true, - ConflictsWith: []string{"elasticsearch.0.ca_file"}, - }, - "cert_file": { - Description: "Path to a file containing the PEM encoded certificate for client auth", - Type: schema.TypeString, - Optional: true, - RequiredWith: []string{"elasticsearch.0.key_file"}, - ConflictsWith: []string{"elasticsearch.0.cert_data", "elasticsearch.0.key_data"}, - }, - "key_file": { - Description: "Path to a file containing the PEM encoded private key for client auth", - Type: schema.TypeString, - Optional: true, - RequiredWith: []string{"elasticsearch.0.cert_file"}, - ConflictsWith: []string{"elasticsearch.0.cert_data", "elasticsearch.0.key_data"}, - }, - "cert_data": { - Description: "PEM encoded certificate for client auth", - Type: schema.TypeString, - Optional: true, - RequiredWith: []string{"elasticsearch.0.key_data"}, - ConflictsWith: []string{"elasticsearch.0.cert_file", "elasticsearch.0.key_file"}, - }, - "key_data": { - Description: "PEM encoded private key for client auth", - Type: schema.TypeString, - Optional: true, - Sensitive: true, - RequiredWith: []string{"elasticsearch.0.cert_data"}, - ConflictsWith: []string{"elasticsearch.0.cert_file", "elasticsearch.0.key_file"}, - }, - }, - }, + Elem: providerSchema.GetConnectionResource(esKeyName), }, }, DataSourcesMap: map[string]*schema.Resource{