Implement kong_consumer_key_auth resource

andrew-bulford-form3 · andrew-bulford-form3 · commit c689e4d0d8b2 · 2021-10-08T13:52:01.000+01:00
By adapting the previously copied `kong_consumer_basic_auth` resource.

Note that the TTL property is deliberately omitted from the resource,
because the value is not stable - when retrieved from Kong the value
returned is the remaining TTL based on when it was created, so it's not
very well suited to Terraforming.

Possibly it could be a computed value, but will be left out for now.
diff --git a/kong/provider.go b/kong/provider.go
@@ -71,6 +71,7 @@ func Provider() *schema.Provider {
 			"kong_consumer":            resourceKongConsumer(),
 			"kong_consumer_acl":        resourceKongConsumerACL(),
 			"kong_consumer_basic_auth": resourceKongConsumerBasicAuth(),
+			"kong_consumer_key_auth":   resourceKongConsumerKeyAuth(),
 			"kong_plugin":              resourceKongPlugin(),
 			"kong_upstream":            resourceKongUpstream(),
 			"kong_target":              resourceKongTarget(),
diff --git a/kong/resource_kong_consumer_key_auth.go b/kong/resource_kong_consumer_key_auth.go
@@ -9,27 +9,23 @@ import (
 	"github.com/kong/go-kong/kong"
 )
 
-func resourceKongConsumerBasicAuth() *schema.Resource {
+func resourceKongConsumerKeyAuth() *schema.Resource {
 	return &schema.Resource{
-		CreateContext: resourceKongConsumerBasicAuthCreate,
-		ReadContext:   resourceKongConsumerBasicAuthRead,
-		DeleteContext: resourceKongConsumerBasicAuthDelete,
-		UpdateContext: resourceKongConsumerBasicAuthUpdate,
+		CreateContext: resourceKongConsumerKeyAuthCreate,
+		ReadContext:   resourceKongConsumerKeyAuthRead,
+		DeleteContext: resourceKongConsumerKeyAuthDelete,
+		UpdateContext: resourceKongConsumerKeyAuthUpdate,
 		Schema: map[string]*schema.Schema{
 			"consumer_id": {
 				Type:     schema.TypeString,
 				Required: true,
 				ForceNew: false,
 			},
-			"username": {
-				Type:     schema.TypeString,
-				Required: true,
-				ForceNew: false,
-			},
-			"password": {
-				Type:     schema.TypeString,
-				Required: true,
-				ForceNew: false,
+			"key": {
+				Type:      schema.TypeString,
+				Optional:  true,
+				ForceNew:  false,
+				Sensitive: true,
 			},
 			"tags": {
 				Type:     schema.TypeList,
@@ -41,77 +37,75 @@ func resourceKongConsumerBasicAuth() *schema.Resource {
 	}
 }
 
-func resourceKongConsumerBasicAuthCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
-	BasicAuthRequest := &kong.BasicAuth{
-		Username: kong.String(d.Get("username").(string)),
-		Password: kong.String(d.Get("password").(string)),
-		Tags:     readStringArrayPtrFromResource(d, "tags"),
+func resourceKongConsumerKeyAuthCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	KeyAuthRequest := &kong.KeyAuth{
+		Key:  readStringPtrFromResource(d, "key"),
+		Tags: readStringArrayPtrFromResource(d, "tags"),
 	}
 
 	consumerId := kong.String(d.Get("consumer_id").(string))
 
-	client := meta.(*config).adminClient.BasicAuths
-	basicAuth, err := client.Create(ctx, consumerId, BasicAuthRequest)
+	client := meta.(*config).adminClient.KeyAuths
+	keyAuth, err := client.Create(ctx, consumerId, KeyAuthRequest)
 
 	if err != nil {
-		return diag.FromErr(fmt.Errorf("failed to create kong basic auth: %v error: %v", BasicAuthRequest, err))
+		return diag.FromErr(fmt.Errorf("failed to create kong key auth: %v error: %v", KeyAuthRequest, err))
 	}
 
-	d.SetId(buildConsumerPairID(*basicAuth.ID, *consumerId))
+	d.SetId(buildConsumerPairID(*keyAuth.ID, *consumerId))
 
-	return resourceKongConsumerBasicAuthRead(ctx, d, meta)
+	return resourceKongConsumerKeyAuthRead(ctx, d, meta)
 }
 
-func resourceKongConsumerBasicAuthUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+func resourceKongConsumerKeyAuthUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	id, err := splitConsumerID(d.Id())
 
-	BasicAuthRequest := &kong.BasicAuth{
-		ID:       kong.String(id.ID),
-		Username: kong.String(d.Get("username").(string)),
-		Password: kong.String(d.Get("password").(string)),
-		Tags:     readStringArrayPtrFromResource(d, "tags"),
+	KeyAuthRequest := &kong.KeyAuth{
+		ID:   kong.String(id.ID),
+		Key:  readStringPtrFromResource(d, "key"),
+		Tags: readStringArrayPtrFromResource(d, "tags"),
 	}
 
 	consumerId := kong.String(d.Get("consumer_id").(string))
 
-	client := meta.(*config).adminClient.BasicAuths
-	_, err = client.Update(ctx, consumerId, BasicAuthRequest)
+	client := meta.(*config).adminClient.KeyAuths
+	_, err = client.Update(ctx, consumerId, KeyAuthRequest)
 
 	if err != nil {
-		return diag.FromErr(fmt.Errorf("error updating kong basic auth: %s", err))
+		return diag.FromErr(fmt.Errorf("error updating kong key auth: %s", err))
 	}
 
-	return resourceKongConsumerBasicAuthRead(ctx, d, meta)
+	return resourceKongConsumerKeyAuthRead(ctx, d, meta)
 }
 
-func resourceKongConsumerBasicAuthRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+func resourceKongConsumerKeyAuthRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	var diags diag.Diagnostics
 	id, err := splitConsumerID(d.Id())
 	if err != nil {
 		return diag.FromErr(err)
 	}
 
-	client := meta.(*config).adminClient.BasicAuths
-	basicAuth, err := client.Get(ctx, kong.String(id.ConsumerID), kong.String(id.ID))
+	client := meta.(*config).adminClient.KeyAuths
+	keyAuth, err := client.Get(ctx, kong.String(id.ConsumerID), kong.String(id.ID))
 
 	if kong.IsNotFoundErr(err) {
 		d.SetId("")
 	} else if err != nil {
-		return diag.FromErr(fmt.Errorf("could not find kong ACLGroup with id: %s error: %v", id, err))
+		return diag.FromErr(fmt.Errorf("could not find kong key auth with id: %s error: %v", id, err))
 	}
 
-	if basicAuth == nil {
+	if keyAuth == nil {
 		d.SetId("")
 	} else {
-		err = d.Set("consumer_id", basicAuth.Consumer.ID)
+		err = d.Set("consumer_id", keyAuth.Consumer.ID)
 		if err != nil {
 			return diag.FromErr(err)
 		}
-		err = d.Set("username", basicAuth.Username)
+		err = d.Set("key", keyAuth.Key)
 		if err != nil {
 			return diag.FromErr(err)
 		}
-		err = d.Set("tags", basicAuth.Tags)
+		err = d.Set("tags", keyAuth.Tags)
 		if err != nil {
 			return diag.FromErr(err)
 		}
@@ -120,17 +114,17 @@ func resourceKongConsumerBasicAuthRead(ctx context.Context, d *schema.ResourceDa
 	return diags
 }
 
-func resourceKongConsumerBasicAuthDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+func resourceKongConsumerKeyAuthDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	var diags diag.Diagnostics
 	id, err := splitConsumerID(d.Id())
 	if err != nil {
 		return diag.FromErr(err)
 	}
-	client := meta.(*config).adminClient.BasicAuths
+	client := meta.(*config).adminClient.KeyAuths
 	err = client.Delete(ctx, kong.String(id.ConsumerID), kong.String(id.ID))
 
 	if err != nil {
-		return diag.FromErr(fmt.Errorf("could not delete kong basic auth: %v", err))
+		return diag.FromErr(fmt.Errorf("could not delete kong key auth: %v", err))
 	}
 
 	return diags
diff --git a/kong/resource_kong_consumer_key_auth_test.go b/kong/resource_kong_consumer_key_auth_test.go
@@ -5,66 +5,65 @@ import (
 	"fmt"
 	"testing"
 
-	"github.com/kong/go-kong/kong"
-
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+	"github.com/kong/go-kong/kong"
 )
 
-func TestAccConsumerBasicAuth(t *testing.T) {
+func TestAccConsumerKeyAuth(t *testing.T) {
 
 	resource.Test(t, resource.TestCase{
 		Providers:    testAccProviders,
-		CheckDestroy: testAccCheckConsumerBasicAuthDestroy,
+		CheckDestroy: testAccCheckConsumerKeyAuthDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testCreateConsumerBasicAuthConfig,
+				Config: testCreateConsumerKeyAuthConfig,
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckConsumerBasicAuthExists("kong_consumer_basic_auth.consumer_basic_auth"),
-					resource.TestCheckResourceAttr("kong_consumer_basic_auth.consumer_basic_auth", "username", "foo"),
-					resource.TestCheckResourceAttr("kong_consumer_basic_auth.consumer_basic_auth", "tags.#", "1"),
-					resource.TestCheckResourceAttr("kong_consumer_basic_auth.consumer_basic_auth", "tags.0", "myTag"),
+					testAccCheckConsumerKeyAuthExists("kong_consumer_key_auth.consumer_key_auth"),
+					resource.TestCheckResourceAttr("kong_consumer_key_auth.consumer_key_auth", "key", "foo"),
+					resource.TestCheckResourceAttr("kong_consumer_key_auth.consumer_key_auth", "tags.#", "1"),
+					resource.TestCheckResourceAttr("kong_consumer_key_auth.consumer_key_auth", "tags.0", "myTag"),
 				),
 			},
 			{
-				Config: testUpdateConsumerBasicAuthConfig,
+				Config: testUpdateConsumerKeyAuthConfig,
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckConsumerBasicAuthExists("kong_consumer_basic_auth.consumer_basic_auth"),
-					resource.TestCheckResourceAttr("kong_consumer_basic_auth.consumer_basic_auth", "username", "foo_updated"),
-					resource.TestCheckResourceAttr("kong_consumer_basic_auth.consumer_basic_auth", "tags.#", "2"),
-					resource.TestCheckResourceAttr("kong_consumer_basic_auth.consumer_basic_auth", "tags.0", "myTag"),
-					resource.TestCheckResourceAttr("kong_consumer_basic_auth.consumer_basic_auth", "tags.1", "anotherTag"),
+					testAccCheckConsumerKeyAuthExists("kong_consumer_key_auth.consumer_key_auth"),
+					resource.TestCheckResourceAttr("kong_consumer_key_auth.consumer_key_auth", "key", "foo_updated"),
+					resource.TestCheckResourceAttr("kong_consumer_key_auth.consumer_key_auth", "tags.#", "2"),
+					resource.TestCheckResourceAttr("kong_consumer_key_auth.consumer_key_auth", "tags.0", "myTag"),
+					resource.TestCheckResourceAttr("kong_consumer_key_auth.consumer_key_auth", "tags.1", "anotherTag"),
 				),
 			},
 		},
 	})
 }
 
-func testAccCheckConsumerBasicAuthDestroy(state *terraform.State) error {
+func testAccCheckConsumerKeyAuthDestroy(state *terraform.State) error {
 
-	client := testAccProvider.Meta().(*config).adminClient.BasicAuths
+	client := testAccProvider.Meta().(*config).adminClient.KeyAuths
 
-	resources := getResourcesByType("kong_consumer_basic_auth", state)
+	resources := getResourcesByType("kong_consumer_key_auth", state)
 
 	if len(resources) != 1 {
-		return fmt.Errorf("expecting only 1 consumer basic auth resource found %v", len(resources))
+		return fmt.Errorf("expecting only 1 consumer key auth resource found %v", len(resources))
 	}
 
 	id, err := splitConsumerID(resources[0].Primary.ID)
-	ConsumerBasicAuth, err := client.Get(context.Background(), kong.String(id.ConsumerID), kong.String(id.ID))
+	ConsumerKeyAuth, err := client.Get(context.Background(), kong.String(id.ConsumerID), kong.String(id.ID))
 
 	if !kong.IsNotFoundErr(err) && err != nil {
 		return fmt.Errorf("error calling get consumer auth by id: %v", err)
 	}
 
-	if ConsumerBasicAuth != nil {
-		return fmt.Errorf("jwt auth %s still exists, %+v", id.ID, ConsumerBasicAuth)
+	if ConsumerKeyAuth != nil {
+		return fmt.Errorf("key auth %s still exists, %+v", id.ID, ConsumerKeyAuth)
 	}
 
 	return nil
 }
 
-func testAccCheckConsumerBasicAuthExists(resourceKey string) resource.TestCheckFunc {
+func testAccCheckConsumerKeyAuthExists(resourceKey string) resource.TestCheckFunc {
 
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[resourceKey]
@@ -77,54 +76,52 @@ func testAccCheckConsumerBasicAuthExists(resourceKey string) resource.TestCheckF
 			return fmt.Errorf("no ID is set")
 		}
 
-		client := testAccProvider.Meta().(*config).adminClient.BasicAuths
+		client := testAccProvider.Meta().(*config).adminClient.KeyAuths
 		id, err := splitConsumerID(rs.Primary.ID)
 
-		ConsumerBasicAuth, err := client.Get(context.Background(), kong.String(id.ConsumerID), kong.String(id.ID))
+		ConsumerKeyAuth, err := client.Get(context.Background(), kong.String(id.ConsumerID), kong.String(id.ID))
 
 		if err != nil {
 			return err
 		}
 
-		if ConsumerBasicAuth == nil {
-			return fmt.Errorf("ConsumerBasicAuth with id %v not found", id.ID)
+		if ConsumerKeyAuth == nil {
+			return fmt.Errorf("ConsumerKeyAuth with id %v not found", id.ID)
 		}
 
 		return nil
 	}
 }
 
-const testCreateConsumerBasicAuthConfig = `
+const testCreateConsumerKeyAuthConfig = `
 resource "kong_consumer" "my_consumer" {
 	username  = "User1"
 	custom_id = "123"
 }
 
-resource "kong_plugin" "basic_auth_plugin" {
-	name        = "basic-auth"
+resource "kong_plugin" "key_auth_plugin" {
+	name = "key-auth"
 }
 
-resource "kong_consumer_basic_auth" "consumer_basic_auth" {
-	consumer_id    = "${kong_consumer.my_consumer.id}"
-	username       = "foo"
-	password       = "bar"
-	tags           = ["myTag"]
+resource "kong_consumer_key_auth" "consumer_key_auth" {
+	consumer_id = "${kong_consumer.my_consumer.id}"
+	key         = "foo"
+	tags        = ["myTag"]
 }
 `
-const testUpdateConsumerBasicAuthConfig = `
+const testUpdateConsumerKeyAuthConfig = `
 resource "kong_consumer" "my_consumer" {
 	username  = "User1"
 	custom_id = "123"
 }
 
-resource "kong_plugin" "basic_auth_plugin" {
-	name        = "basic-auth"
+resource "kong_plugin" "key_auth_plugin" {
+	name = "key-auth"
 }
 
-resource "kong_consumer_basic_auth" "consumer_basic_auth" {
-	consumer_id    = "${kong_consumer.my_consumer.id}"
-	username       = "foo_updated"
-	password       = "bar_updated"
-	tags           = ["myTag", "anotherTag"]
+resource "kong_consumer_key_auth" "consumer_key_auth" {
+	consumer_id = "${kong_consumer.my_consumer.id}"
+	key         = "foo_updated"
+	tags        = ["myTag", "anotherTag"]
 }
 `
