Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Username Password Credential Provider #242

Merged
merged 6 commits into from
Aug 10, 2022
Merged

Username Password Credential Provider #242

merged 6 commits into from
Aug 10, 2022

Conversation

kheina
Copy link
Contributor

@kheina kheina commented Aug 3, 2022
edited
Loading

creating the username/password credential provider in terraform

  • provider functionality
  • automated tests
  • manual tests

testing output below

terraform hcl

resource "boundary_credential_store_static" "example" {
	name        = "example_static_credential_store"
	description = "this is a static credential store being created for testing purposes only."
	scope_id    = boundary_scope.project.id
}

resource "boundary_credential_username_password" "example" {
	name                = "localhost_credential"
	description         = "username/password for connecting to localhost"
	credential_store_id = boundary_credential_store_static.example.id
	username            = "dani"
	password            = <definitely censoring this>
}

creation TF output

boundary_credential_store_static.example: Creating...
boundary_credential_store_static.example: Creation complete after 1s [id=cs_8GEdw7ZhEZ]
boundary_credential_username_password.example: Creating...
boundary_credential_username_password.example: Creation complete after 1s [id=cred_qpmoHMsf9m]

credential store(s) read

% boundary credential-stores list -scope-id=global -recursive

Credential Store information:
  ID:                    cs_8GEdw7ZhEZ
    Scope ID:            p_2cBOpqNZNg
    Version:             1
    Type:                static
    Name:                example_static_credential_store
    Description:         this is a static credential store being created for testing purposes only.
    Authorized Actions:
      no-op
      read
      update
      delete

credential read

% boundary credentials read -id=cred_qpmoHMsf9m

Credential information:
  Created Time:          Mon, 08 Aug 2022 17:02:33 EDT
  Credential Store ID:   cs_8GEdw7ZhEZ
  Description:           username/password for connecting to localhost
  ID:                    cred_qpmoHMsf9m
  Name:                  localhost_credential
  Type:                  username_password
  Updated Time:          Mon, 08 Aug 2022 17:02:33 EDT
  Version:               1

  Scope:
    ID:                  p_2cBOpqNZNg
    Name:                databases
    Parent Scope ID:     o_2ZLqRfInwr
    Type:                project

  Authorized Actions:
    no-op
    read
    update
    delete

  Attributes:
    Password HMAC:       <43 character hmac>
    Username:            dani

terraform plan (destroy)

Terraform will perform the following actions:

  # boundary_credential_store_static.example will be destroyed
  # (because boundary_credential_store_static.example is not in configuration)
  - resource "boundary_credential_store_static" "example" {
      - description = "this is a static credential store being created for testing purposes only." -> null
      - id          = "cs_8GEdw7ZhEZ" -> null
      - name        = "example_static_credential_store" -> null
      - scope_id    = "p_2cBOpqNZNg" -> null
    }

  # boundary_credential_username_password.example will be destroyed
  # (because boundary_credential_username_password.example is not in configuration)
  - resource "boundary_credential_username_password" "example" {
      - credential_store_id = "cs_8GEdw7ZhEZ" -> null
      - description         = "username/password for connecting to localhost" -> null
      - id                  = "cred_qpmoHMsf9m" -> null
      - name                = "localhost_credential" -> null
      - password            = <definitely censoring this again> -> null
      - password_hmac       = <the same 43 character hmac> -> null
      - username            = "dani" -> null
    }

terraform apply

boundary_credential_username_password.example: Destroying... [id=cred_qpmoHMsf9m]
boundary_credential_username_password.example: Destruction complete after 0s
boundary_credential_store_static.example: Destroying... [id=cs_8GEdw7ZhEZ]
boundary_credential_store_static.example: Destruction complete after 0s

@kheina kheina changed the title Daniellemiu username password credential Username Password Credential Provider Aug 3, 2022
johanbrandhorst
johanbrandhorst requested changes Aug 3, 2022
View reviewed changes
Copy link
Contributor

@johanbrandhorst johanbrandhorst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great start on this, thanks Dani!

internal/provider/resource_credential_username_password.go Outdated Show resolved Hide resolved
internal/provider/resource_credential_username_password.go Outdated Show resolved Hide resolved
internal/provider/resource_credential_username_password.go Outdated Show resolved Hide resolved
internal/provider/resource_credential_username_password_test.go Outdated Show resolved Hide resolved
johanbrandhorst
johanbrandhorst approved these changes Aug 8, 2022
View reviewed changes
Copy link
Contributor

@johanbrandhorst johanbrandhorst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kheina kheina requested a review from louisruch August 8, 2022 22:09
louisruch
louisruch requested changes Aug 9, 2022
View reviewed changes
Copy link
Contributor

@louisruch louisruch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, I left a couple minor comments. Can you also add a changelog entry for this and the static cred store work that was already completed.

internal/provider/resource_credential_username_password_test.go Outdated Show resolved Hide resolved
internal/provider/resource_credential_username_password.go Outdated Show resolved Hide resolved
louisruch
louisruch approved these changes Aug 10, 2022
View reviewed changes
Copy link
Contributor

@louisruch louisruch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kheina kheina merged commit 41a58f4 into main Aug 10, 2022
@kheina kheina deleted the daniellemiu_username-password-credential branch August 10, 2022 17:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@louisruch louisruch louisruch approved these changes

@johanbrandhorst johanbrandhorst johanbrandhorst approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kheina @johanbrandhorst @louisruch