Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update platform id validation on signing_profile #32414

Merged
merged 5 commits into from
Jul 18, 2023
Merged

update platform id validation on signing_profile #32414

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3c15627
update platform id validation on signing_profile
phuongdnguyen Jul 7, 2023
5c3d01a
aws_signer_signing_profile: add PlatformID_Values()
johnsonaj Jul 18, 2023
3c2344b
Merge branch 'main' into b-aws_signer_signing_profile-add-platform-id
johnsonaj Jul 18, 2023
b9af8c7
aws_signer_signing_profile: align signing_material attribute to API
johnsonaj Jul 18, 2023
b462ab2
tweak CHANGELOG entry
johnsonaj Jul 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .changelog/32414.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_signer_signing_profile: Update `platform_id` validation.
```

```release-note:enhancement
resource/aws_signer_signing_profile: Add `signing_material` attribute.
```
88 changes: 74 additions & 14 deletions internal/service/signer/signing_profile.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,12 +39,10 @@ func ResourceSigningProfile() *schema.Resource {

Schema: map[string]*schema.Schema{
"platform_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validation.StringInSlice([]string{
"AWSLambda-SHA384-ECDSA"},
false),
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validation.StringInSlice(PlatformID_Values(), false),
},
"name": {
Type: schema.TypeString,
Expand Down Expand Up @@ -89,6 +87,22 @@ func ResourceSigningProfile() *schema.Resource {
Type: schema.TypeString,
Computed: true,
},
"signing_material": {
Type: schema.TypeList,
MaxItems: 1,
Computed: true,
Optional: true,
ForceNew: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"certificate_arn": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
},
},
},
"platform_display_name": {
Type: schema.TypeString,
Computed: true,
Expand Down Expand Up @@ -154,6 +168,10 @@ func resourceSigningProfileCreate(ctx context.Context, d *schema.ResourceData, m
}
}

if v, ok := d.Get("signing_material").([]interface{}); ok && len(v) > 0 {
signingProfileInput.SigningMaterial = expandSigningMaterial(v)
}

_, err := conn.PutSigningProfileWithContext(ctx, signingProfileInput)
if err != nil {
return sdkdiag.AppendErrorf(diags, "creating Signer signing profile: %s", err)
Expand Down Expand Up @@ -185,14 +203,15 @@ func resourceSigningProfileRead(ctx context.Context, d *schema.ResourceData, met
if err := d.Set("platform_id", signingProfileOutput.PlatformId); err != nil {
return sdkdiag.AppendErrorf(diags, "setting signer signing profile platform id: %s", err)
}

if err := d.Set("signature_validity_period", []interface{}{
map[string]interface{}{
"value": signingProfileOutput.SignatureValidityPeriod.Value,
"type": signingProfileOutput.SignatureValidityPeriod.Type,
},
}); err != nil {
return sdkdiag.AppendErrorf(diags, "setting signer signing profile signature validity period: %s", err)
if signingProfileOutput.SignatureValidityPeriod != nil {
if err := d.Set("signature_validity_period", []interface{}{
map[string]interface{}{
"value": signingProfileOutput.SignatureValidityPeriod.Value,
"type": signingProfileOutput.SignatureValidityPeriod.Type,
},
}); err != nil {
return sdkdiag.AppendErrorf(diags, "setting signer signing profile signature validity period: %s", err)
}
}

if err := d.Set("platform_display_name", signingProfileOutput.PlatformDisplayName); err != nil {
Expand All @@ -218,6 +237,11 @@ func resourceSigningProfileRead(ctx context.Context, d *schema.ResourceData, met
if err := d.Set("status", signingProfileOutput.Status); err != nil {
return sdkdiag.AppendErrorf(diags, "setting signer signing profile status: %s", err)
}
if signingProfileOutput.SigningMaterial != nil {
if err := d.Set("signing_material", flattenSigningMaterial(signingProfileOutput.SigningMaterial)); err != nil {
return sdkdiag.AppendErrorf(diags, "setting signer signing profile material: %s", err)
}
}

setTagsOut(ctx, signingProfileOutput.Tags)

Expand Down Expand Up @@ -255,6 +279,33 @@ func resourceSigningProfileDelete(ctx context.Context, d *schema.ResourceData, m
return diags
}

func expandSigningMaterial(in []interface{}) *signer.SigningMaterial {
if len(in) == 0 {
return nil
}

m := in[0].(map[string]interface{})
var out signer.SigningMaterial

if v, ok := m["certificate_arn"].(string); ok && v != "" {
out.CertificateArn = aws.String(v)
}

return &out
}

func flattenSigningMaterial(apiObject *signer.SigningMaterial) []interface{} {
if apiObject == nil {
return nil
}

m := map[string]interface{}{
"certificate_arn": aws.StringValue(apiObject.CertificateArn),
}

return []interface{}{m}
}

func flattenSigningProfileRevocationRecord(apiObject *signer.SigningProfileRevocationRecord) interface{} {
if apiObject == nil {
return []interface{}{}
Expand All @@ -276,3 +327,12 @@ func flattenSigningProfileRevocationRecord(apiObject *signer.SigningProfileRevoc

return []interface{}{tfMap}
}

func PlatformID_Values() []string {
return []string{
"AWSLambda-SHA384-ECDSA",
"Notation-OCI-SHA384-ECDSA",
"AWSIoTDeviceManagement-SHA256-ECDSA",
"AmazonFreeRTOS-TI-CC3220SF",
"AmazonFreeRTOS-Default"}
}
Loading