Merge pull request #7 from holoplot/feat-key-type

add key type param
holoplot · Nov 18, 2024 · b1092f3 · b1092f3
2 parents 3022702 + 375e16f
commit b1092f3
Show file tree

Hide file tree

Showing 4 changed files with 80 additions and 37 deletions.
diff --git a/docs/resources/nkey.md b/docs/resources/nkey.md
@@ -15,7 +15,12 @@ An nkey is an ed25519 key pair formatted for use with NATS.
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
+### Optional
+
+- `type` (String) The type of nkey to generate. Must be one of user|account|server|cluster|operator|curve
+
 ### Read-Only
 
 - `private_key` (String, Sensitive) Private key of the nkey to be given to the client for authentication
 - `public_key` (String) Public key of the nkey to be given in config to the nats server
+- `seed` (String, Sensitive) Seed of the nkey to be given to the client for authentication
diff --git a/examples/provider-install-verification/main.tf b/examples/provider-install-verification/main.tf
@@ -9,4 +9,5 @@ terraform {
 provider "nkey" {
 }
 
-resource "nkey_nkey" "verify" {}
+resource "nkey_nkey" "verify" {
+}
diff --git a/go.mod b/go.mod
@@ -5,7 +5,6 @@ go 1.21
 require (
 	github.com/hashicorp/terraform-plugin-docs v0.19.4
 	github.com/hashicorp/terraform-plugin-framework v1.11.0
-	github.com/hashicorp/terraform-plugin-go v0.23.0
 	github.com/hashicorp/terraform-plugin-log v0.9.0
 	github.com/nats-io/nkeys v0.4.7
 )
@@ -38,6 +37,7 @@ require (
 	github.com/hashicorp/hc-install v0.8.0 // indirect
 	github.com/hashicorp/terraform-exec v0.21.0 // indirect
 	github.com/hashicorp/terraform-json v0.22.1 // indirect
+	github.com/hashicorp/terraform-plugin-go v0.23.0 // indirect
 	github.com/hashicorp/terraform-registry-address v0.2.3 // indirect
 	github.com/hashicorp/terraform-svchost v0.1.1 // indirect
 	github.com/hashicorp/yamux v0.1.1 // indirect

diff --git a/internal/provider/nkey_resource.go b/internal/provider/nkey_resource.go
@@ -5,10 +5,14 @@ package provider
 
 import (
 	"context"
+	"strings"
 
 	"github.com/hashicorp/terraform-plugin-framework/path"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
 
@@ -29,8 +33,10 @@ type Nkey struct {
 
 // NkeyModel describes the resource data model.
 type NkeyModel struct {
-	Public_key  types.String `tfsdk:"public_key"`
-	Private_key types.String `tfsdk:"private_key"`
+	KeyType    types.String `tfsdk:"type"`
+	PublicKey  types.String `tfsdk:"public_key"`
+	PrivateKey types.String `tfsdk:"private_key"`
+	Seed       types.String `tfsdk:"seed"`
 }
 
 func (r *Nkey) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
@@ -43,6 +49,15 @@ func (r *Nkey) Schema(ctx context.Context, req resource.SchemaRequest, resp *res
 		MarkdownDescription: "An nkey is an ed25519 key pair formatted for use with NATS.",
 
 		Attributes: map[string]schema.Attribute{
+			"type": schema.StringAttribute{
+				Optional:    true,
+				Computed:    true,
+				Default:     stringdefault.StaticString("account"),
+				Description: "The type of nkey to generate. Must be one of user|account|server|cluster|operator|curve",
+				PlanModifiers: []planmodifier.String{
+					stringplanmodifier.RequiresReplace(),
+				},
+			},
 			"public_key": schema.StringAttribute{
 				Computed:            true,
 				MarkdownDescription: "Public key of the nkey to be given in config to the nats server",
@@ -52,6 +67,11 @@ func (r *Nkey) Schema(ctx context.Context, req resource.SchemaRequest, resp *res
 				MarkdownDescription: "Private key of the nkey to be given to the client for authentication",
 				Sensitive:           true,
 			},
+			"seed": schema.StringAttribute{
+				Computed:            true,
+				MarkdownDescription: "Seed of the nkey to be given to the client for authentication",
+				Sensitive:           true,
+			},
 		},
 	}
 }
@@ -70,28 +90,10 @@ func (r *Nkey) Create(ctx context.Context, req resource.CreateRequest, resp *res
 		return
 	}
 
-	keys, err := nkeys.CreateAccount()
-	if err != nil {
+	if err := data.generateKeys(); err != nil {
 		resp.Diagnostics.AddError("generating nkey", err.Error())
 		return
 	}
-
-	pubKey, err := keys.PublicKey()
-	if err != nil {
-		resp.Diagnostics.AddError("accessing public nkey", err.Error())
-		return
-	}
-
-	data.Public_key = types.StringValue(pubKey)
-
-	privKey, err := keys.PrivateKey()
-	if err != nil {
-		resp.Diagnostics.AddError("accessing private nkey", err.Error())
-		return
-	}
-
-	data.Private_key = types.StringValue(string(privKey))
-
 	tflog.Trace(ctx, "created nkey resource")
 
 	// Save data into Terraform state
@@ -113,30 +115,65 @@ func (r *Nkey) Read(ctx context.Context, req resource.ReadRequest, resp *resourc
 }
 
 func (r *Nkey) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
-	var data NkeyModel
-
-	// Read Terraform plan data into the model
-	resp.Diagnostics.Append(req.Plan.Get(ctx, &data)...)
-
+	var plan NkeyModel
+	resp.Diagnostics.Append(req.Plan.Get(ctx, &plan)...)
 	if resp.Diagnostics.HasError() {
 		return
 	}
 
 	// Save updated data into Terraform state
-	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
-}
-
-func (r *Nkey) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
-	var data NkeyModel
-
-	// Read Terraform prior state data into the model
-	resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
-
+	resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...)
 	if resp.Diagnostics.HasError() {
 		return
 	}
 }
 
+func (r *Nkey) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+}
+
 func (r *Nkey) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
 	resource.ImportStatePassthroughID(ctx, path.Root("id"), req, resp)
 }
+
+func (m *NkeyModel) generateKeys() (err error) {
+	var keys nkeys.KeyPair
+
+	switch strings.ToLower(m.KeyType.ValueString()) {
+	case "user":
+		keys, err = nkeys.CreateUser()
+	case "account":
+		keys, err = nkeys.CreateAccount()
+	case "server":
+		keys, err = nkeys.CreateServer()
+	case "cluster":
+		keys, err = nkeys.CreateCluster()
+	case "operator":
+		keys, err = nkeys.CreateOperator()
+	case "curve":
+		keys, err = nkeys.CreateCurveKeys()
+	default:
+		keys, err = nkeys.CreateAccount()
+	}
+	if err != nil {
+		return err
+	}
+
+	pubKey, err := keys.PublicKey()
+	if err != nil {
+		return err
+	}
+	privKey, err := keys.PrivateKey()
+	if err != nil {
+		return err
+	}
+	seed, err := keys.Seed()
+	if err != nil {
+		return err
+	}
+
+	m.PublicKey = types.StringValue(pubKey)
+	m.PrivateKey = types.StringValue(string(privKey))
+	m.Seed = types.StringValue(string(seed))
+
+	return nil
+}