├── .github ├── Logo_Red_Hat.png ├── pull_request_template.md └── workflows │ ├── check-commit-format.yml │ └── check-pull-request.yaml ├── .gitignore ├── .tekton └── terraform-provider-rhcs-push.yaml ├── CHANGELOG.md ├── CONTRIBUTE.md ├── Dockerfile ├── LICENSE ├── Makefile ├── OWNERS ├── README.md ├── build ├── build_multiarch ├── ci-tf-e2e.Dockerfile └── info.go ├── docs ├── OWNERS ├── data-sources │ ├── cloud_providers.md │ ├── cluster_rosa_classic.md │ ├── cluster_rosa_hcp.md │ ├── groups.md │ ├── hcp_machine_pool.md │ ├── hcp_policies.md │ ├── info.md │ ├── machine_pool.md │ ├── machine_types.md │ ├── policies.md │ ├── rosa_hcp_operator_roles.md │ ├── rosa_operator_roles.md │ ├── trusted_ip_addresses.md │ └── versions.md ├── guides │ ├── hosted-control-planes.md │ ├── machine-pool.md │ ├── terraform-vars.md │ ├── upgrading-classic-cluster.md │ ├── upgrading-hcp-cluster.md │ └── worker-machine-pool.md ├── index.md └── resources │ ├── cluster_autoscaler.md │ ├── cluster_rosa_classic.md │ ├── cluster_rosa_hcp.md │ ├── cluster_wait.md │ ├── default_ingress.md │ ├── dns_domain.md │ ├── hcp_cluster_autoscaler.md │ ├── hcp_default_ingress.md │ ├── hcp_machine_pool.md │ ├── identity_provider.md │ ├── kubeletconfig.md │ ├── machine_pool.md │ ├── rosa_oidc_config.md │ ├── rosa_oidc_config_input.md │ └── tuning_config.md ├── examples ├── create_account_roles │ ├── README.md │ ├── main.tf │ ├── output.tf │ └── variables.tf ├── create_cluster_autoscaler │ ├── main.tf │ └── variables.tf ├── create_identity_provider │ ├── README.md │ ├── github │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ ├── gitlab │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ ├── google │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ ├── htpasswd │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ ├── ldap │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ └── openid │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf ├── create_machine_pool │ ├── README.md │ ├── main.tf │ └── variables.tf ├── create_rosa_sts_cluster │ ├── README.md │ ├── classic_sts │ │ └── cluster │ │ │ ├── README.md │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ └── oidc_configuration │ │ ├── cluster_with_managed_oidc_config │ │ ├── README.md │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ │ ├── cluster_with_unmanaged_oidc_config │ │ ├── README.md │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ │ └── oidc_provider │ │ ├── README.md │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf ├── list_cloud_providers │ ├── README.md │ └── main.tf ├── list_machine_types │ ├── README.md │ └── main.tf ├── list_trusted_ip_addresses │ ├── README.md │ └── main.tf └── list_versions │ ├── README.md │ ├── main.tf │ ├── output.tf │ └── variables.tf ├── generate_example_usages ├── data-sources │ ├── rhcs_cloud_providers │ │ └── data-source.tf │ ├── rhcs_cluster_rosa_classic │ │ └── data-source.tf │ ├── rhcs_cluster_rosa_hcp │ │ └── data-source.tf │ ├── rhcs_groups │ │ └── data-source.tf │ ├── rhcs_hcp_machine_pool │ │ └── data-source.tf │ ├── rhcs_hcp_policies │ │ └── data-source.tf │ ├── rhcs_info │ │ └── data-source.tf │ ├── rhcs_machine_pool │ │ └── data-source.tf │ ├── rhcs_machine_types │ │ └── data-source.tf │ ├── rhcs_policies │ │ └── data-source.tf │ ├── rhcs_rosa_hcp_operator_roles │ │ └── data-source.tf │ ├── rhcs_rosa_operator_roles │ │ └── data-source.tf │ ├── rhcs_trusted_ip_addresses │ │ └── data_source.tf │ └── rhcs_versions │ │ └── data-source.tf └── resources │ ├── rhcs_cluster_autoscaler │ └── resource.tf │ ├── rhcs_cluster_rosa_classic │ └── resource.tf │ ├── rhcs_cluster_rosa_hcp │ └── resource.tf │ ├── rhcs_cluster_wait │ └── resource.tf │ ├── rhcs_default_ingress │ └── resource.tf │ ├── rhcs_dns_domain │ └── resource.tf │ ├── rhcs_hcp_cluster_autoscaler │ └── resource.tf │ ├── rhcs_hcp_default_ingress │ └── resource.tf │ ├── rhcs_hcp_machine_pool │ └── resource.tf │ ├── rhcs_identity_provider │ └── resource.tf │ ├── rhcs_kubeletconfig │ └── resource.tf │ ├── rhcs_machine_pool │ └── resource.tf │ ├── rhcs_rosa_oidc_config │ └── resource.tf │ ├── rhcs_rosa_oidc_config_input │ └── resource.tf │ └── rhcs_tuning_config │ └── resource.tf ├── go.mod ├── go.sum ├── internal └── ocm │ └── resource │ ├── cluster.go │ ├── cluster_test.go │ ├── dns_domain.go │ └── resource_suit_test.go ├── logging └── logging.go ├── main.go ├── provider ├── autoscaler │ ├── classic │ │ ├── resource.go │ │ ├── resource_test.go │ │ └── state.go │ ├── hcp │ │ ├── resource.go │ │ ├── resource_test.go │ │ └── state.go │ ├── range.go │ ├── types.go │ └── validators.go ├── cloudprovider │ ├── cloud_provider_state.go │ ├── cloud_providers_data_source.go │ └── cloud_providers_state.go ├── cluster │ ├── cluster_resource.go │ ├── cluster_resource_test.go │ └── cluster_state.go ├── clusterrosa │ ├── classic │ │ ├── cluster_rosa_classic_datasource.go │ │ ├── cluster_rosa_classic_resource.go │ │ ├── cluster_rosa_classic_resource_test.go │ │ ├── cluster_rosa_classic_state.go │ │ └── upgrade │ │ │ └── cluster_upgrade.go │ ├── common │ │ ├── consts.go │ │ ├── consts_test.go │ │ ├── properties.go │ │ ├── types │ │ │ ├── admincredentials.go │ │ │ ├── cluster.go │ │ │ └── privatehostedzone.go │ │ └── validators.go │ ├── hcp │ │ ├── datasource.go │ │ ├── resource.go │ │ ├── resource_test.go │ │ ├── shared_vpc │ │ │ └── shared_vpc.go │ │ ├── state.go │ │ └── upgrade │ │ │ └── upgrade.go │ └── sts │ │ └── sts.go ├── clusterwaiter │ ├── cluster_waiter_resource.go │ └── cluster_waiter_state.go ├── common │ ├── attrvalidators │ │ ├── conflicts_with_not_empty.go │ │ ├── conflicts_with_not_empty_test.go │ │ ├── list.go │ │ ├── main_test.go │ │ ├── map.go │ │ ├── notemptymap_validator.go │ │ ├── object.go │ │ ├── string.go │ │ └── string_enum.go │ ├── cluster_client.go │ ├── cluster_waiter.go │ ├── common_suite_test.go │ ├── helpers.go │ ├── helpers_test.go │ ├── http_client.go │ ├── mock_clusterclient.go │ ├── mock_clusterwait.go │ ├── mutex.go │ ├── planmodifiers │ │ ├── main_test.go │ │ ├── redacted_modifier.go │ │ └── redacted_modifier_test.go │ ├── tfconversions.go │ └── validators.go ├── defaultingress │ ├── classic │ │ ├── resource.go │ │ └── state.go │ ├── component_routes.go │ └── hcp │ │ ├── resource.go │ │ └── state.go ├── dnsdomain │ ├── dns_domain_resource.go │ └── dns_domain_state.go ├── group │ ├── group_state.go │ ├── groups_data_source.go │ └── groups_state.go ├── groupmembership │ ├── group_membership_resource.go │ └── group_membership_state.go ├── identityprovider │ ├── github.go │ ├── gitlab.go │ ├── google.go │ ├── htpasswd.go │ ├── htpasswd │ │ ├── api.go │ │ └── helpers.go │ ├── identity_provider_resource.go │ ├── identity_provider_state.go │ ├── ldap.go │ └── openid.go ├── info │ ├── consts.go │ ├── info_data_source.go │ └── info_state.go ├── kubeletconfig │ ├── kubeletconfig_resource.go │ ├── kubeletconfig_resource_test.go │ ├── kubeletconfig_state.go │ ├── kubeletconfig_test.go │ ├── kubeletconfig_validators.go │ └── kubeletconfig_validators_test.go ├── machine_types │ ├── machine_types_data_source.go │ └── machine_types_state.go ├── machinepool │ ├── classic │ │ ├── machine_pool_datasource.go │ │ ├── machine_pool_resource.go │ │ └── machine_pool_state.go │ └── hcp │ │ ├── autoscaling.go │ │ ├── aws_node_pool.go │ │ ├── machine_pool_datasource.go │ │ ├── machine_pool_resource.go │ │ ├── machine_pool_state.go │ │ ├── node_pool_status.go │ │ └── upgrade │ │ └── upgrade.go ├── ocm_policies │ ├── classic │ │ ├── ocm_policies_data_source.go │ │ └── ocm_policies_state.go │ ├── common │ │ └── rh_support_role.go │ └── hcp │ │ ├── ocm_policies_data_source.go │ │ └── ocm_policies_state.go ├── oidcconfig │ ├── rosa_oidc_config_resource.go │ └── rosa_oidc_config_state.go ├── oidcconfiginput │ ├── rosa_oidc_config_input_resource.go │ └── rosa_oidc_config_input_state.go ├── provider.go ├── proxy │ ├── proxy_resource.go │ ├── proxy_state.go │ ├── utils.go │ └── utils_test.go ├── registry_config │ ├── helpers.go │ ├── main_test.go │ ├── resource.go │ ├── state.go │ └── state_test.go ├── rosa_operator_roles │ ├── classic │ │ ├── rosa_operator_roles_data_source.go │ │ └── rosa_operator_roles_state.go │ └── hcp │ │ ├── rosa_operator_roles_data_source.go │ │ └── rosa_operator_roles_state.go ├── trusted_ip_addresses │ ├── trusted_ip_addresses_data_source.go │ └── trusted_ip_addresses_state.go ├── tuningconfigs │ ├── resource.go │ └── state.go └── versions │ ├── versions_data_source.go │ └── versions_state.go ├── scripts ├── assert_no_diff.sh ├── build │ ├── __init__.py │ ├── command.py │ ├── logger.py │ └── make.py └── run_make_e2e_test.py ├── subsystem ├── classic │ ├── classic_test.go │ ├── cloud_providers_data_source_test.go │ ├── cluster_autoscaler_resource_test.go │ ├── cluster_resource_rosa_create_test.go │ ├── cluster_resource_rosa_import_test.go │ ├── cluster_resource_rosa_upgrade_test.go │ ├── cluster_resource_test.go │ ├── cluster_waiter_test.go │ ├── default_ingress_resource_test.go │ ├── dns_domain_resource_test.go │ ├── group_membership_resource_test.go │ ├── groups_data_source_test.go │ ├── identity_provider_resource_test.go │ ├── kubeletconfig_resource_test.go │ ├── machine_pool_resource_test.go │ ├── machine_types_data_source_test.go │ ├── oidc_config_resource_test.go │ ├── rosa_ocm_policies_data_source_test.go │ ├── rosa_oidc_config_input_test.go │ ├── rosa_operator_roles_data_source_test.go │ ├── trusted_ip_addresses_data_source_test.go │ └── versions_data_source_test.go ├── framework │ └── framework.go ├── hcp │ ├── cluster_autoscaler_resource_test.go │ ├── cluster_resource_test.go │ ├── default_ingress_resource_test.go │ ├── dns_domain_resource_test.go │ ├── hcp_test.go │ ├── machine_pool_resource_test.go │ ├── rosa_ocm_policies_data_source_test.go │ └── tuningconfigs_test.go └── init_test.go ├── templates ├── guides │ ├── hosted-control-planes.md.tmpl │ ├── machine-pool.md.tmpl │ ├── terraform-vars.md.tmpl │ ├── upgrading-classic-cluster.md.tmpl │ ├── upgrading-hcp-cluster.md.tmpl │ └── worker-machine-pool.md.tmpl └── index.md.tmpl ├── terraform-registry-manifest.json ├── tests ├── OWNERS ├── README.md ├── ci │ ├── labels.go │ └── profiles │ │ ├── tf_classic_cluster_profiles.yml │ │ └── tf_hcp_cluster_profiles.yml ├── e2e │ ├── account_roles_test.go │ ├── classic_ingress_test.go │ ├── classic_machine_pool_test.go │ ├── cluster_autoscaler_day2_test.go │ ├── cluster_creation_test.go │ ├── cluster_destroy_test.go │ ├── cluster_edit_test.go │ ├── cluster_misc_day2_test.go │ ├── cluster_upgrade_test.go │ ├── dns_test.go │ ├── e2e_suite_test.go │ ├── hcp_ingress_test.go │ ├── hcp_machine_pool_test.go │ ├── idps_test.go │ ├── info_test.go │ ├── kubelet_config_test.go │ ├── machine_pool_test.go │ ├── negative_day_one_test.go │ ├── trusted_ips_test.go │ ├── tuning_config_test.go │ └── verification_post_day1_test.go ├── prow_ci.sh ├── tf-manifests │ ├── aws │ │ ├── account-roles │ │ │ ├── rosa-classic │ │ │ │ ├── main.tf │ │ │ │ ├── output.tf │ │ │ │ └── variables.tf │ │ │ └── rosa-hcp │ │ │ │ ├── main.tf │ │ │ │ ├── output.tf │ │ │ │ └── variables.tf │ │ ├── kms │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── oidc-provider-operator-roles │ │ │ ├── rosa-classic │ │ │ │ ├── main.tf │ │ │ │ ├── output.tf │ │ │ │ └── variables.tf │ │ │ └── rosa-hcp │ │ │ │ ├── main.tf │ │ │ │ ├── output.tf │ │ │ │ └── variables.tf │ │ ├── proxy │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── security-groups │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── shared-vpc-policy-and-hosted-zone │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── vpc-tags │ │ │ ├── main.tf │ │ │ └── variables.tf │ │ └── vpc │ │ │ ├── rosa-classic │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ │ └── rosa-hcp │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ └── rhcs │ │ ├── cluster-autoscaler │ │ ├── rosa-classic │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variable.tf │ │ └── rosa-hcp │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variable.tf │ │ ├── cluster-waiter │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ │ ├── clusters │ │ ├── rosa-classic │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ └── rosa-hcp │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── dns │ │ ├── main.tf │ │ └── output.tf │ │ ├── idps │ │ ├── github │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── gitlab │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── google │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── htpasswd │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── ldap │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── multi-idp │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ └── openid │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── ingresses │ │ ├── rosa-classic │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ └── rosa-hcp │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variables.tf │ │ ├── kubelet-config │ │ ├── main.tf │ │ ├── output.tf │ │ └── variable.tf │ │ ├── machine-pools │ │ ├── rosa-classic │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variable.tf │ │ └── rosa-hcp │ │ │ ├── main.tf │ │ │ ├── output.tf │ │ │ └── variable.tf │ │ ├── resource-import │ │ └── main.tf │ │ ├── rhcs-info │ │ └── main.tf │ │ ├── trusted-ips │ │ ├── main.tf │ │ └── output.tf │ │ └── tuning-config │ │ ├── main.tf │ │ ├── output.tf │ │ └── variable.tf └── utils │ ├── cms │ ├── cms.go │ ├── connection.go │ └── versions.go │ ├── config │ └── config.go │ ├── constants │ ├── constants.go │ ├── http_code.go │ └── version.go │ ├── exec │ ├── README.md │ ├── account-roles.go │ ├── cluster-autoscaler.go │ ├── cluster-waiter.go │ ├── cluster.go │ ├── dns-domain.go │ ├── idps.go │ ├── import.go │ ├── ingress.go │ ├── kms.go │ ├── kubelet-config.go │ ├── machine-pools.go │ ├── manifests │ │ ├── manifests.go │ │ └── state.go │ ├── oidc-provider-operator-roles.go │ ├── proxy.go │ ├── rhcs-info.go │ ├── security-groups.go │ ├── shared-vpc-policy-and-hosted-zone.go │ ├── tf-exec.go │ ├── trusted-ips.go │ ├── tuning-configs.go │ ├── vpc-tags.go │ └── vpc.go │ ├── helper │ ├── assert.go │ ├── certificate.go │ ├── file.go │ ├── helper.go │ ├── iam_policy_fetcher.go │ ├── manifests_handler.go │ ├── map.go │ ├── parse_yaml.go │ ├── registry.go │ ├── tuningconfig.go │ └── version.go │ ├── log │ ├── constants.go │ └── logger.go │ ├── openshift │ ├── console.go │ └── openshift.go │ └── profilehandler │ ├── file.go │ ├── handler.go │ ├── profile.go │ └── profile_defaults.go └── tools └── tools.go /.github/Logo_Red_Hat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/terraform-redhat/terraform-provider-rhcs/f957f33523529c12482f6fafa7ec8a26dcf2df44/.github/Logo_Red_Hat.png -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- 1 | 14 | 15 | **What this PR does / why we need it**: 16 | 17 | **Which issue(s) this PR fixes** *(optional, use `fixes #(, fixes #, ...)` format, where issue_number might be a GitHub issue, or a Jira story (OCM-xxxx)*: 18 | Fixes # 19 | 20 | **Change type** 21 | - [ ] New feature 22 | - [ ] Bug fix 23 | - [ ] Build 24 | - [ ] CI 25 | - [ ] Documentation 26 | - [ ] Performance 27 | - [ ] Refactor 28 | - [ ] Style 29 | - [ ] Unit tests 30 | - [ ] Subsystem tests 31 | 32 | **Checklist** 33 | - [ ] Subject and description added to both, commit and PR. 34 | - [ ] Relevant issues have been referenced. 35 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.log 2 | .idea/* 3 | .terraform* 4 | /dist/ 5 | terraform.tfstate* 6 | terraform.tfvars.d* 7 | /playground/* 8 | /vendor 9 | /tests/rhcs_output 10 | terraform-provider-rhcs 11 | .vscode/**/* 12 | **/ginkgo.report 13 | /temp 14 | **/*.test 15 | coverage.out 16 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi9/go-toolset:latest AS builder 2 | COPY . . 3 | 4 | ENV GOFLAGS=-buildvcs=false 5 | RUN git config --global --add safe.directory /opt/app-root/src && \ 6 | make prepare_release 7 | 8 | FROM registry.access.redhat.com/ubi9/ubi-micro:latest 9 | LABEL description="Terraform Provider RHCS" 10 | LABEL io.k8s.description="Terraform Provider RHCS" 11 | LABEL com.redhat.component="terraform-provider-rhcs" 12 | LABEL distribution-scope="release" 13 | LABEL name="terraform-provider-rhcs" release="X.Y" url="https://github.com/terraform-redhat/terraform-provider-rhcs" 14 | LABEL vendor="Red Hat, Inc." 15 | LABEL version="X.Y" 16 | 17 | COPY --from=builder /opt/app-root/src/releases /releases 18 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - vkareh 3 | - gdbranco 4 | - ciaranRoche 5 | - xueli181114 6 | - yasun1 7 | - yuwang-RH 8 | - jerichokeyne 9 | - hunterkepley 10 | 11 | -------------------------------------------------------------------------------- /build/build_multiarch: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | archs=(amd64 arm64) 3 | oses=(linux darwin windows) 4 | 5 | REL_VER=$(git describe --tags --abbrev=0 | sed "s/v//") 6 | if [[ -z "$REL_VER" ]]; then 7 | echo "Must provide version to prepare release" 1>&2 8 | exit 1 9 | fi 10 | mkdir -p releases 11 | 12 | # Manual build release based on Terraform docs. 13 | prepare_release() { 14 | for os in ${oses[@]} 15 | do 16 | for arch in ${archs[@]} 17 | do 18 | if [[ $os == "windows" ]]; then 19 | extension=".exe" 20 | fi 21 | GOOS=${os} GOARCH=${arch} go build -ldflags="${ldflags}" -o /tmp/terraform-provider-rhcs_${os}_${arch} 22 | mv /tmp/terraform-provider-rhcs_${os}_${arch} terraform-provider-rhcs_v${REL_VER}${extension} 23 | zip releases/terraform-provider-rhcs_${REL_VER}_${os}_${arch}.zip CHANGELOG.md LICENSE README.md terraform-provider-rhcs_v${REL_VER}${extension} 24 | rm terraform-provider-rhcs_v${REL_VER}${extension} 25 | cp terraform-registry-manifest.json releases/terraform-provider-rhcs_${REL_VER}_manifest.json 26 | done 27 | done 28 | cd releases && sha256sum *zip terraform-provider-rhcs_${REL_VER}_manifest.json > terraform-provider-rhcs_${REL_VER}_SHA256SUMS 29 | } 30 | 31 | prepare_release 32 | -------------------------------------------------------------------------------- /build/ci-tf-e2e.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi9/ubi:latest 2 | WORKDIR /root 3 | 4 | # oc 5 | RUN curl -Ls https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable/openshift-client-linux.tar.gz |tar -C /usr/local/bin -xzf - oc 6 | 7 | # ocm 8 | RUN yum install -y wget &&\ 9 | wget https://github.com/openshift-online/ocm-cli/releases/download/v0.1.66/ocm-linux-amd64 -O /usr/local/bin/ocm && \ 10 | chmod +x /usr/local/bin/ocm 11 | 12 | # go 13 | RUN curl -Ls https://go.dev/dl/go1.21.5.linux-amd64.tar.gz |tar -C /usr/local -xzf - 14 | ENV PATH="/usr/local/go/bin:${PATH}" 15 | ENV GOPATH=/usr/local/go 16 | ENV TEST_OFFLINE_TOKEN="" 17 | 18 | # terraform-provider-rhcs repo 19 | COPY . ./terraform-provider-rhcs 20 | 21 | RUN yum install -y yum-utils && \ 22 | yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo &&\ 23 | yum -y install terraform python3 python3-pip make jq httpd-tools git &&\ 24 | pip3 install PyYAML jinja2 &&\ 25 | go env -w GO111MODULE=on &&\ 26 | go install github.com/onsi/ginkgo/v2/ginkgo@v2.13.2 &&\ 27 | go install go.uber.org/mock/mockgen@v0.3.0 &&\ 28 | cd terraform-provider-rhcs && go mod tidy && go mod vendor && make install &&\ 29 | chmod -R 777 $GOPATH &&\ 30 | echo 'RUN done' -------------------------------------------------------------------------------- /build/info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright (c) 2021 Red Hat, Inc. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package build 18 | 19 | // Information about the build of the project. These will be populated by the Go 20 | // linker with an options similar to this: 21 | // 22 | // -ldflags="-X github.com/terraform-redhat/terraform-provider-rhcs/build.Version=123" 23 | var ( 24 | Version string 25 | Commit string 26 | ) 27 | -------------------------------------------------------------------------------- /docs/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - EricPonvelle 3 | - jneczypor 4 | -------------------------------------------------------------------------------- /docs/data-sources/groups.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_groups Data Source - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | List of groups. 7 | --- 8 | 9 | # rhcs_groups (Data Source) 10 | 11 | List of groups. 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | data "rhcs_groups" "groups" { 17 | cluster = "cluster-id-123" 18 | } 19 | ``` 20 | 21 | 22 | ## Schema 23 | 24 | ### Required 25 | 26 | - `cluster` (String) Identifier of the cluster. 27 | 28 | ### Read-Only 29 | 30 | - `items` (Attributes List) Content of the list. (see [below for nested schema](#nestedatt--items)) 31 | 32 | 33 | ### Nested Schema for `items` 34 | 35 | Read-Only: 36 | 37 | - `id` (String) Unique identifier of the group. This is what should be used when referencing the group from other places, for example in the 'group' attribute of the user resource. 38 | - `name` (String) Short name of the group for example 'dedicated-admins'. 39 | -------------------------------------------------------------------------------- /docs/data-sources/info.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_info Data Source - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | 7 | --- 8 | 9 | # rhcs_info (Data Source) 10 | 11 | 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | data "rhcs_info" "info" {} 17 | ``` 18 | 19 | 20 | ## Schema 21 | 22 | ### Read-Only 23 | 24 | - `account_email` (String) OCM account email 25 | - `account_id` (String) OCM user account ID 26 | - `account_name` (String) OCM account User full name 27 | - `account_username` (String) OCM account username 28 | - `ocm_api` (String) OCM API url 29 | - `ocm_aws_account_id` (String) OCM AWS account ID 30 | - `organization_external_id` (String) OCM account organization external id 31 | - `organization_id` (String) OCM account organization id 32 | - `organization_name` (String) OCM account organization name 33 | -------------------------------------------------------------------------------- /docs/data-sources/machine_types.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_machine_types Data Source - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | List of machine types 7 | --- 8 | 9 | # rhcs_machine_types (Data Source) 10 | 11 | List of machine types 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | data "rhcs_machine_types" "machines" {} 17 | ``` 18 | 19 | 20 | ## Schema 21 | 22 | ### Read-Only 23 | 24 | - `items` (Attributes List) Items of the list. (see [below for nested schema](#nestedatt--items)) 25 | 26 | 27 | ### Nested Schema for `items` 28 | 29 | Read-Only: 30 | 31 | - `cloud_provider` (String) Unique identifier of the cloud provider where the machine type is supported. 32 | - `cpu` (Number) Number of vCPU cores. 33 | - `id` (String) Unique identifier of the machine type. 34 | - `name` (String) Short name of the machine type. 35 | - `ram` (Number) Amount of RAM in bytes. 36 | -------------------------------------------------------------------------------- /docs/data-sources/rosa_hcp_operator_roles.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_rosa_hcp_operator_roles Data Source - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | List of ROSA operator role for a specific cluster. 7 | --- 8 | 9 | # rhcs_rosa_hcp_operator_roles (Data Source) 10 | 11 | List of ROSA operator role for a specific cluster. 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | data "rhcs_rosa_hcp_operator_roles" "operator_roles" { 17 | operator_role_prefix = "" 18 | account_role_prefix = "" 19 | } 20 | ``` 21 | 22 | 23 | ## Schema 24 | 25 | ### Required 26 | 27 | - `operator_role_prefix` (String) Operator role prefix. 28 | 29 | ### Optional 30 | 31 | - `account_role_prefix` (String) Account role prefix. 32 | 33 | ### Read-Only 34 | 35 | - `operator_iam_roles` (Attributes List) Operator IAM Roles. (see [below for nested schema](#nestedatt--operator_iam_roles)) 36 | 37 | 38 | ### Nested Schema for `operator_iam_roles` 39 | 40 | Read-Only: 41 | 42 | - `operator_name` (String) Operator Name 43 | - `operator_namespace` (String) Kubernetes Namespace 44 | - `policy_name` (String) policy name 45 | - `role_name` (String) policy name 46 | - `service_accounts` (List of String) service accounts 47 | -------------------------------------------------------------------------------- /docs/data-sources/rosa_operator_roles.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_rosa_operator_roles Data Source - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | List of ROSA operator role for a specific cluster. 7 | --- 8 | 9 | # rhcs_rosa_operator_roles (Data Source) 10 | 11 | List of ROSA operator role for a specific cluster. 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | data "rhcs_rosa_operator_roles" "operator_roles" { 17 | operator_role_prefix = "" 18 | account_role_prefix = "" 19 | } 20 | ``` 21 | 22 | 23 | ## Schema 24 | 25 | ### Required 26 | 27 | - `operator_role_prefix` (String) Operator role prefix. 28 | 29 | ### Optional 30 | 31 | - `account_role_prefix` (String) Account role prefix. 32 | 33 | ### Read-Only 34 | 35 | - `operator_iam_roles` (Attributes List) Operator IAM Roles. (see [below for nested schema](#nestedatt--operator_iam_roles)) 36 | 37 | 38 | ### Nested Schema for `operator_iam_roles` 39 | 40 | Read-Only: 41 | 42 | - `operator_name` (String) Operator Name 43 | - `operator_namespace` (String) Kubernetes Namespace 44 | - `policy_name` (String) policy name 45 | - `role_name` (String) policy name 46 | - `service_accounts` (List of String) service accounts 47 | -------------------------------------------------------------------------------- /docs/data-sources/trusted_ip_addresses.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_trusted_ip_addresses Data Source - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | List of trusted IP addresses 7 | --- 8 | 9 | # rhcs_trusted_ip_addresses (Data Source) 10 | 11 | List of trusted IP addresses 12 | 13 | 14 | 15 | 16 | ## Schema 17 | 18 | ### Read-Only 19 | 20 | - `items` (Attributes List) List of all trusted IP addresses. (see [below for nested schema](#nestedatt--items)) 21 | - `total` (Number) Total number of items in the result set. 22 | 23 | 24 | ### Nested Schema for `items` 25 | 26 | Read-Only: 27 | 28 | - `enabled` (Boolean) Indicates if the IP is enabled. 29 | - `id` (String) IP address. 30 | -------------------------------------------------------------------------------- /docs/data-sources/versions.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_versions Data Source - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | List of OpenShift versions. 7 | --- 8 | 9 | # rhcs_versions (Data Source) 10 | 11 | List of OpenShift versions. 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | data "rhcs_versions" "all" {} 17 | ``` 18 | 19 | 20 | ## Schema 21 | 22 | ### Optional 23 | 24 | - `order` (String) Order criteria. 25 | - `search` (String) Search criteria. 26 | 27 | ### Read-Only 28 | 29 | - `item` (Attributes) Content of the list when there is exactly one item. (see [below for nested schema](#nestedatt--item)) 30 | - `items` (Attributes List) Content of the list. (see [below for nested schema](#nestedatt--items)) 31 | 32 | 33 | ### Nested Schema for `item` 34 | 35 | Read-Only: 36 | 37 | - `id` (String) Unique identifier of the version. This is what should be used when referencing the versions from other places, for example in the 'version' attribute of the cluster resource. 38 | - `name` (String) Short name of the version, for example '4.1.0'. 39 | 40 | 41 | 42 | ### Nested Schema for `items` 43 | 44 | Read-Only: 45 | 46 | - `id` (String) Unique identifier of the version. This is what should be used when referencing the versions from other places, for example in the 'version' attribute of the cluster resource. 47 | - `name` (String) Short name of the version, for example '4.1.0'. 48 | -------------------------------------------------------------------------------- /docs/resources/cluster_wait.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_cluster_wait Resource - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | Wait Cluster Resource To be Ready 7 | --- 8 | 9 | # rhcs_cluster_wait (Resource) 10 | 11 | Wait Cluster Resource To be Ready 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | resource "rhcs_cluster_wait" "waiter" { 17 | cluster = "cluster-id-123" 18 | # timeout in minutes 19 | timeout = 60 20 | } 21 | ``` 22 | 23 | 24 | ## Schema 25 | 26 | ### Required 27 | 28 | - `cluster` (String) Identifier of the cluster. 29 | 30 | ### Optional 31 | 32 | - `timeout` (Number) An optional timeout until the cluster is ready. The timeout value is set in minutes. The default value is 60 minutes. 33 | 34 | ### Read-Only 35 | 36 | - `ready` (Boolean) Whether the cluster is ready.Note: this does not account for cluster operators still progressing to completion. 37 | -------------------------------------------------------------------------------- /docs/resources/dns_domain.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_dns_domain Resource - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | DNS Domain 7 | --- 8 | 9 | # rhcs_dns_domain (Resource) 10 | 11 | DNS Domain 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | resource "rhcs_dns_domain" "dns_domain" {} 17 | ``` 18 | 19 | 20 | ## Schema 21 | 22 | ### Optional 23 | 24 | - `cluster_arch` (String) Identifies the cluster architecture of the dns domain 25 | 26 | ### Read-Only 27 | 28 | - `id` (String) Unique identifier of the DNS Domain 29 | -------------------------------------------------------------------------------- /docs/resources/hcp_default_ingress.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_hcp_default_ingress Resource - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | Edit a cluster ingress (load balancer) 7 | --- 8 | 9 | # rhcs_hcp_default_ingress (Resource) 10 | 11 | Edit a cluster ingress (load balancer) 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | resource "rhcs_hcp_default_ingress" "default_ingress" { 17 | cluster = "cluster-id-123" 18 | listening_method = "external" 19 | } 20 | ``` 21 | 22 | 23 | ## Schema 24 | 25 | ### Required 26 | 27 | - `cluster` (String) Identifier of the cluster. After the creation of the resource, it is not possible to update the attribute value. 28 | - `listening_method` (String) Listening Method for apps ingress. Options are external,internal. 29 | 30 | ### Read-Only 31 | 32 | - `id` (String) Unique identifier of the ingress. 33 | -------------------------------------------------------------------------------- /docs/resources/kubeletconfig.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_kubeletconfig Resource - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | KubeletConfig allows setting a customized Kubelet configuration 7 | --- 8 | 9 | # rhcs_kubeletconfig (Resource) 10 | 11 | KubeletConfig allows setting a customized Kubelet configuration 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | # Example KubeletConfig 17 | resource rhcs_kubeletconfig "example_kubeletconfig" { 18 | cluster = "cluster-id-123" 19 | pod_pids_limit = 10000 20 | } 21 | ``` 22 | 23 | 24 | ## Schema 25 | 26 | ### Required 27 | 28 | - `cluster` (String) Identifier of the cluster.After the creation of the resource, it is not possible to update the attribute value. 29 | - `pod_pids_limit` (Number) Sets the requested podPidsLimit to be applied as part of the custom KubeletConfig. 30 | 31 | ### Optional 32 | 33 | - `id` (String) ID of the KubeletConfig.After the creation of the resource, it is not possible to update the attribute value. 34 | - `name` (String) Name of the KubeletConfig.After the creation of the resource, it is not possible to update the attribute value. 35 | -------------------------------------------------------------------------------- /docs/resources/rosa_oidc_config.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_rosa_oidc_config Resource - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | Manages OIDC config 7 | --- 8 | 9 | # rhcs_rosa_oidc_config (Resource) 10 | 11 | Manages OIDC config 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | # example for unmanaged oidc 17 | resource "rhcs_rosa_oidc_config" "oidc_config" { 18 | managed = false 19 | secret_arn = "" 20 | issuer_url = "" 21 | installer_role_arn = "" 22 | } 23 | 24 | # example for managed oidc 25 | resource "rhcs_rosa_oidc_config" "oidc_config" { 26 | managed = true 27 | } 28 | ``` 29 | 30 | 31 | ## Schema 32 | 33 | ### Required 34 | 35 | - `managed` (Boolean) Indicates whether it is a Red Hat managed or unmanaged (Customer hosted) OIDC configuration, for the cluster's OIDC provider. 36 | 37 | ### Optional 38 | 39 | - `installer_role_arn` (String) AWS STS Role ARN for cluster install (with get-secrets permission in the attached policy) 40 | - `issuer_url` (String) The bucket/issuer URL 41 | - `secret_arn` (String) Indicates for unmanaged OIDC config, the secret ARN 42 | 43 | ### Read-Only 44 | 45 | - `id` (String) The OIDC config ID 46 | - `oidc_endpoint_url` (String) OIDC Endpoint URL 47 | - `thumbprint` (String) SHA1-hash value of the root CA of the issuer URL 48 | -------------------------------------------------------------------------------- /docs/resources/rosa_oidc_config_input.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_rosa_oidc_config_input Resource - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | OIDC config input resources' names 7 | --- 8 | 9 | # rhcs_rosa_oidc_config_input (Resource) 10 | 11 | OIDC config input resources' names 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | # Generates the OIDC config resources' names 17 | resource "rhcs_rosa_oidc_config_input" "oidc_input" { 18 | region = "us-east-2" 19 | } 20 | ``` 21 | 22 | 23 | ## Schema 24 | 25 | ### Required 26 | 27 | - `region` (String) Unique identifier of the cluster. 28 | 29 | ### Read-Only 30 | 31 | - `bucket_name` (String) The S3 bucket name 32 | - `discovery_doc` (String) The discovery document string file 33 | - `issuer_url` (String) The issuer URL 34 | - `jwks` (String) JSON web key set string file 35 | - `private_key` (String, Sensitive) RSA private key 36 | - `private_key_file_name` (String) The private key file name 37 | - `private_key_secret_name` (String) The secret name that stores the private key 38 | -------------------------------------------------------------------------------- /docs/resources/tuning_config.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "rhcs_tuning_config Resource - terraform-provider-rhcs" 4 | subcategory: "" 5 | description: |- 6 | Edit a cluster tuning config 7 | --- 8 | 9 | # rhcs_tuning_config (Resource) 10 | 11 | Edit a cluster tuning config 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | resource "rhcs_tuning_config" "hcp_tuning_config" { 17 | cluster = "cluster-id-123" 18 | name = "my-config" 19 | spec = jsonencode({ 20 | "profile" : [ 21 | { 22 | "data" : "[main]\nsummary=Custom OpenShift profile\ninclude=openshift-node\n\n[sysctl]\nvm.dirty_ratio=\"65\"\n", 23 | "name" : "tuned-72521-1-profile" 24 | } 25 | ], 26 | "recommend" : [ 27 | { 28 | "priority" : 20, 29 | "profile" : "tuned-72521-1-profile" 30 | } 31 | ] 32 | }) 33 | } 34 | ``` 35 | 36 | 37 | ## Schema 38 | 39 | ### Required 40 | 41 | - `cluster` (String) Identifier of the cluster. After the creation of the resource, it is not possible to update the attribute value. 42 | - `name` (String) Name of the tuning configuration. After the creation of the resource, it is not possible to update the attribute value. 43 | - `spec` (String) Definition of the spec. It is required to supply this field wrapped in a jsonencode call. Example: jsonencode({"` 12 | - Nested structure should be annotated with `cty:"field_name"` 13 | 14 | For more information, there is a good explanation on [StackOverflow](https://stackoverflow.com/a/78486469/9332386) why nested structure should be annotated with `cty` 15 | 16 | ## State and Vars handling 17 | 18 | For each apply, if no error occured, the tfvars file will be written so that we can easily retrieve the args which were used. 19 | 20 | That will also help to modify easily the configuration of the different resources. 21 | -------------------------------------------------------------------------------- /tests/utils/exec/manifests/state.go: -------------------------------------------------------------------------------- 1 | package manifests 2 | 3 | import "path" 4 | 5 | func GrantTFstateFile(manifestDir string) string { 6 | return path.Join(manifestDir, "terraform.tfstate") 7 | } 8 | -------------------------------------------------------------------------------- /tests/utils/exec/rhcs-info.go: -------------------------------------------------------------------------------- 1 | package exec 2 | 3 | import ( 4 | "github.com/terraform-redhat/terraform-provider-rhcs/tests/utils/constants" 5 | "github.com/terraform-redhat/terraform-provider-rhcs/tests/utils/exec/manifests" 6 | ) 7 | 8 | type RhcsInfoArgs struct { 9 | } 10 | 11 | type RhcsInfoOutput struct{} 12 | 13 | type RhcsInfoService interface { 14 | Init() error 15 | Apply(args *RhcsInfoArgs) (string, error) 16 | ShowState(resource string) (string, error) 17 | } 18 | 19 | type rhcsInfoService struct { 20 | tfExecutor TerraformExecutor 21 | } 22 | 23 | func NewRhcsInfoService(tfWorkspace string, clusterType constants.ClusterType) (RhcsInfoService, error) { 24 | svc := &rhcsInfoService{ 25 | tfExecutor: NewTerraformExecutor(tfWorkspace, manifests.GetRHCSInfoManifestsDir(clusterType)), 26 | } 27 | err := svc.Init() 28 | return svc, err 29 | } 30 | 31 | func (svc *rhcsInfoService) Init() (err error) { 32 | _, err = svc.tfExecutor.RunTerraformInit() 33 | return 34 | } 35 | 36 | func (svc *rhcsInfoService) Apply(args *RhcsInfoArgs) (string, error) { 37 | return svc.tfExecutor.RunTerraformApply(args) 38 | } 39 | 40 | func (svc *rhcsInfoService) ShowState(resource string) (string, error) { 41 | return svc.tfExecutor.RunTerraformState("show", resource) 42 | } 43 | -------------------------------------------------------------------------------- /tests/utils/helper/certificate.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | import ( 4 | "bytes" 5 | "crypto/rand" 6 | "crypto/rsa" 7 | "crypto/x509" 8 | "crypto/x509/pkix" 9 | "encoding/pem" 10 | "math/big" 11 | "time" 12 | ) 13 | 14 | // Create a PEM Certificate 15 | // Code taken from https://shaneutt.com/blog/golang-ca-and-signed-cert-go/ 16 | func CreatePEMCertificate() (string, error) { 17 | ca := &x509.Certificate{ 18 | SerialNumber: big.NewInt(2019), 19 | Subject: pkix.Name{ 20 | Organization: []string{"Red Hat"}, 21 | Country: []string{"US"}, 22 | Province: []string{""}, 23 | Locality: []string{"Raleigh"}, 24 | }, 25 | NotBefore: time.Now(), 26 | NotAfter: time.Now().AddDate(10, 0, 0), 27 | IsCA: true, 28 | ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}, 29 | KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, 30 | BasicConstraintsValid: true, 31 | } 32 | 33 | caPrivKey, err := rsa.GenerateKey(rand.Reader, 4096) 34 | if err != nil { 35 | return "", err 36 | } 37 | 38 | caBytes, err := x509.CreateCertificate(rand.Reader, ca, ca, &caPrivKey.PublicKey, caPrivKey) 39 | if err != nil { 40 | return "", err 41 | } 42 | 43 | caPEM := new(bytes.Buffer) 44 | err = pem.Encode(caPEM, &pem.Block{ 45 | Type: "CERTIFICATE", 46 | Bytes: caBytes, 47 | }) 48 | if err != nil { 49 | return "", err 50 | } 51 | 52 | return string(caPEM.Bytes()), nil 53 | } 54 | -------------------------------------------------------------------------------- /tests/utils/helper/file.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | import ( 4 | "encoding/json" 5 | "os" 6 | 7 | . "github.com/terraform-redhat/terraform-provider-rhcs/tests/utils/log" 8 | ) 9 | 10 | // Delete a file 11 | func DeleteFile(filename string) error { 12 | return os.Remove(filename) 13 | } 14 | 15 | func IsFileExists(filePath string) (bool, error) { 16 | _, err := os.Stat(filePath) 17 | if err != nil { 18 | if os.IsNotExist(err) { 19 | return false, nil 20 | } 21 | return false, err 22 | } 23 | return true, nil 24 | } 25 | 26 | func CreateTempFileWithContent(fileContent string) (string, error) { 27 | return CreateTempFileWithPrefixAndContent("tmpfile", fileContent) 28 | } 29 | 30 | func CreateTempFileWithPrefixAndContent(prefix string, fileContent string) (string, error) { 31 | f, err := os.CreateTemp("", prefix+"-") 32 | if err != nil { 33 | return "", err 34 | } 35 | return CreateFileWithContent(f.Name(), fileContent) 36 | } 37 | 38 | // Write string to a file 39 | func CreateFileWithContent(fileAbsPath string, content interface{}) (string, error) { 40 | var err error 41 | switch content := content.(type) { 42 | case string: 43 | err = os.WriteFile(fileAbsPath, []byte(content), 0644) // #nosec G306 44 | case []byte: 45 | err = os.WriteFile(fileAbsPath, content, 0644) // #nosec G306 46 | case interface{}: 47 | var marshedContent []byte 48 | marshedContent, err = json.Marshal(content) 49 | if err != nil { 50 | return fileAbsPath, err 51 | } 52 | err = os.WriteFile(fileAbsPath, marshedContent, 0644) // #nosec G306 53 | } 54 | 55 | if err != nil { 56 | Logger.Errorf("Failed to write to file: %s", err) 57 | return "", err 58 | } 59 | return fileAbsPath, err 60 | } 61 | -------------------------------------------------------------------------------- /tests/utils/helper/map.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | type m = map[string]string 4 | 5 | // combine two strings maps to one, 6 | // if key already exists - do nothing 7 | func MergeMaps(map1, map2 m) m { 8 | for k, v := range map2 { 9 | _, ok := map1[k] 10 | if !ok { 11 | map1[k] = v 12 | } 13 | } 14 | return map1 15 | } 16 | 17 | // Create a file for usage 18 | func CopyStringMap(originalMap m) m { 19 | newMap := make(m) 20 | for k, v := range originalMap { 21 | newMap[k] = v 22 | } 23 | return newMap 24 | } 25 | -------------------------------------------------------------------------------- /tests/utils/helper/parse_yaml.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "path" 8 | "strings" 9 | 10 | "gopkg.in/yaml.v3" 11 | ) 12 | 13 | const ( 14 | profilesYamlSuffix = "_profiles.yml" 15 | ) 16 | 17 | type profiles struct { 18 | Profiles []*profile `yaml:"profiles,omitempty"` 19 | } 20 | type profile struct { 21 | Name string `yaml:"as,omitempty"` 22 | NeedSpecificConfig bool `yaml:"need_specific_config,omitempty"` // Some profiles need external configuration files 23 | Cluster map[string]interface{} `yaml:"cluster,omitempty"` 24 | } 25 | 26 | func ParseProfiles(profilesDir string) (map[string]*profile, error) { 27 | files, err := os.ReadDir(profilesDir) 28 | if err != nil { 29 | return nil, err 30 | } 31 | 32 | profileMap := make(map[string]*profile) 33 | for _, file := range files { 34 | if strings.HasSuffix(file.Name(), profilesYamlSuffix) { 35 | yfile, err := ioutil.ReadFile(path.Join(profilesDir, file.Name())) 36 | if err != nil { 37 | return nil, err 38 | } 39 | 40 | p := new(profiles) 41 | err = yaml.Unmarshal(yfile, &p) 42 | if err != nil { 43 | return nil, err 44 | } 45 | 46 | for _, theProfile := range p.Profiles { 47 | profileMap[theProfile.Name] = theProfile 48 | } 49 | } 50 | } 51 | 52 | return profileMap, nil 53 | } 54 | 55 | func GetProfile(profileName string, profilesDir string) (*profile, error) { 56 | profileMap, err := ParseProfiles(profilesDir) 57 | if err != nil { 58 | return nil, err 59 | } 60 | if _, exist := profileMap[profileName]; !exist { 61 | return nil, fmt.Errorf("Can not find the profile %s in %s", profileName, profilesDir) 62 | } 63 | 64 | return profileMap[profileName], nil 65 | } 66 | -------------------------------------------------------------------------------- /tests/utils/helper/registry.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | import "fmt" 4 | 5 | func GetRegistry(port int) string { 6 | return fmt.Sprintf("10.0.0.0:%d", port) 7 | } 8 | 9 | func GetRegistries(ports ...int) (regs []string) { 10 | for _, p := range ports { 11 | regs = append(regs, GetRegistry(p)) 12 | } 13 | return 14 | } 15 | -------------------------------------------------------------------------------- /tests/utils/helper/tuningconfig.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | import "fmt" 4 | 5 | type TuningConfigSpecRoot struct { 6 | Profile []TuningConfigSpecProfile `json:"profile,omitempty" yaml:"profile,omitempty"` 7 | Recommend []TuningConfigSpecRecommend `json:"recommend,omitempty" yaml:"recommend,omitempty"` 8 | } 9 | 10 | type TuningConfigSpecProfile struct { 11 | Name string `yaml:"name,omitempty" json:"name,omitempty"` 12 | Data string `yaml:"data,omitempty" json:"data,omitempty"` 13 | } 14 | 15 | type TuningConfigSpecRecommend struct { 16 | Priority int `yaml:"priority,omitempty" json:"priority,omitempty"` 17 | Profile string `yaml:"profile,omitempty" json:"profile,omitempty"` 18 | } 19 | 20 | func NewTuningConfigSpecRootStub(tcName string, vmDirtyRatio int, priority int) TuningConfigSpecRoot { 21 | return TuningConfigSpecRoot{ 22 | Profile: []TuningConfigSpecProfile{ 23 | { 24 | Data: NewTuningConfigSpecProfileData(vmDirtyRatio), 25 | Name: tcName + "-profile", 26 | }, 27 | }, 28 | Recommend: []TuningConfigSpecRecommend{ 29 | { 30 | Priority: priority, 31 | Profile: tcName + "-profile", 32 | }, 33 | }, 34 | } 35 | } 36 | 37 | func NewTuningConfigSpecProfileData(vmDirtyRatio int) string { 38 | return fmt.Sprintf("[main]\nsummary=Custom OpenShift profile\ninclude=openshift-node\n\n"+ 39 | "[sysctl]\nvm.dirty_ratio=\"%d\"\n", 40 | vmDirtyRatio) 41 | } 42 | -------------------------------------------------------------------------------- /tests/utils/helper/version.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | import "regexp" 4 | 5 | func GetMajorVersion(rawVersion string) string { 6 | versionRegex := regexp.MustCompile(`^[0-9]+\.[0-9]+`) 7 | vResults := versionRegex.FindAllStringSubmatch(rawVersion, 1) 8 | vResult := "" 9 | if len(vResults) != 0 { 10 | vResult = vResults[0][0] 11 | } 12 | return vResult 13 | } 14 | -------------------------------------------------------------------------------- /tests/utils/log/constants.go: -------------------------------------------------------------------------------- 1 | package log 2 | 3 | import ( 4 | "regexp" 5 | ) 6 | 7 | const ( 8 | RedactValue = "XXXXXXXX" 9 | ) 10 | 11 | var RedactKeyList = []*regexp.Regexp{ 12 | regexp.MustCompile(`(\\?"password\\?":\\?")([^"]*)(\\?")`), 13 | regexp.MustCompile(`(\\?"additional_trust_bundle\\?":\\?")([^"]*)(\\?")`), 14 | regexp.MustCompile(`(-----BEGIN CERTIFICATE-----)([^-----]*)(-----END CERTIFICATE-----)`), 15 | regexp.MustCompile(`(password\s*=\s*)([^\n\\\n]+)([\n\\\n]+)`), 16 | regexp.MustCompile(`(aws_(billing)?_?account_id[\s]*=[\s\\]*"?)([0-9]{12})([\\"]*)`), 17 | regexp.MustCompile(`(arn:aws:[^:]*:[a-z0-9-]*:)([0-9]{12})([^\n\"\\]*)`), 18 | } 19 | -------------------------------------------------------------------------------- /tests/utils/profilehandler/profile_defaults.go: -------------------------------------------------------------------------------- 1 | package profilehandler 2 | 3 | import "github.com/terraform-redhat/terraform-provider-rhcs/tests/utils/config" 4 | 5 | const ( 6 | DefaultVPCCIDR = "10.0.0.0/16" 7 | ) 8 | 9 | var ( 10 | Tags = map[string]string{"tag1": "test_tag1", "tag2": "test_tag2"} 11 | ClusterAdminUser = "rhcs-clusteradmin" 12 | DefaultMPLabels = map[string]string{ 13 | "test1": "testdata1", 14 | } 15 | CustomProperties = map[string]string{"custom_property": "test", "qe_usage": config.GetQEUsage()} 16 | LdapURL = "ldap://ldap.forumsys.com/dc=example,dc=com?uid" 17 | GitLabURL = "https://gitlab.cee.redhat.com" 18 | Organizations = []string{"openshift"} 19 | HostedDomain = "redhat.com" 20 | ) 21 | -------------------------------------------------------------------------------- /tools/tools.go: -------------------------------------------------------------------------------- 1 | //go:build tools 2 | 3 | package tools 4 | 5 | import ( 6 | // document generation 7 | _ "github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs" 8 | ) 9 | --------------------------------------------------------------------------------