Upgrade terraform-provider-vault to v3.25.0 (#411)

This PR was generated via `$ upgrade-provider pulumi/pulumi-vault`. --- - Upgrading terraform-provider-vault from 3.24.0 to 3.25.0. Fixes #408
pulumi · Feb 20, 2024 · 083a187 · 083a187
1 parent 012b217
commit 083a187
Show file tree

Hide file tree

Showing 86 changed files with 18,829 additions and 204 deletions.
diff --git a/patches/0001-fork.patch b/patches/0001-fork.patch
diff --git a/patches/0002-remove-dependency-on-BUSL-code.patch b/patches/0002-remove-dependency-on-BUSL-code.patch
@@ -0,0 +1,115 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Ian Wahbe <[email protected]>
+Date: Tue, 20 Feb 2024 17:33:24 +0100
+Subject: [PATCH 2/2] remove dependency on BUSL code
+
+
+diff --git a/go.mod b/go.mod
+index 4170854b..48a538a2 100644
+--- a/go.mod
++++ b/go.mod
+@@ -26,7 +26,6 @@ require (
+ 	github.com/hashicorp/go-version v1.6.0
+ 	github.com/hashicorp/hcl v1.0.1-vault-5
+ 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.31.0
+-	github.com/hashicorp/vault v1.15.5
+ 	github.com/hashicorp/vault-plugin-auth-jwt v0.18.0
+ 	github.com/hashicorp/vault-plugin-auth-kerberos v0.10.1
+ 	github.com/hashicorp/vault-plugin-auth-oci v0.14.2
+@@ -46,6 +45,7 @@ require (
+ require (
+ 	cloud.google.com/go/compute v1.23.4 // indirect
+ 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect
++	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
+ 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
+ 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
+ 	github.com/Microsoft/go-winio v0.6.1 // indirect
+@@ -56,9 +56,12 @@ require (
+ 	github.com/armon/go-radix v1.0.0 // indirect
+ 	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
+ 	github.com/cloudflare/circl v1.3.7 // indirect
++	github.com/containerd/continuity v0.4.2 // indirect
++	github.com/containerd/log v0.1.0 // indirect
+ 	github.com/coreos/go-oidc/v3 v3.5.0 // indirect
+ 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+ 	github.com/distribution/reference v0.5.0 // indirect
++	github.com/docker/cli v25.0.1+incompatible // indirect
+ 	github.com/docker/docker v25.0.1+incompatible // indirect
+ 	github.com/docker/go-connections v0.4.0 // indirect
+ 	github.com/docker/go-units v0.5.0 // indirect
+@@ -66,6 +69,7 @@ require (
+ 	github.com/fatih/color v1.15.0 // indirect
+ 	github.com/felixge/httpsnoop v1.0.4 // indirect
+ 	github.com/go-asn1-ber/asn1-ber v1.5.4 // indirect
++	github.com/go-git/go-git/v5 v5.11.0 // indirect
+ 	github.com/go-jose/go-jose/v3 v3.0.1 // indirect
+ 	github.com/go-ldap/ldap/v3 v3.4.4 // indirect
+ 	github.com/go-logr/logr v1.4.1 // indirect
+@@ -114,6 +118,7 @@ require (
+ 	github.com/jcmturner/goidentity/v6 v6.0.1 // indirect
+ 	github.com/jcmturner/rpc/v2 v2.0.3 // indirect
+ 	github.com/jmespath/go-jmespath v0.4.0 // indirect
++	github.com/kr/pretty v0.3.1 // indirect
+ 	github.com/kylelemons/godebug v1.1.0 // indirect
+ 	github.com/mattn/go-colorable v0.1.13 // indirect
+ 	github.com/mattn/go-isatty v0.0.19 // indirect
+@@ -131,6 +136,7 @@ require (
+ 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
+ 	github.com/pkg/errors v0.9.1 // indirect
+ 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
++	github.com/rogpeppe/go-internal v1.11.0 // indirect
+ 	github.com/ryanuber/go-glob v1.0.0 // indirect
+ 	github.com/stretchr/testify v1.8.4 // indirect
+ 	github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect
+diff --git a/go.sum b/go.sum
+index ea39ae6e..3419f9b3 100644
+--- a/go.sum
++++ b/go.sum
+@@ -610,8 +610,8 @@ github.com/AdaLogics/go-fuzz-headers v0.0.0-20221206110420-d395f97c4830/go.mod h
+ github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0=
+ github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20221215162035-5330a85ea652/go.mod h1:OahwfttHWG6eJ0clwcfBAHoDI6X/LV/15hx/wlMZSrU=
+ github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
++github.com/Azure/azure-sdk-for-go v56.3.0+incompatible h1:DmhwMrUIvpeoTDiWRDtNHqelNUd3Og8JCkrLHQK795c=
+ github.com/Azure/azure-sdk-for-go v56.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
+-github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU=
+ github.com/Azure/azure-sdk-for-go/sdk/azcore v0.19.0/go.mod h1:h6H6c8enJmmocHUbLiiGY6sx7f9i+X3m1CHdd5c6Rdw=
+ github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 h1:lGlwhPtrX6EVml1hO0ivjkUxsSyl4dsiw9qcA1k/3IQ=
+ github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1/go.mod h1:RKUqNu35KJYcVG/fqTRqmuXJZYNhYkBrnC/hX7yGbTA=
+@@ -1502,8 +1502,6 @@ github.com/hashicorp/terraform-registry-address v0.2.3 h1:2TAiKJ1A3MAkZlH1YI/aTV
+ github.com/hashicorp/terraform-registry-address v0.2.3/go.mod h1:lFHA76T8jfQteVfT7caREqguFrW3c4MFSPhZB7HHgUM=
+ github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ=
+ github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc=
+-github.com/hashicorp/vault v1.15.5 h1:CzDfgFcKjMfsfYhxyfixugeDNcCTU5L0idJXsNEmt9g=
+-github.com/hashicorp/vault v1.15.5/go.mod h1:Osg4441jt6uoCZi46XfASOy988G3mSh5UTo1EKmVnUY=
+ github.com/hashicorp/vault-plugin-auth-jwt v0.18.0 h1:ooDRFPUtlRH2gvtXkG6Mpt2E/ziO8tCFU7lWdWtjW50=
+ github.com/hashicorp/vault-plugin-auth-jwt v0.18.0/go.mod h1:nLMLAx8jTNEDYwa86nltCVAwhVt/gHODRlfRQSu3Wp8=
+ github.com/hashicorp/vault-plugin-auth-kerberos v0.10.1 h1:nXni7zfOyhOWJBC42iWqIEZA+aYCo3diyVrr1mHs5yo=
+@@ -1842,7 +1840,6 @@ github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M5
+ github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
+ github.com/oracle/oci-go-sdk v24.3.0+incompatible h1:x4mcfb4agelf1O4/1/auGlZ1lr97jXRSSN5MxTgG/zU=
+ github.com/oracle/oci-go-sdk v24.3.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888=
+-github.com/ory/dockertest v3.3.5+incompatible h1:iLLK6SQwIhcbrG783Dghaaa3WPzGc+4Emza6EbVUUGA=
+ github.com/ory/dockertest/v3 v3.10.0 h1:4K3z2VMe8Woe++invjaTB7VRyQXQy5UY+loujO4aNE4=
+ github.com/ory/dockertest/v3 v3.10.0/go.mod h1:nr57ZbRWMqfsdGdFNLHz5jjNdDb7VVFnzAeW1n5N1Lg=
+ github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
+diff --git a/vault/resource_secrets_sync_config.go b/vault/resource_secrets_sync_config.go
+index fce0ec62..55af5883 100644
+--- a/vault/resource_secrets_sync_config.go
++++ b/vault/resource_secrets_sync_config.go
+@@ -10,7 +10,6 @@ import (
+ 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+ 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ 	"github.com/hashicorp/terraform-provider-vault/internal/provider"
+-	"github.com/hashicorp/vault/helper/namespace"
+ )
+
+ const (
+@@ -56,7 +55,7 @@ func secretsSyncConfigWrite(ctx context.Context, d *schema.ResourceData, meta in
+ 		return diag.FromErr(e)
+ 	}
+
+-	if client.Namespace() != namespace.RootNamespaceID && client.Namespace() != "" {
++	if client.Namespace() != "root" && client.Namespace() != "" {
+ 		return diag.Errorf("error writing sync config, this API is reserved to the root namespace and cannot be used with %q", client.Namespace())
+ 	}
+
diff --git a/provider/cmd/pulumi-resource-vault/bridge-metadata.json b/provider/cmd/pulumi-resource-vault/bridge-metadata.json
@@ -1677,6 +1677,39 @@
                     }
                 }
             },
+            "vault_secrets_sync_association": {
+                "current": "vault:secrets/syncAssociation:SyncAssociation",
+                "majorVersion": 5
+            },
+            "vault_secrets_sync_aws_destination": {
+                "current": "vault:secrets/syncAwsDestination:SyncAwsDestination",
+                "majorVersion": 5
+            },
+            "vault_secrets_sync_azure_destination": {
+                "current": "vault:secrets/syncAzureDestination:SyncAzureDestination",
+                "majorVersion": 5
+            },
+            "vault_secrets_sync_config": {
+                "current": "vault:secrets/syncConfig:SyncConfig",
+                "majorVersion": 5
+            },
+            "vault_secrets_sync_gcp_destination": {
+                "current": "vault:secrets/syncGcpDestination:SyncGcpDestination",
+                "majorVersion": 5
+            },
+            "vault_secrets_sync_gh_destination": {
+                "current": "vault:secrets/syncGhDestination:SyncGhDestination",
+                "majorVersion": 5
+            },
+            "vault_secrets_sync_vercel_destination": {
+                "current": "vault:secrets/syncVercelDestination:SyncVercelDestination",
+                "majorVersion": 5,
+                "fields": {
+                    "deployment_environments": {
+                        "maxItemsOne": false
+                    }
+                }
+            },
             "vault_ssh_secret_backend_ca": {
                 "current": "vault:ssh/secretBackendCa:SecretBackendCa",
                 "majorVersion": 5
@@ -2269,6 +2302,13 @@
             "vault:rabbitMq/secretBackendRole:SecretBackendRole": "vault_rabbitmq_secret_backend_role",
             "vault:saml/authBackend:AuthBackend": "vault_saml_auth_backend",
             "vault:saml/authBackendRole:AuthBackendRole": "vault_saml_auth_backend_role",
+            "vault:secrets/syncAssociation:SyncAssociation": "vault_secrets_sync_association",
+            "vault:secrets/syncAwsDestination:SyncAwsDestination": "vault_secrets_sync_aws_destination",
+            "vault:secrets/syncAzureDestination:SyncAzureDestination": "vault_secrets_sync_azure_destination",
+            "vault:secrets/syncConfig:SyncConfig": "vault_secrets_sync_config",
+            "vault:secrets/syncGcpDestination:SyncGcpDestination": "vault_secrets_sync_gcp_destination",
+            "vault:secrets/syncGhDestination:SyncGhDestination": "vault_secrets_sync_gh_destination",
+            "vault:secrets/syncVercelDestination:SyncVercelDestination": "vault_secrets_sync_vercel_destination",
             "vault:ssh/secretBackendCa:SecretBackendCa": "vault_ssh_secret_backend_ca",
             "vault:ssh/secretBackendRole:SecretBackendRole": "vault_ssh_secret_backend_role",
             "vault:terraformcloud/secretBackend:SecretBackend": "vault_terraform_cloud_secret_backend",
@@ -2498,7 +2538,11 @@
                 "defaultLeaseTtlSeconds": "default_lease_ttl_seconds",
                 "disableRemount": "disable_remount",
                 "iamEndpoint": "iam_endpoint",
+                "identityTokenAudience": "identity_token_audience",
+                "identityTokenKey": "identity_token_key",
+                "identityTokenTtl": "identity_token_ttl",
                 "maxLeaseTtlSeconds": "max_lease_ttl_seconds",
+                "roleArn": "role_arn",
                 "secretKey": "secret_key",
                 "stsEndpoint": "sts_endpoint",
                 "usernameTemplate": "username_template"
@@ -2765,9 +2809,11 @@
             },
             "vault:database/SecretBackendConnectionOracle:SecretBackendConnectionOracle": {
                 "connectionUrl": "connection_url",
+                "disconnectSessions": "disconnect_sessions",
                 "maxConnectionLifetime": "max_connection_lifetime",
                 "maxIdleConnections": "max_idle_connections",
                 "maxOpenConnections": "max_open_connections",
+                "splitStatements": "split_statements",
                 "usernameTemplate": "username_template"
             },
             "vault:database/SecretBackendConnectionPostgresql:SecretBackendConnectionPostgresql": {
@@ -2950,11 +2996,13 @@
             "vault:database/SecretsMountOracle:SecretsMountOracle": {
                 "allowedRoles": "allowed_roles",
                 "connectionUrl": "connection_url",
+                "disconnectSessions": "disconnect_sessions",
                 "maxConnectionLifetime": "max_connection_lifetime",
                 "maxIdleConnections": "max_idle_connections",
                 "maxOpenConnections": "max_open_connections",
                 "pluginName": "plugin_name",
                 "rootRotationStatements": "root_rotation_statements",
+                "splitStatements": "split_statements",
                 "usernameTemplate": "username_template",
                 "verifyConnection": "verify_connection"
             },
@@ -4249,6 +4297,45 @@
                 "tokenTtl": "token_ttl",
                 "tokenType": "token_type"
             },
+            "vault:secrets/syncAssociation:SyncAssociation": {
+                "secretName": "secret_name",
+                "syncStatus": "sync_status",
+                "updatedAt": "updated_at"
+            },
+            "vault:secrets/syncAwsDestination:SyncAwsDestination": {
+                "accessKeyId": "access_key_id",
+                "customTags": "custom_tags",
+                "secretAccessKey": "secret_access_key",
+                "secretNameTemplate": "secret_name_template"
+            },
+            "vault:secrets/syncAzureDestination:SyncAzureDestination": {
+                "clientId": "client_id",
+                "clientSecret": "client_secret",
+                "customTags": "custom_tags",
+                "keyVaultUri": "key_vault_uri",
+                "secretNameTemplate": "secret_name_template",
+                "tenantId": "tenant_id"
+            },
+            "vault:secrets/syncConfig:SyncConfig": {
+                "queueCapacity": "queue_capacity"
+            },
+            "vault:secrets/syncGcpDestination:SyncGcpDestination": {
+                "customTags": "custom_tags",
+                "secretNameTemplate": "secret_name_template"
+            },
+            "vault:secrets/syncGhDestination:SyncGhDestination": {
+                "accessToken": "access_token",
+                "repositoryName": "repository_name",
+                "repositoryOwner": "repository_owner",
+                "secretNameTemplate": "secret_name_template"
+            },
+            "vault:secrets/syncVercelDestination:SyncVercelDestination": {
+                "accessToken": "access_token",
+                "deploymentEnvironments": "deployment_environments",
+                "projectId": "project_id",
+                "secretNameTemplate": "secret_name_template",
+                "teamId": "team_id"
+            },
             "vault:ssh/secretBackendCa:SecretBackendCa": {
                 "generateSigningKey": "generate_signing_key",
                 "privateKey": "private_key",