tsuru_cluster: Add support to set kubeConfig object

tsuru · May 20, 2021 · 0f4a9ed · 0f4a9ed
1 parent f6e1a32
commit 0f4a9ed
Show file tree

Hide file tree

Showing 4 changed files with 452 additions and 2 deletions.
diff --git a/go.mod b/go.mod
@@ -27,7 +27,7 @@ require (
 	github.com/pkg/errors v0.9.1
 	github.com/sirupsen/logrus v1.8.0
 	github.com/stretchr/testify v1.7.0
-	github.com/tsuru/go-tsuruclient v0.0.0-20210426181646-b7774d33597a
+	github.com/tsuru/go-tsuruclient v0.0.0-20210520132303-680a5dd3035f
 	github.com/ulikunitz/xz v0.5.10 // indirect
 	golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b // indirect
 	golang.org/x/mod v0.4.2 // indirect

diff --git a/go.sum b/go.sum
@@ -678,6 +678,14 @@ github.com/tsuru/gnuflag v0.0.0-20151217162021-86b8c1b864aa h1:JlLQP1xa13a994p/A
 github.com/tsuru/gnuflag v0.0.0-20151217162021-86b8c1b864aa/go.mod h1:UibOSvkMFKRe/eiwktAPAvQG8L+p8nYsECJvu3Dgw7I=
 github.com/tsuru/go-tsuruclient v0.0.0-20210426181646-b7774d33597a h1:bblOOxOJvfo+MDWGTbTakKKYz2/aFi2X1tm8+ryB3D8=
 github.com/tsuru/go-tsuruclient v0.0.0-20210426181646-b7774d33597a/go.mod h1:wYe4ngw/l34brrJ8IZqGmhTWNTycnQsxcAPxGNSY8YY=
+github.com/tsuru/go-tsuruclient v0.0.0-20210519141511-b11911caa559 h1:sO9+L74OR3da67NZ1d72gPPVaecMR32M2axz88iCscg=
+github.com/tsuru/go-tsuruclient v0.0.0-20210519141511-b11911caa559/go.mod h1:wYe4ngw/l34brrJ8IZqGmhTWNTycnQsxcAPxGNSY8YY=
+github.com/tsuru/go-tsuruclient v0.0.0-20210520125036-8c9b7d2fbf31 h1:pcUL6RnemDbSWAiVAHybQ7dwq/G+RJXeFY7LBVqx16E=
+github.com/tsuru/go-tsuruclient v0.0.0-20210520125036-8c9b7d2fbf31/go.mod h1:wYe4ngw/l34brrJ8IZqGmhTWNTycnQsxcAPxGNSY8YY=
+github.com/tsuru/go-tsuruclient v0.0.0-20210520125331-2c41cb4a0a95 h1:1KBC4CymN3L2yIaJhFlK7GA5UsKke6yjCAJSWddEs/Q=
+github.com/tsuru/go-tsuruclient v0.0.0-20210520125331-2c41cb4a0a95/go.mod h1:wYe4ngw/l34brrJ8IZqGmhTWNTycnQsxcAPxGNSY8YY=
+github.com/tsuru/go-tsuruclient v0.0.0-20210520132303-680a5dd3035f h1:KsRtww720oFxvfEXWNCTMrcBfzg+Ers89xeGiZr3/qU=
+github.com/tsuru/go-tsuruclient v0.0.0-20210520132303-680a5dd3035f/go.mod h1:wYe4ngw/l34brrJ8IZqGmhTWNTycnQsxcAPxGNSY8YY=
 github.com/tsuru/tablecli v0.0.0-20180215113938-82de88f75181 h1:R1SnLQm/RZp35wa9e9nXyxy4EkEgU2v0rP4DGadrJ0g=
 github.com/tsuru/tablecli v0.0.0-20180215113938-82de88f75181/go.mod h1:ztYpOhW+u1k21FEqp7nZNgpWbr0dUKok5lgGCZi+1AQ=
 github.com/tsuru/tsuru v0.0.0-20180820205921-0e7f7f02eac5 h1:DWs/guyBAFqPQrpJeCKY+avcVOt6h/8AGXCSBIQB3N8=

diff --git a/tsuru/resource_tsuru_cluster.go b/tsuru/resource_tsuru_cluster.go
@@ -2,6 +2,7 @@ package tsuru
 
 import (
 	"context"
+	"reflect"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
@@ -67,6 +68,12 @@ func resourceTsuruCluster() *schema.Resource {
 				Default:     false,
 				Description: "Whether true, the cluster is the default for all pools",
 			},
+			"local": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "Whether true, the cluster is auth by the local credentials of kubernetes",
+			},
 			"initial_pools": {
 				Type: schema.TypeList,
 				Elem: &schema.Schema{
@@ -83,6 +90,154 @@ func resourceTsuruCluster() *schema.Resource {
 				Computed:    true,
 				Description: "Name of pools that belongs to the cluster",
 			},
+			"kube_config": {
+				Type:     schema.TypeList,
+				MaxItems: 1,
+				Optional: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"cluster": kubeConfigClusterSchema(),
+						"user":    kubeConfigUserSchema(),
+					},
+				},
+			},
+			"http_proxy": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Client HTTP proxy",
+			},
+		},
+	}
+}
+
+func kubeConfigUserSchema() *schema.Schema {
+	return &schema.Schema{
+		Type:     schema.TypeList,
+		MaxItems: 1,
+		Optional: true,
+		Elem: &schema.Resource{
+			Schema: map[string]*schema.Schema{
+				"auth_provider": kubeConfigAuthProviderSchema(),
+				"exec":          kubeConfigAuthExecSchema(),
+				"client_certificate_data": {
+					Type:      schema.TypeString,
+					Optional:  true,
+					Sensitive: true,
+				},
+				"client_key_data": {
+					Type:      schema.TypeString,
+					Optional:  true,
+					Sensitive: true,
+				},
+				"token": {
+					Type:      schema.TypeString,
+					Optional:  true,
+					Sensitive: true,
+				},
+				"username": {
+					Type:      schema.TypeString,
+					Optional:  true,
+					Sensitive: true,
+				},
+				"password": {
+					Type:      schema.TypeString,
+					Optional:  true,
+					Sensitive: true,
+				},
+			},
+		},
+	}
+}
+
+func kubeConfigAuthProviderSchema() *schema.Schema {
+	return &schema.Schema{
+		Type:     schema.TypeList,
+		MaxItems: 1,
+		Optional: true,
+		Elem: &schema.Resource{
+			Schema: map[string]*schema.Schema{
+				"name": {
+					Type:     schema.TypeString,
+					Optional: true,
+				},
+				"config": {
+					Type:     schema.TypeMap,
+					Optional: true,
+				},
+			},
+		},
+	}
+}
+
+func kubeConfigAuthExecSchema() *schema.Schema {
+	return &schema.Schema{
+		Type:     schema.TypeList,
+		MaxItems: 1,
+		Optional: true,
+		Elem: &schema.Resource{
+			Schema: map[string]*schema.Schema{
+				"api_version": {
+					Type:     schema.TypeString,
+					Optional: true,
+				},
+				"command": {
+					Type:     schema.TypeString,
+					Optional: true,
+				},
+				"args": {
+					Type:     schema.TypeList,
+					Optional: true,
+					Elem: &schema.Schema{
+						Type: schema.TypeString,
+					},
+				},
+				"env": {
+					Type:     schema.TypeList,
+					Optional: true,
+					Elem: &schema.Resource{
+						Schema: map[string]*schema.Schema{
+							"name": {
+								Type:     schema.TypeString,
+								Required: true,
+							},
+							"value": {
+								Type:     schema.TypeString,
+								Required: true,
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func kubeConfigClusterSchema() *schema.Schema {
+	return &schema.Schema{
+		Type:     schema.TypeList,
+		MaxItems: 1,
+		Optional: true,
+		Elem: &schema.Resource{
+			Schema: map[string]*schema.Schema{
+				"server": {
+					Type:     schema.TypeString,
+					Required: true,
+				},
+				"tls_server_name": {
+					Type:     schema.TypeString,
+					Optional: true,
+				},
+				"insecure_skip_tls_verify": {
+					Type:     schema.TypeBool,
+					Optional: true,
+					Default:  false,
+				},
+				"certificate_authority_data": {
+					Type:      schema.TypeString,
+					Optional:  true,
+					Sensitive: true,
+				},
+			},
 		},
 	}
 }
@@ -127,7 +282,11 @@ func resourceTsuruClusterRead(ctx context.Context, d *schema.ResourceData, meta
 	d.Set("ca_cert", string(cluster.Cacert))
 	d.Set("client_key", string(cluster.Clientkey))
 	d.Set("client_cert", string(cluster.Clientcert))
+	d.Set("default", cluster.Default)
+	d.Set("local", cluster.Local)
 	d.Set("pools", cluster.Pools)
+	d.Set("http_proxy", cluster.HttpProxy)
+	d.Set("kube_config", flattenKubeConfig(cluster.KubeConfig))
 
 	return nil
 }
@@ -174,6 +333,74 @@ func clusterFromResourceData(d *schema.ResourceData) tsuru.Cluster {
 		customData[key] = value.(string)
 	}
 
+	var kubeConfig tsuru.ClusterKubeConfig
+
+	if data, ok := d.GetOk("kube_config"); ok {
+		dataArray := data.([]interface{})
+		kubeConfigRaw := dataArray[0].(map[string]interface{})
+
+		dataArray = kubeConfigRaw["cluster"].([]interface{})
+		serverRaw, _ := dataArray[0].(map[string]interface{})
+
+		dataArray = kubeConfigRaw["user"].([]interface{})
+		userRaw, _ := dataArray[0].(map[string]interface{})
+
+		dataArray = userRaw["auth_provider"].([]interface{})
+		authProviderRaw, _ := dataArray[0].(map[string]interface{})
+
+		kubeConfig.Cluster.Server = serverRaw["server"].(string)
+		kubeConfig.Cluster.CertificateAuthorityData = serverRaw["certificate_authority_data"].(string)
+		kubeConfig.Cluster.TlsServerName = serverRaw["tls_server_name"].(string)
+		kubeConfig.Cluster.InsecureSkipTlsVerify = serverRaw["insecure_skip_tls_verify"].(bool)
+
+		kubeConfig.User.AuthProvider.Name = authProviderRaw["name"].(string)
+		kubeConfig.User.AuthProvider.Config = map[string]string{}
+
+		configRaw, _ := authProviderRaw["config"].(map[string]interface{})
+
+		for key, item := range configRaw {
+			kubeConfig.User.AuthProvider.Config[key] = item.(string)
+		}
+
+		kubeConfig.User.ClientCertificateData = userRaw["client_certificate_data"].(string)
+		kubeConfig.User.ClientKeyData = userRaw["client_key_data"].(string)
+		kubeConfig.User.Token = userRaw["token"].(string)
+		kubeConfig.User.Username = userRaw["username"].(string)
+		kubeConfig.User.Password = userRaw["password"].(string)
+
+		dataArray = userRaw["exec"].([]interface{})
+		execRaw, _ := dataArray[0].(map[string]interface{})
+
+		kubeConfig.User.Exec.ApiVersion = execRaw["api_version"].(string)
+		kubeConfig.User.Exec.Command = execRaw["command"].(string)
+		kubeConfig.User.Exec.Args = []string{}
+		kubeConfig.User.Exec.Env = []tsuru.ClusterKubeConfigUserExecEnv{}
+
+		for _, arg := range execRaw["args"].([]interface{}) {
+			kubeConfig.User.Exec.Args = append(kubeConfig.User.Exec.Args, arg.(string))
+		}
+
+		for _, arg := range execRaw["env"].([]interface{}) {
+
+			m := arg.(map[string]interface{})
+			kubeConfig.User.Exec.Env = append(kubeConfig.User.Exec.Env, tsuru.ClusterKubeConfigUserExecEnv{
+				Name:  m["name"].(string),
+				Value: m["value"].(string),
+			})
+		}
+
+	}
+
+	clusterDefault := false
+	if value, ok := d.GetOk("default"); ok {
+		clusterDefault = value.(bool)
+	}
+
+	clusterLocal := false
+	if value, ok := d.GetOk("local"); ok {
+		clusterLocal = value.(bool)
+	}
+
 	return tsuru.Cluster{
 		Name:        d.Get("name").(string),
 		Addresses:   addresses,
@@ -182,6 +409,75 @@ func clusterFromResourceData(d *schema.ResourceData) tsuru.Cluster {
 		Clientcert:  []byte(d.Get("client_cert").(string)),
 		Clientkey:   []byte(d.Get("client_key").(string)),
 		CustomData:  customData,
-		Default:     d.Get("default").(bool),
+		Default:     clusterDefault,
+		Local:       clusterLocal,
+		KubeConfig:  kubeConfig,
+		HttpProxy:   d.Get("http_proxy").(string),
 	}
 }
+
+func flattenKubeConfig(kubeconfig tsuru.ClusterKubeConfig) []interface{} {
+	if reflect.DeepEqual(kubeconfig, tsuru.ClusterKubeConfig{}) {
+		return []interface{}{}
+	}
+
+	result := map[string]interface{}{
+		"cluster": flattenKubeConfigCluster(kubeconfig.Cluster),
+		"user":    flattenKubeConfigUser(kubeconfig.User),
+	}
+	return []interface{}{result}
+}
+
+func flattenKubeConfigCluster(cluster tsuru.ClusterKubeConfigCluster) []interface{} {
+	result := map[string]interface{}{
+		"server":                     cluster.Server,
+		"certificate_authority_data": cluster.CertificateAuthorityData,
+		"tls_server_name":            cluster.TlsServerName,
+		"insecure_skip_tls_verify":   cluster.InsecureSkipTlsVerify,
+	}
+	return []interface{}{result}
+}
+
+func flattenKubeConfigUser(user tsuru.ClusterKubeConfigUser) []interface{} {
+	result := map[string]interface{}{
+		"client_certificate_data": user.ClientCertificateData,
+		"client_key_data":         user.ClientKeyData,
+		"username":                user.Username,
+		"password":                user.Password,
+		"token":                   user.Token,
+		"auth_provider":           flattenAuthProvider(user.AuthProvider),
+		"exec":                    flattenExec(user.Exec),
+	}
+	return []interface{}{result}
+}
+
+func flattenAuthProvider(authProvider tsuru.ClusterKubeConfigUserAuthprovider) []interface{} {
+	result := map[string]interface{}{
+		"name":   authProvider.Name,
+		"config": authProvider.Config,
+	}
+	return []interface{}{result}
+}
+
+func flattenExec(exec tsuru.ClusterKubeConfigUserExec) []interface{} {
+	result := map[string]interface{}{
+		"args":        exec.Args,
+		"api_version": exec.ApiVersion,
+		"command":     exec.Command,
+		"env":         flattenEnvs(exec.Env),
+	}
+	return []interface{}{result}
+}
+
+func flattenEnvs(envs []tsuru.ClusterKubeConfigUserExecEnv) []interface{} {
+	result := []interface{}{}
+
+	for _, item := range envs {
+		result = append(result, map[string]string{
+			"name":  item.Name,
+			"value": item.Value,
+		})
+	}
+
+	return result
+}