resource compute_script_secret

BunnyWay · Jan 20, 2025 · 9a7d58f · 9a7d58f
1 parent f03ccc0
commit 9a7d58f
Show file tree

Hide file tree

Showing 11 changed files with 557 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 > [!NOTE]
 > While we strive to maintain backwards compatibility as much as possible, we can't guarantee semantic versioning will be strictly followed, as this provider depends on the underlying [bunny.net API](https://docs.bunny.net/reference/bunnynet-api-overview).
 
+## Unreleased
+### Added
+- resource compute_script_secret ([#27](https://github.com/BunnyWay/terraform-provider-bunnynet/issues/27))
+
 ## [0.5.3] - 2025-01-17
 ### Added
 - resource compute_script: expose deployment_key and release attributes ([#26](https://github.com/BunnyWay/terraform-provider-bunnynet/issues/26))

diff --git a/docs/resources/compute_script_secret.md b/docs/resources/compute_script_secret.md
@@ -0,0 +1,44 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "bunnynet_compute_script_secret Resource - terraform-provider-bunnynet"
+subcategory: ""
+description: |-
+  This resource manages a secret for a Compute Script in bunny.net.
+---
+
+# bunnynet_compute_script_secret (Resource)
+
+This resource manages a secret for a Compute Script in bunny.net.
+
+## Example Usage
+
+```terraform
+resource "bunnynet_compute_script_variable" "APP_SECRET" {
+  script = bunnynet_compute_script.test.id
+  name   = "APP_ENV"
+  value  = ""
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) The name of the secret.
+- `script` (Number) The ID of the associated compute script.
+- `value` (String, Sensitive) The value of the secret.
+
+### Read-Only
+
+- `id` (Number) The ID of the secret.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import bunnynet_compute_script_secret.test "1234|APP_SECRET"
+```
+
+**NOTE**: When importing a secret, Terraform can't know the previously declared value, so it will be overwritten with the value you declare in your resource. To keep it from being overwritten, declare `value = ""`.
diff --git a/docs/resources/compute_script_variable.md b/docs/resources/compute_script_variable.md
@@ -40,5 +40,5 @@ resource "bunnynet_compute_script_variable" "APP_ENV" {
 Import is supported using the following syntax:
 
 ```shell
-terraform import bunnynet_compute_script_variable.test "$SCRIPT_ID|$VARIABLE_NAME"
+terraform import bunnynet_compute_script_variable.test "1234|APP_ENV"
 ```
diff --git a/examples/resources/bunnynet_compute_script_secret/import.sh b/examples/resources/bunnynet_compute_script_secret/import.sh
@@ -0,0 +1 @@
+terraform import bunnynet_compute_script_secret.test "1234|APP_SECRET"
diff --git a/examples/resources/bunnynet_compute_script_secret/resource.tf b/examples/resources/bunnynet_compute_script_secret/resource.tf
@@ -0,0 +1,5 @@
+resource "bunnynet_compute_script_variable" "APP_SECRET" {
+  script = bunnynet_compute_script.test.id
+  name   = "APP_ENV"
+  value  = ""
+}
diff --git a/examples/resources/bunnynet_compute_script_variable/import.sh b/examples/resources/bunnynet_compute_script_variable/import.sh
@@ -1 +1 @@
-terraform import bunnynet_compute_script_variable.test "$SCRIPT_ID|$VARIABLE_NAME"
+terraform import bunnynet_compute_script_variable.test "1234|APP_ENV"
diff --git a/internal/api/compute_script_secret.go b/internal/api/compute_script_secret.go
@@ -0,0 +1,156 @@
+// Copyright (c) BunnyWay d.o.o.
+// SPDX-License-Identifier: MPL-2.0
+
+package api
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+)
+
+type ComputeScriptSecret struct {
+	Id       int64  `json:"Id,omitempty"`
+	ScriptId int64  `json:"-"`
+	Name     string `json:"Name"`
+	Value    string `json:"Secret,omitempty"`
+}
+
+func (c *Client) GetComputeScriptSecretByName(scriptId int64, name string) (ComputeScriptSecret, error) {
+	var data ComputeScriptSecret
+
+	resp, err := c.doRequest(http.MethodGet, fmt.Sprintf("%s/compute/script/%d/secrets", c.apiUrl, scriptId), nil)
+	if err != nil {
+		return data, err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return data, errors.New(resp.Status)
+	}
+
+	bodyResp, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return data, err
+	}
+
+	var result struct {
+		Secrets []ComputeScriptSecret `json:"Secrets"`
+	}
+
+	_ = resp.Body.Close()
+	err = json.Unmarshal(bodyResp, &result)
+	if err != nil {
+		return data, err
+	}
+
+	for _, secret := range result.Secrets {
+		if secret.Name == name {
+			secret.ScriptId = scriptId
+			return secret, nil
+		}
+	}
+
+	return data, errors.New("secret not found")
+}
+
+func (c *Client) CreateComputeScriptSecret(dataApi ComputeScriptSecret) (ComputeScriptSecret, error) {
+	scriptId := dataApi.ScriptId
+	bodyBytes, err := json.Marshal(dataApi)
+	if err != nil {
+		return ComputeScriptSecret{}, err
+	}
+
+	resp, err := c.doRequest(http.MethodPost, fmt.Sprintf("%s/compute/script/%d/secrets", c.apiUrl, scriptId), bytes.NewReader(bodyBytes))
+	if err != nil {
+		return ComputeScriptSecret{}, err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		bodyResp, err := io.ReadAll(resp.Body)
+		if err != nil {
+			return ComputeScriptSecret{}, err
+		}
+
+		_ = resp.Body.Close()
+		var obj struct {
+			Message string `json:"Message"`
+		}
+
+		err = json.Unmarshal(bodyResp, &obj)
+		if err != nil {
+			return ComputeScriptSecret{}, err
+		}
+
+		return ComputeScriptSecret{}, errors.New(obj.Message)
+	}
+
+	bodyResp, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return ComputeScriptSecret{}, err
+	}
+	_ = resp.Body.Close()
+
+	dataApiResult := ComputeScriptSecret{}
+	err = json.Unmarshal(bodyResp, &dataApiResult)
+	if err != nil {
+		return dataApiResult, err
+	}
+
+	return c.GetComputeScriptSecretByName(scriptId, dataApiResult.Name)
+}
+
+func (c *Client) UpdateComputeScriptSecret(dataApi ComputeScriptSecret) (ComputeScriptSecret, error) {
+	scriptId := dataApi.ScriptId
+
+	// update attributes
+	{
+		dataApi.Id = 0
+		body, err := json.Marshal(dataApi)
+
+		if err != nil {
+			return ComputeScriptSecret{}, err
+		}
+
+		resp, err := c.doRequest(http.MethodPut, fmt.Sprintf("%s/compute/script/%d/secrets", c.apiUrl, scriptId), bytes.NewReader(body))
+		if err != nil {
+			return ComputeScriptSecret{}, err
+		}
+
+		if resp.StatusCode != http.StatusNoContent {
+			bodyResp, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return ComputeScriptSecret{}, err
+			}
+
+			_ = resp.Body.Close()
+			var obj struct {
+				Message string `json:"Message"`
+			}
+
+			err = json.Unmarshal(bodyResp, &obj)
+			if err != nil {
+				return ComputeScriptSecret{}, err
+			}
+
+			return ComputeScriptSecret{}, errors.New(obj.Message)
+		}
+	}
+
+	return c.GetComputeScriptSecretByName(scriptId, dataApi.Name)
+}
+
+func (c *Client) DeleteComputeScriptSecret(scriptId int64, id int64) error {
+	resp, err := c.doRequest(http.MethodDelete, fmt.Sprintf("%s/compute/script/%d/secrets/%d", c.apiUrl, scriptId, id), nil)
+	if err != nil {
+		return err
+	}
+
+	if resp.StatusCode != http.StatusNoContent {
+		return errors.New(resp.Status)
+	}
+
+	return nil
+}
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
@@ -104,6 +104,7 @@ func (p *BunnynetProvider) Configure(ctx context.Context, req provider.Configure
 func (p *BunnynetProvider) Resources(ctx context.Context) []func() resource.Resource {
 	return []func() resource.Resource{
 		NewComputeScriptResource,
+		NewComputeScriptSecretResource,
 		NewComputeScriptVariableResource,
 		NewDnsRecordResourceResource,
 		NewDnsZoneResourceResource,
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		terraform import bunnynet_compute_script_secret.test "1234\|APP_SECRET"
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		terraform import bunnynet_compute_script_variable.test "$SCRIPT_ID\|$VARIABLE_NAME"
		terraform import bunnynet_compute_script_variable.test "1234\|APP_ENV"