Merge pull request #1 from joshuarose/terraform-provider-registry

Terraform provider registry compatibility

.github/workflows/release.yml

@@ -0,0 +1,47 @@
+# This GitHub action can publish assets for release when a tag is created.
+# Currently its setup to run on any tag that matches the pattern "v*" (ie. v0.1.0).
+#
+# This uses an action (paultyng/ghaction-import-gpg) that assumes you set your
+# private key in the `GPG_PRIVATE_KEY` secret and passphrase in the `PASSPHRASE`
+# secret. If you would rather own your own GPG handling, please fork this action
+# or use an alternative one for key handling.
+#
+# You will need to pass the `--batch` flag to `gpg` in your signing step
+# in `goreleaser` to indicate this is being used in a non-interactive mode.
+#
+name: release
+on:
+  push:
+    tags:
+      - 'v*'
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Unshallow
+        run: git fetch --prune --unshallow
+      -
+        name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.15
+      -
+        name: Import GPG key
+        id: import_gpg
+        uses: paultyng/ghaction-import-gpg@v2.1.0
+        env:
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+          PASSPHRASE: ${{ secrets.PASSPHRASE }}
+      -
+        name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v2
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -16,3 +16,6 @@ terraform-provider-redshift
 #Intellij
 *.iml
 .idea
+
+.DS_STORE
+terraform.auto.tfvars

.goreleaser.yml

@@ -0,0 +1,54 @@
+# Visit https://goreleaser.com for documentation on how to customize this
+# behavior.
+before:
+  hooks:
+    # this is just an example and not a requirement for provider building/publishing
+    - go mod tidy
+builds:
+  - env:
+      # goreleaser does not work with CGO, it could also complicate
+      # usage by users in CI/CD systems like Terraform Cloud where
+      # they are unable to install libraries.
+      - CGO_ENABLED=0
+    mod_timestamp: '{{ .CommitTimestamp }}'
+    flags:
+      - -trimpath
+    ldflags:
+      - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
+    goos:
+      - freebsd
+      - windows
+      - linux
+      - darwin
+    goarch:
+      - amd64
+      - '386'
+      - arm
+      - arm64
+    ignore:
+      - goos: darwin
+        goarch: '386'
+    binary: '{{ .ProjectName }}_v{{ .Version }}'
+archives:
+  - format: zip
+    name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
+checksum:
+  name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
+  algorithm: sha256
+signs:
+  - artifacts: checksum
+    args:
+      # if you are using this is a GitHub action or some other automated pipeline, you
+      # need to pass the batch flag to indicate its not interactive.
+      - "--batch"
+      - "--local-user"
+      - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key
+      - "--output"
+      - "${signature}"
+      - "--detach-sign"
+      - "${artifact}"
+release:
+# If you want to manually examine the release before its live, uncomment this line:
+# draft: true
+changelog:
+  skip: true

docs/index.md

@@ -0,0 +1,25 @@
+# Redshift Provider
+
+Manage Redshift users, groups, privileges, databases and schemas. It runs the SQL queries necessary to manage these (CREATE USER, DELETE DATABASE etc) in transactions, and also reads the state from the tables that store this state, eg pg_user_info, pg_group etc. The underlying tables are more or less equivalent to the postgres tables, but some tables are not accessible in Redshift.
+
+Currently, supports users, groups, schemas and databases. You can set privileges for groups on schemas. Per user schema privileges will be added at a later date.
+
+Note that schemas are the lowest level of granularity here, tables should be created by some other tool, for instance flyway.
+
+## Example Usage
+
+```hcl
+provider redshift {
+  url = "localhost",
+  user = "testroot",
+  password = "Rootpass123",
+  database = "dev"
+}
+```
+
+## Argument Reference
+
+* `url` - (Required) AWS Redshift Endpoint
+* `user` - (Required) redshift database user
+* `password` - (Required) redshift database user
+* `database` - (Required) redshift database to target

docs/resources/redshift_database.md

@@ -0,0 +1,18 @@
+# <resource name> Resource/Data Source
+
+Description of what this resource does, with links to official
+app/service documentation.
+
+## Example Usage
+
+```hcl
+// Code block with an example of how to use this resource.
+```
+
+## Argument Reference
+
+* `attribute_name` - (Optional/Required) List arguments this resource takes.
+
+## Attribute Reference
+
+* `attribute_name` - List attributes that this resource exports.

docs/resources/redshift_group.md

@@ -0,0 +1,18 @@
+# <resource name> Resource/Data Source
+
+Description of what this resource does, with links to official
+app/service documentation.
+
+## Example Usage
+
+```hcl
+// Code block with an example of how to use this resource.
+```
+
+## Argument Reference
+
+* `attribute_name` - (Optional/Required) List arguments this resource takes.
+
+## Attribute Reference
+
+* `attribute_name` - List attributes that this resource exports.

docs/resources/redshift_schema.md

@@ -0,0 +1,18 @@
+# <resource name> Resource/Data Source
+
+Description of what this resource does, with links to official
+app/service documentation.
+
+## Example Usage
+
+```hcl
+// Code block with an example of how to use this resource.
+```
+
+## Argument Reference
+
+* `attribute_name` - (Optional/Required) List arguments this resource takes.
+
+## Attribute Reference
+
+* `attribute_name` - List attributes that this resource exports.

docs/resources/redshift_schema_group_privilege.md

@@ -0,0 +1,18 @@
+# <resource name> Resource/Data Source
+
+Description of what this resource does, with links to official
+app/service documentation.
+
+## Example Usage
+
+```hcl
+// Code block with an example of how to use this resource.
+```
+
+## Argument Reference
+
+* `attribute_name` - (Optional/Required) List arguments this resource takes.
+
+## Attribute Reference
+
+* `attribute_name` - List attributes that this resource exports.

docs/resources/redshift_user.md

@@ -0,0 +1,28 @@
+# <resource name> Resource/Data Source
+
+Description of what this resource does, with links to official
+app/service documentation.
+
+## Example Usage
+
+```hcl
+resource redshift_user test_user {
+  username = "testusernew" # User name are not immutable.
+  password = "Testpass123" # You can pass an md5 encrypted password here by prefixing the hash with md5
+  valid_until = "2018-10-30" # See below for an example with 'password_disabled'
+  connection_limit = "4"
+  create_db = true
+  syslog_access = "UNRESTRICTED"
+  superuser = true
+}
+```
+
+## Argument Reference
+
+* `username` - (Required) redshift username to create in SQL
+* `password` - (Required) redshift password to create in SQL, You can pass an md5 encrypted password here by prefixing the hash with md5
+* `valid_until` - (Optional) date the user credentials expire
+* `connection_limit` - (Optional) Number of connections provider can establish to redshift, defaults to UNLIMITED
+* `password_disabled` - (Optional) defaults to false
+* `create_db` - (Optional) Allows user to create new database defaults to false
+* `syslog_access` - (Optional)  allow user access to redshift system logs, default to RESTRICTED

example/.terraform/plugins/registry.terraform.io/hashicorp/redshift/0.0.1/darwin_amd64

@@ -0,0 +1 @@
+/Users/josh/.terraform.d/plugins/registry.terraform.io/hashicorp/redshift/0.0.1/darwin_amd64

example/.terraform/plugins/registry.terraform.io/joshuarose/redshift/0.0.1/darwin_amd64

@@ -0,0 +1 @@
+/Users/josh/.terraform.d/plugins/registry.terraform.io/joshuarose/redshift/0.0.1/darwin_amd64

example/.terraform/plugins/registry.terraform.io/joshuarose/redshift/0.0.2/darwin_amd64

@@ -0,0 +1 @@
+/Users/josh/.terraform.d/plugins/registry.terraform.io/joshuarose/redshift/0.0.2/darwin_amd64

example/.terraform/plugins/selections.json

@@ -0,0 +1,6 @@
+{
+  "registry.terraform.io/joshuarose/redshift": {
+    "hash": "h1:Zks1R6O7u3Zfd4BOBKJ2FRXjl0ptsdXKLmwrar4a4Rg=",
+    "version": "0.0.2"
+  }
+}

example/main.tf

@@ -0,0 +1,40 @@
+provider redshift {
+  url = var.url
+  user = var.username
+  password = var.password
+  database = var.database_primary
+  ssl_mode = "disable"
+}
+
+resource redshift_user test_user {
+  username = "testusernew"
+  password = "Testpass123"
+  connection_limit = "4"
+  createdb = true
+}
+
+resource redshift_user test_user2 {
+  username = "test_user8"
+  password = "Testpass123"
+  connection_limit = "1"
+  createdb = true
+}
+
+
+resource redshift_group test_group {
+  group_name = "test_group"
+  users = [redshift_user.test_user.id, redshift_user.test_user2.id]
+}
+
+resource redshift_schema test_schema {
+  schema_name = "test_schemax"
+  cascade_on_delete = true
+}
+
+resource redshift_group_schema_privilege testgroup_testchema_privileges {
+  schema_id = redshift_schema.test_schema.id
+  group_id = redshift_group.test_group.id
+  select = true
+  insert = true
+  update = true
+}

example/variables.tf

@@ -0,0 +1,4 @@
+variable url {}
+variable username {}
+variable password {}
+variable database_primary {}