Merge branch 'main' into wasaga/route-data-sources

Author: wasaga

example/main.tf

@@ -161,18 +161,18 @@ data "pomerium_namespace" "existing_namespace" {
   id = pomerium_namespace.test_namespace.id
 }
 
-data "pomerium_route" "existing_route" {
-  id = pomerium_route.test_route.id
-}
+# data "pomerium_route" "existing_route" {
+#   id = pomerium_route.test_route.id
+# }
 
 # Output examples
 output "namespace_name" {
   value = data.pomerium_namespace.existing_namespace.name
 }
 
-output "route_from" {
-  value = data.pomerium_route.existing_route.from
-}
+# output "route_from" {
+#   value = data.pomerium_route.existing_route.from
+# }
 
 output "all_namespaces" {
   value = data.pomerium_namespaces.all_namespaces.namespaces

go.mod

@@ -66,7 +66,7 @@ require (
 	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 // indirect
 	golang.org/x/mod v0.21.0 // indirect
-	golang.org/x/net v0.31.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/text v0.21.0 // indirect

go.sum

@@ -239,10 +239,6 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pomerium/csrf v1.7.0 h1:Qp4t6oyEod3svQtKfJZs589mdUTWKVf7q0PgCKYCshY=
 github.com/pomerium/csrf v1.7.0/go.mod h1:hAPZV47mEj2T9xFs+ysbum4l7SF1IdrryYaY6PdoIqw=
-github.com/pomerium/enterprise-client-go v0.18.1-0.20241202185616-83189ffe78a8 h1:gUf1q1LuvYP5/IK/BQo1CcLfH1PsDm7SkPaMZQnNQGg=
-github.com/pomerium/enterprise-client-go v0.18.1-0.20241202185616-83189ffe78a8/go.mod h1:VdYFbxVuHkC9/CEQBSwAu6k69S5uUkwM7bM708YSZJ8=
-github.com/pomerium/enterprise-client-go v0.18.1-0.20241202185750-aab20a674922 h1:On4g0z92DXMKNFHhOhpaUJpj+gobumEQcBw3KeFbuQ8=
-github.com/pomerium/enterprise-client-go v0.18.1-0.20241202185750-aab20a674922/go.mod h1:+l5FjwKlXDsHahK6JE4anAqx691G6uN/3s5HBcLkPrQ=
 github.com/pomerium/enterprise-client-go v0.18.1-0.20241231202145-17196aa57a93 h1:XBOdbvUcrnFHjpfjRG1oS1g58g7V1IETAaTVjzz/19I=
 github.com/pomerium/enterprise-client-go v0.18.1-0.20241231202145-17196aa57a93/go.mod h1:+l5FjwKlXDsHahK6JE4anAqx691G6uN/3s5HBcLkPrQ=
 github.com/pomerium/pomerium v0.28.0 h1:oNUw623093ybLB+a/W7fZgJXRlZiLlbwXMWXpdMTs3E=
@@ -362,8 +358,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
 golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=

internal/provider/convert.go

@@ -88,7 +88,7 @@ func ToStringSlice(ctx context.Context, dst *[]string, list types.List, diagnost
 	}
 }
 
-// ToDuration converts a types.String containing a duration to a durationpb.Duration and handles diagnostics internally
+// ToDuration converts a timetypes.Duration to durationpb.Duration
 func ToDuration(dst **durationpb.Duration, src timetypes.GoDuration, diagnostics *diag.Diagnostics) {
 	if src.IsNull() || src.IsUnknown() {
 		*dst = nil
@@ -103,7 +103,7 @@ func ToDuration(dst **durationpb.Duration, src timetypes.GoDuration, diagnostics
 	*dst = durationpb.New(d)
 }
 
-// FromDuration converts a durationpb.Duration to a types.String
+// FromDuration converts a durationpb.Duration to a timetypes.GoDuration
 func FromDuration(d *durationpb.Duration) timetypes.GoDuration {
 	if d == nil {
 		return timetypes.NewGoDurationNull()

internal/provider/keychain.go

@@ -11,6 +11,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 
 	client "github.com/pomerium/enterprise-client-go"
 	"github.com/pomerium/enterprise-client-go/pb"
@@ -131,6 +133,10 @@ func (r *KeyChainResource) Read(ctx context.Context, req resource.ReadRequest, r
 		Id: state.ID.ValueString(),
 	})
 	if err != nil {
+		if status.Code(err) == codes.NotFound {
+			resp.State.RemoveResource(ctx)
+			return
+		}
 		resp.Diagnostics.AddError("Error reading key pair", err.Error())
 		return
 	}

internal/provider/namespace.go

@@ -9,6 +9,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 
 	client "github.com/pomerium/enterprise-client-go"
 	"github.com/pomerium/enterprise-client-go/pb"
@@ -108,6 +110,10 @@ func (r *NamespaceResource) Read(ctx context.Context, req resource.ReadRequest,
 		Id: state.ID.ValueString(),
 	})
 	if err != nil {
+		if status.Code(err) == codes.NotFound {
+			resp.State.RemoveResource(ctx)
+			return
+		}
 		resp.Diagnostics.AddError("Error reading namespace", err.Error())
 		return
 	}

internal/provider/namespace_permission.go

@@ -14,6 +14,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-log/tflog"
 	client "github.com/pomerium/enterprise-client-go"
 	"github.com/pomerium/enterprise-client-go/pb"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 )
 
 //go:embed help/namespace_permissions.md
@@ -118,6 +120,10 @@ func (r *NamespacePermissionResource) Read(ctx context.Context, req resource.Rea
 		Id: state.ID.ValueString(),
 	})
 	if err != nil {
+		if status.Code(err) == codes.NotFound {
+			resp.State.RemoveResource(ctx)
+			return
+		}
 		resp.Diagnostics.AddError("failed to read namespace permission", err.Error())
 		return
 	}

internal/provider/policy.go

@@ -11,6 +11,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 
 	client "github.com/pomerium/enterprise-client-go"
 	"github.com/pomerium/enterprise-client-go/pb"
@@ -150,6 +152,10 @@ func (r *PolicyResource) Read(ctx context.Context, req resource.ReadRequest, res
 		Id: state.ID.ValueString(),
 	})
 	if err != nil {
+		if status.Code(err) == codes.NotFound {
+			resp.State.RemoveResource(ctx)
+			return
+		}
 		resp.Diagnostics.AddError("Error reading policy", err.Error())
 		return
 	}

internal/provider/provider.go

@@ -6,11 +6,14 @@ import (
 	"net"
 	"net/url"
 
+	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
 	"github.com/hashicorp/terraform-plugin-framework/datasource"
 	"github.com/hashicorp/terraform-plugin-framework/function"
+	"github.com/hashicorp/terraform-plugin-framework/path"
 	"github.com/hashicorp/terraform-plugin-framework/provider"
 	"github.com/hashicorp/terraform-plugin-framework/provider/schema"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-framework/schema/validator"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	client "github.com/pomerium/enterprise-client-go"
 )
@@ -52,6 +55,12 @@ func (p *PomeriumProvider) Schema(_ context.Context, _ provider.SchemaRequest, r
 				MarkdownDescription: "Pomerium Enterprise Service Account Token",
 				Optional:            true,
 				Sensitive:           true,
+				Validators: []validator.String{
+					stringvalidator.ExactlyOneOf(path.Expressions{
+						path.MatchRoot("service_account_token"),
+						path.MatchRoot("shared_secret_b64"),
+					}...),
+				},
 			},
 			"shared_secret_b64": schema.StringAttribute{
 				MarkdownDescription: "Pomerium Shared Secret (base64 encoded)",

internal/provider/route.go

@@ -14,6 +14,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-log/tflog"
 	client "github.com/pomerium/enterprise-client-go"
 	"github.com/pomerium/enterprise-client-go/pb"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 )
 
 // Ensure provider defined types fully satisfy framework interfaces.
@@ -124,13 +126,19 @@ func (r *RouteResource) Schema(_ context.Context, _ resource.SchemaRequest, resp
 				Description: "Timeout.",
 				Optional:    true,
 				CustomType:  timetypes.GoDurationType{},
+<<<<<<< HEAD
 				Computed:    true,
+=======
+>>>>>>> main
 			},
 			"idle_timeout": schema.StringAttribute{
 				Description: "Idle timeout.",
 				Optional:    true,
 				CustomType:  timetypes.GoDurationType{},
+<<<<<<< HEAD
 				Computed:    true,
+=======
+>>>>>>> main
 			},
 			"allow_websockets": schema.BoolAttribute{
 				Description: "Allow websockets.",
@@ -267,6 +275,10 @@ func (r *RouteResource) Read(ctx context.Context, req resource.ReadRequest, resp
 		Id: state.ID.ValueString(),
 	})
 	if err != nil {
+		if status.Code(err) == codes.NotFound {
+			resp.State.RemoveResource(ctx)
+			return
+		}
 		resp.Diagnostics.AddError("get route", err.Error())
 		return
 	}

internal/provider/service_account.go

@@ -11,6 +11,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 
 	client "github.com/pomerium/enterprise-client-go"
 	"github.com/pomerium/enterprise-client-go/pb"
@@ -131,6 +133,10 @@ func (r *ServiceAccountResource) Read(ctx context.Context, req resource.ReadRequ
 		Id: state.ID.ValueString(),
 	})
 	if err != nil {
+		if status.Code(err) == codes.NotFound {
+			resp.State.RemoveResource(ctx)
+			return
+		}
 		resp.Diagnostics.AddError("Error reading service account", err.Error())
 		return
 	}