Move connection information out of provider config and into resource

AdrienneCohea · Dec 16, 2020 · 1b4613e · 1b4613e
1 parent b78ef78
commit 1b4613e
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 46 deletions.
diff --git a/provider.go b/provider.go
@@ -2,44 +2,13 @@ package main
 
 import (
 	"github.com/cenkalti/backoff/v4"
-	"github.com/hashicorp/nomad/api"
 	"github.com/hashicorp/terraform/helper/schema"
 )
 
 //Provider defines the schema and resource map
 func Provider() *schema.Provider {
 	return &schema.Provider{
 		Schema: map[string]*schema.Schema{
-			"address": {
-				Type:        schema.TypeString,
-				Required:    true,
-				DefaultFunc: schema.EnvDefaultFunc("NOMAD_ADDR", "http://127.0.0.1:4646"),
-				Description: "URL of the root of the target Nomad agent.",
-			},
-			"ca_file": {
-				Type:        schema.TypeString,
-				Optional:    true,
-				DefaultFunc: schema.EnvDefaultFunc("NOMAD_CACERT", ""),
-				Description: "A path to a PEM-encoded certificate authority used to verify the remote agent's certificate.",
-			},
-			"cert_file": {
-				Type:        schema.TypeString,
-				Optional:    true,
-				DefaultFunc: schema.EnvDefaultFunc("NOMAD_CLIENT_CERT", ""),
-				Description: "A path to a PEM-encoded certificate provided to the remote agent; requires use of key_file.",
-			},
-			"key_file": {
-				Type:        schema.TypeString,
-				Optional:    true,
-				DefaultFunc: schema.EnvDefaultFunc("NOMAD_CLIENT_KEY", ""),
-				Description: "A path to a PEM-encoded private key, required if cert_file is specified.",
-			},
-			"tls_server_name": {
-				Type:        schema.TypeString,
-				Optional:    true,
-				DefaultFunc: schema.EnvDefaultFunc("NOMAD_CLIENT_KEY", ""),
-				Description: "Specifies an optional string used to set the SNI host when connecting to Vault via TLS.",
-			},
 			"initial_backoff_interval": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -75,18 +44,6 @@ func Provider() *schema.Provider {
 }
 
 func providerConfigure(d *schema.ResourceData) (interface{}, error) {
-	conf := api.DefaultConfig()
-	conf.Address = d.Get("address").(string)
-	conf.TLSConfig.CACert = d.Get("ca_file").(string)
-	conf.TLSConfig.ClientCert = d.Get("cert_file").(string)
-	conf.TLSConfig.ClientKey = d.Get("key_file").(string)
-	conf.TLSConfig.TLSServerName = d.Get("tls_server_name").(string)
-
-	client, err := api.NewClient(conf)
-	if err != nil {
-		return nil, err
-	}
-
 	b := backoff.NewExponentialBackOff()
 	b.InitialInterval = MustDuration(d.Get("initial_backoff_interval").(string))
 	b.Multiplier = d.Get("backoff_multiplier").(float64)
@@ -95,11 +52,9 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 
 	return &Config{
 		retryBackoff: b,
-		client:       client,
 	}, nil
 }
 
 type Config struct {
 	retryBackoff *backoff.ExponentialBackOff
-	client       *api.Client
 }
diff --git a/provider_util.go b/provider_util.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"github.com/hashicorp/nomad/api"
 	"github.com/hashicorp/terraform/helper/schema"
 	"time"
 )
@@ -24,3 +25,18 @@ func MustDuration(dur string) time.Duration {
 	}
 	return actual
 }
+
+func getClient(d *schema.ResourceData) *api.Client {
+	conf := api.DefaultConfig()
+	conf.Address = d.Get("address").(string)
+	conf.TLSConfig.CACert = d.Get("ca_file").(string)
+	conf.TLSConfig.ClientCert = d.Get("cert_file").(string)
+	conf.TLSConfig.ClientKey = d.Get("key_file").(string)
+	conf.TLSConfig.TLSServerName = d.Get("tls_server_name").(string)
+
+	client, err := api.NewClient(conf)
+	if err != nil {
+		panic(err)
+	}
+	return client
+}
diff --git a/resource_acl_bootstrap.go b/resource_acl_bootstrap.go
@@ -10,9 +10,40 @@ func aclBootstrap() *schema.Resource {
 	return &schema.Resource{
 		Create: bootstrapACLs,
 		Read:   noop,
+		Update: noop,
 		Delete: forget,
 
 		Schema: map[string]*schema.Schema{
+			"address": {
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("NOMAD_ADDR", "http://127.0.0.1:4646"),
+				Description: "URL of the root of the target Nomad agent.",
+			},
+			"ca_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("NOMAD_CACERT", ""),
+				Description: "A path to a PEM-encoded certificate authority used to verify the remote agent's certificate.",
+			},
+			"cert_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("NOMAD_CLIENT_CERT", ""),
+				Description: "A path to a PEM-encoded certificate provided to the remote agent; requires use of key_file.",
+			},
+			"key_file": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("NOMAD_CLIENT_KEY", ""),
+				Description: "A path to a PEM-encoded private key, required if cert_file is specified.",
+			},
+			"tls_server_name": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("NOMAD_CLIENT_KEY", ""),
+				Description: "Specifies an optional string used to set the SNI host when connecting to Vault via TLS.",
+			},
 			"accessor_id": {
 				Description: "Nomad-generated ID for this token.",
 				Computed:    true,
@@ -62,9 +93,10 @@ func aclBootstrap() *schema.Resource {
 
 func bootstrapACLs(d *schema.ResourceData, meta interface{}) error {
 	c := meta.(*Config)
+	client := getClient(d)
 
 	return backoff.Retry(func() error {
-		resp, _, err := c.client.ACLTokens().Bootstrap(nil)
+		resp, _, err := client.ACLTokens().Bootstrap(nil)
 		if err != nil {
 			return maybeRetry(err)
 		}