X-API-Key (#4)

skysqlinc · Jun 6, 2024 · 6135fd2 · 6135fd2
1 parent ee9378d
commit 6135fd2
Show file tree

Hide file tree

Showing 15 changed files with 64 additions and 55 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -17,11 +17,10 @@ jobs:
   goreleaser:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
-          # Allow goreleaser to access older tag information.
           fetch-depth: 0
-      - uses: actions/setup-go@v3
+      - uses: actions/setup-go@v5
         with:
           go-version-file: 'go.mod'
           cache: true
@@ -32,9 +31,11 @@ jobs:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.PASSPHRASE }}
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v4
+        uses: goreleaser/goreleaser-action@v6
         with:
-          args: release --rm-dist
+          distribution: goreleaser
+          version: "latest"
+          args: release --clean
         env:
           # GitHub sets the GITHUB_TOKEN secret automatically.
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -1,5 +1,6 @@
 # Visit https://goreleaser.com for documentation on how to customize this
 # behavior.
+version: 2
 before:
   hooks:
     # this is just an example and not a requirement for provider building/publishing
@@ -41,7 +42,7 @@ checksum:
 signs:
   - artifacts: checksum
     args:
-      # if you are using this in a GitHub action or some other automated pipeline, you 
+      # if you are using this in a GitHub action or some other automated pipeline, you
       # need to pass the batch flag to indicate its not interactive.
       - "--batch"
       - "--local-user"
@@ -54,7 +55,5 @@ release:
   extra_files:
     - glob: 'terraform-registry-manifest.json'
       name_template: '{{ .ProjectName }}_{{ .Version }}_manifest.json'
-  # If you want to manually examine the release before its live, uncomment this line:
-  # draft: true
 changelog:
-  skip: true
+  disable: true
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## [3.0.0] - 2024-06-05
+### Breaking Change
+- New API Key Access, `TF_SKYSQL_API_KEY` [API Access](https://app.skysql.com/user-profile/api-keys)
+
 ## [2.0.1] - 2024-02-24
+**OBSOLETE - DO NOT USE**
 ### Fixed
 - `volume_type` imports work as expected.
diff --git a/docs/index.md b/docs/index.md
@@ -205,7 +205,7 @@ on darwin_arm64
 2. Set environment variables:
 
 ```bash
-$ export TF_SKYSQL_API_ACCESS_TOKEN=my-access-token
+$ export TF_SKYSQL_API_KEY=my-api-key
 ```
 
 3. Create a new SkySQL service using the example below:
@@ -353,20 +353,20 @@ which are applied in the following order:
 configuration and risks secret leakage should this file ever be committed to a
 public version control system.
 
-Credentials can be provided by adding an `access_token` to the provider configuration block.
+Credentials can be provided by adding an `api_key` to the provider configuration block.
 
 Usage:
 
 ```terraform
 
 provider "skysql" {
-  access_token = "my-access-token"
+  api_key = "my-api-key"
 }
 ```
 
 ### Environment Variables
 
-SkySQL Access token can be provided by using the `TF_SKYSQL_API_ACCESS_TOKEN` environment variable.
+SkySQL Access token can be provided by using the `TF_SKYSQL_API_KEY` environment variable.
 
 For example:
 
@@ -375,7 +375,7 @@ provider "skysql" {}
 ```
 
 ```sh
-$ export TF_SKYSQL_API_ACCESS_TOKEN="my-access-token"
+$ export TF_SKYSQL_API_KEY="my-api-key"
 
 $ terraform plan
 ```

diff --git a/internal/provider/autonomous_resource_test.go b/internal/provider/autonomous_resource_test.go
@@ -22,7 +22,7 @@ func TestAutonomousResource(t *testing.T) {
 
 	testUrl, expectRequest, close := mockSkySQLAPI(t)
 	defer close()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testUrl)
 
 	expectRequest(func(w http.ResponseWriter, req *http.Request) {
@@ -170,7 +170,7 @@ func TestModifyAutonomousResource(t *testing.T) {
 
 	testUrl, expectRequest, close := mockSkySQLAPI(t)
 	defer close()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testUrl)
 
 	expectRequest(func(w http.ResponseWriter, req *http.Request) {

diff --git a/internal/provider/provider.go b/internal/provider/provider.go
@@ -3,15 +3,16 @@ package provider
 import (
 	"context"
 	"errors"
-	"github.com/matryer/resync"
-	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql"
 	"os"
 
+	"github.com/matryer/resync"
+
 	"github.com/hashicorp/terraform-plugin-framework/datasource"
 	"github.com/hashicorp/terraform-plugin-framework/provider"
 	"github.com/hashicorp/terraform-plugin-framework/provider/schema"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
 	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql"
 )
 
 // Ensure skySQLProvider satisfies various provider interfaces.
@@ -29,8 +30,8 @@ type skySQLProvider struct {
 
 // SkySQLProviderModel describes the provider data model.
 type SkySQLProviderModel struct {
-	BaseURL     types.String `tfsdk:"base_url"`
-	AccessToken types.String `tfsdk:"access_token"`
+	BaseURL types.String `tfsdk:"base_url"`
+	APIKey  types.String `tfsdk:"api_key"`
 }
 
 func (p *skySQLProvider) Metadata(ctx context.Context, req provider.MetadataRequest, resp *provider.MetadataResponse) {
@@ -42,8 +43,8 @@ func (p *skySQLProvider) Schema(ctx context.Context, req provider.SchemaRequest,
 	resp.Schema = schema.Schema{
 		Description: "The SkySQL terraform provider",
 		Attributes: map[string]schema.Attribute{
-			"access_token": schema.StringAttribute{
-				MarkdownDescription: "SkySQL API access token",
+			"api_key": schema.StringAttribute{
+				MarkdownDescription: "SkySQL API Key",
 				Optional:            true,
 				Sensitive:           true,
 			},
@@ -64,7 +65,7 @@ func getEnv(key, fallback string) string {
 }
 
 func (p *skySQLProvider) Configure(ctx context.Context, req provider.ConfigureRequest, resp *provider.ConfigureResponse) {
-	accessToken := os.Getenv("TF_SKYSQL_API_ACCESS_TOKEN")
+	apiKey := os.Getenv("TF_SKYSQL_API_KEY")
 	baseURL := getEnv("TF_SKYSQL_API_BASE_URL", "https://api.skysql.com")
 
 	var data SkySQLProviderModel
@@ -77,19 +78,19 @@ func (p *skySQLProvider) Configure(ctx context.Context, req provider.ConfigureRe
 
 	// Check configuration data, which should take precedence over
 	// environment variable data, if found.
-	if data.AccessToken.ValueString() != "" {
-		accessToken = data.AccessToken.ValueString()
+	if data.APIKey.ValueString() != "" {
+		apiKey = data.APIKey.ValueString()
 	}
 
 	if data.BaseURL.ValueString() != "" {
 		baseURL = data.BaseURL.ValueString()
 	}
 
-	if accessToken == "" {
+	if apiKey == "" {
 		resp.Diagnostics.AddError(
 			"Missing SkySQL Access Token Configuration",
 			"While configuring the provider, the API access token was not found in "+
-				"the TF_SKYSQL_API_ACCESS_TOKEN environment variable or provider "+
+				"the TF_SKYSQL_API_KEY environment variable or provider "+
 				"configuration block access_token attribute.",
 		)
 		// Not returning early allows the logic to collect all errors.
@@ -105,7 +106,7 @@ func (p *skySQLProvider) Configure(ctx context.Context, req provider.ConfigureRe
 		// Not returning early allows the logic to collect all errors.
 	}
 
-	client := skysql.New(baseURL, accessToken)
+	client := skysql.New(baseURL, apiKey)
 
 	configureOnce.Do(func() {
 		_, err := client.GetVersions(ctx, skysql.WithPageSize(1))

diff --git a/internal/provider/service_resource_deletion_protection_test.go b/internal/provider/service_resource_deletion_protection_test.go
@@ -3,25 +3,27 @@ package provider
 import (
 	"encoding/json"
 	"fmt"
+	"net/http"
+	"os"
+	"testing"
+	"time"
+
 	"github.com/google/uuid"
 	"github.com/hashicorp/terraform-plugin-framework/providerserver"
 	"github.com/hashicorp/terraform-plugin-go/tfprotov6"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
 	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql"
 	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql/provisioning"
 	"github.com/stretchr/testify/require"
-	"net/http"
-	"os"
-	"testing"
-	"time"
 )
 
 func TestServiceResourceDeletionProtection(t *testing.T) {
 	const serviceID = "dbdgf42002418"
 
 	testURL, expectRequest, closeAPI := mockSkySQLAPI(t)
 	defer closeAPI()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api_key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testURL)
 
 	r := require.New(t)

diff --git a/internal/provider/service_resource_privatlink_test.go b/internal/provider/service_resource_privatlink_test.go
@@ -21,7 +21,7 @@ func TestServiceResourcePrivateLink(t *testing.T) {
 
 	testUrl, expectRequest, closeAPI := mockSkySQLAPI(t)
 	defer closeAPI()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testUrl)
 
 	r := require.New(t)
@@ -331,7 +331,7 @@ func TestServiceResourcePrivateConnectWhenAllowedAccountsEmpty(t *testing.T) {
 
 	testUrl, expectRequest, close := mockSkySQLAPI(t)
 	defer close()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testUrl)
 
 	r := require.New(t)

diff --git a/internal/provider/service_resource_sa_test.go b/internal/provider/service_resource_sa_test.go
@@ -22,7 +22,7 @@ func TestServiceResourceServerlessAnalytics(t *testing.T) {
 
 	testUrl, expectRequest, closeAPI := mockSkySQLAPI(t)
 	defer closeAPI()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testUrl)
 
 	r := require.New(t)

diff --git a/internal/provider/service_resource_scale_test.go b/internal/provider/service_resource_scale_test.go
@@ -21,7 +21,7 @@ func TestServiceResourceScaleTest(t *testing.T) {
 
 	testUrl, expectRequest, close := mockSkySQLAPI(t)
 	defer close()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testUrl)
 
 	r := require.New(t)

diff --git a/internal/provider/service_resource_test.go b/internal/provider/service_resource_test.go
@@ -67,7 +67,7 @@ func TestServiceResource(t *testing.T) {
 
 	testUrl, expectRequest, close := mockSkySQLAPI(t)
 	defer close()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testUrl)
 	tests := []struct {
 		name         string

diff --git a/internal/provider/service_resource_update_allowlist_test.go b/internal/provider/service_resource_update_allowlist_test.go
@@ -21,7 +21,7 @@ func TestServiceResourceAllowlistUpdate(t *testing.T) {
 
 	testURL, expectRequest, closeAPI := mockSkySQLAPI(t)
 	defer closeAPI()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testURL)
 
 	r := require.New(t)

diff --git a/internal/provider/service_resource_volume_type_test.go b/internal/provider/service_resource_volume_type_test.go
@@ -21,7 +21,7 @@ func TestServiceResourceGCPVolumeType(t *testing.T) {
 
 	testURL, expectRequest, closeAPI := mockSkySQLAPI(t)
 	defer closeAPI()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testURL)
 
 	r := require.New(t)
@@ -167,7 +167,7 @@ func TestServiceResourceAWSGP2VolumeType(t *testing.T) {
 
 	testURL, expectRequest, closeAPI := mockSkySQLAPI(t)
 	defer closeAPI()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testURL)
 
 	r := require.New(t)
@@ -313,7 +313,7 @@ func TestServiceResourceAWSIO1VolumeType(t *testing.T) {
 
 	testURL, expectRequest, closeAPI := mockSkySQLAPI(t)
 	defer closeAPI()
-	os.Setenv("TF_SKYSQL_API_ACCESS_TOKEN", "[token]")
+	os.Setenv("TF_SKYSQL_API_KEY", "[api-key]")
 	os.Setenv("TF_SKYSQL_API_BASE_URL", testURL)
 
 	r := require.New(t)

diff --git a/internal/skysql/client.go b/internal/skysql/client.go
@@ -3,33 +3,34 @@ package skysql
 import (
 	"context"
 	"errors"
-	"github.com/go-resty/resty/v2"
-	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/logging"
-	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql/autonomous"
-	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql/organization"
-	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql/provisioning"
 	"net/http"
 	"net/url"
 	"os"
 	"path/filepath"
 	"strconv"
 	"time"
+
+	"github.com/go-resty/resty/v2"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/logging"
+
+	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql/autonomous"
+	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql/organization"
+	"github.com/skysqlinc/terraform-provider-skysql/internal/skysql/provisioning"
 )
 
 type Client struct {
 	HTTPClient *resty.Client
 }
 
-func New(baseURL string, AccessToken string) *Client {
+func New(baseURL string, apiKey string) *Client {
 	transport := logging.NewLoggingHTTPTransport(http.DefaultTransport)
 
 	clientName, _ := os.Executable()
 
 	return &Client{
 		HTTPClient: resty.NewWithClient(&http.Client{Transport: transport}).
 			SetHeader("User-Agent", filepath.Base(clientName)).
-			SetAuthScheme("Bearer").
-			SetAuthToken(AccessToken).
+			SetHeader("X-API-Key", apiKey).
 			SetBaseURL(baseURL).
 			// Set retry count too non-zero to enable retries
 			SetRetryCount(3).