From 4b77b190cf75b10c330c1ad934c40222d0e98e33 Mon Sep 17 00:00:00 2001 From: Russel Vela Date: Tue, 26 Sep 2023 10:44:46 -0600 Subject: [PATCH 1/4] feat(makefile): Updated README.md to include new supported attributes --- README.md | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 5badf2e..4bb1fb0 100644 --- a/README.md +++ b/README.md @@ -185,16 +185,18 @@ for Terraform version 0.11 and below. The `venafi` provider has the following options: - | Property | Type | Description | Env. Variable | - | -------------- | ------ | ------------------------------------------------------------ | ------------ | - | `api_key` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Venafi as a Service API key | VENAFI_API | - | `access_token` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Trust Protection Platform access token for the "hashicorp-terraform-by-venafi" API Application | VENAFI_TOKEN | - | `tpp_username` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | **[DEPRECATED]** Trust Protection Platform WebSDK username, use `access_token` if possible | VENAFI_USER | - | `tpp_password` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | **[DEPRECATED]** Trust Protection Platform WebSDK password, use `access_token` if possible | VENAFI_PASS | - | `trust_bundle` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Text file containing trust anchor certificates in PEM format, generally required for Trust Protection Platform | | - | `url` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Venafi service URL (e.g. "https://tpp.venafi.example") | VENAFI_URL | - | `zone` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Policy folder for TPP or Application name and Issuing Template API Alias for VaaS (e.g. "Business App\Enterprise CIT") | VENAFI_ZONE | - | `dev_mode` | [Boolean](https://www.terraform.io/docs/extend/schemas/schema-types.html#typebool) | When "true", the provider operates without connecting to TPP or VaaS | VENAFI_DEVMODE | + | Property | Type | Description | Env. Variable | + |-------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------|------------------------|---------------------| + | `api_key` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Venafi as a Service API key | VENAFI_API | + | `access_token` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Trust Protection Platform access token for the "hashicorp-terraform-by-venafi" API Application | VENAFI_TOKEN | + | `p12_cert_filename` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to Venafi Platform | VENAFI_P12_CERTIFICATE | + | `p12_cert_password` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Password for the PKCS#12 keystore declared in `p12_cert_filename` | VENAFI_P12_PASSWORD | + | `tpp_username` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | **[DEPRECATED]** Trust Protection Platform WebSDK username, use `access_token` if possible | VENAFI_USER | + | `tpp_password` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | **[DEPRECATED]** Trust Protection Platform WebSDK password, use `access_token` if possible | VENAFI_PASS | + | `trust_bundle` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Text file containing trust anchor certificates in PEM format, generally required for Trust Protection Platform | | + | `url` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Venafi service URL (e.g. "https://tpp.venafi.example") | VENAFI_URL | + | `zone` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Policy folder for TPP or Application name and Issuing Template API Alias for VaaS (e.g. "Business App\Enterprise CIT") | VENAFI_ZONE | + | `dev_mode` | [Boolean](https://www.terraform.io/docs/extend/schemas/schema-types.html#typebool) | When "true", the provider operates without connecting to TPP or VaaS | VENAFI_DEVMODE | >:pushpin: **NOTE**: The indicated environment variables can be used to specify values for provider settings rather than including them in a configuration From f891299bbb7912218fbfd97261323043e68f2289 Mon Sep 17 00:00:00 2001 From: Russel Vela Date: Tue, 26 Sep 2023 11:00:30 -0600 Subject: [PATCH 2/4] feat(makefile): Updated Makefile to properly install ghr library --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 6ec78e5..b24ca17 100644 --- a/Makefile +++ b/Makefile @@ -106,6 +106,7 @@ collect_artifacts: cp -rv $(DIST_DIR)/* artifacts release: + go get -u github.com/tcnksm/ghr go install github.com/tcnksm/ghr ghr -prerelease -n $$RELEASE_VERSION $$RELEASE_VERSION artifacts/ From 037279e6291718049dd384b98d8c55640e053f78 Mon Sep 17 00:00:00 2001 From: Russel Vela Date: Tue, 26 Sep 2023 11:08:33 -0600 Subject: [PATCH 3/4] feat(makefile): Updated Makefile to properly install ghr library --- Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Makefile b/Makefile index b24ca17..fb42933 100644 --- a/Makefile +++ b/Makefile @@ -106,8 +106,7 @@ collect_artifacts: cp -rv $(DIST_DIR)/* artifacts release: - go get -u github.com/tcnksm/ghr - go install github.com/tcnksm/ghr + go install github.com/tcnksm/ghr@latest ghr -prerelease -n $$RELEASE_VERSION $$RELEASE_VERSION artifacts/ clean: From 2b85c6712d7362aaf6d64bf43bdb0f2695acc6d1 Mon Sep 17 00:00:00 2001 From: Russel Vela Date: Tue, 26 Sep 2023 11:20:54 -0600 Subject: [PATCH 4/4] feat(makefile): Updated Makefile to properly install ghr library --- CHANGELOG.md | 4 ++-- README.md | 25 +++++++++++++------------ website/docs/index.html.markdown | 2 +- 3 files changed, 16 insertions(+), 15 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b7abd39..8e7c0f2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ ## 0.17.0 (September 25, 2023) -Added support for client certificate as authentication method. Two attributes were added for this purpose: -p12_cert_filename (filename of the pkcs12 bundle) and p12_cert_password (password of the pkcs12 bundle) +Added support for client certificate as authentication method. Two attributes were added for this purpose: p12_cert_filename (filename of the pkcs12 bundle) and p12_cert_password (password of the pkcs12 bundle) +Added support for client_id attribute to allow users to customize which application is requesting tokens ## 0.16.1 (October 7, 2022) Added support for nickname attribute to override certificate object name at TPP. diff --git a/README.md b/README.md index 4bb1fb0..7df3bae 100644 --- a/README.md +++ b/README.md @@ -185,18 +185,19 @@ for Terraform version 0.11 and below. The `venafi` provider has the following options: - | Property | Type | Description | Env. Variable | - |-------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------|------------------------|---------------------| - | `api_key` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Venafi as a Service API key | VENAFI_API | - | `access_token` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Trust Protection Platform access token for the "hashicorp-terraform-by-venafi" API Application | VENAFI_TOKEN | - | `p12_cert_filename` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to Venafi Platform | VENAFI_P12_CERTIFICATE | - | `p12_cert_password` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Password for the PKCS#12 keystore declared in `p12_cert_filename` | VENAFI_P12_PASSWORD | - | `tpp_username` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | **[DEPRECATED]** Trust Protection Platform WebSDK username, use `access_token` if possible | VENAFI_USER | - | `tpp_password` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | **[DEPRECATED]** Trust Protection Platform WebSDK password, use `access_token` if possible | VENAFI_PASS | - | `trust_bundle` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Text file containing trust anchor certificates in PEM format, generally required for Trust Protection Platform | | - | `url` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Venafi service URL (e.g. "https://tpp.venafi.example") | VENAFI_URL | - | `zone` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Policy folder for TPP or Application name and Issuing Template API Alias for VaaS (e.g. "Business App\Enterprise CIT") | VENAFI_ZONE | - | `dev_mode` | [Boolean](https://www.terraform.io/docs/extend/schemas/schema-types.html#typebool) | When "true", the provider operates without connecting to TPP or VaaS | VENAFI_DEVMODE | + | Property | Type | Description | Env. Variable | + |---------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|---------------------| + | `api_key` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Venafi as a Service API key | VENAFI_API | + | `access_token` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Trust Protection Platform access token for the "hashicorp-terraform-by-venafi" API Application | VENAFI_TOKEN | + | `client_id` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | ID of the application that will request tokens. Not necessary when `access_token` provided. If not provided, defaults to `hashicorp-terraform-by-venafi` | VENAFI_CLIENT_ID | + | `p12_cert_filename` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Filename of PKCS#12 keystore containing a client certificate, private key, and chain certificates to authenticate to Venafi Platform | VENAFI_P12_CERTIFICATE | + | `p12_cert_password` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Password for the PKCS#12 keystore declared in `p12_cert_filename` | VENAFI_P12_PASSWORD | + | `tpp_username` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | **[DEPRECATED]** Trust Protection Platform WebSDK username, use `access_token` if possible | VENAFI_USER | + | `tpp_password` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | **[DEPRECATED]** Trust Protection Platform WebSDK password, use `access_token` if possible | VENAFI_PASS | + | `trust_bundle` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Text file containing trust anchor certificates in PEM format, generally required for Trust Protection Platform | | + | `url` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Venafi service URL (e.g. "https://tpp.venafi.example") | VENAFI_URL | + | `zone` | [String](https://www.terraform.io/docs/extend/schemas/schema-types.html#typestring) | Policy folder for TPP or Application name and Issuing Template API Alias for VaaS (e.g. "Business App\Enterprise CIT") | VENAFI_ZONE | + | `dev_mode` | [Boolean](https://www.terraform.io/docs/extend/schemas/schema-types.html#typebool) | When "true", the provider operates without connecting to TPP or VaaS | VENAFI_DEVMODE | >:pushpin: **NOTE**: The indicated environment variables can be used to specify values for provider settings rather than including them in a configuration diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index fe5a989..af2f2dc 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -90,7 +90,7 @@ for Venafi as a Service or policy folder for Venafi Platform. * `p12_cert_password` - (Optional, string) Password for the PKCS#12 keystore declared in `p12_cert_filename` * `trust_bundle` - (Optional, string) PEM trust bundle for Venafi Platform server certificate (e.g. "${file("bundle.pem")}" ). * `dev_mode` - (Optional, boolean) When "true" will test the provider without connecting to Venafi Platform or Venafi as a Service. -* `client_id` - (Optional, string) ID of the application that will request a token. Note necessary when `access_token` provided. If not provided, defaults to `hashicorp-terraform-by-venafi` +* `client_id` - (Optional, string) ID of the application that will request a token. Not necessary when `access_token` provided. If not provided, defaults to `hashicorp-terraform-by-venafi` ## Environment Variables