VAULT-37221: Update Terraform provider to support Agent (#1353)

* refactor radar resource, add detector_type to onboarding call

* add comment

* add changelog

* updated Radar resource create timeout to 2 minutes

* update hcp go sdk

Author: joeyabsi22

.changelog/1353.txt

@@ -0,0 +1,3 @@
+```release-note:improvement
+Updates hcp_vault_radar_source_github_cloud and hcp_vault_radar_source_github_enterprise to accept `detector_type`.
+```

docs/resources/vault_radar_source_github_cloud.md

@@ -23,6 +23,7 @@ resource "hcp_vault_radar_source_github_cloud" "example" {
   github_organization = "my-github-org"
   token               = var.github_cloud_token
   project_id          = "my-project-id"
+  detector_type       = "hcp"
 }
 ```
 
@@ -37,6 +38,7 @@ resource "hcp_vault_radar_source_github_cloud" "example" {
 
 ### Optional
 
+- `detector_type` (String) The detector type which will monitor this resource. The default is HCP if not specified.
 - `project_id` (String) The ID of the HCP project where Vault Radar is located. If not specified, the project specified in the HCP Provider config block will be used, if configured.
 
 ### Read-Only

docs/resources/vault_radar_source_github_enterprise.md

@@ -24,6 +24,7 @@ resource "hcp_vault_radar_source_github_enterprise" "example" {
   github_organization = "my-github-org"
   token               = var.github_enterprise_token
   project_id          = "my-project-id"
+  detector_type       = "hcp"
 }
 ```
 
@@ -39,6 +40,7 @@ resource "hcp_vault_radar_source_github_enterprise" "example" {
 
 ### Optional
 
+- `detector_type` (String) The detector type which will monitor this resource. The default is HCP if not specified.
 - `project_id` (String) The ID of the HCP project where Vault Radar is located. If not specified, the project specified in the HCP Provider config block will be used, if configured.
 
 ### Read-Only

examples/resources/hcp_vault_radar_source_github_cloud/resource.tf

@@ -7,4 +7,5 @@ resource "hcp_vault_radar_source_github_cloud" "example" {
   github_organization = "my-github-org"
   token               = var.github_cloud_token
   project_id          = "my-project-id"
+  detector_type       = "hcp"
 }

examples/resources/hcp_vault_radar_source_github_enterprise/resource.tf

@@ -8,4 +8,5 @@ resource "hcp_vault_radar_source_github_enterprise" "example" {
   github_organization = "my-github-org"
   token               = var.github_enterprise_token
   project_id          = "my-project-id"
+  detector_type       = "hcp"
 }

internal/clients/vault_radar.go

@@ -17,7 +17,7 @@ import (
 )
 
 func OnboardRadarSource(ctx context.Context, client *Client, projectID string, source dsrs.OnboardDataSourceBody) (*dsrs.OnboardDataSourceOK, error) {
-	onboardParams := dsrs.NewOnboardDataSourceParams()
+	onboardParams := dsrs.NewOnboardDataSourceParamsWithTimeout(2 * time.Minute) // gives datasources with "agent" detector type more time to complete
 	onboardParams.Context = ctx
 	onboardParams.LocationProjectID = projectID
 	onboardParams.Body = source

internal/provider/vaultradar/radar_source.go

@@ -7,9 +7,13 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
 	"github.com/hashicorp/terraform-plugin-framework/diag"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/schema/validator"
 	"github.com/hashicorp/terraform-plugin-framework/tfsdk"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
@@ -24,14 +28,45 @@ var (
 	_ resource.ResourceWithConfigure = &radarSourceResource{}
 )
 
+var (
+	baseSourceSchema = map[string]schema.Attribute{
+		"project_id": schema.StringAttribute{
+			Description: "The ID of the HCP project where Vault Radar is located. If not specified, the project specified in the HCP Provider config block will be used, if configured.",
+			Optional:    true,
+			Computed:    true,
+			PlanModifiers: []planmodifier.String{
+				stringplanmodifier.RequiresReplace(),
+				stringplanmodifier.UseStateForUnknown(),
+			},
+		},
+		"id": schema.StringAttribute{
+			Computed:    true,
+			Description: "The ID of this resource.",
+			PlanModifiers: []planmodifier.String{
+				stringplanmodifier.UseStateForUnknown(),
+			},
+		},
+		"detector_type": schema.StringAttribute{
+			Optional:    true,
+			Description: "The detector type which will monitor this resource. The default is HCP if not specified.",
+			PlanModifiers: []planmodifier.String{
+				stringplanmodifier.RequiresReplace(),
+			},
+			Validators: []validator.String{
+				stringvalidator.OneOf("hcp", "agent"),
+			},
+		},
+	}
+)
+
 // radarSourceResource is an implementation for configuring specific types Radar data sources.
 // Examples: hcp_vault_radar_source_github_cloud and hcp_vault_radar_source_github_enterprise make use of
 // this implementation to define resources with specific schemas, validation, and state details related to their types.
 type radarSourceResource struct {
 	client             *clients.Client
 	TypeName           string
 	SourceType         string
-	ConnectionSchema   schema.Schema
+	ResourceSchema     schema.Schema
 	GetSourceFromPlan  func(ctx context.Context, plan tfsdk.Plan) (radarSource, diag.Diagnostics)
 	GetSourceFromState func(ctx context.Context, state tfsdk.State) (radarSource, diag.Diagnostics)
 }
@@ -41,7 +76,18 @@ func (r *radarSourceResource) Metadata(_ context.Context, req resource.MetadataR
 }
 
 func (r *radarSourceResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) {
-	resp.Schema = r.ConnectionSchema
+	resp.Schema = schema.Schema{
+		MarkdownDescription: r.ResourceSchema.MarkdownDescription,
+		Attributes:          r.ResourceSchema.Attributes,
+	}
+
+	for k, v := range baseSourceSchema {
+		// check to see if schema key already exists; if so, skip
+		if _, exists := resp.Schema.Attributes[k]; exists {
+			continue
+		}
+		resp.Schema.Attributes[k] = v
+	}
 }
 
 // radarSource is the minimal plan/state that a Radar source must have.
@@ -53,8 +99,26 @@ type radarSource interface {
 	GetName() types.String
 	GetConnectionURL() types.String
 	GetToken() types.String
+	GetDetectorType() types.String
 }
 
+// base abstraction of Radar datasource model, partially implements radarSource interface
+type abstractSourceModel struct {
+	ProjectID    types.String `tfsdk:"project_id"`
+	ID           types.String `tfsdk:"id"`
+	DetectorType types.String `tfsdk:"detector_type"`
+}
+
+func (b *abstractSourceModel) GetProjectID() types.String { return b.ProjectID }
+
+func (b *abstractSourceModel) SetProjectID(projectID types.String) { b.ProjectID = projectID }
+
+func (b *abstractSourceModel) GetID() types.String { return b.ID }
+
+func (b *abstractSourceModel) SetID(id types.String) { b.ID = id }
+
+func (b *abstractSourceModel) GetDetectorType() types.String { return b.DetectorType }
+
 func (r *radarSourceResource) Configure(_ context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) {
 	if req.ProviderData == nil {
 		return
@@ -97,6 +161,10 @@ func (r *radarSourceResource) Create(ctx context.Context, req resource.CreateReq
 		body.ConnectionURL = src.GetConnectionURL().ValueString()
 	}
 
+	if !src.GetDetectorType().IsNull() {
+		body.DetectorType = src.GetDetectorType().ValueString()
+	}
+
 	res, err := clients.OnboardRadarSource(ctx, r.client, projectID, body)
 	if err != nil {
 		resp.Diagnostics.AddError("Error creating Radar source", err.Error())

internal/provider/vaultradar/resource_radar_source_github_cloud.go

@@ -21,16 +21,16 @@ import (
 
 func NewSourceGitHubCloudResource() resource.Resource {
 	return &radarSourceResource{
-		TypeName:         "_vault_radar_source_github_cloud",
-		SourceType:       "github_cloud",
-		ConnectionSchema: githubCloudSourceSchema,
+		TypeName:       "_vault_radar_source_github_cloud",
+		SourceType:     "github_cloud",
+		ResourceSchema: githubCloudSourceSchema,
 		GetSourceFromPlan: func(ctx context.Context, plan tfsdk.Plan) (radarSource, diag.Diagnostics) {
-			var data githubCloudSourceData
+			var data githubCloudSourceModel
 			diags := plan.Get(ctx, &data)
 			return &data, diags
 		},
 		GetSourceFromState: func(ctx context.Context, state tfsdk.State) (radarSource, diag.Diagnostics) {
-			var data githubCloudSourceData
+			var data githubCloudSourceModel
 			diags := state.Get(ctx, &data)
 			return &data, diags
 		}}
@@ -39,13 +39,6 @@ func NewSourceGitHubCloudResource() resource.Resource {
 var githubCloudSourceSchema = schema.Schema{
 	MarkdownDescription: "This terraform resource manages a GitHub Cloud data source lifecycle in Vault Radar.",
 	Attributes: map[string]schema.Attribute{
-		"id": schema.StringAttribute{
-			Computed:    true,
-			Description: "The ID of this resource.",
-			PlanModifiers: []planmodifier.String{
-				stringplanmodifier.UseStateForUnknown(),
-			},
-		},
 		"github_organization": schema.StringAttribute{
 			Description: `GitHub organization Vault Radar will monitor. Example: type "octocat" for the org https://github.com/octocat`,
 			Required:    true,
@@ -64,37 +57,17 @@ var githubCloudSourceSchema = schema.Schema{
 			Required:    true,
 			Sensitive:   true,
 		},
-
-		// Optional inputs
-		"project_id": schema.StringAttribute{
-			Description: "The ID of the HCP project where Vault Radar is located. If not specified, the project specified in the HCP Provider config block will be used, if configured.",
-			Optional:    true,
-			Computed:    true,
-			PlanModifiers: []planmodifier.String{
-				stringplanmodifier.RequiresReplace(),
-				stringplanmodifier.UseStateForUnknown(),
-			},
-		},
 	},
 }
 
-type githubCloudSourceData struct {
-	ID                 types.String `tfsdk:"id"`
+type githubCloudSourceModel struct {
+	abstractSourceModel
 	GitHubOrganization types.String `tfsdk:"github_organization"`
 	Token              types.String `tfsdk:"token"`
-	ProjectID          types.String `tfsdk:"project_id"`
 }
 
-func (d *githubCloudSourceData) GetProjectID() types.String { return d.ProjectID }
-
-func (d *githubCloudSourceData) SetProjectID(projectID types.String) { d.ProjectID = projectID }
-
-func (d *githubCloudSourceData) GetID() types.String { return d.ID }
-
-func (d *githubCloudSourceData) SetID(id types.String) { d.ID = id }
-
-func (d *githubCloudSourceData) GetName() types.String { return d.GitHubOrganization }
+func (d *githubCloudSourceModel) GetName() types.String { return d.GitHubOrganization }
 
-func (d *githubCloudSourceData) GetConnectionURL() types.String { return basetypes.NewStringNull() }
+func (d *githubCloudSourceModel) GetConnectionURL() types.String { return basetypes.NewStringNull() }
 
-func (d *githubCloudSourceData) GetToken() types.String { return d.Token }
+func (d *githubCloudSourceModel) GetToken() types.String { return d.Token }

internal/provider/vaultradar/resource_radar_source_github_enterprise.go

@@ -20,16 +20,16 @@ import (
 
 func NewSourceGitHubEnterpriseResource() resource.Resource {
 	return &radarSourceResource{
-		TypeName:         "_vault_radar_source_github_enterprise",
-		SourceType:       "github_enterprise",
-		ConnectionSchema: githubEnterpriseSourceSchema,
+		TypeName:       "_vault_radar_source_github_enterprise",
+		SourceType:     "github_enterprise",
+		ResourceSchema: githubEnterpriseSourceSchema,
 		GetSourceFromPlan: func(ctx context.Context, plan tfsdk.Plan) (radarSource, diag.Diagnostics) {
-			var data githubEnterpriseSourceData
+			var data githubEnterpriseSourceModel
 			diags := plan.Get(ctx, &data)
 			return &data, diags
 		},
 		GetSourceFromState: func(ctx context.Context, state tfsdk.State) (radarSource, diag.Diagnostics) {
-			var data githubEnterpriseSourceData
+			var data githubEnterpriseSourceModel
 			diags := state.Get(ctx, &data)
 			return &data, diags
 		}}
@@ -39,13 +39,6 @@ func NewSourceGitHubEnterpriseResource() resource.Resource {
 var githubEnterpriseSourceSchema = schema.Schema{
 	MarkdownDescription: "This terraform resource manages a GitHub Enterprise Server data source lifecycle in Vault Radar.",
 	Attributes: map[string]schema.Attribute{
-		"id": schema.StringAttribute{
-			Computed:    true,
-			Description: "The ID of this resource.",
-			PlanModifiers: []planmodifier.String{
-				stringplanmodifier.UseStateForUnknown(),
-			},
-		},
 		"domain_name": schema.StringAttribute{
 			Description: "Fully qualified domain name of the server. (Example: myserver.acme.com)",
 			Required:    true,
@@ -77,37 +70,18 @@ var githubEnterpriseSourceSchema = schema.Schema{
 			Required:    true,
 			Sensitive:   true,
 		},
-		// Optional inputs
-		"project_id": schema.StringAttribute{
-			Description: "The ID of the HCP project where Vault Radar is located. If not specified, the project specified in the HCP Provider config block will be used, if configured.",
-			Optional:    true,
-			Computed:    true,
-			PlanModifiers: []planmodifier.String{
-				stringplanmodifier.RequiresReplace(),
-				stringplanmodifier.UseStateForUnknown(),
-			},
-		},
 	},
 }
 
-type githubEnterpriseSourceData struct {
-	ID                 types.String `tfsdk:"id"`
+type githubEnterpriseSourceModel struct {
+	abstractSourceModel
 	DomainName         types.String `tfsdk:"domain_name"`
 	GitHubOrganization types.String `tfsdk:"github_organization"`
 	Token              types.String `tfsdk:"token"`
-	ProjectID          types.String `tfsdk:"project_id"`
 }
 
-func (d *githubEnterpriseSourceData) GetProjectID() types.String { return d.ProjectID }
-
-func (d *githubEnterpriseSourceData) SetProjectID(projectID types.String) { d.ProjectID = projectID }
-
-func (d *githubEnterpriseSourceData) GetID() types.String { return d.ID }
-
-func (d *githubEnterpriseSourceData) SetID(id types.String) { d.ID = id }
-
-func (d *githubEnterpriseSourceData) GetName() types.String { return d.GitHubOrganization }
+func (d *githubEnterpriseSourceModel) GetName() types.String { return d.GitHubOrganization }
 
-func (d *githubEnterpriseSourceData) GetConnectionURL() types.String { return d.DomainName }
+func (d *githubEnterpriseSourceModel) GetConnectionURL() types.String { return d.DomainName }
 
-func (d *githubEnterpriseSourceData) GetToken() types.String { return d.Token }
+func (d *githubEnterpriseSourceModel) GetToken() types.String { return d.Token }