feat(monitor-cloud-account): Add new monitor cloud account resource (#244)

* [SMPROD-10685] starting new resource implementation for monitor_cloud_account_provider
[SMPROD-10685] add tests and documentation

* update codeowners

* Update monitor_cloud_account_provider.md

* Update monitor_cloud_account_provider.md

* [SMPROD-10685] update reource name and schema

* [SMPROD-10685] update client and model naming

* Update monitor_cloud_account.md

Author: jwsarna1

CODEOWNERS

@@ -7,6 +7,7 @@
 # monitor
 *monitor*alert* @arturodilecce @dbonf
 *monitor*dashboard* @brokenpip3
+*monitor*providers* @jwsarna1
 
 # policies/rules
 *secure*policy* @jacklongsd @kmvachhani @ben-m-lucas

sysdig/internal/client/monitor/client.go

@@ -56,6 +56,11 @@ type SysdigMonitorClient interface {
 	CreateDashboard(context.Context, *model.Dashboard) (*model.Dashboard, error)
 	UpdateDashboard(context.Context, *model.Dashboard) (*model.Dashboard, error)
 	DeleteDashboard(context.Context, int) error
+
+	GetCloudAccountById(context.Context, int) (*CloudAccount, error)
+	CreateCloudAccount(context.Context, *CloudAccount) (*CloudAccount, error)
+	UpdateCloudAccount(context.Context, int, *CloudAccount) (*CloudAccount, error)
+	DeleteCloudAccountById(context.Context, int) error
 }
 
 func WithExtraHeaders(client SysdigMonitorClient, extraHeaders map[string]string) SysdigMonitorClient {

sysdig/internal/client/monitor/cloud_account.go

@@ -0,0 +1,84 @@
+package monitor
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+)
+
+func (client *sysdigMonitorClient) GetCloudAccountById(ctx context.Context, id int) (*CloudAccount, error) {
+	response, err := client.doSysdigMonitorRequest(ctx, http.MethodGet, client.getProviderUrl(id), nil)
+	if err != nil {
+		return nil, err
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusOK {
+		return nil, errorFromResponse(response)
+	}
+
+	body, err := io.ReadAll(response.Body)
+	if err != nil {
+		return nil, err
+	}
+	return CloudAccountFromJSON(body), nil
+}
+
+func (client *sysdigMonitorClient) CreateCloudAccount(ctx context.Context, provider *CloudAccount) (*CloudAccount, error) {
+	response, err := client.doSysdigMonitorRequest(ctx, http.MethodPost, client.getProvidersUrl(), CloudAccountToJSON(provider))
+	if err != nil {
+		return nil, err
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusCreated {
+		return nil, errorFromResponse(response)
+	}
+
+	body, err := io.ReadAll(response.Body)
+	if err != nil {
+		return nil, err
+	}
+	return CloudAccountFromJSON(body), nil
+}
+
+func (client *sysdigMonitorClient) UpdateCloudAccount(ctx context.Context, id int, provider *CloudAccount) (*CloudAccount, error) {
+	response, err := client.doSysdigMonitorRequest(ctx, http.MethodPut, client.getProviderUrl(id), CloudAccountToJSON(provider))
+	if err != nil {
+		return nil, err
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusOK {
+		return nil, errorFromResponse(response)
+	}
+
+	body, err := io.ReadAll(response.Body)
+	if err != nil {
+		return nil, err
+	}
+	return CloudAccountFromJSON(body), nil
+}
+
+func (client *sysdigMonitorClient) DeleteCloudAccountById(ctx context.Context, id int) error {
+	response, err := client.doSysdigMonitorRequest(ctx, http.MethodDelete, client.getProviderUrl(id), nil)
+	if err != nil {
+		return err
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusOK {
+		return errorFromResponse(response)
+	}
+
+	return nil
+}
+
+func (client *sysdigMonitorClient) getProviderUrl(id int) string {
+	return fmt.Sprintf("%v/%v", client.getProvidersUrl(), id)
+}
+
+func (client *sysdigMonitorClient) getProvidersUrl() string {
+	return fmt.Sprintf("%v/api/v2/providers", client.URL)
+}

sysdig/internal/client/monitor/models.go

@@ -14,6 +14,34 @@ type CustomNotification struct {
 	AppendText     string `json:"appendText,omitempty"`
 }
 
+type CloudAccountCredentials struct {
+	AccountId string `json:"accountId"`
+}
+
+type CloudAccount struct {
+	Id                int                     `json:"id"`
+	Platform          string                  `json:"platform"`
+	IntegrationType   string                  `json:"integrationType"`
+	Credentials       CloudAccountCredentials `json:"credentials"`
+	AdditionalOptions string                  `json:"additionalOptions"`
+}
+
+type cloudAccountWrapper struct {
+	CloudAccount CloudAccount `json:"provider"`
+}
+
+func CloudAccountFromJSON(body []byte) *CloudAccount {
+	var result cloudAccountWrapper
+	_ = json.Unmarshal(body, &result)
+
+	return &result.CloudAccount
+}
+
+func CloudAccountToJSON(providerInfo *CloudAccount) io.Reader {
+	payload, _ := json.Marshal(*providerInfo)
+	return bytes.NewBuffer(payload)
+}
+
 type SysdigCapture struct {
 	Name       string      `json:"name"`
 	Filters    string      `json:"filters,omitempty"`

sysdig/provider.go

@@ -92,6 +92,7 @@ func Provider() *schema.Provider {
 			"sysdig_monitor_notification_channel_victorops": resourceSysdigMonitorNotificationChannelVictorOps(),
 			"sysdig_monitor_notification_channel_webhook":   resourceSysdigMonitorNotificationChannelWebhook(),
 			"sysdig_monitor_team":                           resourceSysdigMonitorTeam(),
+			"sysdig_monitor_cloud_account":                  resourceSysdigMonitorCloudAccount(),
 		},
 		DataSourcesMap: map[string]*schema.Resource{
 			"sysdig_secure_trusted_cloud_identity": dataSourceSysdigSecureTrustedCloudIdentity(),

sysdig/resource_sysdig_monitor_cloud_account.go

@@ -0,0 +1,165 @@
+package sysdig
+
+import (
+	"context"
+	"github.com/draios/terraform-provider-sysdig/sysdig/internal/client/monitor"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"strconv"
+	"time"
+)
+
+func resourceSysdigMonitorCloudAccount() *schema.Resource {
+	timeout := 5 * time.Minute
+
+	return &schema.Resource{
+		CreateContext: resourceSysdigMonitorCloudAccountCreate,
+		DeleteContext: resourceSysdigMonitorCloudAccountDelete,
+		ReadContext:   resourceSysdigMonitorCloudAccountRead,
+		UpdateContext: resourceSysdigMonitorCloudAccountUpdate,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(timeout),
+			Update: schema.DefaultTimeout(timeout),
+			Read:   schema.DefaultTimeout(timeout),
+			Delete: schema.DefaultTimeout(timeout),
+		},
+		Schema: map[string]*schema.Schema{
+			"cloud_provider": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"integration_type": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"account_id": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"additional_options": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
+		},
+	}
+}
+
+func resourceSysdigMonitorCloudAccountCreate(ctx context.Context, data *schema.ResourceData, i interface{}) diag.Diagnostics {
+	client, err := i.(SysdigClients).sysdigMonitorClient()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	cloudAccount := monitorCloudAccountFromResourceData(data)
+
+	cloudAccountCreated, err := client.CreateCloudAccount(ctx, &cloudAccount)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	data.SetId(strconv.Itoa(cloudAccountCreated.Id))
+
+	return nil
+}
+
+func resourceSysdigMonitorCloudAccountDelete(ctx context.Context, data *schema.ResourceData, i interface{}) diag.Diagnostics {
+	client, err := i.(SysdigClients).sysdigMonitorClient()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	id, err := strconv.Atoi(data.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	err = client.DeleteCloudAccountById(ctx, id)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}
+
+func resourceSysdigMonitorCloudAccountRead(ctx context.Context, data *schema.ResourceData, i interface{}) diag.Diagnostics {
+	client, err := i.(SysdigClients).sysdigMonitorClient()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	id, err := strconv.Atoi(data.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	cloudAccount, err := client.GetCloudAccountById(ctx, id)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	err = monitorCloudAccountToResourceData(data, cloudAccount)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}
+
+func resourceSysdigMonitorCloudAccountUpdate(ctx context.Context, data *schema.ResourceData, i interface{}) diag.Diagnostics {
+	client, err := i.(SysdigClients).sysdigMonitorClient()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	cloudAccount := monitorCloudAccountFromResourceData(data)
+
+	id, err := strconv.Atoi(data.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	_, err = client.UpdateCloudAccount(ctx, id, &cloudAccount)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}
+
+func monitorCloudAccountFromResourceData(data *schema.ResourceData) monitor.CloudAccount {
+	return monitor.CloudAccount{
+		Platform:          data.Get("cloud_provider").(string),
+		IntegrationType:   data.Get("integration_type").(string),
+		AdditionalOptions: data.Get("additional_options").(string),
+		Credentials: monitor.CloudAccountCredentials{
+			AccountId: data.Get("account_id").(string),
+		},
+	}
+}
+
+func monitorCloudAccountToResourceData(data *schema.ResourceData, cloudAccount *monitor.CloudAccount) error {
+	err := data.Set("cloud_provider", cloudAccount.Platform)
+	if err != nil {
+		return err
+	}
+
+	err = data.Set("integration_type", cloudAccount.IntegrationType)
+	if err != nil {
+		return err
+	}
+
+	err = data.Set("additional_options", cloudAccount.AdditionalOptions)
+	if err != nil {
+		return err
+	}
+
+	err = data.Set("account_id", cloudAccount.Credentials.AccountId)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

sysdig/resource_sysdig_monitor_cloud_account_test.go

@@ -0,0 +1,62 @@
+package sysdig_test
+
+import (
+	"fmt"
+	"github.com/draios/terraform-provider-sysdig/sysdig"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"os"
+	"testing"
+)
+
+func TestCustomerProviderKeys(t *testing.T) {
+	rText := func() string { return acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) }
+	accountId := rText()
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			if v := os.Getenv("SYSDIG_MONITOR_API_TOKEN"); v == "" {
+				t.Fatal("SYSDIG_MONITOR_API_TOKEN must be set for acceptance tests")
+			}
+		},
+		ProviderFactories: map[string]func() (*schema.Provider, error){
+			"sysdig": func() (*schema.Provider, error) {
+				return sysdig.Provider(), nil
+			},
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: monitorCustomerProviderKey(accountId),
+			},
+			{
+				Config: monitorCustomerProviderKeyAdditionalOptions(accountId, rText()),
+			},
+			{
+				ResourceName:      "sysdig_monitor_cloud_account.provider",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func monitorCustomerProviderKey(rText string) string {
+	return fmt.Sprintf(`
+resource "sysdig_monitor_cloud_account" "provider" {
+  cloud_provider = "GCP"
+  integration_type = "API"
+  account_id = "sample-%s"
+}
+`, rText)
+}
+
+func monitorCustomerProviderKeyAdditionalOptions(accountId string, rText string) string {
+	return fmt.Sprintf(`
+resource "sysdig_monitor_cloud_account" "provider" {
+  cloud_provider = "Azure"
+  integration_type = "Metrics Streams"
+  account_id = "sample-%s"
+  additional_options = "%s"
+}
+`, accountId, rText)
+}