mirrors/terraform-provider-proxmox
0
0
Fork 0
mirror of https://github.com/bpg/terraform-provider-proxmox.git synced 2025-07-04 04:22:59 +00:00
Code

Merge pull request #18 from danitso/feature-totp

Browse Source 
Add TOTP support
This commit is contained in:
Dan R. Petersen 2020-04-08 14:54:57 +02:00 committed by GitHub
commit ce1118fafa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 53 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -1,5 +1,9 @@
## 0.4.0 (UNRELEASED) ## 0.4.0 (UNRELEASED)
ENHANCEMENTS:
* provider/configuration: Add `virtual_environment.otp` argument for TOTP support
BUG FIXES: BUG FIXES:
* library/virtual_environment_nodes: Fix node IP address format * library/virtual_environment_nodes: Fix node IP address format

1
docs/index.md
View File

@ -87,5 +87,6 @@ In addition to [generic provider arguments](https://www.terraform.io/docs/config
* `virtual_environment` - (Optional) The Proxmox Virtual Environment configuration. * `virtual_environment` - (Optional) The Proxmox Virtual Environment configuration.
* `endpoint` - (Required) The endpoint for the Proxmox Virtual Environment API (can also be sourced from `PROXMOX_VE_ENDPOINT`). * `endpoint` - (Required) The endpoint for the Proxmox Virtual Environment API (can also be sourced from `PROXMOX_VE_ENDPOINT`).
* `insecure` - (Optional) Whether to skip the TLS verification step (can also be sourced from `PROXMOX_VE_INSECURE`). If omitted, defaults to `false`. * `insecure` - (Optional) Whether to skip the TLS verification step (can also be sourced from `PROXMOX_VE_INSECURE`). If omitted, defaults to `false`.
* `otp` - (Optional) The one-time password for the Proxmox Virtual Environment API (can also be sourced from `PROXMOX_VE_OTP`).
* `password` - (Required) The password for the Proxmox Virtual Environment API (can also be sourced from `PROXMOX_VE_PASSWORD`). * `password` - (Required) The password for the Proxmox Virtual Environment API (can also be sourced from `PROXMOX_VE_PASSWORD`).
* `username` - (Required) The username and realm for the Proxmox Virtual Environment API (can also be sourced from `PROXMOX_VE_USERNAME`). * `username` - (Required) The username and realm for the Proxmox Virtual Environment API (can also be sourced from `PROXMOX_VE_USERNAME`).

20
proxmox/virtual_environment_authentication.go
View File

@ -24,8 +24,24 @@ func (c *VirtualEnvironmentClient) Authenticate(reset bool) error {
return nil return nil
} }
body := bytes.NewBufferString(fmt.Sprintf("username=%s&password=%s", url.QueryEscape(c.Username), url.QueryEscape(c.Password))) var reqBody *bytes.Buffer
req, err := http.NewRequest(hmPOST, fmt.Sprintf("%s/%s/access/ticket", c.Endpoint, basePathJSONAPI), body)
if c.OTP != nil {
reqBody = bytes.NewBufferString(fmt.Sprintf(
"username=%s&password=%s&otp=%s",
url.QueryEscape(c.Username),
url.QueryEscape(c.Password),
url.QueryEscape(*c.OTP),
))
} else {
reqBody = bytes.NewBufferString(fmt.Sprintf(
"username=%s&password=%s",
url.QueryEscape(c.Username),
url.QueryEscape(c.Password),
))
}
req, err := http.NewRequest(hmPOST, fmt.Sprintf("%s/%s/access/ticket", c.Endpoint, basePathJSONAPI), reqBody)
if err != nil { if err != nil {
return errors.New("Failed to create authentication request") return errors.New("Failed to create authentication request")

9
proxmox/virtual_environment_client.go
View File

@ -21,7 +21,7 @@ import (
) )
// NewVirtualEnvironmentClient creates and initializes a VirtualEnvironmentClient instance. // NewVirtualEnvironmentClient creates and initializes a VirtualEnvironmentClient instance.
func NewVirtualEnvironmentClient(endpoint, username, password string, insecure bool) (*VirtualEnvironmentClient, error) { func NewVirtualEnvironmentClient(endpoint, username, password, otp string, insecure bool) (*VirtualEnvironmentClient, error) {
url, err := url.ParseRequestURI(endpoint) url, err := url.ParseRequestURI(endpoint)
if err != nil { if err != nil {
@ -40,6 +40,12 @@ func NewVirtualEnvironmentClient(endpoint, username, password string, insecure b
return nil, errors.New("You must specify a username for the Proxmox Virtual Environment API") return nil, errors.New("You must specify a username for the Proxmox Virtual Environment API")
} }
var pOTP *string
if otp != "" {
pOTP = &otp
}
httpClient := &http.Client{ httpClient := &http.Client{
Transport: &http.Transport{ Transport: &http.Transport{
TLSClientConfig: &tls.Config{ TLSClientConfig: &tls.Config{
@ -51,6 +57,7 @@ func NewVirtualEnvironmentClient(endpoint, username, password string, insecure b
return &VirtualEnvironmentClient{ return &VirtualEnvironmentClient{
Endpoint: strings.TrimRight(url.String(), "/"), Endpoint: strings.TrimRight(url.String(), "/"),
Insecure: insecure, Insecure: insecure,
OTP: pOTP,
Password: password, Password: password,
Username: username, Username: username,
httpClient: httpClient, httpClient: httpClient,

1
proxmox/virtual_environment_client_types.go
View File

@ -22,6 +22,7 @@ const (
type VirtualEnvironmentClient struct { type VirtualEnvironmentClient struct {
Endpoint string Endpoint string
Insecure bool Insecure bool
OTP *string
Password string Password string
Username string Username string

22
proxmoxtf/provider.go
View File

@ -14,9 +14,15 @@ import (
) )
const ( const (
dvProviderVirtualEnvironmentEndpoint = ""
dvProviderVirtualEnvironmentOTP = ""
dvProviderVirtualEnvironmentPassword = ""
dvProviderVirtualEnvironmentUsername = ""
mkProviderVirtualEnvironment = "virtual_environment" mkProviderVirtualEnvironment = "virtual_environment"
mkProviderVirtualEnvironmentEndpoint = "endpoint" mkProviderVirtualEnvironmentEndpoint = "endpoint"
mkProviderVirtualEnvironmentInsecure = "insecure" mkProviderVirtualEnvironmentInsecure = "insecure"
mkProviderVirtualEnvironmentOTP = "otp"
mkProviderVirtualEnvironmentPassword = "password" mkProviderVirtualEnvironmentPassword = "password"
mkProviderVirtualEnvironmentUsername = "username" mkProviderVirtualEnvironmentUsername = "username"
) )
@ -68,7 +74,7 @@ func Provider() *schema.Provider {
Description: "The endpoint for the Proxmox Virtual Environment API", Description: "The endpoint for the Proxmox Virtual Environment API",
DefaultFunc: schema.MultiEnvDefaultFunc( DefaultFunc: schema.MultiEnvDefaultFunc(
[]string{"PROXMOX_VE_ENDPOINT", "PM_VE_ENDPOINT"}, []string{"PROXMOX_VE_ENDPOINT", "PM_VE_ENDPOINT"},
"", dvProviderVirtualEnvironmentEndpoint,
), ),
ValidateFunc: func(v interface{}, k string) (warns []string, errs []error) { ValidateFunc: func(v interface{}, k string) (warns []string, errs []error) {
value := v.(string) value := v.(string)
@ -106,13 +112,22 @@ func Provider() *schema.Provider {
return false, nil return false, nil
}, },
}, },
mkProviderVirtualEnvironmentOTP: {
Type: schema.TypeString,
Optional: true,
Description: "The one-time password for the Proxmox Virtual Environment API",
DefaultFunc: schema.MultiEnvDefaultFunc(
[]string{"PROXMOX_VE_OTP", "PM_VE_OTP"},
dvProviderVirtualEnvironmentOTP,
),
},
mkProviderVirtualEnvironmentPassword: { mkProviderVirtualEnvironmentPassword: {
Type: schema.TypeString, Type: schema.TypeString,
Optional: true, Optional: true,
Description: "The password for the Proxmox Virtual Environment API", Description: "The password for the Proxmox Virtual Environment API",
DefaultFunc: schema.MultiEnvDefaultFunc( DefaultFunc: schema.MultiEnvDefaultFunc(
[]string{"PROXMOX_VE_PASSWORD", "PM_VE_PASSWORD"}, []string{"PROXMOX_VE_PASSWORD", "PM_VE_PASSWORD"},
"", dvProviderVirtualEnvironmentPassword,
), ),
ValidateFunc: func(v interface{}, k string) (warns []string, errs []error) { ValidateFunc: func(v interface{}, k string) (warns []string, errs []error) {
value := v.(string) value := v.(string)
@ -132,7 +147,7 @@ func Provider() *schema.Provider {
Description: "The username for the Proxmox Virtual Environment API", Description: "The username for the Proxmox Virtual Environment API",
DefaultFunc: schema.MultiEnvDefaultFunc( DefaultFunc: schema.MultiEnvDefaultFunc(
[]string{"PROXMOX_VE_USERNAME", "PM_VE_USERNAME"}, []string{"PROXMOX_VE_USERNAME", "PM_VE_USERNAME"},
"", dvProviderVirtualEnvironmentUsername,
), ),
ValidateFunc: func(v interface{}, k string) (warns []string, errs []error) { ValidateFunc: func(v interface{}, k string) (warns []string, errs []error) {
value := v.(string) value := v.(string)
@ -168,6 +183,7 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
veConfig[mkProviderVirtualEnvironmentEndpoint].(string), veConfig[mkProviderVirtualEnvironmentEndpoint].(string),
veConfig[mkProviderVirtualEnvironmentUsername].(string), veConfig[mkProviderVirtualEnvironmentUsername].(string),
veConfig[mkProviderVirtualEnvironmentPassword].(string), veConfig[mkProviderVirtualEnvironmentPassword].(string),
veConfig[mkProviderVirtualEnvironmentOTP].(string),
veConfig[mkProviderVirtualEnvironmentInsecure].(bool), veConfig[mkProviderVirtualEnvironmentInsecure].(bool),
) )

2
proxmoxtf/provider_test.go
View File

@ -38,6 +38,7 @@ func TestProviderSchema(t *testing.T) {
testOptionalArguments(t, veSchema, []string{ testOptionalArguments(t, veSchema, []string{
mkProviderVirtualEnvironmentEndpoint, mkProviderVirtualEnvironmentEndpoint,
mkProviderVirtualEnvironmentInsecure, mkProviderVirtualEnvironmentInsecure,
mkProviderVirtualEnvironmentOTP,
mkProviderVirtualEnvironmentPassword, mkProviderVirtualEnvironmentPassword,
mkProviderVirtualEnvironmentUsername, mkProviderVirtualEnvironmentUsername,
}) })
@ -45,6 +46,7 @@ func TestProviderSchema(t *testing.T) {
testValueTypes(t, veSchema, map[string]schema.ValueType{ testValueTypes(t, veSchema, map[string]schema.ValueType{
mkProviderVirtualEnvironmentEndpoint: schema.TypeString, mkProviderVirtualEnvironmentEndpoint: schema.TypeString,
mkProviderVirtualEnvironmentInsecure: schema.TypeBool, mkProviderVirtualEnvironmentInsecure: schema.TypeBool,
mkProviderVirtualEnvironmentOTP: schema.TypeString,
mkProviderVirtualEnvironmentPassword: schema.TypeString, mkProviderVirtualEnvironmentPassword: schema.TypeString,
mkProviderVirtualEnvironmentUsername: schema.TypeString, mkProviderVirtualEnvironmentUsername: schema.TypeString,
}) })