Add terraform-provider-litellmvaultsecret implementation
Populate the repo with the Terraform/OpenTofu provider that manages the LiteLLM dynamic secrets engine on Vault/OpenBao via the Vault API. - Provider (VAULT_ADDR/VAULT_TOKEN) with resources litellmvaultsecret_secret_backend (mount + config) and litellmvaultsecret_secret_backend_role (models, max_budget, ttl/max_ttl in seconds, metadata) - Unit tests against a mock Vault API - End-to-end test: builds the sibling plugin, boots Vault + LiteLLM + Postgres, and runs a real terraform apply/destroy asserting key generation works - Makefile, woodpecker CI (build/test/pre-commit), examples, README
This commit is contained in:
@@ -0,0 +1,97 @@
|
||||
package provider
|
||||
|
||||
import (
|
||||
"context"
|
||||
"os"
|
||||
|
||||
"github.com/hashicorp/terraform-plugin-framework/datasource"
|
||||
"github.com/hashicorp/terraform-plugin-framework/provider"
|
||||
"github.com/hashicorp/terraform-plugin-framework/provider/schema"
|
||||
"github.com/hashicorp/terraform-plugin-framework/resource"
|
||||
"github.com/hashicorp/terraform-plugin-framework/types"
|
||||
)
|
||||
|
||||
var _ provider.Provider = &litellmProvider{}
|
||||
|
||||
type litellmProvider struct {
|
||||
version string
|
||||
}
|
||||
|
||||
type litellmProviderModel struct {
|
||||
Address types.String `tfsdk:"address"`
|
||||
Token types.String `tfsdk:"token"`
|
||||
}
|
||||
|
||||
func New(version string) func() provider.Provider {
|
||||
return func() provider.Provider {
|
||||
return &litellmProvider{version: version}
|
||||
}
|
||||
}
|
||||
|
||||
func (p *litellmProvider) Metadata(_ context.Context, _ provider.MetadataRequest, resp *provider.MetadataResponse) {
|
||||
resp.TypeName = "litellmvaultsecret"
|
||||
resp.Version = p.version
|
||||
}
|
||||
|
||||
func (p *litellmProvider) Schema(_ context.Context, _ provider.SchemaRequest, resp *provider.SchemaResponse) {
|
||||
resp.Schema = schema.Schema{
|
||||
Description: "Manage the LiteLLM dynamic secrets engine (config and roles) on HashiCorp Vault or OpenBao.",
|
||||
Attributes: map[string]schema.Attribute{
|
||||
"address": schema.StringAttribute{
|
||||
Description: "Address of the Vault/OpenBao server. Falls back to the VAULT_ADDR environment variable.",
|
||||
Optional: true,
|
||||
},
|
||||
"token": schema.StringAttribute{
|
||||
Description: "Token used to authenticate to Vault/OpenBao. Falls back to the VAULT_TOKEN environment variable.",
|
||||
Optional: true,
|
||||
Sensitive: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func (p *litellmProvider) Configure(ctx context.Context, req provider.ConfigureRequest, resp *provider.ConfigureResponse) {
|
||||
var config litellmProviderModel
|
||||
resp.Diagnostics.Append(req.Config.Get(ctx, &config)...)
|
||||
if resp.Diagnostics.HasError() {
|
||||
return
|
||||
}
|
||||
|
||||
address := os.Getenv("VAULT_ADDR")
|
||||
if !config.Address.IsNull() && config.Address.ValueString() != "" {
|
||||
address = config.Address.ValueString()
|
||||
}
|
||||
|
||||
token := os.Getenv("VAULT_TOKEN")
|
||||
if !config.Token.IsNull() && config.Token.ValueString() != "" {
|
||||
token = config.Token.ValueString()
|
||||
}
|
||||
|
||||
if address == "" {
|
||||
resp.Diagnostics.AddError(
|
||||
"missing Vault address",
|
||||
"Set the provider \"address\" attribute or the VAULT_ADDR environment variable.",
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
client, err := newVaultClient(address, token)
|
||||
if err != nil {
|
||||
resp.Diagnostics.AddError("failed to create Vault client", err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
resp.DataSourceData = client
|
||||
resp.ResourceData = client
|
||||
}
|
||||
|
||||
func (p *litellmProvider) Resources(_ context.Context) []func() resource.Resource {
|
||||
return []func() resource.Resource{
|
||||
NewSecretBackendResource,
|
||||
NewSecretBackendRoleResource,
|
||||
}
|
||||
}
|
||||
|
||||
func (p *litellmProvider) DataSources(_ context.Context) []func() datasource.DataSource {
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user