Init

.github/dependabot.yml

@@ -0,0 +1,12 @@
+# See GitHub's docs for more information on this file:
+# https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/ci.yml

@@ -0,0 +1,76 @@
+name: CI
+on:
+ pull_request:
+   paths-ignore:
+     - 'README.md'
+   branches:
+     - master
+     - main
+ push:
+   branches:
+     - master
+     - main
+   paths-ignore:
+     - 'README.md'
+ schedule:
+   # NOTE: Run every day at 00:00, since we're using a remote API (TFE) not managed by us.
+   - cron: '0 0 * * *'
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+    - name: Set up Go
+      uses: actions/[email protected]
+      with:
+        go-version: '1.16'
+      id: go
+    - name: Check out code into the Go module directory
+      uses: actions/[email protected]
+    - name: Get dependencies
+      run: |
+        go mod download
+    - name: Build
+      run: |
+        go build -v .
+    - name: Download golangci-lint
+      run: |
+        curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.37.1
+    - name: Lint
+      run: |
+        go run mage.go -v lint
+
+  test:
+    name: Matrix Test
+    needs: build
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    strategy:
+      fail-fast: false
+      matrix:
+        terraform:
+          - '0.12.29'
+          - '0.13.4'
+          - '0.14.0-beta2'
+          - '0.14.7'
+    steps:
+    - name: Set up Go
+      uses: actions/[email protected]
+      with:
+        go-version: 1.16
+      id: go
+    - name: Check out code into the Go module directory
+      uses: actions/[email protected]
+    - name: Get dependencies
+      run: |
+        go mod download
+    - name: TF acceptance tests
+      timeout-minutes: 10
+      env:
+        TF_ACC: "1"
+        TF_ACC_TERRAFORM_VERSION: ${{ matrix.terraform }}
+        TFE_TOKEN: ${{ secrets.TFE_TOKEN }}
+        TFE_TEST_WORKSPACE_ID: ${{ secrets.TFE_TEST_WORKSPACE_ID }}
+      run: |
+        go run mage.go test

.github/workflows/release.yml

@@ -0,0 +1,35 @@
+name: release
+on:
+  push:
+    tags:
+      - 'v*'
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Unshallow
+        run: git fetch --prune --unshallow
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.16
+      - name: Import GPG key
+        id: import_gpg
+        # TODO: move this to HashiCorp namespace or find alternative that is just simple gpg commands
+        # see https://github.com/hashicorp/terraform-provider-scaffolding/issues/22
+        uses: paultyng/[email protected]
+        env:
+          # These secrets will need to be configured for the repository:
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+          PASSPHRASE: ${{ secrets.PASSPHRASE }}
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v2
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
+          # GitHub sets this automatically
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,40 @@
+*.dll
+*.exe
+.DS_Store
+example.tf
+terraform.tfplan
+terraform.tfstate
+bin/
+dist/
+modules-dev/
+/pkg/
+website/.vagrant
+website/.bundle
+website/build
+website/node_modules
+.vagrant/
+*.backup
+./*.tfstate
+.terraform/
+*.log
+*.bak
+*~
+.*.swp
+.idea
+*.iml
+*.test
+*.iml
+
+website/vendor
+
+# Test exclusions
+!command/test-fixtures/**/*.tfstate
+!command/test-fixtures/**/.terraform/
+
+# Keep windows files with windows line endings
+*.winfile eol=crlf
+
+# Local terraform to test the provider manually and play 
+playground/
+/terraform-provider-vaulted-tfe
+/terraform-provider-vaulted-tfe.exe

.go-version

@@ -0,0 +1 @@
+1.16.2

.golangci.yml

@@ -0,0 +1,103 @@
+run:
+  tests: false
+  # NOTE: Verify `go.{mod,sum}` is up-to-date by attempting to download dependencies
+  # if anything is missing
+  modules-download-mode: readonly
+
+output:
+  format: colored-line-number
+  print-issued-lines: true
+  print-linter-name: true
+
+linters-settings:
+  goheader:
+    template: |-
+      Copyright 2021 SumUp Ltd.
+      Licensed under the Apache License, Version 2.0 (the "License");
+      you may not use this file except in compliance with the License.
+      You may obtain a copy of the License at
+           http://www.apache.org/licenses/LICENSE-2.0
+      Unless required by applicable law or agreed to in writing, software
+      distributed under the License is distributed on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+      See the License for the specific language governing permissions and
+      limitations under the License.
+  errcheck:
+    # report about not checking of errors in type assetions: `a := b.(MyStruct)`;
+    # default is false: such cases aren't reported by default.
+    check-type-assertions: false
+
+  # print linter name in the end of issue text, default is true
+  govet:
+    check-shadowing: true
+  maligned:
+    suggest-new: true
+  dupl:
+    threshold: 100
+  goconst:
+    min-len: 2
+    min-occurrences: 2
+  gocognit:
+    min-complexity: 55
+  depguard:
+    list-type: blacklist
+    packages:
+      # logging is allowed only by logutils.Log, logrus
+      # is allowed to use only in logutils package
+      - github.com/sirupsen/logrus
+      # NOTE: Be very, very wary not to use GPL3 software as library
+      - github.com/golangci/golangci-lint
+      # NOTE: Not used, but mistakenly approved by tooling such as editors and IDEs.
+      - github.com/pkg/errors
+  misspell:
+    locale: US
+  lll:
+    line-length: 140
+  goimports:
+    local-prefixes: github.com/sumup-oss/terraform-provider-vaulted-tfe
+  gocritic:
+    enabled-tags:
+      - performance
+  cyclop:
+    # NOTE: Too-low cyclomatic complexity value
+    # results into worse code design and readability.
+    max-complexity: 25
+
+linters:
+  enable-all: true
+  disable:
+    # NOTE: "effective" golang style is full of arguable practices.
+    # We don't need that and besides gofmt does the required minimum of style modifications.
+    - golint
+    # NOTE: Too much false positives
+    - unparam
+    # NOTE: It's a great linter, but gets in the way too often by not being customizable.
+    - gochecknoglobals
+    # NOTE: Full of false positives.
+    - interfacer
+    # NOTE: Function length is not an offense.
+    - funlen
+    # TODO: Fix false positives
+    - gomnd
+    # NOTE: "Packages names should not use underscores" is not a good practice while mixed caps is also disallowed.
+    - stylecheck
+    # NOTE: Too verbose
+    - exhaustivestruct
+    # NOTE: Worse readability
+    - nlreturn
+    # NOTE: False-positives
+    - nestif
+issues:
+  exclude-rules:
+    - text: "don't use an underscore in package name"
+      linters:
+        - revive
+    - text: "weak cryptographic primitive"
+      linters:
+        - gosec
+    - path: _test\.go
+      linters:
+        - gocyclo
+        - errcheck
+        - dupl
+        - gosec

.goreleaser.yml

@@ -0,0 +1,54 @@
+# Visit https://goreleaser.com for documentation on how to customize this
+# behavior.
+before:
+  hooks:
+    # this is just an example and not a requirement for provider building/publishing
+    - go mod tidy
+builds:
+- env:
+    # goreleaser does not work with CGO, it could also complicate
+    # usage by users in CI/CD systems like Terraform Cloud where
+    # they are unable to install libraries.
+    - CGO_ENABLED=0
+  mod_timestamp: '{{ .CommitTimestamp }}'
+  flags:
+    - -trimpath
+  ldflags:
+    - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
+  goos:
+    - freebsd
+    - windows
+    - linux
+    - darwin
+  goarch:
+    - amd64
+    - '386'
+    - arm
+    - arm64
+  ignore:
+    - goos: darwin
+      goarch: '386'
+  binary: '{{ .ProjectName }}_v{{ .Version }}'
+archives:
+- format: zip
+  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
+checksum:
+  name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
+  algorithm: sha256
+signs:
+  - artifacts: checksum
+    args:
+      # if you are using this in a GitHub action or some other automated pipeline, you 
+      # need to pass the batch flag to indicate its not interactive.
+      - "--batch"
+      - "--local-user"
+      - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key
+      - "--output"
+      - "${signature}"
+      - "--detach-sign"
+      - "${artifact}"
+release:
+  # If you want to manually examine the release before its live, uncomment this line:
+  # draft: true
+changelog:
+  skip: true

.terraform-version

@@ -0,0 +1 @@
+0.14.6

CHANGELOG.md

@@ -0,0 +1,62 @@
+# Version History
+
+## Intro
+
+The version history is motivated by https://semver.org/ and https://keepachangelog.com/en/1.0.0/ .
+
+NOTE: This project went from non-standard versioning to semver at some point.
+
+## Structure
+
+Types of changes that can be seen in the changelog
+
+```
+Added: for new features/functionality.
+Changed: for changes in existing features/functionality.
+Deprecated: for soon-to-be removed features. Removed in the 
+Removed: for now removed features.
+Fixed: for any bug fixes.
+Security: in case of vulnerabilities.
+```
+
+## How deprecation of functionality is handled?
+
+tl;dr 1 minor release stating that the functionality is going to be deprecated. Then in the next major - removed.
+
+```
+Deprecating existing functionality is a normal part of software development and 
+is often required to make forward progress. 
+
+When you deprecate part of your public API, you should do two things: 
+
+(1) update your documentation to let users know about the change, 
+(2) issue a new minor release with the deprecation in place. 
+Before you completely remove the functionality in a new major 
+release there should be at least one minor release 
+that contains the deprecation so that users can smoothly transition to the new API
+```
+
+As per https://semver.org/ .
+
+As per rule-of-thumb, moving the project forward is very important,
+but providing stability is the most important thing to anyone using `vaulted`.
+
+Introducing breaking changes under a feature flag can be ok in some cases where new functionality needs user feedback before being introduced in next major release.
+
+## Changelog
+
+Change line format:
+
+```
+* <Change title/PR title/content> ; Ref: <pr link>
+```
+
+## Unreleased (master)
+
+## v0.1.0
+
+### Added
+
+* Project
+* CI setup
+* Documentation

CODEOWNERS

@@ -0,0 +1 @@
+* @syndbg