Merge pull request #86 from DelineaXPM/updateSDK.dependancy

Updated tss-sdk-go dependancy

README.md

@@ -23,7 +23,7 @@ Terraform 0.13 uses a different file system layout for 3rd party providers. More
 └───terraform.delinea.com
     DelineaXPM
         └───tss
-            └───2.0.8
+            └───2.0.9
                 └───windows_amd64
 ```
 
@@ -34,7 +34,7 @@ Terraform 0.13 uses a different file system layout for 3rd party providers. More
 └───terraform.delinea.com
     DelineaXPM
         └───tss
-            └───2.0.8
+            └───2.0.9
                 ├───linux_amd64
 ```
 
@@ -165,7 +165,7 @@ To encrypt or decrypt state file data during the Terraform workflow, you must pe
 
 To use these script wrappers, place the script files in the Terraform executable directory and set the required user credentials in environment variables. For instructions on setting environment variables, refer to the section titled "Environment Variables" above.
 
-Scripts for reference and more detailed information are available [here](https://docs.delinea.com/online-help/integrations/terraform/index.htm). You can modify file paths in these scripts as needed.
+Scripts for reference and more detailed information are available [here](https://docs.delinea.com/online-help/integrations/terraform/index.htm). You can modify file paths in these scripts as needed. Scripts for reference are also available [here](encryption_scripts).
 
 You can then execute the script wrappers as shown below:
 

encryption_scripts/linux/terraform_apply.sh

@@ -0,0 +1,83 @@
+#!/bin/bash
+
+# Set paths for the encrypted and decrypted state files
+export STATE_FILE="terraform.tfstate"
+export STATE_BACKUP_FILE="terraform.tfstate.backup"
+export LOCK_FILE="lockfile.lock"
+export TFSTATE_PASSPHRASE="${TF_VAR_tss_username}${TF_VAR_tss_password}"
+
+# Check if TFSTATE_PASSPHRASE is set
+if [ -z "$TFSTATE_PASSPHRASE" ]; then
+    echo "Username and Password are not set in environment variable"
+    exit 1
+fi
+
+# Find the Terraform plugin path
+TF_PLUGIN_PATH=$(find . -type f -name 'terraform-provider-tss*' -print | grep -E '^.*terraform-provider-tss$' | head -n 1) #".terraform/providers/terraform.delinea.com/delinea/tss/2.0.7/linux_amd64/terraform-provider-tss"
+
+if [ -z "$TF_PLUGIN_PATH" ] || [ ! -f "$TF_PLUGIN_PATH" ]; then
+    echo "Terraform plugin path not found. Initialize terraform first."
+    exit 1
+fi
+
+# Check if lock file exists (ensure no parallel operations)
+if [ -e "$LOCK_FILE" ]; then
+    echo "State is currently locked. Another operation might be in progress."
+    exit 1
+fi
+
+# Create lock file
+echo "Locked" > "$LOCK_FILE"
+
+# Decrypt state file before running Terraform
+echo "Decrypting state file..."
+"$TF_PLUGIN_PATH" decrypt "$STATE_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to decrypt state file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Decrypt state backup file before running Terraform
+echo "Decrypting state backup file..."
+"$TF_PLUGIN_PATH" decrypt "$STATE_BACKUP_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to decrypt state backup file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Run Terraform apply with the decrypted state
+terraform apply "$@"
+
+# Check if Terraform apply succeeded
+if [ $? -ne 0 ]; then
+    echo "Terraform apply failed."
+fi
+
+# Encrypt the state file after Terraform apply
+echo "Encrypting state file..."
+"$TF_PLUGIN_PATH" encrypt "$STATE_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to encrypt state file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Encrypt the state backup file after Terraform apply
+echo "Encrypting state backup file..."
+"$TF_PLUGIN_PATH" encrypt "$STATE_BACKUP_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to encrypt state backup file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Remove lock file
+rm -f "$LOCK_FILE"
+
+echo "Operation completed successfully."

encryption_scripts/linux/terraform_destroy.sh

@@ -0,0 +1,77 @@
+#!/bin/bash
+
+# Set paths for the encrypted and decrypted state files
+export STATE_FILE="terraform.tfstate"
+export STATE_BACKUP_FILE="terraform.tfstate.backup"
+export LOCK_FILE="lockfile.lock"
+export TFSTATE_PASSPHRASE="${TF_VAR_tss_username}${TF_VAR_tss_password}"
+
+# Check if TFSTATE_PASSPHRASE is set
+if [ -z "$TFSTATE_PASSPHRASE" ]; then
+    echo "Username and Password are not set in environment variable"
+    exit 1
+fi
+
+# Find the Terraform plugin path
+TF_PLUGIN_PATH=$(ffind . -type f -name 'terraform-provider-tss*' -print | grep -E '^.*terraform-provider-tss$' | head -n 1) #".terraform/providers/terraform.delinea.com/delinea/tss/2.0.7/linux_amd64/terraform-provider-tss"
+
+if [ -z "$TF_PLUGIN_PATH" ] || [ ! -f "$TF_PLUGIN_PATH" ]; then
+    echo "Terraform plugin path not found. Initialize terraform first."
+    exit 1
+fi
+
+# Create lock file
+echo "Locked" > "$LOCK_FILE"
+
+# Decrypt state file before running Terraform
+echo "Decrypting state file..."
+"$TF_PLUGIN_PATH" decrypt "$STATE_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to decrypt state file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Decrypt state backup file before running Terraform
+echo "Decrypting state backup file..."
+"$TF_PLUGIN_PATH" decrypt "$STATE_BACKUP_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to decrypt state backup file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Run Terraform destroy with the decrypted state
+terraform destroy
+
+# Check if Terraform destroy succeeded
+if [ $? -ne 0 ]; then
+    echo "Terraform destroy failed."
+fi
+
+# Encrypt the state file after Terraform destroy
+echo "Encrypting state file..."
+"$TF_PLUGIN_PATH" encrypt "$STATE_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to encrypt state file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Encrypt the state backup file after Terraform destroy
+echo "Encrypting state backup file..."
+"$TF_PLUGIN_PATH" encrypt "$STATE_BACKUP_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to encrypt state backup file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Remove lock file
+rm -f "$LOCK_FILE"
+
+echo "Operation completed successfully."

encryption_scripts/linux/terraform_init.sh

@@ -0,0 +1,86 @@
+#!/bin/bash
+
+# Set paths for the encrypted and decrypted state files
+export STATE_FILE="terraform.tfstate"
+export STATE_BACKUP_FILE="terraform.tfstate.backup"
+export LOCK_FILE="lockfile.lock"
+export TFSTATE_PASSPHRASE="${TF_VAR_tss_username}${TF_VAR_tss_password}"
+
+# Find the Terraform plugin path
+TF_PLUGIN_PATH=$(ffind . -type f -name 'terraform-provider-tss*' -print | grep -E '^.*terraform-provider-tss$' | head -n 1) #".terraform/providers/terraform.delinea.com/delinea/tss/2.0.7/linux_amd64/terraform-provider-tss"
+
+if [ -z "$TF_PLUGIN_PATH" ] || [ ! -f "$TF_PLUGIN_PATH" ]; then
+    echo "Terraform plugin path not found. Fetching plugin using terraform init"
+    terraform init
+    exit 1
+fi
+
+# Check if TFSTATE_PASSPHRASE is set
+if [ -z "$TFSTATE_PASSPHRASE" ]; then
+    echo "Username and Password are not set in environment variable"
+    exit 1
+fi
+
+# Check if lock file exists (ensure no parallel operations)
+if [ -e "$LOCK_FILE" ]; then
+    echo "State is currently locked. Another operation might be in progress."
+    exit 1
+fi
+
+# Create lock file
+echo "Locked" > "$LOCK_FILE"
+
+# Decrypt state file before running Terraform
+echo "Decrypting state file..."
+"$TF_PLUGIN_PATH" decrypt "$STATE_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to decrypt state file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Decrypt state backup file before running Terraform
+echo "Decrypting state backup file..."
+"$TF_PLUGIN_PATH" decrypt "$STATE_BACKUP_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to decrypt state backup file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Run Terraform init
+terraform init
+
+# Check if Terraform apply succeeded
+if [ $? -ne 0 ]; then
+    echo "Terraform apply failed."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Encrypt the state file after Terraform apply
+echo "Encrypting state file..."
+"$TF_PLUGIN_PATH" encrypt "$STATE_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to encrypt state file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Encrypt the state backup file after Terraform apply
+echo "Encrypting state backup file..."
+"$TF_PLUGIN_PATH" encrypt "$STATE_BACKUP_FILE"
+
+if [ $? -ne 0 ]; then
+    echo "Failed to encrypt state backup file. Exiting."
+    rm -f "$LOCK_FILE"
+    exit 1
+fi
+
+# Remove decrypted state file and lock file
+rm -f "$LOCK_FILE"
+
+echo "Operation completed successfully."

encryption_scripts/windows/terraform_apply.bat

@@ -0,0 +1,84 @@
+@echo off
+setlocal
+
+REM Set paths for the encrypted and decrypted state files
+set STATE_FILE=terraform.tfstate
+set STATE_BACKUP_FILE=terraform.tfstate.backup
+set LOCK_FILE=lockfile.lock
+set TFSTATE_PASSPHRASE=%TF_VAR_tss_username%%TF_VAR_tss_password%
+
+if "%TFSTATE_PASSPHRASE%"=="" (
+    echo Username and Password are not set in environment variable
+	exit /b 1
+)
+
+for /r %%i in (terraform-provider-tss*.exe) do @if exist "%%i" set "TF_PLUGIN_PATH=%%~fi"
+
+if "%TF_PLUGIN_PATH%"=="" (
+    echo Terraform plugin path not found. Initialize terraform first.
+	exit /b 1
+)
+
+REM Check if lock file exists (ensure no parallel operations)
+if exist "%LOCK_FILE%" (
+    echo State is currently locked. Another operation might be in progress.
+    exit /b 1
+)
+
+REM Create lock file
+echo Locked > "%LOCK_FILE%"
+
+REM Decrypt state file before running Terraform
+echo Decrypting state file...
+"%TF_PLUGIN_PATH%" "decrypt" "%STATE_FILE%"
+
+if %ERRORLEVEL% neq 0 (
+    echo Failed to decrypt state file. Exiting.
+    del /F "%LOCK_FILE%"
+    exit /b 1
+)
+
+REM Decrypt state backup file before running Terraform
+echo Decrypting state backup file...
+"%TF_PLUGIN_PATH%" "decrypt" "%STATE_BACKUP_FILE%"
+
+if %ERRORLEVEL% neq 0 (
+    echo Failed to decrypt state backup file. Exiting.
+    del /F "%LOCK_FILE%"
+    exit /b 1
+)
+
+
+REM Run Terraform apply with the decrypted state
+terraform apply %*
+
+REM Check if Terraform apply succeeded
+if %ERRORLEVEL% neq 0 (
+    echo Terraform apply failed.
+)
+
+REM Encrypt the state file after Terraform apply
+echo Encrypting state file...
+"%TF_PLUGIN_PATH%" "encrypt" "%STATE_FILE%"
+
+if %ERRORLEVEL% neq 0 (
+    echo Failed to encrypt state file. Exiting.
+    del /F "%LOCK_FILE%"
+    exit /b 1
+)
+
+REM Encrypt the state backup file after Terraform apply
+echo Encrypting state backup file...
+"%TF_PLUGIN_PATH%" "encrypt" "%STATE_BACKUP_FILE%"
+
+if %ERRORLEVEL% neq 0 (
+    echo Failed to encrypt state backup file. Exiting.
+    del /F "%LOCK_FILE%"
+    exit /b 1
+)
+
+REM Remove decrypted state file and lock file
+del /F "%LOCK_FILE%"
+
+echo Operation completed successfully.
+endlocal