feat(dew): add a new datasource to get a list of secret versions

docs/data-sources/csms_secret_versions.md

@@ -0,0 +1,55 @@
+---
+subcategory: "Data Encryption Workshop (DEW)"
+layout: "huaweicloud"
+page_title: "HuaweiCloud: huaweicloud_csms_secret_versions"
+description: |-
+  Use this data source to get a list of the secret versions.
+---
+
+# huaweicloud_csms_secret_versions
+
+Use this data source to get a list of the secret versions.
+
+## Example Usage
+
+```hcl
+variable "secret_name" {}
+
+data "huaweicloud_csms_secret_versions" "test" {
+  secret_name = var.secret_name
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `region` - (Optional, String) Specifies the region in which to query the resource.
+  If omitted, the provider-level region will be used.
+
+* `secret_name` - (Required, String) Specifies the secret name to which the versions belong.
+
+## Attribute Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - The data source ID.
+
+* `versions` - The list of the versions.
+
+  The [versions](#versions_struct) structure is documented below.
+
+<a name="versions_struct"></a>
+The `versions` block supports:
+
+* `id` - The ID of the secret version.
+
+* `kms_key_id` - The ID of the KMS key associated the secret.
+
+* `secret_name` - The secret name to which the version belongs.
+
+* `version_stages` - The secret version status list.
+
+* `expire_time` - The expiration time of the secret version, in RFC3339 format.
+
+* `created_at` - The creation time of the secret version, in RFC3339 format.

huaweicloud/provider.go

@@ -557,9 +557,10 @@ func Provider() *schema.Provider {
 			"huaweicloud_cph_phone_flavors":  cph.DataSourcePhoneFlavors(),
 			"huaweicloud_cph_phone_images":   cph.DataSourcePhoneImages(),
 
+			"huaweicloud_csms_events":                   dew.DataSourceDewCsmsEvents(),
 			"huaweicloud_csms_secrets":                  dew.DataSourceDewCsmsSecrets(),
 			"huaweicloud_csms_secret_version":           dew.DataSourceDewCsmsSecret(),
-			"huaweicloud_csms_events":                   dew.DataSourceDewCsmsEvents(),
+			"huaweicloud_csms_secret_versions":          dew.DataSourceDewCsmsSecretVersions(),
 			"huaweicloud_css_flavors":                   css.DataSourceCssFlavors(),
 			"huaweicloud_css_clusters":                  css.DataSourceCssClusters(),
 			"huaweicloud_css_logstash_pipelines":        css.DataSourceCssLogstashPipelines(),

huaweicloud/services/acceptance/dew/data_source_huaweicloud_csms_secret_versions_test.go

@@ -0,0 +1,53 @@
+package dew
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/acceptance"
+)
+
+func TestAccDataSourceCsmsSecretVersions_basic(t *testing.T) {
+	var (
+		dataSource = "data.huaweicloud_csms_secret_versions.test"
+		rName      = acceptance.RandomAccResourceName()
+		dc         = acceptance.InitDataSourceCheck(dataSource)
+	)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acceptance.TestAccPreCheck(t)
+		},
+		ProviderFactories: acceptance.TestAccProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testDataSourceCsmsSecretVersions_basic(rName),
+				Check: resource.ComposeTestCheckFunc(
+					dc.CheckResourceExists(),
+					resource.TestCheckResourceAttrSet(dataSource, "versions.#"),
+					resource.TestCheckResourceAttrSet(dataSource, "versions.0.id"),
+					resource.TestCheckResourceAttrSet(dataSource, "versions.0.kms_key_id"),
+					resource.TestCheckResourceAttrSet(dataSource, "versions.0.secret_name"),
+					resource.TestCheckResourceAttrSet(dataSource, "versions.0.version_stages.#"),
+					resource.TestCheckResourceAttrSet(dataSource, "versions.0.created_at"),
+				),
+			},
+		},
+	})
+}
+
+func testDataSourceCsmsSecretVersions_basic(name string) string {
+	return fmt.Sprintf(`
+resource "huaweicloud_csms_secret" "test" {
+  name        = "%s"
+  description = "desc"
+  secret_text = "terraform"
+}
+
+data "huaweicloud_csms_secret_versions" "test" {
+  secret_name = huaweicloud_csms_secret.test.name
+}
+`, name)
+}

huaweicloud/services/dew/data_source_huaweicloud_csms_secret_versions.go

@@ -0,0 +1,156 @@
+// Generated by PMS #301
+package dew
+
+import (
+	"context"
+	"strings"
+
+	"github.com/hashicorp/go-multierror"
+	"github.com/hashicorp/go-uuid"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/tidwall/gjson"
+
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/config"
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/helper/httphelper"
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/helper/schemas"
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/utils"
+)
+
+func DataSourceDewCsmsSecretVersions() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: dataSourceDewCsmsSecretVersionsRead,
+
+		Schema: map[string]*schema.Schema{
+			"region": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: `Specifies the region in which to query the resource. If omitted, the provider-level region will be used.`,
+			},
+			"secret_name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: `Specifies the secret name to which the versions belong.`,
+			},
+			"versions": {
+				Type:        schema.TypeList,
+				Computed:    true,
+				Description: `The list of the versions.`,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: `The ID of the secret version.`,
+						},
+						"kms_key_id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: `The ID of the KMS key associated the secret.`,
+						},
+						"secret_name": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: `The secret name to which the version belongs.`,
+						},
+						"version_stages": {
+							Type:        schema.TypeList,
+							Computed:    true,
+							Elem:        &schema.Schema{Type: schema.TypeString},
+							Description: `The secret version status list.`,
+						},
+						"expire_time": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: `The expiration time of the secret version, in RFC3339 format.`,
+						},
+						"created_at": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: `The creation time of the secret version, in RFC3339 format.`,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+type CsmsSecretVersionsDSWrapper struct {
+	*schemas.ResourceDataWrapper
+	Config *config.Config
+}
+
+func newCsmsSecretVersionsDSWrapper(d *schema.ResourceData, meta interface{}) *CsmsSecretVersionsDSWrapper {
+	return &CsmsSecretVersionsDSWrapper{
+		ResourceDataWrapper: schemas.NewSchemaWrapper(d),
+		Config:              meta.(*config.Config),
+	}
+}
+
+func dataSourceDewCsmsSecretVersionsRead(_ context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	wrapper := newCsmsSecretVersionsDSWrapper(d, meta)
+	lisSecVerRst, err := wrapper.ListSecretVersions()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	id, err := uuid.GenerateUUID()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	d.SetId(id)
+
+	err = wrapper.listSecretVersionsToSchema(lisSecVerRst)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}
+
+// @API CSMS GET /v1/{project_id}/secrets/{secret_name}/versions
+func (w *CsmsSecretVersionsDSWrapper) ListSecretVersions() (*gjson.Result, error) {
+	client, err := w.NewClient(w.Config, "kms")
+	if err != nil {
+		return nil, err
+	}
+
+	uri := "/v1/{project_id}/secrets/{secret_name}/versions"
+	uri = strings.ReplaceAll(uri, "{secret_name}", w.Get("secret_name").(string))
+	return httphelper.New(client).
+		Method("GET").
+		URI(uri).
+		MarkerPager("version_metadatas", "page_info.next_marker", "marker").
+		Request().
+		Result()
+}
+
+func (w *CsmsSecretVersionsDSWrapper) listSecretVersionsToSchema(body *gjson.Result) error {
+	d := w.ResourceData
+	mErr := multierror.Append(nil,
+		d.Set("region", w.Config.GetRegion(w.ResourceData)),
+		d.Set("versions", schemas.SliceToList(body.Get("version_metadatas"),
+			func(versions gjson.Result) any {
+				return map[string]any{
+					"id":             versions.Get("id").Value(),
+					"kms_key_id":     versions.Get("kms_key_id").Value(),
+					"secret_name":    versions.Get("secret_name").Value(),
+					"version_stages": schemas.SliceToStrList(versions.Get("version_stages")),
+					"expire_time":    w.setVerMetExpTime(versions),
+					"created_at":     w.setVerMetCreTime(versions),
+				}
+			},
+		)),
+	)
+	return mErr.ErrorOrNil()
+}
+
+func (*CsmsSecretVersionsDSWrapper) setVerMetExpTime(data gjson.Result) string {
+	return utils.FormatTimeStampRFC3339(data.Get("expire_time").Int()/1000, false)
+}
+
+func (*CsmsSecretVersionsDSWrapper) setVerMetCreTime(data gjson.Result) string {
+	return utils.FormatTimeStampRFC3339(data.Get("create_time").Int()/1000, false)
+}