From 17c9074dec8d59dd208b0a7b5b7ca1680554c9d9 Mon Sep 17 00:00:00 2001
From: Krystian Panek <krystian.panek@wundermanthompson.com>
Date: Tue, 29 Aug 2023 22:10:35 +0200
Subject: [PATCH] SSH connected

---
 examples/aws_ssm/aws.tf                | 11 -----------
 examples/ssh/aws.tf                    | 11 +++++++++++
 install.sh                             | 14 ++++++++++++--
 internal/client/client_ssh.go          | 15 ++++++++++++++-
 internal/provider/instance_resource.go |  7 ++++++-
 5 files changed, 43 insertions(+), 15 deletions(-)

diff --git a/examples/aws_ssm/aws.tf b/examples/aws_ssm/aws.tf
index fcd18dc..4aa8565 100644
--- a/examples/aws_ssm/aws.tf
+++ b/examples/aws_ssm/aws.tf
@@ -5,17 +5,6 @@ resource "aws_instance" "aem_single" {
   tags                 = local.tags
 }
 
-data "tls_public_key" "main" {
-  private_key_pem = file("ec2-key.cer")
-}
-
-resource "aws_key_pair" "main" {
-  key_name   = local.workspace
-  public_key = data.tls_public_key.main.public_key_openssh
-  tags       = local.tags
-}
-
-
 resource "aws_iam_instance_profile" "ssm" {
   name = "${local.workspace}_ssm_ec2"
   role = aws_iam_role.ssm.name
diff --git a/examples/ssh/aws.tf b/examples/ssh/aws.tf
index 10fd1f7..25ca911 100644
--- a/examples/ssh/aws.tf
+++ b/examples/ssh/aws.tf
@@ -3,6 +3,17 @@ resource "aws_instance" "aem_single" {
   instance_type               = "m5.xlarge"
   associate_public_ip_address = true
   tags                        = local.tags
+  key_name                    = aws_key_pair.main.key_name
+}
+
+data "tls_public_key" "main" {
+  private_key_pem = file("ec2-key.cer")
+}
+
+resource "aws_key_pair" "main" {
+  key_name   = "${local.workspace}-example-tf"
+  public_key = data.tls_public_key.main.public_key_openssh
+  tags       = local.tags
 }
 
 output "instance_ip" {
diff --git a/install.sh b/install.sh
index 31b39d3..62915e5 100755
--- a/install.sh
+++ b/install.sh
@@ -10,11 +10,20 @@ TF_RC_FILE="$(pwd)/dev_overrides.tfrc"
 if [ ! -f "$GO_BIN_DIR/terraform-provider-aws" ]
 then
   echo "Setting up Terraform AWS provider as dev-override: $GO_BIN_DIR/terraform-provider-aws"
-  wget https://releases.hashicorp.com/terraform-provider-aws/5.14.0/terraform-provider-aws_5.14.0_darwin_arm64.zip -O /tmp/terraform-provider-aws.zip
-  unzip /tmp/terraform-provider-aws.zip -d "$GO_BIN_DIR"
+  wget https://releases.hashicorp.com/terraform-provider-aws/5.14.0/terraform-provider-aws_5.14.0_darwin_arm64.zip -c -O /tmp/terraform-provider-aws.zip
+  unzip -o /tmp/terraform-provider-aws.zip -d "$GO_BIN_DIR"
   cp /tmp/terraform-provider-aws_v5.14.0_x5 "$GO_BIN_DIR/terraform-provider-aws"
 fi
 
+# TLS provider
+if [ ! -f "$GO_BIN_DIR/terraform-provider-tls" ]
+then
+  echo "Setting up Terraform TLS provider as dev-override: $GO_BIN_DIR/terraform-provider-tls"
+  wget https://releases.hashicorp.com/terraform-provider-tls/4.0.4/terraform-provider-tls_4.0.4_darwin_arm64.zip -c -O /tmp/terraform-provider-tls.zip
+  unzip -o /tmp/terraform-provider-tls.zip -d "$GO_BIN_DIR"
+  cp /tmp/terraform-provider-tls_v4.0.4_x5 "$GO_BIN_DIR/terraform-provider-tls"
+fi
+
 echo "Setting up dev-overrides in custom Terraform CLI configuration file: $TF_RC_FILE"
 cat <<EOT > "$TF_RC_FILE"
 provider_installation {
@@ -22,6 +31,7 @@ provider_installation {
   dev_overrides {
       "registry.terraform.io/wttech/aem" = "$GO_BIN_DIR"
       "registry.terraform.io/hashicorp/aws" = "$GO_BIN_DIR"
+      "registry.terraform.io/hashicorp/tls" = "$GO_BIN_DIR"
   }
 
   # For all other providers, install them directly from their origin provider
diff --git a/internal/client/client_ssh.go b/internal/client/client_ssh.go
index b00c669..e39098c 100644
--- a/internal/client/client_ssh.go
+++ b/internal/client/client_ssh.go
@@ -3,6 +3,8 @@ package client
 import (
 	"fmt"
 	"github.com/melbahja/goph"
+	"github.com/spf13/cast"
+	"golang.org/x/crypto/ssh"
 )
 
 type SSHClient struct {
@@ -20,7 +22,15 @@ func (s *SSHClient) Connect() error {
 	if err != nil {
 		return fmt.Errorf("SSH: cannot get auth using private key '%s': %w", s.privateKeyFile, err)
 	}
-	client, err := goph.New(s.user, s.host, auth)
+	// TODO loop until establishment of connection
+	client, err := goph.NewConn(&goph.Config{
+		User:     s.user,
+		Addr:     s.host,
+		Port:     cast.ToUint(s.port),
+		Auth:     auth,
+		Timeout:  goph.DefaultTimeout,
+		Callback: ssh.InsecureIgnoreHostKey(), // TODO make it secure by default
+	})
 	if err != nil {
 		return fmt.Errorf("SSH: cannot connect to host '%s': %w", s.host, err)
 	}
@@ -29,6 +39,9 @@ func (s *SSHClient) Connect() error {
 }
 
 func (s *SSHClient) Disconnect() error {
+	if s.client == nil {
+		return nil
+	}
 	if err := s.client.Close(); err != nil {
 		return fmt.Errorf("SSH: cannot disconnect from host '%s': %w", s.host, err)
 	}
diff --git a/internal/provider/instance_resource.go b/internal/provider/instance_resource.go
index 6e26d9e..168493b 100644
--- a/internal/provider/instance_resource.go
+++ b/internal/provider/instance_resource.go
@@ -129,7 +129,12 @@ func (r *InstanceResource) Create(ctx context.Context, req resource.CreateReques
 	tflog.Trace(ctx, "creating AEM instance resource")
 
 	tflog.Trace(ctx, "connecting to AEM instance machine")
-	cl, err := r.clientManager.Make(data.Client.Type.ValueString(), map[string]string{})
+
+	typeName := data.Client.Type.ValueString()
+	var settings map[string]string
+	data.Client.Settings.ElementsAs(ctx, &settings, true)
+
+	cl, err := r.clientManager.Make(typeName, settings)
 	if err != nil {
 		resp.Diagnostics.AddError("AEM instance error", fmt.Sprintf("Unable to determine AEM instance client, got error: %s", err))
 		return