refactor provider to not configure the db connectivity when initialising the provider

Author: karim-fc

internal/provider/config.go

@@ -1,46 +1,100 @@
 package provider
 
 import (
+	"context"
 	"database/sql"
 	"fmt"
+	"net"
+	"net/url"
 	"sync"
+
+	"cloud.google.com/go/cloudsqlconn"
+	"cloud.google.com/go/cloudsqlconn/postgres/pgxv4"
+	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"golang.org/x/net/proxy"
 )
 
 type Config struct {
-	dsnTemplate     string
 	dbRegistry      map[string]*sql.DB
 	dbRegistryMutex sync.Mutex
 }
 
-func NewConfig(dsnTemplate string) *Config {
+func NewConfig() *Config {
 	return &Config{
-		dsnTemplate: dsnTemplate,
-		dbRegistry:  make(map[string]*sql.DB),
+		dbRegistry: make(map[string]*sql.DB),
 	}
 }
 
-func (c *Config) connectToPostgresqlDb(dbName string) (*sql.DB, error) {
-	dsn := fmt.Sprintf(c.dsnTemplate, "dbname="+dbName)
-	return c.connectToPostgresql(dsn)
-}
-
-func (c *Config) connectToPostgresqlNoDb() (*sql.DB, error) {
-	dsn := fmt.Sprintf(c.dsnTemplate, "dbname=postgres")
-	return c.connectToPostgresql(dsn)
-}
-
-func (c *Config) connectToPostgresql(dsn string) (*sql.DB, error) {
+func (c *Config) connectToPostgresql(ctx context.Context, cc *ConnectionConfig) (*sql.DB, error) {
 	c.dbRegistryMutex.Lock()
 	defer c.dbRegistryMutex.Unlock()
 
-	if c.dbRegistry[dsn] != nil {
-		return c.dbRegistry[dsn], nil
+	id := cc.Id()
+
+	if c.dbRegistry[id] != nil {
+		return c.dbRegistry[id], nil
+	}
+
+	err := createSqlDriver(ctx, cc)
+	if err != nil {
+		return nil, err
 	}
 
-	db, err := sql.Open("cloudsql-postgres", dsn)
+	db, err := sql.Open(id, cc.Dsn())
 	if err != nil {
 		return nil, err
 	}
-	c.dbRegistry[dsn] = db
-	return c.dbRegistry[dsn], nil
+
+	c.dbRegistry[id] = db
+	return c.dbRegistry[id], nil
+}
+
+func createSqlDriver(ctx context.Context, cc *ConnectionConfig) error {
+	var (
+		dialOptions []cloudsqlconn.DialOption
+		options     []cloudsqlconn.Option
+	)
+
+	if cc.PrivateIP.ValueBool() {
+		dialOptions = append(dialOptions, cloudsqlconn.WithPrivateIP())
+	}
+
+	if cc.PSC.ValueBool() {
+		dialOptions = append(dialOptions, cloudsqlconn.WithPSC())
+	}
+
+	options = append(options, cloudsqlconn.WithDefaultDialOptions(dialOptions...))
+
+	if !cc.Proxy.IsNull() {
+		options = append(options, cloudsqlconn.WithDialFunc(createDialer(cc.Proxy.ValueString(), ctx)))
+	}
+
+	_, err := pgxv4.RegisterDriver(cc.Id(), options...)
+
+	return err
+}
+
+func createDialer(proxyInput string, ctxProvider context.Context) func(ctx context.Context, network, addr string) (net.Conn, error) {
+	return func(ctx context.Context, network, address string) (net.Conn, error) {
+		tflog.Info(ctxProvider, "Creating Dialer with proxy: "+proxyInput)
+		if len(proxyInput) == 0 {
+			return nil, fmt.Errorf("proxy is empty")
+		}
+
+		proxyURL, err := url.Parse(proxyInput)
+		if err != nil {
+			return nil, err
+		}
+		d, err := proxy.FromURL(proxyURL, proxy.Direct)
+		if err != nil {
+			return nil, err
+		}
+
+		if xd, ok := d.(proxy.ContextDialer); ok {
+			return xd.DialContext(ctx, network, address)
+		}
+
+		tflog.Warn(ctxProvider, "net.Conn created without context.Context")
+		return d.Dial(network, address) // TODO: force use of context?
+	}
 }

internal/provider/connection_config.go

@@ -0,0 +1,123 @@
+package provider
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"regexp"
+
+	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/objectplanmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/schema/validator"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+)
+
+type ConnectionConfig struct {
+	ConnectionName types.String `tfsdk:"connection_name"`
+	Database       types.String `tfsdk:"database"`
+	Username       types.String `tfsdk:"username"`
+	Password       types.String `tfsdk:"password"`
+	Proxy          types.String `tfsdk:"proxy"`
+	PrivateIP      types.Bool   `tfsdk:"private_ip"`
+	PSC            types.Bool   `tfsdk:"psc"`
+	SslMode        types.String `tfsdk:"ssl_mode"`
+	// IAMAuthentication types.Bool   `tfsdk:"iam_authentication"` # Not supporting IAM authentication for now.
+}
+
+func (c *ConnectionConfig) Dsn() string {
+	sslMode := "disable"
+	if !c.SslMode.IsNull() {
+		sslMode = c.SslMode.ValueString()
+	}
+
+	return fmt.Sprintf("host=%s dbname=%s user=%s password=%s sslmode=%s",
+		c.ConnectionName.ValueString(),
+		c.Database.ValueString(),
+		c.Username.ValueString(),
+		c.Password.ValueString(),
+		sslMode)
+}
+
+func (c *ConnectionConfig) Id() string {
+	var buf bytes.Buffer
+	encoder := base64.NewEncoder(base64.StdEncoding, &buf)
+	json.NewEncoder(encoder).Encode(c)
+	encoder.Close()
+	return buf.String()
+}
+
+func connectionConfigSchemaAttribute() schema.Attribute {
+	return schema.SingleNestedAttribute{
+		Description:         "The connection properties for the Cloud SQL instance.",
+		MarkdownDescription: "The connection properties for the Cloud SQL instance.",
+		Required:            true,
+		Attributes: map[string]schema.Attribute{
+			"connection_name": schema.StringAttribute{
+				MarkdownDescription: "The connection name of the Google Cloud SQL Postgresql instance. The `connection_name` format should be `<project>:<region>:<instance>`",
+				Description:         "The connection name of the Google Cloud SQL Postgresql instance. The connection_name format should be <project>:<region>:<instance>",
+				Optional:            true,
+				Validators: []validator.String{
+					stringvalidator.RegexMatches(regexp.MustCompile(`^[a-z0-9\-]+\:[a-z0-9\-]+\:[a-z0-9\-]+$`),
+						"`connection_name` must have the format of `<project>:<region>:<instance>`"),
+				},
+			},
+			"database": schema.StringAttribute{
+				Description:         "The database to connect to. Defaults to `postgres`.",
+				MarkdownDescription: "The database to connect to. Defaults to `postgres`.",
+				Optional:            true,
+				Computed:            true,
+				Default:             stringdefault.StaticString("postgres"),
+				PlanModifiers: []planmodifier.String{
+					stringplanmodifier.RequiresReplace(),
+				},
+			},
+			"username": schema.StringAttribute{
+				MarkdownDescription: "The username to use to authenticate with the Cloud SQL Postgresql instance",
+				Description:         "The username to use to authenticate with the Cloud SQL Postgresql instance",
+				Required:            true,
+			},
+			"password": schema.StringAttribute{
+				MarkdownDescription: "The password to use to authenticate using the built-in database authentication",
+				Description:         "The password to use to authenticate using the built-in database authentication",
+				Required:            true,
+				Sensitive:           true,
+			},
+			"proxy": schema.StringAttribute{
+				MarkdownDescription: "Proxy socks url if used. Format needs to be `socks5://<ip>:<port>`",
+				Description:         "Proxy socks url if used. Format needs to be socks5://<ip>:<port>",
+				Optional:            true,
+				Validators: []validator.String{
+					stringvalidator.RegexMatches(regexp.MustCompile(`^socks5:\/\/.*:\d+$`),
+						"`proxy` must have the format of `socks5://<ip>:<port>`"),
+				},
+			},
+			"private_ip": schema.BoolAttribute{
+				MarkdownDescription: "Use the private IP address of the Cloud SQL Postgresql instance to connect to",
+				Description:         "Use the private IP address of the Cloud SQL Postgresql instance to connect to",
+				Optional:            true,
+			},
+			"psc": schema.BoolAttribute{
+				MarkdownDescription: "Use the Private Service Connect endpoint of the Cloud SQL Postgresql instance to connect to",
+				Description:         "Use the Private Service Connect endpoint of the Cloud SQL Postgresql instance to connect to",
+				Optional:            true,
+			},
+			"ssl_mode": schema.StringAttribute{
+				MarkdownDescription: "Determine the security of the connection to the Cloud SQL Postgresql instance",
+				Description:         "Determine the security of the connection to the Cloud SQL Postgresql instance",
+				Optional:            true,
+				Validators: []validator.String{
+					stringvalidator.RegexMatches(regexp.MustCompile(`^(disable|allow|prefer|require)$`),
+						"`ssl_mode` must be a supported ssl mode. One of 'disable', 'allow', 'prefer' or 'require'"), // TODO: add support for verify-ca and verify-full
+				},
+			},
+		},
+		PlanModifiers: []planmodifier.Object{
+			objectplanmodifier.RequiresReplace(),
+		},
+	}
+}