Merge pull request #71 from Infisical/daniel/databricks-integration

feat: databricks integration
Infisical · Nov 14, 2024 · 0f3df35 · 0f3df35
2 parents 3afbc04 + c2d8ea4
commit 0f3df35
Show file tree

Hide file tree

Showing 6 changed files with 398 additions and 0 deletions.
diff --git a/docs/resources/integration_databricks.md b/docs/resources/integration_databricks.md
@@ -0,0 +1,59 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "infisical_integration_databricks Resource - terraform-provider-infisical"
+subcategory: ""
+description: |-
+  Create Databricks integration & save to Infisical. Only Machine Identity authentication is supported for this data source
+---
+
+# infisical_integration_databricks (Resource)
+
+Create Databricks integration & save to Infisical. Only Machine Identity authentication is supported for this data source
+
+## Example Usage
+
+```terraform
+terraform {
+  required_providers {
+    infisical = {
+      # version = <latest version>
+      source = "infisical/infisical"
+    }
+  }
+}
+
+provider "infisical" {
+  host          = "https://app.infisical.com" # Only required if using self hosted instance of Infisical, default is https://app.infisical.com
+  client_id     = "<machine-identity-client-id>"
+  client_secret = "<machine-identity-client-secret>"
+}
+
+resource "infisical_integration_databricks" "db-integration" {
+  project_id  = "<project-id>"
+  environment = "<env-slug>"
+
+  databricks_host         = "<databricks-host>" # Example: https://afc-2a42f142-bb11.cloud.databricks.com
+  databricks_token        = "<databricks-personal-access-token>"
+  databricks_secret_scope = "<databricks-secret-scope>"
+
+  secret_path = "/some/infisical/folder" # "/" is the root folder 
+
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `databricks_host` (String) The Databricks host URL.
+- `databricks_secret_scope` (String) The Databricks secret scope. Example: your-secret-scope
+- `databricks_token` (String, Sensitive) The Databricks access token.
+- `environment` (String) The slug of the environment to sync to Databricks (prod, dev, staging, etc).
+- `project_id` (String) The ID of your Infisical project.
+- `secret_path` (String) The secret path in Infisical to sync secrets from.
+
+### Read-Only
+
+- `integration_auth_id` (String) The ID of the integration auth, used internally by Infisical.
+- `integration_id` (String) The ID of the integration, used internally by Infisical.
diff --git a/examples/resources/infisical_integration_databricks/resource.tf b/examples/resources/infisical_integration_databricks/resource.tf
@@ -0,0 +1,26 @@
+terraform {
+  required_providers {
+    infisical = {
+      # version = <latest version>
+      source = "infisical/infisical"
+    }
+  }
+}
+
+provider "infisical" {
+  host          = "https://app.infisical.com" # Only required if using self hosted instance of Infisical, default is https://app.infisical.com
+  client_id     = "<machine-identity-client-id>"
+  client_secret = "<machine-identity-client-secret>"
+}
+
+resource "infisical_integration_databricks" "db-integration" {
+  project_id  = "<project-id>"
+  environment = "<env-slug>"
+
+  databricks_host         = "<databricks-host>" # Example: https://afc-2a42f142-bb11.cloud.databricks.com
+  databricks_token        = "<databricks-personal-access-token>"
+  databricks_secret_scope = "<databricks-secret-scope>"
+
+  secret_path = "/some/infisical/folder" # "/" is the root folder 
+
+}
diff --git a/internal/client/integrations_auth.go b/internal/client/integrations_auth.go
@@ -10,6 +10,7 @@ type IntegrationAuthType string
 const (
 	IntegrationAuthTypeGcpSecretManager  IntegrationAuthType = "gcp-secret-manager"
 	IntegrationAuthTypeAwsParameterStore IntegrationAuthType = "aws-parameter-store"
+	IntegrationAuthTypeDatabricks        IntegrationAuthType = "databricks"
 	IntegrationAuthTypeAwsSecretsManager IntegrationAuthType = "aws-secret-manager"
 	IntegrationAuthTypeCircleCi          IntegrationAuthType = "circleci"
 )

diff --git a/internal/client/model.go b/internal/client/model.go
@@ -1549,6 +1549,7 @@ type CreateIntegrationAuthRequest struct {
 	RefreshToken        string              `json:"refreshToken,omitempty"`
 	ProjectID           string              `json:"workspaceId"`
 	Integration         IntegrationAuthType `json:"integration"`
+	URL                 string              `json:"url"`
 }
 
 type CreateIntegrationAuthResponse struct {

diff --git a/internal/provider/provider.go b/internal/provider/provider.go
@@ -254,6 +254,7 @@ func (p *infisicalProvider) Resources(_ context.Context) []func() resource.Resou
 		infisicalResource.NewIntegrationAwsParameterStoreResource,
 		infisicalResource.NewIntegrationAwsSecretsManagerResource,
 		infisicalResource.NewIntegrationCircleCiResource,
+		infisicalResource.NewIntegrationDatabricksResource,
 		infisicalResource.NewSecretApprovalPolicyResource,
 		infisicalResource.NewAccessApprovalPolicyResource,
 		infisicalResource.NewProjectSecretImportResource,