add apigateway api key adapter

Author: tomasdembelli

adapters/apigateway-api-key.go

@@ -0,0 +1,126 @@
+package adapters
+
+import (
+	"context"
+	"github.com/aws/aws-sdk-go-v2/service/apigateway"
+	"github.com/aws/aws-sdk-go-v2/service/apigateway/types"
+	"github.com/overmindtech/aws-source/adapterhelpers"
+	"github.com/overmindtech/sdp-go"
+	"strings"
+)
+
+// convertGetApiKeyOutputToApiKey converts a GetApiKeyOutput to an ApiKey
+func convertGetApiKeyOutputToApiKey(output *apigateway.GetApiKeyOutput) *types.ApiKey {
+	return &types.ApiKey{
+		Id:              output.Id,
+		Name:            output.Name,
+		Enabled:         output.Enabled,
+		CreatedDate:     output.CreatedDate,
+		LastUpdatedDate: output.LastUpdatedDate,
+		StageKeys:       output.StageKeys,
+		Tags:            output.Tags,
+	}
+}
+
+func apiKeyListFunc(ctx context.Context, client *apigateway.Client, _ string) ([]*types.ApiKey, error) {
+	out, err := client.GetApiKeys(ctx, &apigateway.GetApiKeysInput{})
+	if err != nil {
+		return nil, err
+	}
+
+	var items []*types.ApiKey
+	for _, apiKey := range out.Items {
+		items = append(items, &apiKey)
+	}
+
+	return items, nil
+}
+
+func apiKeyOutputMapper(scope string, awsItem *types.ApiKey) (*sdp.Item, error) {
+	attributes, err := adapterhelpers.ToAttributesWithExclude(awsItem, "tags")
+	if err != nil {
+		return nil, err
+	}
+
+	item := sdp.Item{
+		Type:            "apigateway-api-key",
+		UniqueAttribute: "Id",
+		Attributes:      attributes,
+		Scope:           scope,
+		Tags:            awsItem.Tags,
+	}
+
+	for _, key := range awsItem.StageKeys {
+		// {restApiId}/{stage}
+		restAPIID := strings.Split(key, "/")[0]
+		if restAPIID != "" {
+			item.LinkedItemQueries = append(item.LinkedItemQueries, &sdp.LinkedItemQuery{
+				Query: &sdp.Query{
+					Type:   "apigateway-rest-api",
+					Method: sdp.QueryMethod_GET,
+					Query:  restAPIID,
+					Scope:  scope,
+				},
+				BlastPropagation: &sdp.BlastPropagation{
+					// They are tightly coupled, so we need to propagate both ways
+					In:  true,
+					Out: true,
+				},
+			})
+		}
+	}
+
+	return &item, nil
+}
+
+func NewAPIGatewayApiKeyAdapter(client *apigateway.Client, accountID string, region string) *adapterhelpers.GetListAdapter[*types.ApiKey, *apigateway.Client, *apigateway.Options] {
+	return &adapterhelpers.GetListAdapter[*types.ApiKey, *apigateway.Client, *apigateway.Options]{
+		ItemType:        "apigateway-api-key",
+		Client:          client,
+		AccountID:       accountID,
+		Region:          region,
+		AdapterMetadata: apiKeyAdapterMetadata,
+		GetFunc: func(ctx context.Context, client *apigateway.Client, scope, query string) (*types.ApiKey, error) {
+			out, err := client.GetApiKey(ctx, &apigateway.GetApiKeyInput{
+				ApiKey: &query,
+			})
+			if err != nil {
+				return nil, err
+			}
+			return convertGetApiKeyOutputToApiKey(out), nil
+		},
+		ListFunc: apiKeyListFunc,
+		SearchFunc: func(ctx context.Context, client *apigateway.Client, scope string, query string) ([]*types.ApiKey, error) {
+			out, err := client.GetApiKeys(ctx, &apigateway.GetApiKeysInput{
+				NameQuery: &query,
+			})
+			if err != nil {
+				return nil, err
+			}
+
+			var items []*types.ApiKey
+			for _, apiKey := range out.Items {
+				items = append(items, &apiKey)
+			}
+
+			return items, nil
+		},
+		ItemMapper: func(_, scope string, awsItem *types.ApiKey) (*sdp.Item, error) {
+			return apiKeyOutputMapper(scope, awsItem)
+		},
+	}
+}
+
+var apiKeyAdapterMetadata = Metadata.Register(&sdp.AdapterMetadata{
+	Type:            "apigateway-api-key",
+	DescriptiveName: "API Key",
+	Category:        sdp.AdapterCategory_ADAPTER_CATEGORY_SECURITY,
+	SupportedQueryMethods: &sdp.AdapterSupportedQueryMethods{
+		Get:               true,
+		List:              true,
+		Search:            true,
+		GetDescription:    "Get an API Key by ID",
+		ListDescription:   "List all API Keys",
+		SearchDescription: "Search for API Keys by their name",
+	},
+})

adapters/apigateway-api-key_test.go

@@ -0,0 +1,60 @@
+package adapters
+
+import (
+	"testing"
+	"time"
+
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/apigateway"
+	"github.com/aws/aws-sdk-go-v2/service/apigateway/types"
+	"github.com/overmindtech/aws-source/adapterhelpers"
+	"github.com/overmindtech/sdp-go"
+)
+
+func TestApiKeyOutputMapper(t *testing.T) {
+	awsItem := &types.ApiKey{
+		Id:              aws.String("api-key-id"),
+		Name:            aws.String("api-key-name"),
+		Enabled:         true,
+		CreatedDate:     aws.Time(time.Now()),
+		LastUpdatedDate: aws.Time(time.Now()),
+		StageKeys:       []string{"rest-api-id/stage"},
+		Tags:            map[string]string{"key": "value"},
+	}
+
+	item, err := apiKeyOutputMapper("scope", awsItem)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	if err := item.Validate(); err != nil {
+		t.Error(err)
+	}
+
+	tests := adapterhelpers.QueryTests{
+		{
+			ExpectedType:   "apigateway-rest-api",
+			ExpectedMethod: sdp.QueryMethod_GET,
+			ExpectedQuery:  "rest-api-id",
+			ExpectedScope:  "scope",
+		},
+	}
+
+	tests.Execute(t, item)
+}
+
+func TestNewAPIGatewayApiKeyAdapter(t *testing.T) {
+	config, account, region := adapterhelpers.GetAutoConfig(t)
+
+	client := apigateway.NewFromConfig(config)
+
+	adapter := NewAPIGatewayApiKeyAdapter(client, account, region)
+
+	test := adapterhelpers.E2ETest{
+		Adapter:  adapter,
+		Timeout:  10 * time.Second,
+		SkipList: true,
+	}
+
+	test.Run(t)
+}

adapters/integration/apigateway/apigateway_test.go

@@ -27,7 +27,7 @@ func APIGateway(t *testing.T) {
 
 	accountID := testAWSConfig.AccountID
 
-	t.Log("Running APIGateway itgr test")
+	t.Log("Running APIGateway integration test")
 
 	restApiSource := adapters.NewAPIGatewayRestApiAdapter(testClient, accountID, testAWSConfig.Region)
 
@@ -61,7 +61,14 @@ func APIGateway(t *testing.T) {
 
 	err = integrationSource.Validate()
 	if err != nil {
-		t.Fatalf("failed to validate APIGateway itgr adapter: %v", err)
+		t.Fatalf("failed to validate APIGateway integration adapter: %v", err)
+	}
+
+	apiKeySource := adapters.NewAPIGatewayApiKeyAdapter(testClient, accountID, testAWSConfig.Region)
+
+	err = apiKeySource.Validate()
+	if err != nil {
+		t.Fatalf("failed to validate APIGateway API key adapter: %v", err)
 	}
 
 	scope := adapterhelpers.FormatScope(accountID, testAWSConfig.Region)
@@ -226,5 +233,73 @@ func APIGateway(t *testing.T) {
 		t.Fatalf("expected integration ID %s, got %s", integrationID, uniqueIntegrationAttr)
 	}
 
+	// List API keys
+	apiKeys, err := apiKeySource.List(ctx, scope, true)
+	if err != nil {
+		t.Fatalf("failed to list APIGateway API keys: %v", err)
+	}
+
+	if len(apiKeys) == 0 {
+		t.Fatalf("no API keys found")
+	}
+
+	apiKeyUniqueAttribute := apiKeys[0].GetUniqueAttribute()
+
+	apiKeyID, err := integration.GetUniqueAttributeValueByTags(
+		apiKeyUniqueAttribute,
+		apiKeys,
+		integration.ResourceTags(integration.APIGateway, apiKeySrc),
+		true,
+	)
+	if err != nil {
+		t.Fatalf("failed to get API key ID: %v", err)
+	}
+
+	// Get API key
+	apiKey, err := apiKeySource.Get(ctx, scope, apiKeyID, true)
+	if err != nil {
+		t.Fatalf("failed to get APIGateway API key: %v", err)
+	}
+
+	apiKeyIDFromGet, err := integration.GetUniqueAttributeValueByTags(
+		apiKeyUniqueAttribute,
+		[]*sdp.Item{apiKey},
+		integration.ResourceTags(integration.APIGateway, apiKeySrc),
+		true,
+	)
+	if err != nil {
+		t.Fatalf("failed to get API key ID from get: %v", err)
+	}
+
+	if apiKeyID != apiKeyIDFromGet {
+		t.Fatalf("expected API key ID %s, got %s", apiKeyID, apiKeyIDFromGet)
+	}
+
+	// Search API keys
+	apiKeyName := integration.ResourceName(integration.APIGateway, apiKeySrc, integration.TestID())
+	apiKeysFromSearch, err := apiKeySource.Search(ctx, scope, apiKeyName, true)
+	if err != nil {
+		t.Fatalf("failed to search APIGateway API keys: %v", err)
+	}
+
+	if len(apiKeysFromSearch) == 0 {
+		t.Fatalf("no API keys found")
+	}
+
+	apiKeyIDFromSearch, err := integration.GetUniqueAttributeValueBySignificantAttribute(
+		apiKeyUniqueAttribute,
+		"Name",
+		apiKeyName,
+		apiKeysFromSearch,
+		true,
+	)
+	if err != nil {
+		t.Fatalf("failed to get API key ID from search: %v", err)
+	}
+
+	if apiKeyID != apiKeyIDFromSearch {
+		t.Fatalf("expected API key ID %s, got %s", apiKeyID, apiKeyIDFromSearch)
+	}
+
 	t.Log("APIGateway integration test completed")
 }

adapters/integration/apigateway/create.go

@@ -168,3 +168,31 @@ func createIntegration(ctx context.Context, logger *slog.Logger, client *apigate
 
 	return nil
 }
+
+func createAPIKey(ctx context.Context, logger *slog.Logger, client *apigateway.Client, testID string) error {
+	// check if an API key with the same name already exists
+	id, err := findAPIKeyByName(ctx, client, integration.ResourceName(integration.APIGateway, apiKeySrc, testID))
+	if err != nil {
+		if errors.As(err, new(integration.NotFoundError)) {
+			logger.InfoContext(ctx, "Creating API key")
+		} else {
+			return err
+		}
+	}
+
+	if id != nil {
+		logger.InfoContext(ctx, "API key already exists")
+		return nil
+	}
+
+	_, err = client.CreateApiKey(ctx, &apigateway.CreateApiKeyInput{
+		Name:    adapterhelpers.PtrString(integration.ResourceName(integration.APIGateway, apiKeySrc, testID)),
+		Tags:    resourceTags(apiKeySrc, testID),
+		Enabled: true,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

adapters/integration/apigateway/delete.go

@@ -2,7 +2,6 @@ package apigateway
 
 import (
 	"context"
-
 	"github.com/aws/aws-sdk-go-v2/service/apigateway"
 	"github.com/overmindtech/aws-source/adapterhelpers"
 )
@@ -14,3 +13,14 @@ func deleteRestAPI(ctx context.Context, client *apigateway.Client, restAPIID str
 
 	return err
 }
+
+func deleteAPIKeyByName(ctx context.Context, client *apigateway.Client, id *string) error {
+	_, err := client.DeleteApiKey(ctx, &apigateway.DeleteApiKeyInput{
+		ApiKey: id,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

adapters/integration/apigateway/find.go

@@ -110,3 +110,24 @@ func findIntegration(ctx context.Context, client *apigateway.Client, restAPIID,
 
 	return nil
 }
+
+func findAPIKeyByName(ctx context.Context, client *apigateway.Client, name string) (*string, error) {
+	result, err := client.GetApiKeys(ctx, &apigateway.GetApiKeysInput{
+		NameQuery: &name,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	if len(result.Items) == 0 {
+		return nil, integration.NewNotFoundError(integration.ResourceName(integration.APIGateway, apiKeySrc, name))
+	}
+
+	for _, apiKey := range result.Items {
+		if *apiKey.Name == name {
+			return apiKey.Id, nil
+		}
+	}
+
+	return nil, integration.NewNotFoundError(integration.ResourceName(integration.APIGateway, apiKeySrc, name))
+}

adapters/integration/apigateway/setup.go

@@ -14,6 +14,7 @@ const (
 	methodSrc         = "method"
 	methodResponseSrc = "method-response"
 	integrationSrc    = "integration"
+	apiKeySrc         = "api-key"
 )
 
 func setup(ctx context.Context, logger *slog.Logger, client *apigateway.Client) error {
@@ -55,5 +56,11 @@ func setup(ctx context.Context, logger *slog.Logger, client *apigateway.Client)
 		return err
 	}
 
+	// Create API Key
+	err = createAPIKey(ctx, logger, client, testID)
+	if err != nil {
+		return err
+	}
+
 	return nil
 }