From 29bfcf131e6293cfc5898524a3b51b28c02956cc Mon Sep 17 00:00:00 2001
From: Magic_RB <magic_rb@redalder.org>
Date: Wed, 14 Jun 2023 12:27:08 +0200
Subject: [PATCH] Add vault Terraform provider patch and overlay

Signed-off-by: Magic_RB <magic_rb@redalder.org>
---
 flake.nix                                     |  2 +
 overlays/terraform-provider-vault.nix         | 18 +++++
 ...er-Allow-null-in-authMountTuneSchema.patch | 73 +++++++++++++++++++
 3 files changed, 93 insertions(+)
 create mode 100644 overlays/terraform-provider-vault.nix
 create mode 100644 patches/vault-provider-Allow-null-in-authMountTuneSchema.patch

diff --git a/flake.nix b/flake.nix
index 91ea50d..afecf55 100644
--- a/flake.nix
+++ b/flake.nix
@@ -76,6 +76,7 @@
         overlays/maildrop
         overlays/courier-unicode.nix
         overlays/ds3os.nix
+        overlays/terraform-provider-vault.nix
         overlays/terraform-provider-influxdb-v2.nix
       ];
 
@@ -96,6 +97,7 @@
         hostapd.intel_lar-and-noscan = patches/0001-intel_lar-and-noscan.patch;
         hostapd.hostapd-2_10-lar = patches/999-hostapd-2.10-lar.patch;
         hostapd.hostapd-2_10-lar-2 = patches/hostapd-2.10-lar.patch;
+        terraform-provider-nomad.allow-null-in-authMountTuneSchema = patches/vault-provider-Allow-null-in-authMountTuneSchema.patch;
       };
 
       systems = [
diff --git a/overlays/terraform-provider-vault.nix b/overlays/terraform-provider-vault.nix
new file mode 100644
index 0000000..8d901bc
--- /dev/null
+++ b/overlays/terraform-provider-vault.nix
@@ -0,0 +1,18 @@
+{ config, ... }:
+{
+  flake.overlays.terraform-provider-vault =
+    final: prev:
+    {
+      terraform = prev.terraform.overrideAttrs (old: {
+        passthru.plugins =
+          old.passthru.plugins
+          // {
+            vault = old.passthru.plugins.vault.overrideAttrs (old: {
+              patches = [
+                config.flake.patches.terraform-provider-nomad.allow-null-in-authMountTuneSchema
+              ];
+            } );
+          };
+      } );
+    };
+}
diff --git a/patches/vault-provider-Allow-null-in-authMountTuneSchema.patch b/patches/vault-provider-Allow-null-in-authMountTuneSchema.patch
new file mode 100644
index 0000000..ee179e1
--- /dev/null
+++ b/patches/vault-provider-Allow-null-in-authMountTuneSchema.patch
@@ -0,0 +1,73 @@
+From 1bc15c644e6e39f268b1d06c343d8a9a4fceab2d Mon Sep 17 00:00:00 2001
+From: Magic_RB <magic_rb@redalder.org>
+Date: Fri, 31 Mar 2023 23:23:41 +0200
+Subject: [PATCH] Allow null in authMountTuneSchema
+
+Signed-off-by: Magic_RB <magic_rb@redalder.org>
+---
+ internal/provider/validators.go | 10 ++++++++++
+ vault/auth_mount.go             |  8 ++++----
+ 2 files changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/internal/provider/validators.go b/internal/provider/validators.go
+index 15e23212..89a9d7e1 100644
+--- a/internal/provider/validators.go
++++ b/internal/provider/validators.go
+@@ -39,6 +39,16 @@ func ValidateStringSlug(i interface{}, k string) (s []string, es []error) {
+ 	return
+ }
+ 
++func ValidateAllowNull(f func(interface{}, string) ([]string, []error)) (func(interface{}, string) ([]string, []error)) {
++	return func(i interface{}, k string) (s []string, es []error) {
++		if i == nil {
++			return
++		} else {
++			return f(i, k)
++		}
++	};
++}
++
+ func ValidateDuration(i interface{}, k string) (s []string, es []error) {
+ 	v, ok := i.(string)
+ 	if !ok {
+diff --git a/vault/auth_mount.go b/vault/auth_mount.go
+index 2e1854f8..9bb77bc2 100644
+--- a/vault/auth_mount.go
++++ b/vault/auth_mount.go
+@@ -28,13 +28,13 @@ func authMountTuneSchema() *schema.Schema {
+ 					Type:         schema.TypeString,
+ 					Optional:     true,
+ 					Description:  "Specifies the default time-to-live duration. This overrides the global default. A value of 0 is equivalent to the system default TTL",
+-					ValidateFunc: provider.ValidateDuration,
++					ValidateFunc: provider.ValidateAllowNull(provider.ValidateDuration),
+ 				},
+ 				"max_lease_ttl": {
+ 					Type:         schema.TypeString,
+ 					Optional:     true,
+ 					Description:  "Specifies the maximum time-to-live duration. This overrides the global default. A value of 0 are equivalent and set to the system max TTL.",
+-					ValidateFunc: provider.ValidateDuration,
++					ValidateFunc: provider.ValidateAllowNull(provider.ValidateDuration),
+ 				},
+ 				"audit_non_hmac_request_keys": {
+ 					Type:        schema.TypeList,
+@@ -52,7 +52,7 @@ func authMountTuneSchema() *schema.Schema {
+ 					Type:         schema.TypeString,
+ 					Optional:     true,
+ 					Description:  "Specifies whether to show this mount in the UI-specific listing endpoint. Valid values are \"unauth\" or \"hidden\". If not set, behaves like \"hidden\".",
+-					ValidateFunc: validation.StringInSlice([]string{"unauth", "hidden"}, false),
++					ValidateFunc: provider.ValidateAllowNull(validation.StringInSlice([]string{"unauth", "hidden"}, false)),
+ 				},
+ 				"passthrough_request_headers": {
+ 					Type:        schema.TypeList,
+@@ -70,7 +70,7 @@ func authMountTuneSchema() *schema.Schema {
+ 					Type:         schema.TypeString,
+ 					Optional:     true,
+ 					Description:  "Specifies the type of tokens that should be returned by the mount.",
+-					ValidateFunc: validation.StringInSlice([]string{"default-service", "default-batch", "service", "batch"}, false),
++					ValidateFunc: provider.ValidateAllowNull(validation.StringInSlice([]string{"default-service", "default-batch", "service", "batch"}, false)),
+ 				},
+ 			},
+ 		},
+-- 
+2.39.1
+