Features/cloudinfra 141 (#4)

* Some adjustments following review
And resuscitate the branch that should not have been closed :-)

* Use the crypto/rand instead of math/rand - fix documentation

Makefile

@@ -12,4 +12,10 @@ build: terraform-provider-quantum
 
 .PHONY: install
 install: terraform-provider-quantum
-	mv terraform-provider-quantum $(shell dirname $(shell which terraform))
+	mv terraform-provider-quantum $(shell dirname $(shell which terraform))
+
+.PHONY: deploy
+deploy:
+	GOARCH=amd64 GOOS=linux go build -o .pkg/terraform-provider-quantum_linux_x64
+	GOARCH=amd64 GOOS=darwin go build -o .pkg/terraform-provider-quantum_darwin_x64
+	GOARCH=amd64 GOOS=windows go build -o .pkg/terraform-provider-quantum_x64.exe

README.md

@@ -46,28 +46,18 @@ data.quantum_list_files.data_files.files = ["./data/file1.txt", "./data/file2.do
 
 ### quantum_password
 
-This resource will generate a password with lowercase, uppercase, numbers and special characters mathing the specified `length`. It will also rotate the password every `'n'` days based on the `expires_in_days` attribute.
+This resource will generate a password with lowercase, uppercase, numbers and special characters mathing the specified `length`. It will also rotate the password every `'n'` days based on the `rotation` attribute.
 
 #### Example Usage
 
-Generates a rnadom password to be used by other resources
+Generates a random password to be used by other resources
 
 ```hcl
 resource "quantum_password" "rds_backup_db_password" {
-    length          = 10
-    expires_in_days = 90
+    length   = 10
+    rotation = 90
 }
 ```
-
-The output will look like this:
-
-```sh
-+ quantum_password.rds_backup_db_password
-    created_at:      "<computed>"
-    expires_in_days: "90"
-    password:        "<computed>"
-```
-
 #### Argument Reference
 
 - `length`   - (Optional) - Password length [default `20`]

resource_quantum_password.go

@@ -2,16 +2,18 @@ package main
 
 import (
 	"crypto/md5"
+	"crypto/rand"
 	"encoding/hex"
 	"fmt"
 	"log"
-	"math/rand"
-	"strings"
+	"math/big"
 	"time"
 
 	"github.com/hashicorp/terraform/helper/schema"
 )
 
+const minimumCharsPerCategory = 2
+
 func resourceQuantumPassword() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceQuantumPasswordCreate,
@@ -65,7 +67,6 @@ func update(d *schema.ResourceData, update bool) error {
 	// Get parameters
 	args := getQuantumPasswordArgs(d)
 
-	var err error
 	t, err := time.Parse(time.RFC3339, args.lastUpdate)
 	if err != nil {
 		log.Printf("Unable to parse the last generation date (%s), resetting password", args.lastUpdate)
@@ -100,33 +101,43 @@ func update(d *schema.ResourceData, update bool) error {
 }
 
 func generatePassword(args *QuantumPasswordArgs) (string, *time.Time, error) {
-	rand.Seed(int64(time.Now().Nanosecond()))
-
 	if args.length < len(categories) {
 		return "", nil, fmt.Errorf("The password must be at least %d chars long", len(categories))
 	}
 
 	var password string
 	for i := 0; i < args.length; i++ {
-		chars := categories[i%len(categories)]
-		password += string(chars[rand.Intn(len(chars))])
+		var group int
+		if i < len(categories)*minimumCharsPerCategory {
+			// We take at least a minimum number of characters of each categories
+			group = i % len(categories)
+		} else {
+			// Afterwhile, we pick them randomly
+			group = randInt(len(categories))
+		}
+		chars := categories[group]
+		password += string(chars[randInt(len(chars))])
 	}
 
 	generated := time.Now()
 	return shuffle(password)[:args.length], &generated, nil
 }
 
 func shuffle(password string) string {
-	rand.Seed(int64(time.Now().Nanosecond()))
 
-	arr := strings.Split(password, "")
+	arr := []byte(password)
 
 	for i := 0; i < len(arr); i++ {
-		j := rand.Intn(len(arr))
+		j := randInt(len(arr))
 		arr[i], arr[j] = arr[j], arr[i]
 	}
 
-	return strings.Join(arr, "")
+	return string(arr)
+}
+
+func randInt(length int) int {
+	i, _ := rand.Int(rand.Reader, big.NewInt(int64(length)))
+	return int(i.Int64())
 }
 
 func getQuantumPasswordArgs(d *schema.ResourceData) *QuantumPasswordArgs {