Add scripts/tfbackend-cli

Author: devpro

.gitignore

@@ -356,6 +356,3 @@ appsettings.Development.json
 .terraform/
 .terraform.lock.hcl
 errored.tfstate
-
-# temp script files
-scripts/add-user.js

CONTRIBUTING.md

@@ -1,10 +1,8 @@
 # Contribution guide
 
-## Application
+## Application codebase
 
-The code is entirely based on open-source, cross-platform (Linux/Windows), highly performant, free, object-oriented technologies: .NET / C#.
-
-### Projects
+### .NET projects
 
 Project name               | Technology | Project type
 ---------------------------|------------|---------------------------
@@ -15,7 +13,7 @@ Project name               | Technology | Project type
 `Infrastructure.MongoDb`   | .NET 8     | Library
 `WebApi`                   | ASP.NET 8  | Web application (REST API)
 
-### Packages (NuGet)
+### .NET packages (NuGet)
 
 Name                     | Description
 -------------------------|-----------------------------
@@ -24,16 +22,10 @@ Name                     | Description
 `Swashbuckle.AspNetCore` | OpenAPI / Swagger generation
 `System.Text.Json`       | JSON support
 
-### Clients
-
-- [OpenTofu](https://opentofu.org/)
-- [Terraform](https://www.terraform.io)
-  - [HTTP backend](https://developer.hashicorp.com/terraform/language/backend/http)
-  - [Remote state backend](https://github.com/hashicorp/terraform/tree/main/internal/backend/remote-state)
-
-### Backing services
+### Terraform specifications
 
-- [MongoDB](https://www.mongodb.com/)
+- [HTTP backend](https://developer.hashicorp.com/terraform/language/backend/http)
+- [Remote state backend](https://github.com/hashicorp/terraform/tree/main/internal/backend/remote-state)
 
 ### Other community implementations
 
@@ -74,7 +66,7 @@ dotnet run --project src/WebApi
 
 Open Swagger in a browser: [localhost:5293/swagger](http://localhost:5293/swagger).
 
-## Documentation
+## Documentation codebase
 
 The documentation is a static website built with [Material for MkDocs](https://squidfunk.github.io/mkdocs-material/).
 

docs/index.md

@@ -1,6 +1,6 @@
 # Welcome
 
-This project provides an HTTP backend for Terraform and OpenTofu that will save and manage state data in a MongoDB database.
+This project provides an HTTP backend for [Terraform](https://www.terraform.io) and [OpenTofu](https://opentofu.org/) that will save and manage state data in a [MongoDB](https://www.mongodb.com/) database.
 
 As the state is a JSON content, it makes sense to use the best-in-class database technology to work with it.
 

docs/project.md

@@ -27,3 +27,9 @@ New features:
 
 - :material-square: Store in the database only one version of the state in tf_state (the latest) and save the others in tf_state_revision
 - :material-square: Send traces, logs, metrics to OpenTelemetry Collector
+
+## Design
+
+### Programming languages
+
+The code is mainly written in C# / .NET: open-source, cross-platform (Linux/Windows), highly performant, object-oriented.

scripts/mongo-create-index.js

@@ -0,0 +1,184 @@
+#!/bin/bash
+
+# tfbackend-cli create-index
+# tfbackend-cli create-user myusername mypassword mytenant
+
+MONGODB_URI="${MONGODB_URI:-mongodb://mongodb:27017}"
+MONGODB_DB="${MONGODB_DB:-test}"
+MONGODB_CONTAINERNAME="${MONGODB_CONTAINERNAME:-mongodb}"
+
+MONGODB_INDEX_COMMANDS=(
+  'db.tf_state.createIndex({"tenant": 1, "name": 1})'
+  'db.tf_state_lock.createIndex({"tenant": 1, "name": 1})'
+)
+
+log_info() {
+  local message="$1"
+  echo -e "$message"
+}
+
+log_header() {
+  local message="$1"
+  echo -e "\033[1;34m$message\033[0m" # blue
+}
+
+log_success() {
+  local message="$1"
+  echo -e "\033[1;32m$message\033[0m" # green
+}
+
+log_warn() {
+  local message="$1"
+  echo -e "\033[1;33mWarn: $message\033[0m" # yello
+}
+
+log_error() {
+  local message="$1"
+  echo -e "\033[1;31mError: $message\033[0m" # red
+}
+
+usage() {
+  echo -e "\033[1;34mUsage:\033[0m $0 [command] [arguments...]"
+  echo -e "\033[1;34mCommands:\033[0m"
+  echo "  create-index                               : Create indexes in database"
+  echo "  create-user <username> <password> <tenant> : Create user in database"
+  echo "  help                                       : Show this help message"
+  # echo "  (no arguments)                             : Run in interactive mode"
+  exit 1
+}
+
+check_command() {
+  local cmd=$1
+  if command -v "$cmd" &> /dev/null; then
+    return 0
+  else
+    return 1
+  fi
+}
+
+check_htpasswd() {
+  if ! command -v htpasswd &> /dev/null; then
+      log_error "htpasswd is not installed."
+      log_info "Please install apache2-utils (on Debian/Ubuntu) or httpd-tools (on CentOS/RHEL)."
+      log_info "Installation commands:"
+      log_info "  Debian/Ubuntu: sudo apt-get install apache2-utils"
+      log_info "  CentOS/RHEL: sudo yum install httpd-tools"
+      exit 1
+  fi
+}
+
+execute_mongosh() {
+  local mongo_cmd="$1"
+  if check_command "mongosh"; then
+    execute_mongosh_package "$mongo_cmd" || exit 1
+  else
+    if check_command "docker"; then
+      execute_mongosh_docker "$mongo_cmd" || exit 1
+    else
+      echo "Error: Neither mongosh nor Docker is installed. Please install one to proceed."
+      exit 1
+    fi
+  fi
+}
+
+execute_mongosh_package() {
+  local mongo_cmd="$1"
+  log_info "Executing MongoDB command in the shell: $mongo_cmd"
+  if output=$(mongosh "$MONGODB_URI/$MONGODB_DB" --quiet --eval "$mongo_cmd" 2>&1); then
+    log_info "Output:\n$output"
+  else
+    log_warn "$output"
+    return 1
+  fi
+}
+
+execute_mongosh_docker() {
+  local mongo_cmd="$1"
+  log_info "Executing MongoDB command in a container: $mongo_cmd"
+  if output=$(docker run --rm --link "$MONGODB_CONTAINERNAME" mongo:8.0 bash -c "mongosh \"$MONGODB_URI/$MONGODB_DB\" --quiet --eval \"$mongo_cmd\"" 2>&1); then
+    log_info "Output:\n$output"
+  else
+    log_warn "$output"
+    return 1
+  fi
+}
+
+create_mongodb_indexes() {
+  local status=0
+  log_header "Creating predefined MongoDB indexes"
+  for cmd in "${MONGODB_INDEX_COMMANDS[@]}"; do
+    execute_mongosh "$cmd" || status=1
+  done
+  if [ $status -eq 0 ]; then
+    log_success "All indexes created successfully"
+  else
+    log_error "One or more index creations failed"
+  fi
+  return $status
+}
+
+create_user() {
+  local username=$1
+  local password=$2
+  local tenant=$3
+
+  hash=$(htpasswd -bnBC 10 "" "$password" | tr -d ':\n')
+  if [ $? -ne 0 ] || [ -z "$hash" ]; then
+    log_error "Failed to generate BCrypt hash"
+    exit 1
+  fi
+
+  creation_command=$(cat <<EOF
+db.user.insertOne({
+    username: '$username',
+    password_hash: '$(printf "%q" "$hash")',
+    tenant: '$tenant'
+})
+EOF
+  )
+
+  execute_mongosh "$creation_command" || return 1
+  execute_mongosh "db.user.createIndex({\"username\": 1}, {unique: true})" || return 1
+}
+
+# checks for command-line arguments
+if [ $# -gt 0 ]; then
+  case "$1" in
+    "create-index")
+      create_mongodb_indexes
+      exit $?
+      ;;
+    "create-user")
+      check_htpasswd
+      shift
+      if [ -z "$1" ]; then
+        log_error "No username provided"
+        usage
+      fi
+      username="$1"
+      shift
+      if [ -z "$1" ]; then
+        log_error "No password provided"
+        usage
+      fi
+      password="$1"
+      shift
+      if [ -z "$1" ]; then
+        log_error "No tenant provided"
+        usage
+      fi
+      tenant="$1"
+      create_user "$username" "$password" "$tenant"
+      exit $?
+      ;;
+    "help")
+      usage
+      ;;
+    *)
+      log_error "Invalid command: $1"
+      usage
+      ;;
+  esac
+fi
+
+usage