Create a Native State Backend

[mackenbach]

We're currently using the secrethub-http-proxy as an HTTP state backend now, but preferably we'd like to write a custom state backend.

However, seeing as state backends aren't pluggable yet we will have to create a fork of the Terraform project and add our state there. For people to actually be able to use the backend though, we'd have to get it merged back into the Terraform project and included in the next release.

If you want us to push this native backend through, please take a moment to +1 👍 this issue and we'll prioritize it on the roadmap.

Implementation details

Technically speaking, it shouldn't be too difficult a task:

• Add a folder backend/remote-state/secrethub: https://github.com/hashicorp/terraform/tree/master/backend/remote-state
• Implement the backend.Backend interface. For inspiration, check out the S3 and HTTP implementations:
  • https://github.com/hashicorp/terraform/tree/master/backend/remote-state/s3
  • https://github.com/hashicorp/terraform/tree/master/backend/remote-state/http
• Looking at the patterns other backends use, we would then create a small wrapper around the secrethub-go/pkg/secrethub.Client interface that implements the Terraform specific logic, similar to the httpClient type and have our secrethub.Backend type use that.
• Most of the thinking for what the code should do in the Get, Update, Delete functions is actually already done in the proxy for the HTTP GET, UPDATE, and DELETE handler functions.
• Submit a PR and bob's your uncle 🎉

[SimonBarendse]

https://github.com/secrethub/secrethub-cli/pull/285 contains a MVP of shipping a Terraform state backend with the SecretHub CLI.