From 0ad741aa0fc323c01e75ea1112128f5c5bddf572 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Mon, 2 Dec 2024 11:12:08 +1000 Subject: [PATCH 01/12] feat: Add support for generic oidc accounts --- .../import.sh | 1 + .../resource.tf | 7 ++ octopusdeploy/provider.go | 1 + .../resource_generic_oidc_account.go | 95 +++++++++++++++ .../resource_generic_oidc_account_test.go | 78 +++++++++++++ octopusdeploy/schema_generic_oidc_account.go | 110 ++++++++++++++++++ octopusdeploy/schema_queries.go | 3 +- octopusdeploy/schema_utilities.go | 3 +- 8 files changed, 296 insertions(+), 2 deletions(-) create mode 100644 examples/resources/octopusdeploy_generic_openid_connect_account/import.sh create mode 100644 examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf create mode 100644 octopusdeploy/resource_generic_oidc_account.go create mode 100644 octopusdeploy/resource_generic_oidc_account_test.go create mode 100644 octopusdeploy/schema_generic_oidc_account.go diff --git a/examples/resources/octopusdeploy_generic_openid_connect_account/import.sh b/examples/resources/octopusdeploy_generic_openid_connect_account/import.sh new file mode 100644 index 000000000..7691c5cdb --- /dev/null +++ b/examples/resources/octopusdeploy_generic_openid_connect_account/import.sh @@ -0,0 +1 @@ +terraform import [options] octopusdeploy_generic_openid_connect_account. \ No newline at end of file diff --git a/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf b/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf new file mode 100644 index 000000000..11893d6c3 --- /dev/null +++ b/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf @@ -0,0 +1,7 @@ +resource "octopusdeploy_azure_openid_connect" "example" { + name = "Generic OpenID Connect Account (OK to Delete)" + execution_subject_keys = ["space", "project"] + health_subject_keys = ["space", "target", "type"] + account_test_subject_keys = ["space", "type"] + audience = "api://Default" +} \ No newline at end of file diff --git a/octopusdeploy/provider.go b/octopusdeploy/provider.go index a1c1ba54f..a6e09f9e9 100644 --- a/octopusdeploy/provider.go +++ b/octopusdeploy/provider.go @@ -46,6 +46,7 @@ func Provider() *schema.Provider { "octopusdeploy_deployment_process": resourceDeploymentProcess(), "octopusdeploy_dynamic_worker_pool": resourceDynamicWorkerPool(), "octopusdeploy_gcp_account": resourceGoogleCloudPlatformAccount(), + "octopusdeploy_generic_openid_connect_account": resourceGenericOpenIDConnectAccount(), "octopusdeploy_kubernetes_agent_deployment_target": resourceKubernetesAgentDeploymentTarget(), "octopusdeploy_kubernetes_agent_worker": resourceKubernetesAgentWorker(), "octopusdeploy_kubernetes_cluster_deployment_target": resourceKubernetesClusterDeploymentTarget(), diff --git a/octopusdeploy/resource_generic_oidc_account.go b/octopusdeploy/resource_generic_oidc_account.go new file mode 100644 index 000000000..52a7fdb02 --- /dev/null +++ b/octopusdeploy/resource_generic_oidc_account.go @@ -0,0 +1,95 @@ +package octopusdeploy + +import ( + "context" + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/accounts" + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/client" + "github.com/OctopusDeploy/terraform-provider-octopusdeploy/internal/errors" + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "log" +) + +func resourceGenericOpenIDConnectAccount() *schema.Resource { + return &schema.Resource{ + CreateContext: resourceGenericOpenIDConnectAccountCreate, + DeleteContext: resourceGenericOpenIDConnectAccountDelete, + Description: "This resource manages Generic OpenID Connect accounts in Octopus Deploy.", + Importer: getImporter(), + ReadContext: resourceGenericOpenIDConnectAccountRead, + Schema: getGenericOpenIdConnectAccountSchema(), + UpdateContext: resourceGenericOpenIDConnectAccountUpdate, + } +} + +func resourceGenericOpenIDConnectAccountCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { + account := expandGenericOpenIDConnectAccount(d) + + log.Printf("[INFO] creating Generic OpenID Connect account: %#v", account) + + client := m.(*client.Client) + createdAccount, err := accounts.Add(client, account) + if err != nil { + return diag.FromErr(err) + } + + if err := setGenericOpenIDConnectAccount(ctx, d, createdAccount.(*accounts.GenericOIDCAccount)); err != nil { + return diag.FromErr(err) + } + + d.SetId(createdAccount.GetID()) + + log.Printf("[INFO] Generic OpenID Connect account created (%s)", d.Id()) + return nil +} + +func resourceGenericOpenIDConnectAccountDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { + log.Printf("[INFO] deleting Generic OpenID Connect account (%s)", d.Id()) + + client := m.(*client.Client) + if err := accounts.DeleteByID(client, d.Get("space_id").(string), d.Id()); err != nil { + return diag.FromErr(err) + } + + d.SetId("") + + log.Printf("[INFO] Generic OpenID Connect account deleted") + return nil +} + +func resourceGenericOpenIDConnectAccountRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { + log.Printf("[INFO] reading Generic OpenID Connect account (%s)", d.Id()) + + client := m.(*client.Client) + accountResource, err := accounts.GetByID(client, d.Get("space_id").(string), d.Id()) + if err != nil { + return errors.ProcessApiError(ctx, d, err, "Generic OpenID Connect account") + } + + genericOIDCAccount := accountResource.(*accounts.GenericOIDCAccount) + if err := setGenericOpenIDConnectAccount(ctx, d, genericOIDCAccount); err != nil { + return diag.FromErr(err) + } + + log.Printf("[INFO] Generic OpenID Connect account read (%s)", d.Id()) + return nil +} + +func resourceGenericOpenIDConnectAccountUpdate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { + account := expandGenericOpenIDConnectAccount(d) + + log.Printf("[INFO] updating Generic OpenID Connect account %#v", account) + + client := m.(*client.Client) + updatedAccount, err := accounts.Update(client, account) + if err != nil { + return diag.FromErr(err) + } + + if err := setGenericOpenIDConnectAccount(ctx, d, updatedAccount.(*accounts.GenericOIDCAccount)); err != nil { + return diag.FromErr(err) + } + + log.Printf("[INFO] Generic OpenID Connect account updated (%s)", d.Id()) + return nil +} diff --git a/octopusdeploy/resource_generic_oidc_account_test.go b/octopusdeploy/resource_generic_oidc_account_test.go new file mode 100644 index 000000000..2f88daca3 --- /dev/null +++ b/octopusdeploy/resource_generic_oidc_account_test.go @@ -0,0 +1,78 @@ +package octopusdeploy + +import ( + "fmt" + internalTest "github.com/OctopusDeploy/terraform-provider-octopusdeploy/internal/test" + "testing" + + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/core" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccOctopusDeployGenericOpenIDConnectAccountBasic(t *testing.T) { + internalTest.SkipCI(t, "audience is not set on initial creation") + localName := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + prefix := "octopusdeploy_generic_openid_connect_account." + localName + + description := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + name := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + tenantedDeploymentMode := core.TenantedDeploymentModeTenantedOrUntenanted + + executionKeys := []string{"space"} + healthKeys := []string{"target"} + accountKeys := []string{"type"} + audience := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + + newDescription := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + + resource.Test(t, resource.TestCase{ + CheckDestroy: testAccountCheckDestroy, + PreCheck: func() { testAccPreCheck(t) }, + ProtoV6ProviderFactories: ProtoV6ProviderFactories(), + Steps: []resource.TestStep{ + { + Check: resource.ComposeTestCheckFunc( + testAccountExists(prefix), + resource.TestCheckResourceAttr(prefix, "description", description), + resource.TestCheckResourceAttr(prefix, "name", name), + resource.TestCheckResourceAttr(prefix, "tenanted_deployment_participation", string(tenantedDeploymentMode)), + resource.TestCheckResourceAttr(prefix, "execution_subject_keys.0", executionKeys[0]), + resource.TestCheckResourceAttr(prefix, "health_subject_keys.0", healthKeys[0]), + resource.TestCheckResourceAttr(prefix, "account_test_subject_keys.0", accountKeys[0]), + resource.TestCheckResourceAttr(prefix, "audience", audience), + ), + Config: testGenericOpenIDConnectAccountBasic(localName, name, description, tenantedDeploymentMode, executionKeys, healthKeys, accountKeys, audience), + }, + { + Check: resource.ComposeTestCheckFunc( + testAccountExists(prefix), + resource.TestCheckResourceAttr(prefix, "description", newDescription), + resource.TestCheckResourceAttr(prefix, "name", name), + resource.TestCheckResourceAttr(prefix, "tenanted_deployment_participation", string(tenantedDeploymentMode)), + resource.TestCheckResourceAttr(prefix, "execution_subject_keys.0", executionKeys[0]), + resource.TestCheckResourceAttr(prefix, "health_subject_keys.0", healthKeys[0]), + resource.TestCheckResourceAttr(prefix, "account_test_subject_keys.0", accountKeys[0]), + resource.TestCheckResourceAttr(prefix, "audience", audience), + ), + Config: testGenericOpenIDConnectAccountBasic(localName, name, newDescription, tenantedDeploymentMode, executionKeys, healthKeys, accountKeys, audience), + }, + }, + }) +} + +func testGenericOpenIDConnectAccountBasic(localName string, name string, description string, tenantedDeploymentParticipation core.TenantedDeploymentMode, execution_subject_keys []string, health_subject_keys []string, account_test_subject_keys []string, audience string) string { + return fmt.Sprintf(`resource "octopusdeploy_generic_openid_connect_account" "%s" { + description = "%s" + name = "%s" + tenanted_deployment_participation = "%s" + execution_subject_keys = %s + health_subject_keys = %s + account_test_subject_keys = %s + audience = "%s" + } + + data "octopusdeploy_accounts" "test" { + ids = [octopusdeploy_generic_openid_connect_account.%s.id] + }`, localName, description, name, tenantedDeploymentParticipation, StringArrayToTerraformArrayFormat(execution_subject_keys), StringArrayToTerraformArrayFormat(health_subject_keys), StringArrayToTerraformArrayFormat(account_test_subject_keys), audience, localName) +} diff --git a/octopusdeploy/schema_generic_oidc_account.go b/octopusdeploy/schema_generic_oidc_account.go new file mode 100644 index 000000000..ea4c34b85 --- /dev/null +++ b/octopusdeploy/schema_generic_oidc_account.go @@ -0,0 +1,110 @@ +package octopusdeploy + +import ( + "context" + "fmt" + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/accounts" + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/core" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func expandGenericOpenIDConnectAccount(d *schema.ResourceData) *accounts.GenericOIDCAccount { + name := d.Get("name").(string) + + account, _ := accounts.NewGenericOIDCAccount(name) + account.ID = d.Id() + + if v, ok := d.GetOk("description"); ok { + account.SetDescription(v.(string)) + } + + if v, ok := d.GetOk("environments"); ok { + account.EnvironmentIDs = getSliceFromTerraformTypeList(v) + } + + if v, ok := d.GetOk("name"); ok { + account.SetName(v.(string)) + } + + if v, ok := d.GetOk("space_id"); ok { + account.SetSpaceID(v.(string)) + } + + if v, ok := d.GetOk("tenanted_deployment_participation"); ok { + account.TenantedDeploymentMode = core.TenantedDeploymentMode(v.(string)) + } + + if v, ok := d.GetOk("tenant_tags"); ok { + account.TenantTags = getSliceFromTerraformTypeList(v) + } + + if v, ok := d.GetOk("tenants"); ok { + account.TenantIDs = getSliceFromTerraformTypeList(v) + } + + if v, ok := d.GetOk("execution_subject_keys"); ok { + account.DeploymentSubjectKeys = getSliceFromTerraformTypeList(v) + } + + if v, ok := d.GetOk("health_subject_keys"); ok { + account.HealthCheckSubjectKeys = getSliceFromTerraformTypeList(v) + } + + if v, ok := d.GetOk("account_test_subject_keys"); ok { + account.AccountTestSubjectKeys = getSliceFromTerraformTypeList(v) + } + + return account +} + +func getGenericOpenIdConnectAccountSchema() map[string]*schema.Schema { + return map[string]*schema.Schema{ + "description": getDescriptionSchema("Azure OpenID Connect account"), + "environments": getEnvironmentsSchema(), + "id": getIDSchema(), + "name": getNameSchema(true), + "space_id": getSpaceIDSchema(), + "tenanted_deployment_participation": getTenantedDeploymentSchema(), + "tenants": getTenantsSchema(), + "tenant_tags": getTenantTagsSchema(), + "execution_subject_keys": getSubjectKeysSchema(SchemaSubjectKeysDescriptionExecution), + "health_subject_keys": getSubjectKeysSchema(SchemaSubjectKeysDescriptionHealth), + "account_test_subject_keys": getSubjectKeysSchema(SchemaSubjectKeysDescriptionAccountTest), + "audience": getOidcAudienceSchema(), + } +} + +func setGenericOpenIDConnectAccount(ctx context.Context, d *schema.ResourceData, account *accounts.GenericOIDCAccount) error { + d.Set("description", account.GetDescription()) + d.Set("id", account.GetID()) + d.Set("name", account.GetName()) + d.Set("space_id", account.GetSpaceID()) + d.Set("tenanted_deployment_participation", account.GetTenantedDeploymentMode()) + d.Set("audience", account.Audience) + + if err := d.Set("environments", account.GetEnvironmentIDs()); err != nil { + return fmt.Errorf("error setting environments: %s", err) + } + + if err := d.Set("tenants", account.GetTenantIDs()); err != nil { + return fmt.Errorf("error setting tenants: %s", err) + } + + if err := d.Set("tenant_tags", account.TenantTags); err != nil { + return fmt.Errorf("error setting tenant_tags: %s", err) + } + + if err := d.Set("execution_subject_keys", account.DeploymentSubjectKeys); err != nil { + return fmt.Errorf("error setting execution_subject_keys: %s", err) + } + + if err := d.Set("health_subject_keys", account.HealthCheckSubjectKeys); err != nil { + return fmt.Errorf("error setting health_subject_keys: %s", err) + } + + if err := d.Set("account_test_subject_keys", account.AccountTestSubjectKeys); err != nil { + return fmt.Errorf("error setting account_test_subject_keys: %s", err) + } + + return nil +} diff --git a/octopusdeploy/schema_queries.go b/octopusdeploy/schema_queries.go index 1322c9311..651fc55d8 100644 --- a/octopusdeploy/schema_queries.go +++ b/octopusdeploy/schema_queries.go @@ -7,7 +7,7 @@ import ( func getQueryAccountType() *schema.Schema { return &schema.Schema{ - Description: "A filter to search by a list of account types. Valid account types are `AmazonWebServicesAccount`, `AmazonWebServicesRoleAccount`, `AmazonWebServicesOidcAccount`, `AzureServicePrincipal`, `AzureSubscription`, `None`, `SshKeyPair`, `Token`, or `UsernamePassword`.", + Description: "A filter to search by a list of account types. Valid account types are `AmazonWebServicesAccount`, `AmazonWebServicesRoleAccount`, `AmazonWebServicesOidcAccount`, `AzureServicePrincipal`, `AzureSubscription`, `GenericOidcAccount`, `None`, `SshKeyPair`, `Token`, or `UsernamePassword`.", Optional: true, Type: schema.TypeString, ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{ @@ -17,6 +17,7 @@ func getQueryAccountType() *schema.Schema { "AzureServicePrincipal", "AzureOIDC", "AzureSubscription", + "GenericOidcAccount", "None", "SshKeyPair", "Token", diff --git a/octopusdeploy/schema_utilities.go b/octopusdeploy/schema_utilities.go index 1cb481661..3b80f9098 100644 --- a/octopusdeploy/schema_utilities.go +++ b/octopusdeploy/schema_utilities.go @@ -9,7 +9,7 @@ import ( func getAccountTypeSchema(isRequired bool) *schema.Schema { schema := &schema.Schema{ - Description: "Specifies the type of the account. Valid account types are `AmazonWebServicesAccount`, `AmazonWebServicesRoleAccount`, `AzureServicePrincipal`, `AzureOIDC`, `AzureSubscription`, `AmazonWebServicesOidcAccount`, `None`, `SshKeyPair`, `Token`, or `UsernamePassword`.", + Description: "Specifies the type of the account. Valid account types are `AmazonWebServicesAccount`, `AmazonWebServicesRoleAccount`, `AzureServicePrincipal`, `AzureOIDC`, `AzureSubscription`, `AmazonWebServicesOidcAccount`, `GenericOidcAccount`, `None`, `SshKeyPair`, `Token`, or `UsernamePassword`.", ForceNew: true, Type: schema.TypeString, ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice([]string{ @@ -18,6 +18,7 @@ func getAccountTypeSchema(isRequired bool) *schema.Schema { "AzureServicePrincipal", "AzureOIDC", "AzureSubscription", + "GenericOidcAccount", "None", "SshKeyPair", "Token", From 633ad4bf1e9bb56ec1f9360980ed78d3df60feeb Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Mon, 2 Dec 2024 12:49:28 +1000 Subject: [PATCH 02/12] chore: remove subject keys which are not needed --- .../resource.tf | 4 +--- .../resource_generic_oidc_account_test.go | 14 ++++-------- octopusdeploy/schema_generic_oidc_account.go | 22 ++++--------------- 3 files changed, 9 insertions(+), 31 deletions(-) diff --git a/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf b/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf index 11893d6c3..d03a1dd89 100644 --- a/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf +++ b/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf @@ -1,7 +1,5 @@ resource "octopusdeploy_azure_openid_connect" "example" { name = "Generic OpenID Connect Account (OK to Delete)" execution_subject_keys = ["space", "project"] - health_subject_keys = ["space", "target", "type"] - account_test_subject_keys = ["space", "type"] - audience = "api://Default" + audience = "api://default" } \ No newline at end of file diff --git a/octopusdeploy/resource_generic_oidc_account_test.go b/octopusdeploy/resource_generic_oidc_account_test.go index 2f88daca3..0062e7ba2 100644 --- a/octopusdeploy/resource_generic_oidc_account_test.go +++ b/octopusdeploy/resource_generic_oidc_account_test.go @@ -20,8 +20,6 @@ func TestAccOctopusDeployGenericOpenIDConnectAccountBasic(t *testing.T) { tenantedDeploymentMode := core.TenantedDeploymentModeTenantedOrUntenanted executionKeys := []string{"space"} - healthKeys := []string{"target"} - accountKeys := []string{"type"} audience := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) newDescription := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) @@ -38,11 +36,9 @@ func TestAccOctopusDeployGenericOpenIDConnectAccountBasic(t *testing.T) { resource.TestCheckResourceAttr(prefix, "name", name), resource.TestCheckResourceAttr(prefix, "tenanted_deployment_participation", string(tenantedDeploymentMode)), resource.TestCheckResourceAttr(prefix, "execution_subject_keys.0", executionKeys[0]), - resource.TestCheckResourceAttr(prefix, "health_subject_keys.0", healthKeys[0]), - resource.TestCheckResourceAttr(prefix, "account_test_subject_keys.0", accountKeys[0]), resource.TestCheckResourceAttr(prefix, "audience", audience), ), - Config: testGenericOpenIDConnectAccountBasic(localName, name, description, tenantedDeploymentMode, executionKeys, healthKeys, accountKeys, audience), + Config: testGenericOpenIDConnectAccountBasic(localName, name, description, tenantedDeploymentMode, executionKeys, audience), }, { Check: resource.ComposeTestCheckFunc( @@ -51,17 +47,15 @@ func TestAccOctopusDeployGenericOpenIDConnectAccountBasic(t *testing.T) { resource.TestCheckResourceAttr(prefix, "name", name), resource.TestCheckResourceAttr(prefix, "tenanted_deployment_participation", string(tenantedDeploymentMode)), resource.TestCheckResourceAttr(prefix, "execution_subject_keys.0", executionKeys[0]), - resource.TestCheckResourceAttr(prefix, "health_subject_keys.0", healthKeys[0]), - resource.TestCheckResourceAttr(prefix, "account_test_subject_keys.0", accountKeys[0]), resource.TestCheckResourceAttr(prefix, "audience", audience), ), - Config: testGenericOpenIDConnectAccountBasic(localName, name, newDescription, tenantedDeploymentMode, executionKeys, healthKeys, accountKeys, audience), + Config: testGenericOpenIDConnectAccountBasic(localName, name, newDescription, tenantedDeploymentMode, executionKeys, audience), }, }, }) } -func testGenericOpenIDConnectAccountBasic(localName string, name string, description string, tenantedDeploymentParticipation core.TenantedDeploymentMode, execution_subject_keys []string, health_subject_keys []string, account_test_subject_keys []string, audience string) string { +func testGenericOpenIDConnectAccountBasic(localName string, name string, description string, tenantedDeploymentParticipation core.TenantedDeploymentMode, execution_subject_keys []string, audience string) string { return fmt.Sprintf(`resource "octopusdeploy_generic_openid_connect_account" "%s" { description = "%s" name = "%s" @@ -74,5 +68,5 @@ func testGenericOpenIDConnectAccountBasic(localName string, name string, descrip data "octopusdeploy_accounts" "test" { ids = [octopusdeploy_generic_openid_connect_account.%s.id] - }`, localName, description, name, tenantedDeploymentParticipation, StringArrayToTerraformArrayFormat(execution_subject_keys), StringArrayToTerraformArrayFormat(health_subject_keys), StringArrayToTerraformArrayFormat(account_test_subject_keys), audience, localName) + }`, localName, description, name, tenantedDeploymentParticipation, StringArrayToTerraformArrayFormat(execution_subject_keys), audience, localName) } diff --git a/octopusdeploy/schema_generic_oidc_account.go b/octopusdeploy/schema_generic_oidc_account.go index ea4c34b85..03136abe5 100644 --- a/octopusdeploy/schema_generic_oidc_account.go +++ b/octopusdeploy/schema_generic_oidc_account.go @@ -42,16 +42,12 @@ func expandGenericOpenIDConnectAccount(d *schema.ResourceData) *accounts.Generic account.TenantIDs = getSliceFromTerraformTypeList(v) } - if v, ok := d.GetOk("execution_subject_keys"); ok { - account.DeploymentSubjectKeys = getSliceFromTerraformTypeList(v) + if v, ok := d.GetOk("audience"); ok { + account.Audience = v.(string) } - if v, ok := d.GetOk("health_subject_keys"); ok { - account.HealthCheckSubjectKeys = getSliceFromTerraformTypeList(v) - } - - if v, ok := d.GetOk("account_test_subject_keys"); ok { - account.AccountTestSubjectKeys = getSliceFromTerraformTypeList(v) + if v, ok := d.GetOk("execution_subject_keys"); ok { + account.DeploymentSubjectKeys = getSliceFromTerraformTypeList(v) } return account @@ -68,8 +64,6 @@ func getGenericOpenIdConnectAccountSchema() map[string]*schema.Schema { "tenants": getTenantsSchema(), "tenant_tags": getTenantTagsSchema(), "execution_subject_keys": getSubjectKeysSchema(SchemaSubjectKeysDescriptionExecution), - "health_subject_keys": getSubjectKeysSchema(SchemaSubjectKeysDescriptionHealth), - "account_test_subject_keys": getSubjectKeysSchema(SchemaSubjectKeysDescriptionAccountTest), "audience": getOidcAudienceSchema(), } } @@ -98,13 +92,5 @@ func setGenericOpenIDConnectAccount(ctx context.Context, d *schema.ResourceData, return fmt.Errorf("error setting execution_subject_keys: %s", err) } - if err := d.Set("health_subject_keys", account.HealthCheckSubjectKeys); err != nil { - return fmt.Errorf("error setting health_subject_keys: %s", err) - } - - if err := d.Set("account_test_subject_keys", account.AccountTestSubjectKeys); err != nil { - return fmt.Errorf("error setting account_test_subject_keys: %s", err) - } - return nil } From 53d4eb61ace008fcbc8355fd2f441a1e5b363628 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Mon, 2 Dec 2024 14:30:35 +1000 Subject: [PATCH 03/12] Use go client branch for now and update docs --- docs/data-sources/accounts.md | 2 +- .../generic_openid_connect_account.md | 48 +++++++++++++++++++ go.mod | 2 +- go.sum | 2 + 4 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 docs/resources/generic_openid_connect_account.md diff --git a/docs/data-sources/accounts.md b/docs/data-sources/accounts.md index a108cfe1d..27bb16f6b 100644 --- a/docs/data-sources/accounts.md +++ b/docs/data-sources/accounts.md @@ -26,7 +26,7 @@ data "octopusdeploy_accounts" "example" { ### Optional -- `account_type` (String) A filter to search by a list of account types. Valid account types are `AmazonWebServicesAccount`, `AmazonWebServicesRoleAccount`, `AmazonWebServicesOidcAccount`, `AzureServicePrincipal`, `AzureSubscription`, `None`, `SshKeyPair`, `Token`, or `UsernamePassword`. +- `account_type` (String) A filter to search by a list of account types. Valid account types are `AmazonWebServicesAccount`, `AmazonWebServicesRoleAccount`, `AmazonWebServicesOidcAccount`, `AzureServicePrincipal`, `AzureSubscription`, `GenericOidcAccount`, `None`, `SshKeyPair`, `Token`, or `UsernamePassword`. - `ids` (List of String) A filter to search by a list of IDs. - `partial_name` (String) A filter to search by the partial match of a name. - `skip` (Number) A filter to specify the number of items to skip in the response. diff --git a/docs/resources/generic_openid_connect_account.md b/docs/resources/generic_openid_connect_account.md new file mode 100644 index 000000000..514089d7f --- /dev/null +++ b/docs/resources/generic_openid_connect_account.md @@ -0,0 +1,48 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "octopusdeploy_generic_openid_connect_account Resource - terraform-provider-octopusdeploy" +subcategory: "" +description: |- + This resource manages Generic OpenID Connect accounts in Octopus Deploy. +--- + +# octopusdeploy_generic_openid_connect_account (Resource) + +This resource manages Generic OpenID Connect accounts in Octopus Deploy. + +## Example Usage + +```terraform +resource "octopusdeploy_generic_openid_connect_account" "example" { + name = "Generic OpenID Connect Account (OK to Delete)" + execution_subject_keys = ["space", "project"] + audience = "api://default" +} +``` + + +## Schema + +### Required + +- `name` (String) The name of this resource. + +### Optional + +- `audience` (String) Federated credentials audience, this value is used to establish a connection between external workload identities and Microsoft Entra ID. +- `description` (String) The description of this Azure OpenID Connect account. +- `environments` (List of String) A list of environment IDs associated with this resource. +- `execution_subject_keys` (List of String) Keys to include in a deployment or runbook. Valid options are `space`, `environment`, `project`, `tenant`, `runbook`, `account`, `type` +- `id` (String) The unique ID for this resource. +- `space_id` (String) The space ID associated with this resource. +- `tenant_tags` (List of String) A list of tenant tags associated with this resource. +- `tenanted_deployment_participation` (String) The tenanted deployment mode of the resource. Valid account types are `Untenanted`, `TenantedOrUntenanted`, or `Tenanted`. +- `tenants` (List of String) A list of tenant IDs associated with this resource. + +## Import + +Import is supported using the following syntax: + +```shell +terraform import [options] octopusdeploy_generic_openid_connect_account. +``` diff --git a/go.mod b/go.mod index 7e10c51b0..5b907d7ab 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/OctopusDeploy/terraform-provider-octopusdeploy go 1.21 require ( - github.com/OctopusDeploy/go-octopusdeploy/v2 v2.60.0 + github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241202024636-075a4f06c227 github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4 github.com/google/uuid v1.6.0 github.com/hashicorp/go-cty v1.4.1-0.20200723130312-85980079f637 diff --git a/go.sum b/go.sum index d8eeb086a..957e09558 100644 --- a/go.sum +++ b/go.sum @@ -22,6 +22,8 @@ github.com/OctopusDeploy/go-octodiff v1.0.0 h1:U+ORg6azniwwYo+O44giOw6TiD5USk8S4 github.com/OctopusDeploy/go-octodiff v1.0.0/go.mod h1:Mze0+EkOWTgTmi8++fyUc6r0aLZT7qD9gX+31t8MmIU= github.com/OctopusDeploy/go-octopusdeploy/v2 v2.60.0 h1:9j4IQ1UcAuaTytlBzQ7Mmoy/dLtofYfSGNiM22+sLXs= github.com/OctopusDeploy/go-octopusdeploy/v2 v2.60.0/go.mod h1:ggvOXzMnq+w0pLg6C9zdjz6YBaHfO3B3tqmmB7JQdaw= +github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241202024636-075a4f06c227 h1:ejQL4mdWMoF7PhOQUu/G4hZHfFYbXg+XuvXtMpFpllw= +github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241202024636-075a4f06c227/go.mod h1:ggvOXzMnq+w0pLg6C9zdjz6YBaHfO3B3tqmmB7JQdaw= github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4 h1:QfbVf0bOIRMp/WHAWsuVDB7KHoWnRsGbvDuOf2ua7k4= github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4/go.mod h1:Oq9KbiRNDBB5jFmrwnrgLX0urIqR/1ptY18TzkqXm7M= github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg= From 0b44e43916b36f46ce3bb5522b6dc106cff95a65 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Mon, 2 Dec 2024 14:35:23 +1000 Subject: [PATCH 04/12] fix: typos --- docs/resources/generic_openid_connect_account.md | 2 +- .../octopusdeploy_generic_openid_connect_account/resource.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/resources/generic_openid_connect_account.md b/docs/resources/generic_openid_connect_account.md index 514089d7f..3584cf828 100644 --- a/docs/resources/generic_openid_connect_account.md +++ b/docs/resources/generic_openid_connect_account.md @@ -30,7 +30,7 @@ resource "octopusdeploy_generic_openid_connect_account" "example" { ### Optional - `audience` (String) Federated credentials audience, this value is used to establish a connection between external workload identities and Microsoft Entra ID. -- `description` (String) The description of this Azure OpenID Connect account. +- `description` (String) The description of this Generic OpenID Connect account. - `environments` (List of String) A list of environment IDs associated with this resource. - `execution_subject_keys` (List of String) Keys to include in a deployment or runbook. Valid options are `space`, `environment`, `project`, `tenant`, `runbook`, `account`, `type` - `id` (String) The unique ID for this resource. diff --git a/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf b/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf index d03a1dd89..833ad71ee 100644 --- a/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf +++ b/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf @@ -1,4 +1,4 @@ -resource "octopusdeploy_azure_openid_connect" "example" { +resource "octopusdeploy_generic_openid_connect_account" "example" { name = "Generic OpenID Connect Account (OK to Delete)" execution_subject_keys = ["space", "project"] audience = "api://default" From 33358ae374cca7cdcbaa2a5cd39c4972bd755f89 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Mon, 2 Dec 2024 14:38:13 +1000 Subject: [PATCH 05/12] fix: more typos and unused fields --- octopusdeploy/resource_generic_oidc_account_test.go | 2 -- octopusdeploy/schema_generic_oidc_account.go | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/octopusdeploy/resource_generic_oidc_account_test.go b/octopusdeploy/resource_generic_oidc_account_test.go index 0062e7ba2..0b5d12c9d 100644 --- a/octopusdeploy/resource_generic_oidc_account_test.go +++ b/octopusdeploy/resource_generic_oidc_account_test.go @@ -61,8 +61,6 @@ func testGenericOpenIDConnectAccountBasic(localName string, name string, descrip name = "%s" tenanted_deployment_participation = "%s" execution_subject_keys = %s - health_subject_keys = %s - account_test_subject_keys = %s audience = "%s" } diff --git a/octopusdeploy/schema_generic_oidc_account.go b/octopusdeploy/schema_generic_oidc_account.go index 03136abe5..02a6c388d 100644 --- a/octopusdeploy/schema_generic_oidc_account.go +++ b/octopusdeploy/schema_generic_oidc_account.go @@ -55,7 +55,7 @@ func expandGenericOpenIDConnectAccount(d *schema.ResourceData) *accounts.Generic func getGenericOpenIdConnectAccountSchema() map[string]*schema.Schema { return map[string]*schema.Schema{ - "description": getDescriptionSchema("Azure OpenID Connect account"), + "description": getDescriptionSchema("Generic OpenID Connect account"), "environments": getEnvironmentsSchema(), "id": getIDSchema(), "name": getNameSchema(true), From a6035b83312468f6d4ad2354bcda46a5e57be6c1 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Tue, 3 Dec 2024 15:26:14 +1000 Subject: [PATCH 06/12] fix: move implementation to framework --- ...ect_account.md => generic_oidc_account.md} | 14 +- .../import.sh | 1 - .../resource.tf | 5 - go.mod | 2 +- go.sum | 6 +- octopusdeploy/provider.go | 1 - .../resource_generic_oidc_account.go | 95 ---------- .../resource_generic_oidc_account_test.go | 70 ------- octopusdeploy/schema_generic_oidc_account.go | 96 ---------- octopusdeploy_framework/framework_provider.go | 1 + .../resource_generic_oidc_account.go | 179 ++++++++++++++++++ .../resource_generic_oidc_account_test.go | 62 ++++++ .../schemas/generic_oidc_account.go | 86 +++++++++ 13 files changed, 338 insertions(+), 280 deletions(-) rename docs/resources/{generic_openid_connect_account.md => generic_oidc_account.md} (68%) delete mode 100644 examples/resources/octopusdeploy_generic_openid_connect_account/import.sh delete mode 100644 examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf delete mode 100644 octopusdeploy/resource_generic_oidc_account.go delete mode 100644 octopusdeploy/resource_generic_oidc_account_test.go delete mode 100644 octopusdeploy/schema_generic_oidc_account.go create mode 100644 octopusdeploy_framework/resource_generic_oidc_account.go create mode 100644 octopusdeploy_framework/resource_generic_oidc_account_test.go create mode 100644 octopusdeploy_framework/schemas/generic_oidc_account.go diff --git a/docs/resources/generic_openid_connect_account.md b/docs/resources/generic_oidc_account.md similarity index 68% rename from docs/resources/generic_openid_connect_account.md rename to docs/resources/generic_oidc_account.md index 3584cf828..0444e5486 100644 --- a/docs/resources/generic_openid_connect_account.md +++ b/docs/resources/generic_oidc_account.md @@ -1,19 +1,19 @@ --- # generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "octopusdeploy_generic_openid_connect_account Resource - terraform-provider-octopusdeploy" +page_title: "octopusdeploy_generic_oidc_account Resource - terraform-provider-octopusdeploy" subcategory: "" description: |- - This resource manages Generic OpenID Connect accounts in Octopus Deploy. + This resource manages a Generic OIDC Account in Octopus Deploy. --- # octopusdeploy_generic_openid_connect_account (Resource) -This resource manages Generic OpenID Connect accounts in Octopus Deploy. +This resource manages a Generic OIDC Account in Octopus Deploy. ## Example Usage ```terraform -resource "octopusdeploy_generic_openid_connect_account" "example" { +resource "octopusdeploy_generic_oidc_account" "example" { name = "Generic OpenID Connect Account (OK to Delete)" execution_subject_keys = ["space", "project"] audience = "api://default" @@ -29,10 +29,10 @@ resource "octopusdeploy_generic_openid_connect_account" "example" { ### Optional -- `audience` (String) Federated credentials audience, this value is used to establish a connection between external workload identities and Microsoft Entra ID. -- `description` (String) The description of this Generic OpenID Connect account. +- `audience` (String) The audience associated with this resource. +- `description` (String) The description of this generic oidc account. - `environments` (List of String) A list of environment IDs associated with this resource. -- `execution_subject_keys` (List of String) Keys to include in a deployment or runbook. Valid options are `space`, `environment`, `project`, `tenant`, `runbook`, `account`, `type` +- `execution_subject_keys` (List of String) Keys to include in a deployment or runbook. Valid options are `space`, `environment`, `project`, `tenant`, `runbook`, `account`, `type`. - `id` (String) The unique ID for this resource. - `space_id` (String) The space ID associated with this resource. - `tenant_tags` (List of String) A list of tenant tags associated with this resource. diff --git a/examples/resources/octopusdeploy_generic_openid_connect_account/import.sh b/examples/resources/octopusdeploy_generic_openid_connect_account/import.sh deleted file mode 100644 index 7691c5cdb..000000000 --- a/examples/resources/octopusdeploy_generic_openid_connect_account/import.sh +++ /dev/null @@ -1 +0,0 @@ -terraform import [options] octopusdeploy_generic_openid_connect_account. \ No newline at end of file diff --git a/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf b/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf deleted file mode 100644 index 833ad71ee..000000000 --- a/examples/resources/octopusdeploy_generic_openid_connect_account/resource.tf +++ /dev/null @@ -1,5 +0,0 @@ -resource "octopusdeploy_generic_openid_connect_account" "example" { - name = "Generic OpenID Connect Account (OK to Delete)" - execution_subject_keys = ["space", "project"] - audience = "api://default" -} \ No newline at end of file diff --git a/go.mod b/go.mod index 5b907d7ab..7fccee0f5 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/OctopusDeploy/terraform-provider-octopusdeploy go 1.21 require ( - github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241202024636-075a4f06c227 + github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241203052254-726a1dc47be5 github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4 github.com/google/uuid v1.6.0 github.com/hashicorp/go-cty v1.4.1-0.20200723130312-85980079f637 diff --git a/go.sum b/go.sum index 957e09558..2c12d3f51 100644 --- a/go.sum +++ b/go.sum @@ -20,10 +20,8 @@ github.com/Microsoft/hcsshim v0.12.4 h1:Ev7YUMHAHoWNm+aDSPzc5W9s6E2jyL1szpVDJeZ/ github.com/Microsoft/hcsshim v0.12.4/go.mod h1:Iyl1WVpZzr+UkzjekHZbV8o5Z9ZkxNGx6CtY2Qg/JVQ= github.com/OctopusDeploy/go-octodiff v1.0.0 h1:U+ORg6azniwwYo+O44giOw6TiD5USk8S4VDhOQ0Ven0= github.com/OctopusDeploy/go-octodiff v1.0.0/go.mod h1:Mze0+EkOWTgTmi8++fyUc6r0aLZT7qD9gX+31t8MmIU= -github.com/OctopusDeploy/go-octopusdeploy/v2 v2.60.0 h1:9j4IQ1UcAuaTytlBzQ7Mmoy/dLtofYfSGNiM22+sLXs= -github.com/OctopusDeploy/go-octopusdeploy/v2 v2.60.0/go.mod h1:ggvOXzMnq+w0pLg6C9zdjz6YBaHfO3B3tqmmB7JQdaw= -github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241202024636-075a4f06c227 h1:ejQL4mdWMoF7PhOQUu/G4hZHfFYbXg+XuvXtMpFpllw= -github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241202024636-075a4f06c227/go.mod h1:ggvOXzMnq+w0pLg6C9zdjz6YBaHfO3B3tqmmB7JQdaw= +github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241203052254-726a1dc47be5 h1:axZMwMhboAz4bE4GmzRkT9ogE4bgjrPvNZef9rJCINE= +github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241203052254-726a1dc47be5/go.mod h1:ggvOXzMnq+w0pLg6C9zdjz6YBaHfO3B3tqmmB7JQdaw= github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4 h1:QfbVf0bOIRMp/WHAWsuVDB7KHoWnRsGbvDuOf2ua7k4= github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4/go.mod h1:Oq9KbiRNDBB5jFmrwnrgLX0urIqR/1ptY18TzkqXm7M= github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg= diff --git a/octopusdeploy/provider.go b/octopusdeploy/provider.go index a6e09f9e9..a1c1ba54f 100644 --- a/octopusdeploy/provider.go +++ b/octopusdeploy/provider.go @@ -46,7 +46,6 @@ func Provider() *schema.Provider { "octopusdeploy_deployment_process": resourceDeploymentProcess(), "octopusdeploy_dynamic_worker_pool": resourceDynamicWorkerPool(), "octopusdeploy_gcp_account": resourceGoogleCloudPlatformAccount(), - "octopusdeploy_generic_openid_connect_account": resourceGenericOpenIDConnectAccount(), "octopusdeploy_kubernetes_agent_deployment_target": resourceKubernetesAgentDeploymentTarget(), "octopusdeploy_kubernetes_agent_worker": resourceKubernetesAgentWorker(), "octopusdeploy_kubernetes_cluster_deployment_target": resourceKubernetesClusterDeploymentTarget(), diff --git a/octopusdeploy/resource_generic_oidc_account.go b/octopusdeploy/resource_generic_oidc_account.go deleted file mode 100644 index 52a7fdb02..000000000 --- a/octopusdeploy/resource_generic_oidc_account.go +++ /dev/null @@ -1,95 +0,0 @@ -package octopusdeploy - -import ( - "context" - "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/accounts" - "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/client" - "github.com/OctopusDeploy/terraform-provider-octopusdeploy/internal/errors" - "github.com/hashicorp/terraform-plugin-sdk/v2/diag" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - "log" -) - -func resourceGenericOpenIDConnectAccount() *schema.Resource { - return &schema.Resource{ - CreateContext: resourceGenericOpenIDConnectAccountCreate, - DeleteContext: resourceGenericOpenIDConnectAccountDelete, - Description: "This resource manages Generic OpenID Connect accounts in Octopus Deploy.", - Importer: getImporter(), - ReadContext: resourceGenericOpenIDConnectAccountRead, - Schema: getGenericOpenIdConnectAccountSchema(), - UpdateContext: resourceGenericOpenIDConnectAccountUpdate, - } -} - -func resourceGenericOpenIDConnectAccountCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { - account := expandGenericOpenIDConnectAccount(d) - - log.Printf("[INFO] creating Generic OpenID Connect account: %#v", account) - - client := m.(*client.Client) - createdAccount, err := accounts.Add(client, account) - if err != nil { - return diag.FromErr(err) - } - - if err := setGenericOpenIDConnectAccount(ctx, d, createdAccount.(*accounts.GenericOIDCAccount)); err != nil { - return diag.FromErr(err) - } - - d.SetId(createdAccount.GetID()) - - log.Printf("[INFO] Generic OpenID Connect account created (%s)", d.Id()) - return nil -} - -func resourceGenericOpenIDConnectAccountDelete(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { - log.Printf("[INFO] deleting Generic OpenID Connect account (%s)", d.Id()) - - client := m.(*client.Client) - if err := accounts.DeleteByID(client, d.Get("space_id").(string), d.Id()); err != nil { - return diag.FromErr(err) - } - - d.SetId("") - - log.Printf("[INFO] Generic OpenID Connect account deleted") - return nil -} - -func resourceGenericOpenIDConnectAccountRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { - log.Printf("[INFO] reading Generic OpenID Connect account (%s)", d.Id()) - - client := m.(*client.Client) - accountResource, err := accounts.GetByID(client, d.Get("space_id").(string), d.Id()) - if err != nil { - return errors.ProcessApiError(ctx, d, err, "Generic OpenID Connect account") - } - - genericOIDCAccount := accountResource.(*accounts.GenericOIDCAccount) - if err := setGenericOpenIDConnectAccount(ctx, d, genericOIDCAccount); err != nil { - return diag.FromErr(err) - } - - log.Printf("[INFO] Generic OpenID Connect account read (%s)", d.Id()) - return nil -} - -func resourceGenericOpenIDConnectAccountUpdate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { - account := expandGenericOpenIDConnectAccount(d) - - log.Printf("[INFO] updating Generic OpenID Connect account %#v", account) - - client := m.(*client.Client) - updatedAccount, err := accounts.Update(client, account) - if err != nil { - return diag.FromErr(err) - } - - if err := setGenericOpenIDConnectAccount(ctx, d, updatedAccount.(*accounts.GenericOIDCAccount)); err != nil { - return diag.FromErr(err) - } - - log.Printf("[INFO] Generic OpenID Connect account updated (%s)", d.Id()) - return nil -} diff --git a/octopusdeploy/resource_generic_oidc_account_test.go b/octopusdeploy/resource_generic_oidc_account_test.go deleted file mode 100644 index 0b5d12c9d..000000000 --- a/octopusdeploy/resource_generic_oidc_account_test.go +++ /dev/null @@ -1,70 +0,0 @@ -package octopusdeploy - -import ( - "fmt" - internalTest "github.com/OctopusDeploy/terraform-provider-octopusdeploy/internal/test" - "testing" - - "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/core" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" -) - -func TestAccOctopusDeployGenericOpenIDConnectAccountBasic(t *testing.T) { - internalTest.SkipCI(t, "audience is not set on initial creation") - localName := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) - prefix := "octopusdeploy_generic_openid_connect_account." + localName - - description := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) - name := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) - tenantedDeploymentMode := core.TenantedDeploymentModeTenantedOrUntenanted - - executionKeys := []string{"space"} - audience := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) - - newDescription := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) - - resource.Test(t, resource.TestCase{ - CheckDestroy: testAccountCheckDestroy, - PreCheck: func() { testAccPreCheck(t) }, - ProtoV6ProviderFactories: ProtoV6ProviderFactories(), - Steps: []resource.TestStep{ - { - Check: resource.ComposeTestCheckFunc( - testAccountExists(prefix), - resource.TestCheckResourceAttr(prefix, "description", description), - resource.TestCheckResourceAttr(prefix, "name", name), - resource.TestCheckResourceAttr(prefix, "tenanted_deployment_participation", string(tenantedDeploymentMode)), - resource.TestCheckResourceAttr(prefix, "execution_subject_keys.0", executionKeys[0]), - resource.TestCheckResourceAttr(prefix, "audience", audience), - ), - Config: testGenericOpenIDConnectAccountBasic(localName, name, description, tenantedDeploymentMode, executionKeys, audience), - }, - { - Check: resource.ComposeTestCheckFunc( - testAccountExists(prefix), - resource.TestCheckResourceAttr(prefix, "description", newDescription), - resource.TestCheckResourceAttr(prefix, "name", name), - resource.TestCheckResourceAttr(prefix, "tenanted_deployment_participation", string(tenantedDeploymentMode)), - resource.TestCheckResourceAttr(prefix, "execution_subject_keys.0", executionKeys[0]), - resource.TestCheckResourceAttr(prefix, "audience", audience), - ), - Config: testGenericOpenIDConnectAccountBasic(localName, name, newDescription, tenantedDeploymentMode, executionKeys, audience), - }, - }, - }) -} - -func testGenericOpenIDConnectAccountBasic(localName string, name string, description string, tenantedDeploymentParticipation core.TenantedDeploymentMode, execution_subject_keys []string, audience string) string { - return fmt.Sprintf(`resource "octopusdeploy_generic_openid_connect_account" "%s" { - description = "%s" - name = "%s" - tenanted_deployment_participation = "%s" - execution_subject_keys = %s - audience = "%s" - } - - data "octopusdeploy_accounts" "test" { - ids = [octopusdeploy_generic_openid_connect_account.%s.id] - }`, localName, description, name, tenantedDeploymentParticipation, StringArrayToTerraformArrayFormat(execution_subject_keys), audience, localName) -} diff --git a/octopusdeploy/schema_generic_oidc_account.go b/octopusdeploy/schema_generic_oidc_account.go deleted file mode 100644 index 02a6c388d..000000000 --- a/octopusdeploy/schema_generic_oidc_account.go +++ /dev/null @@ -1,96 +0,0 @@ -package octopusdeploy - -import ( - "context" - "fmt" - "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/accounts" - "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/core" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" -) - -func expandGenericOpenIDConnectAccount(d *schema.ResourceData) *accounts.GenericOIDCAccount { - name := d.Get("name").(string) - - account, _ := accounts.NewGenericOIDCAccount(name) - account.ID = d.Id() - - if v, ok := d.GetOk("description"); ok { - account.SetDescription(v.(string)) - } - - if v, ok := d.GetOk("environments"); ok { - account.EnvironmentIDs = getSliceFromTerraformTypeList(v) - } - - if v, ok := d.GetOk("name"); ok { - account.SetName(v.(string)) - } - - if v, ok := d.GetOk("space_id"); ok { - account.SetSpaceID(v.(string)) - } - - if v, ok := d.GetOk("tenanted_deployment_participation"); ok { - account.TenantedDeploymentMode = core.TenantedDeploymentMode(v.(string)) - } - - if v, ok := d.GetOk("tenant_tags"); ok { - account.TenantTags = getSliceFromTerraformTypeList(v) - } - - if v, ok := d.GetOk("tenants"); ok { - account.TenantIDs = getSliceFromTerraformTypeList(v) - } - - if v, ok := d.GetOk("audience"); ok { - account.Audience = v.(string) - } - - if v, ok := d.GetOk("execution_subject_keys"); ok { - account.DeploymentSubjectKeys = getSliceFromTerraformTypeList(v) - } - - return account -} - -func getGenericOpenIdConnectAccountSchema() map[string]*schema.Schema { - return map[string]*schema.Schema{ - "description": getDescriptionSchema("Generic OpenID Connect account"), - "environments": getEnvironmentsSchema(), - "id": getIDSchema(), - "name": getNameSchema(true), - "space_id": getSpaceIDSchema(), - "tenanted_deployment_participation": getTenantedDeploymentSchema(), - "tenants": getTenantsSchema(), - "tenant_tags": getTenantTagsSchema(), - "execution_subject_keys": getSubjectKeysSchema(SchemaSubjectKeysDescriptionExecution), - "audience": getOidcAudienceSchema(), - } -} - -func setGenericOpenIDConnectAccount(ctx context.Context, d *schema.ResourceData, account *accounts.GenericOIDCAccount) error { - d.Set("description", account.GetDescription()) - d.Set("id", account.GetID()) - d.Set("name", account.GetName()) - d.Set("space_id", account.GetSpaceID()) - d.Set("tenanted_deployment_participation", account.GetTenantedDeploymentMode()) - d.Set("audience", account.Audience) - - if err := d.Set("environments", account.GetEnvironmentIDs()); err != nil { - return fmt.Errorf("error setting environments: %s", err) - } - - if err := d.Set("tenants", account.GetTenantIDs()); err != nil { - return fmt.Errorf("error setting tenants: %s", err) - } - - if err := d.Set("tenant_tags", account.TenantTags); err != nil { - return fmt.Errorf("error setting tenant_tags: %s", err) - } - - if err := d.Set("execution_subject_keys", account.DeploymentSubjectKeys); err != nil { - return fmt.Errorf("error setting execution_subject_keys: %s", err) - } - - return nil -} diff --git a/octopusdeploy_framework/framework_provider.go b/octopusdeploy_framework/framework_provider.go index a1cdb241e..fea6f8068 100644 --- a/octopusdeploy_framework/framework_provider.go +++ b/octopusdeploy_framework/framework_provider.go @@ -126,6 +126,7 @@ func (p *octopusDeployFrameworkProvider) Resources(ctx context.Context) []func() NewScriptModuleResource, NewUserResource, NewServiceAccountOIDCIdentity, + NewGenericOidcResource, } } diff --git a/octopusdeploy_framework/resource_generic_oidc_account.go b/octopusdeploy_framework/resource_generic_oidc_account.go new file mode 100644 index 000000000..5de260ca5 --- /dev/null +++ b/octopusdeploy_framework/resource_generic_oidc_account.go @@ -0,0 +1,179 @@ +package octopusdeploy_framework + +import ( + "context" + "fmt" + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/accounts" + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/core" + "github.com/OctopusDeploy/terraform-provider-octopusdeploy/internal/errors" + "github.com/OctopusDeploy/terraform-provider-octopusdeploy/octopusdeploy_framework/schemas" + "github.com/OctopusDeploy/terraform-provider-octopusdeploy/octopusdeploy_framework/util" + "github.com/hashicorp/terraform-plugin-framework/resource" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-plugin-log/tflog" +) + +var _ resource.Resource = &genericOidcAccountResource{} +var _ resource.ResourceWithImportState = &genericOidcAccountResource{} + +type genericOidcAccountResource struct { + *Config +} + +func NewGenericOidcResource() resource.Resource { + return &genericOidcAccountResource{} +} + +func (r *genericOidcAccountResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { + resp.TypeName = util.GetTypeName("generic_oidc_account") +} + +func (r *genericOidcAccountResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) { + resp.Schema = schemas.GenericOidcAccountSchema{}.GetResourceSchema() +} + +func (r *genericOidcAccountResource) Configure(_ context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) { + r.Config = ResourceConfiguration(req, resp) +} +func (r *genericOidcAccountResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { + var plan schemas.GenericOidcAccountResourceModel + resp.Diagnostics.Append(req.Plan.Get(ctx, &plan)...) + if resp.Diagnostics.HasError() { + return + } + + tflog.Debug(ctx, "Creating generic oidc account", map[string]interface{}{ + "name": plan.Name.ValueString(), + }) + + account := expandGenericOidcAccountResource(ctx, plan) + createdAccount, err := accounts.Add(r.Client, account) + if err != nil { + resp.Diagnostics.AddError("Error creating generic oidc account", err.Error()) + return + } + + state := flattenGenericOidcAccountResource(ctx, createdAccount.(*accounts.GenericOIDCAccount), plan) + resp.Diagnostics.Append(resp.State.Set(ctx, state)...) +} + +func (r *genericOidcAccountResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { + var state schemas.GenericOidcAccountResourceModel + resp.Diagnostics.Append(req.State.Get(ctx, &state)...) + if resp.Diagnostics.HasError() { + return + } + + account, err := accounts.GetByID(r.Client, state.SpaceID.ValueString(), state.ID.ValueString()) + if err != nil { + if err := errors.ProcessApiErrorV2(ctx, resp, state, err, "genericOidcAccountResource"); err != nil { + resp.Diagnostics.AddError("unable to load generic oidc account", err.Error()) + } + return + } + + newState := flattenGenericOidcAccountResource(ctx, account.(*accounts.GenericOIDCAccount), state) + resp.Diagnostics.Append(resp.State.Set(ctx, newState)...) +} + +func (r *genericOidcAccountResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { + var plan schemas.GenericOidcAccountResourceModel + resp.Diagnostics.Append(req.Plan.Get(ctx, &plan)...) + if resp.Diagnostics.HasError() { + return + } + + account := expandGenericOidcAccountResource(ctx, plan) + updatedAccount, err := accounts.Update(r.Client, account) + if err != nil { + resp.Diagnostics.AddError("Error updating generic oidc account", err.Error()) + return + } + + state := flattenGenericOidcAccountResource(ctx, updatedAccount.(*accounts.GenericOIDCAccount), plan) + resp.Diagnostics.Append(resp.State.Set(ctx, state)...) +} + +func (r *genericOidcAccountResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { + var state schemas.GenericOidcAccountResourceModel + resp.Diagnostics.Append(req.State.Get(ctx, &state)...) + if resp.Diagnostics.HasError() { + return + } + + err := accounts.DeleteByID(r.Client, state.SpaceID.ValueString(), state.ID.ValueString()) + if err != nil { + resp.Diagnostics.AddError("Error deleting generic oidc account", err.Error()) + return + } +} + +func (r *genericOidcAccountResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) { + accountID := req.ID + + account, err := accounts.GetByID(r.Client, r.Client.GetSpaceID(), accountID) + if err != nil { + resp.Diagnostics.AddError( + "Error reading generic oidc account", + fmt.Sprintf("Unable to read generic oidc account with ID %s: %s", accountID, err.Error()), + ) + return + } + + genericOidcAccount, ok := account.(*accounts.GenericOIDCAccount) + if !ok { + resp.Diagnostics.AddError( + "Unexpected account type", + fmt.Sprintf("Expected generic oidc account, got: %T", account), + ) + return + } + + state := schemas.GenericOidcAccountResourceModel{ + SpaceID: types.StringValue(genericOidcAccount.GetSpaceID()), + Name: types.StringValue(genericOidcAccount.GetName()), + Description: types.StringValue(genericOidcAccount.GetDescription()), + TenantedDeploymentParticipation: types.StringValue(string(genericOidcAccount.GetTenantedDeploymentMode())), + Environments: flattenStringList(genericOidcAccount.GetEnvironmentIDs(), types.ListNull(types.StringType)), + Tenants: flattenStringList(genericOidcAccount.GetTenantIDs(), types.ListNull(types.StringType)), + TenantTags: flattenStringList(genericOidcAccount.TenantTags, types.ListNull(types.StringType)), + ExecutionSubjectKeys: flattenStringList(genericOidcAccount.DeploymentSubjectKeys, types.ListNull(types.StringType)), + Audience: types.StringValue(genericOidcAccount.Audience), + } + state.ID = types.StringValue(genericOidcAccount.ID) + + resp.Diagnostics.Append(resp.State.Set(ctx, &state)...) +} + +func expandGenericOidcAccountResource(ctx context.Context, model schemas.GenericOidcAccountResourceModel) *accounts.GenericOIDCAccount { + account, _ := accounts.NewGenericOIDCAccount(model.Name.ValueString()) + + account.SetID(model.ID.ValueString()) + account.SetDescription(model.Description.ValueString()) + account.SetSpaceID(model.SpaceID.ValueString()) + account.SetEnvironmentIDs(util.ExpandStringList(model.Environments)) + account.SetTenantedDeploymentMode(core.TenantedDeploymentMode(model.TenantedDeploymentParticipation.ValueString())) + account.SetTenantIDs(util.ExpandStringList(model.Tenants)) + account.SetTenantTags(util.ExpandStringList(model.TenantTags)) + account.DeploymentSubjectKeys = util.ExpandStringList(model.ExecutionSubjectKeys) + account.Audience = model.Audience.ValueString() + + return account +} + +func flattenGenericOidcAccountResource(ctx context.Context, account *accounts.GenericOIDCAccount, model schemas.GenericOidcAccountResourceModel) schemas.GenericOidcAccountResourceModel { + model.ID = types.StringValue(account.GetID()) + model.SpaceID = types.StringValue(account.GetSpaceID()) + model.Name = types.StringValue(account.GetName()) + model.Description = types.StringValue(account.GetDescription()) + model.TenantedDeploymentParticipation = types.StringValue(string(account.GetTenantedDeploymentMode())) + + model.Environments = util.FlattenStringList(account.GetEnvironmentIDs()) + model.Tenants = util.FlattenStringList(account.GetTenantIDs()) + model.TenantTags = util.FlattenStringList(account.TenantTags) + + model.ExecutionSubjectKeys = util.FlattenStringList(account.DeploymentSubjectKeys) + model.Audience = types.StringValue(account.Audience) + + return model +} diff --git a/octopusdeploy_framework/resource_generic_oidc_account_test.go b/octopusdeploy_framework/resource_generic_oidc_account_test.go new file mode 100644 index 000000000..a6b792b5d --- /dev/null +++ b/octopusdeploy_framework/resource_generic_oidc_account_test.go @@ -0,0 +1,62 @@ +package octopusdeploy_framework + +import ( + "fmt" + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/core" + "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "strings" + "testing" +) + +func TestAccGenericOidcAccountBasic(t *testing.T) { + localName := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + resourceName := "octopusdeploy_generic_oidc_account." + localName + + description := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + name := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + tenantedDeploymentParticipation := core.TenantedDeploymentModeTenantedOrUntenanted + + executionKeys := []string{"space"} + audience := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + + config := testGenericOidcAccountBasic(localName, name, description, tenantedDeploymentParticipation, executionKeys, audience) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { TestAccPreCheck(t) }, + ProtoV6ProviderFactories: ProtoV6ProviderFactories(), + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + testAccountExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "description", description), + resource.TestCheckResourceAttrSet(resourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "name", name), + resource.TestCheckResourceAttrSet(resourceName, "space_id"), + resource.TestCheckResourceAttr(resourceName, "tenanted_deployment_participation", string(tenantedDeploymentParticipation)), + resource.TestCheckResourceAttr(resourceName, "execution_subject_keys.0", executionKeys[0]), + resource.TestCheckResourceAttr(resourceName, "audience", audience), + ), + ResourceName: resourceName, + }, + }, + }) +} + +func testGenericOidcAccountBasic(localName string, name string, description string, tenantedDeploymentParticipation core.TenantedDeploymentMode, execution_subject_keys []string, audience string) string { + + execKeysStr := fmt.Sprintf(`["%s"]`, strings.Join(execution_subject_keys, `", "`)) + + return fmt.Sprintf(`resource "octopusdeploy_generic_oidc_account" "%s" { + description = "%s" + name = "%s" + tenanted_deployment_participation = "%s" + execution_subject_keys = %s + audience = "%s" + } + + data "octopusdeploy_accounts" "test" { + ids = [octopusdeploy_generic_oidc_account.%s.id] + }`, localName, description, name, tenantedDeploymentParticipation, execKeysStr, audience, localName) +} diff --git a/octopusdeploy_framework/schemas/generic_oidc_account.go b/octopusdeploy_framework/schemas/generic_oidc_account.go new file mode 100644 index 000000000..a68f46f77 --- /dev/null +++ b/octopusdeploy_framework/schemas/generic_oidc_account.go @@ -0,0 +1,86 @@ +package schemas + +import ( + "github.com/OctopusDeploy/terraform-provider-octopusdeploy/octopusdeploy_framework/util" + datasourceSchema "github.com/hashicorp/terraform-plugin-framework/datasource/schema" + resourceSchema "github.com/hashicorp/terraform-plugin-framework/resource/schema" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" + "github.com/hashicorp/terraform-plugin-framework/types" +) + +type GenericOidcAccountSchema struct{} + +var _ EntitySchema = GenericOidcAccountSchema{} + +func (a GenericOidcAccountSchema) GetDatasourceSchema() datasourceSchema.Schema { + return datasourceSchema.Schema{} +} + +func (a GenericOidcAccountSchema) GetResourceSchema() resourceSchema.Schema { + return resourceSchema.Schema{ + Description: "This resource manages a Generic OIDC Account in Octopus Deploy.", + Attributes: map[string]resourceSchema.Attribute{ + "description": util.ResourceString(). + Optional(). + Computed(). + PlanModifiers(stringplanmodifier.UseStateForUnknown()). + Default(""). + Description("The description of this generic oidc account."). + Build(), + "environments": util.ResourceList(types.StringType). + Optional(). + Computed(). + Description("A list of environment IDs associated with this resource."). + Build(), + "id": GetIdResourceSchema(), + "name": util.ResourceString(). + Required(). + Description("The name of the generic oidc account."). + Build(), + "space_id": util.ResourceString(). + Optional(). + Computed(). + PlanModifiers(stringplanmodifier.UseStateForUnknown()). + Description("The space ID associated with this resource."). + Build(), + "tenanted_deployment_participation": util.ResourceString(). + Optional(). + Computed(). + PlanModifiers(stringplanmodifier.UseStateForUnknown()). + Description("The tenanted deployment mode of the resource. Valid account types are `Untenanted`, `TenantedOrUntenanted`, or `Tenanted`."). + Build(), + "tenants": util.ResourceList(types.StringType). + Optional(). + Computed(). + Description("A list of tenant IDs associated with this resource."). + Build(), + "tenant_tags": util.ResourceList(types.StringType). + Optional(). + Computed(). + Description("A list of tenant tags associated with this resource."). + Build(), + "execution_subject_keys": util.ResourceList(types.StringType). + Optional(). + Description("Keys to include in a deployment or runbook. Valid options are `space`, `environment`, `project`, `tenant`, `runbook`, `account`, `type`."). + Build(), + "audience": util.ResourceString(). + Optional(). + Description("The audience associated with this resource."). + Build(), + }, + } +} + +type GenericOidcAccountResourceModel struct { + Description types.String `tfsdk:"description"` + Environments types.List `tfsdk:"environments"` + Name types.String `tfsdk:"name"` + SpaceID types.String `tfsdk:"space_id"` + TenantedDeploymentParticipation types.String `tfsdk:"tenanted_deployment_participation"` + Tenants types.List `tfsdk:"tenants"` + TenantTags types.List `tfsdk:"tenant_tags"` + ExecutionSubjectKeys types.List `tfsdk:"execution_subject_keys"` + Audience types.String `tfsdk:"audience"` + + ResourceModel +} From adb50a011339f3d806da3ae3afa8bd78469b2ca3 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Tue, 3 Dec 2024 15:32:37 +1000 Subject: [PATCH 07/12] chore: doc updates --- docs/resources/generic_oidc_account.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/resources/generic_oidc_account.md b/docs/resources/generic_oidc_account.md index 0444e5486..bb95e3c19 100644 --- a/docs/resources/generic_oidc_account.md +++ b/docs/resources/generic_oidc_account.md @@ -6,7 +6,7 @@ description: |- This resource manages a Generic OIDC Account in Octopus Deploy. --- -# octopusdeploy_generic_openid_connect_account (Resource) +# octopusdeploy_generic_oidc_account (Resource) This resource manages a Generic OIDC Account in Octopus Deploy. @@ -25,7 +25,7 @@ resource "octopusdeploy_generic_oidc_account" "example" { ### Required -- `name` (String) The name of this resource. +- `name` (String) The name of the generic oidc account. ### Optional @@ -39,10 +39,14 @@ resource "octopusdeploy_generic_oidc_account" "example" { - `tenanted_deployment_participation` (String) The tenanted deployment mode of the resource. Valid account types are `Untenanted`, `TenantedOrUntenanted`, or `Tenanted`. - `tenants` (List of String) A list of tenant IDs associated with this resource. +### Read-Only + +- `id` (String) The unique ID for this resource. + ## Import Import is supported using the following syntax: ```shell -terraform import [options] octopusdeploy_generic_openid_connect_account. +terraform import [options] octopusdeploy_generic_oidc_account. ``` From 6f35e563658d687af130c424b44611c36fd35d92 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Tue, 3 Dec 2024 15:39:04 +1000 Subject: [PATCH 08/12] fix: docs --- docs/resources/generic_oidc_account.md | 1 - .../resources/octopusdeploy_generic_oidc_account/import.sh | 1 + .../resources/octopusdeploy_generic_oidc_account/resource.tf | 5 +++++ 3 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 examples/resources/octopusdeploy_generic_oidc_account/import.sh create mode 100644 examples/resources/octopusdeploy_generic_oidc_account/resource.tf diff --git a/docs/resources/generic_oidc_account.md b/docs/resources/generic_oidc_account.md index bb95e3c19..b6be4b96b 100644 --- a/docs/resources/generic_oidc_account.md +++ b/docs/resources/generic_oidc_account.md @@ -33,7 +33,6 @@ resource "octopusdeploy_generic_oidc_account" "example" { - `description` (String) The description of this generic oidc account. - `environments` (List of String) A list of environment IDs associated with this resource. - `execution_subject_keys` (List of String) Keys to include in a deployment or runbook. Valid options are `space`, `environment`, `project`, `tenant`, `runbook`, `account`, `type`. -- `id` (String) The unique ID for this resource. - `space_id` (String) The space ID associated with this resource. - `tenant_tags` (List of String) A list of tenant tags associated with this resource. - `tenanted_deployment_participation` (String) The tenanted deployment mode of the resource. Valid account types are `Untenanted`, `TenantedOrUntenanted`, or `Tenanted`. diff --git a/examples/resources/octopusdeploy_generic_oidc_account/import.sh b/examples/resources/octopusdeploy_generic_oidc_account/import.sh new file mode 100644 index 000000000..f9540307d --- /dev/null +++ b/examples/resources/octopusdeploy_generic_oidc_account/import.sh @@ -0,0 +1 @@ +terraform import [options] octopusdeploy_generic_oidc_account. diff --git a/examples/resources/octopusdeploy_generic_oidc_account/resource.tf b/examples/resources/octopusdeploy_generic_oidc_account/resource.tf new file mode 100644 index 000000000..4a9ede7d1 --- /dev/null +++ b/examples/resources/octopusdeploy_generic_oidc_account/resource.tf @@ -0,0 +1,5 @@ +resource "octopusdeploy_generic_oidc_connect" "example" { + name = "Generic OpenID Connect Account (OK to Delete)" + execution_subject_keys = ["space", "project"] + audience = "api://Default" +} From 2d9538e2b0af71bc3a79af1e04970f47c3fdef34 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Tue, 3 Dec 2024 15:41:00 +1000 Subject: [PATCH 09/12] fix: docs again --- .../resources/octopusdeploy_generic_oidc_account/resource.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/resources/octopusdeploy_generic_oidc_account/resource.tf b/examples/resources/octopusdeploy_generic_oidc_account/resource.tf index 4a9ede7d1..17a70e1a7 100644 --- a/examples/resources/octopusdeploy_generic_oidc_account/resource.tf +++ b/examples/resources/octopusdeploy_generic_oidc_account/resource.tf @@ -1,5 +1,5 @@ resource "octopusdeploy_generic_oidc_connect" "example" { name = "Generic OpenID Connect Account (OK to Delete)" execution_subject_keys = ["space", "project"] - audience = "api://Default" + audience = "api://default" } From e7d28788cee744dcdbf2273c0dd51b17476b08de Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Tue, 3 Dec 2024 15:43:24 +1000 Subject: [PATCH 10/12] fix: docs again --- .../resources/octopusdeploy_generic_oidc_account/resource.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/resources/octopusdeploy_generic_oidc_account/resource.tf b/examples/resources/octopusdeploy_generic_oidc_account/resource.tf index 17a70e1a7..6ad25b7da 100644 --- a/examples/resources/octopusdeploy_generic_oidc_account/resource.tf +++ b/examples/resources/octopusdeploy_generic_oidc_account/resource.tf @@ -1,4 +1,4 @@ -resource "octopusdeploy_generic_oidc_connect" "example" { +resource "octopusdeploy_generic_oidc_account" "example" { name = "Generic OpenID Connect Account (OK to Delete)" execution_subject_keys = ["space", "project"] audience = "api://default" From c41edd62d35ed49cfd589456dab4e94afceae60c Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Wed, 4 Dec 2024 12:24:18 +1000 Subject: [PATCH 11/12] chore: update go client version --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 7fccee0f5..b7845b101 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/OctopusDeploy/terraform-provider-octopusdeploy go 1.21 require ( - github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241203052254-726a1dc47be5 + github.com/OctopusDeploy/go-octopusdeploy/v2 v2.63.0 github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4 github.com/google/uuid v1.6.0 github.com/hashicorp/go-cty v1.4.1-0.20200723130312-85980079f637 diff --git a/go.sum b/go.sum index 2c12d3f51..1a52f3ae7 100644 --- a/go.sum +++ b/go.sum @@ -20,8 +20,8 @@ github.com/Microsoft/hcsshim v0.12.4 h1:Ev7YUMHAHoWNm+aDSPzc5W9s6E2jyL1szpVDJeZ/ github.com/Microsoft/hcsshim v0.12.4/go.mod h1:Iyl1WVpZzr+UkzjekHZbV8o5Z9ZkxNGx6CtY2Qg/JVQ= github.com/OctopusDeploy/go-octodiff v1.0.0 h1:U+ORg6azniwwYo+O44giOw6TiD5USk8S4VDhOQ0Ven0= github.com/OctopusDeploy/go-octodiff v1.0.0/go.mod h1:Mze0+EkOWTgTmi8++fyUc6r0aLZT7qD9gX+31t8MmIU= -github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241203052254-726a1dc47be5 h1:axZMwMhboAz4bE4GmzRkT9ogE4bgjrPvNZef9rJCINE= -github.com/OctopusDeploy/go-octopusdeploy/v2 v2.62.3-0.20241203052254-726a1dc47be5/go.mod h1:ggvOXzMnq+w0pLg6C9zdjz6YBaHfO3B3tqmmB7JQdaw= +github.com/OctopusDeploy/go-octopusdeploy/v2 v2.63.0 h1:TshwN+IqKt21uY9aXzj0ou0Ew92uIi3+ZGTccVd9Z8g= +github.com/OctopusDeploy/go-octopusdeploy/v2 v2.63.0/go.mod h1:ggvOXzMnq+w0pLg6C9zdjz6YBaHfO3B3tqmmB7JQdaw= github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4 h1:QfbVf0bOIRMp/WHAWsuVDB7KHoWnRsGbvDuOf2ua7k4= github.com/OctopusSolutionsEngineering/OctopusTerraformTestFramework v0.0.0-20240729041805-46db6fb717b4/go.mod h1:Oq9KbiRNDBB5jFmrwnrgLX0urIqR/1ptY18TzkqXm7M= github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg= From c7e432cf0881f5d40d463dd1563a80e121a70b75 Mon Sep 17 00:00:00 2001 From: Grace Rehn Date: Thu, 5 Dec 2024 10:11:10 +1000 Subject: [PATCH 12/12] chore: add addition test step to test update --- .../resource_generic_oidc_account_test.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/octopusdeploy_framework/resource_generic_oidc_account_test.go b/octopusdeploy_framework/resource_generic_oidc_account_test.go index a6b792b5d..69e12c053 100644 --- a/octopusdeploy_framework/resource_generic_oidc_account_test.go +++ b/octopusdeploy_framework/resource_generic_oidc_account_test.go @@ -19,8 +19,10 @@ func TestAccGenericOidcAccountBasic(t *testing.T) { executionKeys := []string{"space"} audience := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) + updatedAudience := acctest.RandStringFromCharSet(20, acctest.CharSetAlpha) config := testGenericOidcAccountBasic(localName, name, description, tenantedDeploymentParticipation, executionKeys, audience) + updateConfig := testGenericOidcAccountBasic(localName, name, description, tenantedDeploymentParticipation, executionKeys, updatedAudience) resource.Test(t, resource.TestCase{ PreCheck: func() { TestAccPreCheck(t) }, @@ -40,6 +42,20 @@ func TestAccGenericOidcAccountBasic(t *testing.T) { ), ResourceName: resourceName, }, + { + Config: updateConfig, + Check: resource.ComposeTestCheckFunc( + testAccountExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "description", description), + resource.TestCheckResourceAttrSet(resourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "name", name), + resource.TestCheckResourceAttrSet(resourceName, "space_id"), + resource.TestCheckResourceAttr(resourceName, "tenanted_deployment_participation", string(tenantedDeploymentParticipation)), + resource.TestCheckResourceAttr(resourceName, "execution_subject_keys.0", executionKeys[0]), + resource.TestCheckResourceAttr(resourceName, "audience", updatedAudience), + ), + ResourceName: resourceName, + }, }, }) }