-
Notifications
You must be signed in to change notification settings - Fork 772
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Added organization role support
Signed-off-by: Steve Hipwell <[email protected]>
- Loading branch information
1 parent
1c11053
commit 468dc74
Showing
16 changed files
with
1,266 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
package github | ||
|
||
import ( | ||
"context" | ||
"strconv" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
) | ||
|
||
func dataSourceGithubOrganizationRole() *schema.Resource { | ||
return &schema.Resource{ | ||
Read: dataSourceGithubOrganizationRoleRead, | ||
|
||
Schema: map[string]*schema.Schema{ | ||
"role_id": { | ||
Description: "The ID of the role.", | ||
Type: schema.TypeInt, | ||
Required: true, | ||
}, | ||
"name": { | ||
Description: "The name of the role.", | ||
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"description": { | ||
Description: "A short description about who this role is for or what permissions it grants.", | ||
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"source": { | ||
Description: "Source answers the question, \"where did this role come from?\"", | ||
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"base_role": { | ||
Description: "The system role from which this role inherits permissions.", | ||
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"permissions": { | ||
Description: "A list of permissions included in this role.", | ||
Type: schema.TypeSet, | ||
Elem: &schema.Schema{Type: schema.TypeString}, | ||
Computed: true, | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
func dataSourceGithubOrganizationRoleRead(d *schema.ResourceData, meta interface{}) error { | ||
client := meta.(*Owner).v3client | ||
ctx := context.Background() | ||
orgName := meta.(*Owner).name | ||
|
||
roleId := int64(d.Get("role_id").(int)) | ||
|
||
role, _, err := client.Organizations.GetOrgRole(ctx, orgName, roleId) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
r := map[string]any{ | ||
"role_id": role.GetID(), | ||
"name": role.GetName(), | ||
"description": role.GetDescription(), | ||
"source": role.GetSource(), | ||
"base_role": role.GetBaseRole(), | ||
"permissions": role.Permissions, | ||
} | ||
|
||
d.SetId(strconv.FormatInt(role.GetID(), 10)) | ||
|
||
for k, v := range r { | ||
if err := d.Set(k, v); err != nil { | ||
return err | ||
} | ||
} | ||
|
||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,112 @@ | ||
package github | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
|
||
"github.com/google/go-github/v66/github" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
) | ||
|
||
func dataSourceGithubOrganizationRoleTeams() *schema.Resource { | ||
return &schema.Resource{ | ||
Read: dataSourceGithubOrganizationRoleTeamsRead, | ||
|
||
Schema: map[string]*schema.Schema{ | ||
"role_id": { | ||
Description: "The unique identifier of the role to find teams for.", | ||
Type: schema.TypeInt, | ||
Required: true, | ||
ForceNew: true, | ||
}, | ||
"teams": { | ||
Description: "List of teams assigned to the organization role.", | ||
Type: schema.TypeList, | ||
Computed: true, | ||
Elem: &schema.Resource{ | ||
Schema: map[string]*schema.Schema{ | ||
"id": { | ||
Description: "Unique identifier of the team.", | ||
Type: schema.TypeInt, | ||
Computed: true, | ||
}, | ||
"slug": { | ||
Description: "Slug of the team name.", | ||
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"name": { | ||
Description: "Name of the team.", | ||
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"permission": { | ||
Description: "Permission that the team will have for its repositories.", | ||
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
// See https://github.com/google/go-github/issues/3364 | ||
// "assignment": { | ||
// Description: "Determines if the team has a direct, indirect, or mixed relationship to a role.", | ||
// Type: schema.TypeString, | ||
// Computed: true, | ||
// }, | ||
// "parent_team_id": { | ||
// Description: "The ID of the parent team if this is an indirect assignment.", | ||
// Type: schema.TypeString, | ||
// Computed: true, | ||
// }, | ||
// "parent_team_slug": { | ||
// Description: "The slug of the parent team if this is an indirect assignment.", | ||
// Type: schema.TypeString, | ||
// Computed: true, | ||
// }, | ||
}, | ||
}, | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
func dataSourceGithubOrganizationRoleTeamsRead(d *schema.ResourceData, meta interface{}) error { | ||
client := meta.(*Owner).v3client | ||
ctx := context.Background() | ||
orgName := meta.(*Owner).name | ||
|
||
roleId := int64(d.Get("role_id").(int)) | ||
|
||
allTeams := make([]any, 0) | ||
|
||
opts := &github.ListOptions{ | ||
PerPage: maxPerPage, | ||
} | ||
|
||
for { | ||
teams, resp, err := client.Organizations.ListTeamsAssignedToOrgRole(ctx, orgName, roleId, opts) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
for _, team := range teams { | ||
t := map[string]any{ | ||
"id": team.GetID(), | ||
"slug": team.GetSlug(), | ||
"name": team.GetName(), | ||
"permission": team.GetPermission(), | ||
} | ||
allTeams = append(allTeams, t) | ||
} | ||
|
||
if resp.NextPage == 0 { | ||
break | ||
} | ||
opts.Page = resp.NextPage | ||
} | ||
|
||
d.SetId(fmt.Sprintf("%d", roleId)) | ||
if err := d.Set("teams", allTeams); err != nil { | ||
return fmt.Errorf("error setting teams: %s", err) | ||
} | ||
|
||
return nil | ||
} |
104 changes: 104 additions & 0 deletions
104
github/data_source_github_organization_role_teams_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,104 @@ | ||
package github | ||
|
||
import ( | ||
"fmt" | ||
"testing" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" | ||
) | ||
|
||
func TestAccDataSourceGithubOrganizationRoleTeams(t *testing.T) { | ||
t.Run("get the organization role teams without error", func(t *testing.T) { | ||
randomID := acctest.RandStringFromCharSet(5, acctest.CharSetAlphaNum) | ||
teamName := fmt.Sprintf("tf-acc-team-%s", randomID) | ||
roleId := 8134 | ||
config := fmt.Sprintf(` | ||
resource "github_team" "test" { | ||
name = "%s" | ||
} | ||
resource "github_organization_role_team" "test" { | ||
role_id = %d | ||
team_slug = github_team.test.slug | ||
} | ||
data "github_organization_role_teams" "test" { | ||
role_id = %[2]d | ||
depends_on = [ | ||
github_organization_role_team.test | ||
] | ||
} | ||
`, teamName, roleId) | ||
|
||
resource.Test(t, resource.TestCase{ | ||
PreCheck: func() { skipUnlessMode(t, organization) }, | ||
Providers: testAccProviders, | ||
Steps: []resource.TestStep{ | ||
{ | ||
Config: config, | ||
Check: resource.ComposeTestCheckFunc( | ||
resource.TestCheckResourceAttrSet("data.github_organization_role_teams.test", "teams.#"), | ||
resource.TestCheckResourceAttr("data.github_organization_role_teams.test", "teams.#", "1"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.id", "github_team.test", "id"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.slug", "github_team.test", "slug"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.name", "github_team.test", "name"), | ||
), | ||
}, | ||
}, | ||
}) | ||
}) | ||
|
||
t.Run("get indirect organization role teams without error", func(t *testing.T) { | ||
randomID := acctest.RandStringFromCharSet(5, acctest.CharSetAlphaNum) | ||
teamName1 := fmt.Sprintf("tf-acc-team-1-%s", randomID) | ||
teamName2 := fmt.Sprintf("tf-acc-team-2-%s", randomID) | ||
roleId := 8134 | ||
config := fmt.Sprintf(` | ||
resource "github_team" "test_1" { | ||
name = "%s" | ||
privacy = "closed" | ||
} | ||
resource "github_team" "test_2" { | ||
name = "%s" | ||
privacy = "closed" | ||
parent_team_id = github_team.test_1.id | ||
} | ||
resource "github_organization_role_team" "test" { | ||
role_id = %d | ||
team_slug = github_team.test_1.slug | ||
} | ||
data "github_organization_role_teams" "test" { | ||
role_id = %[3]d | ||
depends_on = [ | ||
github_organization_role_team.test | ||
] | ||
} | ||
`, teamName1, teamName2, roleId) | ||
|
||
resource.Test(t, resource.TestCase{ | ||
PreCheck: func() { skipUnlessMode(t, organization) }, | ||
Providers: testAccProviders, | ||
Steps: []resource.TestStep{ | ||
{ | ||
Config: config, | ||
Check: resource.ComposeTestCheckFunc( | ||
resource.TestCheckResourceAttrSet("data.github_organization_role_teams.test", "teams.#"), | ||
resource.TestCheckResourceAttr("data.github_organization_role_teams.test", "teams.#", "2"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.id", "github_team.test_1", "id"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.slug", "github_team.test_1", "slug"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.name", "github_team.test_1", "name"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.1.id", "github_team.test_2", "id"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.1.slug", "github_team.test_2", "slug"), | ||
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.1.name", "github_team.test_2", "name"), | ||
), | ||
}, | ||
}, | ||
}) | ||
}) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
package github | ||
|
||
import ( | ||
"fmt" | ||
"strconv" | ||
"testing" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" | ||
) | ||
|
||
func TestAccDataSourceGithubOrganizationRole(t *testing.T) { | ||
t.Run("get the organization role without error", func(t *testing.T) { | ||
roleId := 138 | ||
config := fmt.Sprintf(` | ||
data "github_organization_role" "test" { | ||
role_id = %d | ||
} | ||
`, roleId) | ||
|
||
resource.Test(t, resource.TestCase{ | ||
PreCheck: func() { skipUnlessMode(t, organization) }, | ||
Providers: testAccProviders, | ||
Steps: []resource.TestStep{ | ||
{ | ||
Config: config, | ||
Check: resource.ComposeTestCheckFunc( | ||
resource.TestCheckResourceAttr("data.github_organization_role.test", "role_id", strconv.Itoa(roleId)), | ||
resource.TestCheckResourceAttr("data.github_organization_role.test", "name", "security_manager"), | ||
resource.TestCheckResourceAttr("data.github_organization_role.test", "source", "Predefined"), | ||
resource.TestCheckResourceAttr("data.github_organization_role.test", "base_role", "read"), | ||
resource.TestCheckResourceAttrSet("data.github_organization_role.test", "description"), | ||
resource.TestCheckResourceAttrSet("data.github_organization_role.test", "permissions.#"), | ||
), | ||
}, | ||
}, | ||
}) | ||
}) | ||
} |
Oops, something went wrong.