Skip to content

Commit

Permalink
feat: Added organization role support
Browse files Browse the repository at this point in the history
Signed-off-by: Steve Hipwell <[email protected]>
  • Loading branch information
stevehipwell committed Dec 2, 2024
1 parent 1c11053 commit 468dc74
Show file tree
Hide file tree
Showing 16 changed files with 1,266 additions and 2 deletions.
80 changes: 80 additions & 0 deletions github/data_source_github_organization_role.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
package github

import (
"context"
"strconv"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func dataSourceGithubOrganizationRole() *schema.Resource {
return &schema.Resource{
Read: dataSourceGithubOrganizationRoleRead,

Schema: map[string]*schema.Schema{
"role_id": {
Description: "The ID of the role.",
Type: schema.TypeInt,
Required: true,
},
"name": {
Description: "The name of the role.",
Type: schema.TypeString,
Computed: true,
},
"description": {
Description: "A short description about who this role is for or what permissions it grants.",
Type: schema.TypeString,
Computed: true,
},
"source": {
Description: "Source answers the question, \"where did this role come from?\"",
Type: schema.TypeString,
Computed: true,
},
"base_role": {
Description: "The system role from which this role inherits permissions.",
Type: schema.TypeString,
Computed: true,
},
"permissions": {
Description: "A list of permissions included in this role.",
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
Computed: true,
},
},
}
}

func dataSourceGithubOrganizationRoleRead(d *schema.ResourceData, meta interface{}) error {
client := meta.(*Owner).v3client
ctx := context.Background()
orgName := meta.(*Owner).name

roleId := int64(d.Get("role_id").(int))

role, _, err := client.Organizations.GetOrgRole(ctx, orgName, roleId)
if err != nil {
return err
}

r := map[string]any{
"role_id": role.GetID(),
"name": role.GetName(),
"description": role.GetDescription(),
"source": role.GetSource(),
"base_role": role.GetBaseRole(),
"permissions": role.Permissions,
}

d.SetId(strconv.FormatInt(role.GetID(), 10))

for k, v := range r {
if err := d.Set(k, v); err != nil {
return err
}
}

return nil
}
112 changes: 112 additions & 0 deletions github/data_source_github_organization_role_teams.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
package github

import (
"context"
"fmt"

"github.com/google/go-github/v66/github"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func dataSourceGithubOrganizationRoleTeams() *schema.Resource {
return &schema.Resource{
Read: dataSourceGithubOrganizationRoleTeamsRead,

Schema: map[string]*schema.Schema{
"role_id": {
Description: "The unique identifier of the role to find teams for.",
Type: schema.TypeInt,
Required: true,
ForceNew: true,
},
"teams": {
Description: "List of teams assigned to the organization role.",
Type: schema.TypeList,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Description: "Unique identifier of the team.",
Type: schema.TypeInt,
Computed: true,
},
"slug": {
Description: "Slug of the team name.",
Type: schema.TypeString,
Computed: true,
},
"name": {
Description: "Name of the team.",
Type: schema.TypeString,
Computed: true,
},
"permission": {
Description: "Permission that the team will have for its repositories.",
Type: schema.TypeString,
Computed: true,
},
// See https://github.com/google/go-github/issues/3364
// "assignment": {
// Description: "Determines if the team has a direct, indirect, or mixed relationship to a role.",
// Type: schema.TypeString,
// Computed: true,
// },
// "parent_team_id": {
// Description: "The ID of the parent team if this is an indirect assignment.",
// Type: schema.TypeString,
// Computed: true,
// },
// "parent_team_slug": {
// Description: "The slug of the parent team if this is an indirect assignment.",
// Type: schema.TypeString,
// Computed: true,
// },
},
},
},
},
}
}

func dataSourceGithubOrganizationRoleTeamsRead(d *schema.ResourceData, meta interface{}) error {
client := meta.(*Owner).v3client
ctx := context.Background()
orgName := meta.(*Owner).name

roleId := int64(d.Get("role_id").(int))

allTeams := make([]any, 0)

opts := &github.ListOptions{
PerPage: maxPerPage,
}

for {
teams, resp, err := client.Organizations.ListTeamsAssignedToOrgRole(ctx, orgName, roleId, opts)
if err != nil {
return err
}

for _, team := range teams {
t := map[string]any{
"id": team.GetID(),
"slug": team.GetSlug(),
"name": team.GetName(),
"permission": team.GetPermission(),
}
allTeams = append(allTeams, t)
}

if resp.NextPage == 0 {
break
}
opts.Page = resp.NextPage
}

d.SetId(fmt.Sprintf("%d", roleId))
if err := d.Set("teams", allTeams); err != nil {
return fmt.Errorf("error setting teams: %s", err)
}

return nil
}
104 changes: 104 additions & 0 deletions github/data_source_github_organization_role_teams_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
package github

import (
"fmt"
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
)

func TestAccDataSourceGithubOrganizationRoleTeams(t *testing.T) {
t.Run("get the organization role teams without error", func(t *testing.T) {
randomID := acctest.RandStringFromCharSet(5, acctest.CharSetAlphaNum)
teamName := fmt.Sprintf("tf-acc-team-%s", randomID)
roleId := 8134
config := fmt.Sprintf(`
resource "github_team" "test" {
name = "%s"
}
resource "github_organization_role_team" "test" {
role_id = %d
team_slug = github_team.test.slug
}
data "github_organization_role_teams" "test" {
role_id = %[2]d
depends_on = [
github_organization_role_team.test
]
}
`, teamName, roleId)

resource.Test(t, resource.TestCase{
PreCheck: func() { skipUnlessMode(t, organization) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: config,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet("data.github_organization_role_teams.test", "teams.#"),
resource.TestCheckResourceAttr("data.github_organization_role_teams.test", "teams.#", "1"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.id", "github_team.test", "id"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.slug", "github_team.test", "slug"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.name", "github_team.test", "name"),
),
},
},
})
})

t.Run("get indirect organization role teams without error", func(t *testing.T) {
randomID := acctest.RandStringFromCharSet(5, acctest.CharSetAlphaNum)
teamName1 := fmt.Sprintf("tf-acc-team-1-%s", randomID)
teamName2 := fmt.Sprintf("tf-acc-team-2-%s", randomID)
roleId := 8134
config := fmt.Sprintf(`
resource "github_team" "test_1" {
name = "%s"
privacy = "closed"
}
resource "github_team" "test_2" {
name = "%s"
privacy = "closed"
parent_team_id = github_team.test_1.id
}
resource "github_organization_role_team" "test" {
role_id = %d
team_slug = github_team.test_1.slug
}
data "github_organization_role_teams" "test" {
role_id = %[3]d
depends_on = [
github_organization_role_team.test
]
}
`, teamName1, teamName2, roleId)

resource.Test(t, resource.TestCase{
PreCheck: func() { skipUnlessMode(t, organization) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: config,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet("data.github_organization_role_teams.test", "teams.#"),
resource.TestCheckResourceAttr("data.github_organization_role_teams.test", "teams.#", "2"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.id", "github_team.test_1", "id"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.slug", "github_team.test_1", "slug"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.0.name", "github_team.test_1", "name"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.1.id", "github_team.test_2", "id"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.1.slug", "github_team.test_2", "slug"),
resource.TestCheckResourceAttrPair("data.github_organization_role_teams.test", "teams.1.name", "github_team.test_2", "name"),
),
},
},
})
})
}
38 changes: 38 additions & 0 deletions github/data_source_github_organization_role_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
package github

import (
"fmt"
"strconv"
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
)

func TestAccDataSourceGithubOrganizationRole(t *testing.T) {
t.Run("get the organization role without error", func(t *testing.T) {
roleId := 138
config := fmt.Sprintf(`
data "github_organization_role" "test" {
role_id = %d
}
`, roleId)

resource.Test(t, resource.TestCase{
PreCheck: func() { skipUnlessMode(t, organization) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: config,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("data.github_organization_role.test", "role_id", strconv.Itoa(roleId)),
resource.TestCheckResourceAttr("data.github_organization_role.test", "name", "security_manager"),
resource.TestCheckResourceAttr("data.github_organization_role.test", "source", "Predefined"),
resource.TestCheckResourceAttr("data.github_organization_role.test", "base_role", "read"),
resource.TestCheckResourceAttrSet("data.github_organization_role.test", "description"),
resource.TestCheckResourceAttrSet("data.github_organization_role.test", "permissions.#"),
),
},
},
})
})
}
Loading

0 comments on commit 468dc74

Please sign in to comment.