From 1d04d067e4b0377b34656765111db82b2336e2e2 Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Tue, 3 Oct 2023 14:44:58 +0000 Subject: [PATCH 1/2] feat: add `coder_external_auth` and deprecate `coder_git_auth` --- docs/data-sources/external_auth.md | 24 ++++++++++++++++ provider/externalauth.go | 44 ++++++++++++++++++++++++++++++ provider/externalauth_test.go | 44 ++++++++++++++++++++++++++++++ provider/gitauth.go | 3 +- provider/provider.go | 9 +++--- 5 files changed, 119 insertions(+), 5 deletions(-) create mode 100644 docs/data-sources/external_auth.md create mode 100644 provider/externalauth.go create mode 100644 provider/externalauth_test.go diff --git a/docs/data-sources/external_auth.md b/docs/data-sources/external_auth.md new file mode 100644 index 00000000..19129cef --- /dev/null +++ b/docs/data-sources/external_auth.md @@ -0,0 +1,24 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "coder_external_auth Data Source - terraform-provider-coder" +subcategory: "" +description: |- + Use this data source to require users to authenticate with an external provider prior to workspace creation. This can be used to pre-authenticate external services in a workspace. +--- + +# coder_external_auth (Data Source) + +Use this data source to require users to authenticate with an external provider prior to workspace creation. This can be used to pre-authenticate external services in a workspace. + + + + +## Schema + +### Required + +- `id` (String) The ID of a configured external auth provider set up in your Coder deployment. + +### Read-Only + +- `access_token` (String) The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools. diff --git a/provider/externalauth.go b/provider/externalauth.go new file mode 100644 index 00000000..fafe3584 --- /dev/null +++ b/provider/externalauth.go @@ -0,0 +1,44 @@ +package provider + +import ( + "context" + "fmt" + "os" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +// externalAuthDataSource returns a schema for an external authentication data source. +func externalAuthDataSource() *schema.Resource { + return &schema.Resource{ + Description: "Use this data source to require users to authenticate with an external provider prior to workspace creation. This can be used to pre-authenticate external services in a workspace.", + ReadContext: func(ctx context.Context, rd *schema.ResourceData, i interface{}) diag.Diagnostics { + id, ok := rd.Get("id").(string) + if !ok || id == "" { + return diag.Errorf("id is required") + } + rd.SetId(id) + + accessToken := os.Getenv(ExternalAuthAccessTokenEnvironmentVariable(id)) + rd.Set("access_token", accessToken) + return nil + }, + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Description: "The ID of a configured external auth provider set up in your Coder deployment.", + Required: true, + }, + "access_token": { + Type: schema.TypeString, + Computed: true, + Description: "The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.", + }, + }, + } +} + +func ExternalAuthAccessTokenEnvironmentVariable(id string) string { + return fmt.Sprintf("CODER_EXTERNAL_AUTH_ACCESS_TOKEN_%s", id) +} diff --git a/provider/externalauth_test.go b/provider/externalauth_test.go new file mode 100644 index 00000000..a320684b --- /dev/null +++ b/provider/externalauth_test.go @@ -0,0 +1,44 @@ +package provider_test + +import ( + "testing" + + "github.com/coder/terraform-provider-coder/provider" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + + "github.com/stretchr/testify/require" +) + +func TestExternalAuth(t *testing.T) { + t.Parallel() + + resource.Test(t, resource.TestCase{ + Providers: map[string]*schema.Provider{ + "coder": provider.New(), + }, + IsUnitTest: true, + Steps: []resource.TestStep{{ + Config: ` + provider "coder" { + } + data "coder_external_auth" "github" { + id = "github" + } + `, + Check: func(state *terraform.State) error { + require.Len(t, state.Modules, 1) + require.Len(t, state.Modules[0].Resources, 1) + resource := state.Modules[0].Resources["data.coder_external_auth.github"] + require.NotNil(t, resource) + + attribs := resource.Primary.Attributes + require.Equal(t, "github", attribs["id"]) + + return nil + }, + }}, + }) +} diff --git a/provider/gitauth.go b/provider/gitauth.go index d5cf9a85..aa36d493 100644 --- a/provider/gitauth.go +++ b/provider/gitauth.go @@ -12,7 +12,8 @@ import ( // gitAuthDataSource returns a schema for a Git authentication data source. func gitAuthDataSource() *schema.Resource { return &schema.Resource{ - Description: "Use this data source to require users to authenticate with a Git provider prior to workspace creation. This can be used to perform an authenticated `git clone` in startup scripts.", + DeprecationMessage: "Use the `coder_external_auth` data source instead.", + Description: "Use this data source to require users to authenticate with a Git provider prior to workspace creation. This can be used to perform an authenticated `git clone` in startup scripts.", ReadContext: func(ctx context.Context, rd *schema.ResourceData, i interface{}) diag.Diagnostics { rawID, ok := rd.GetOk("id") if !ok { diff --git a/provider/provider.go b/provider/provider.go index 9ea6685b..6556146e 100644 --- a/provider/provider.go +++ b/provider/provider.go @@ -68,10 +68,11 @@ func New() *schema.Provider { }, nil }, DataSourcesMap: map[string]*schema.Resource{ - "coder_workspace": workspaceDataSource(), - "coder_provisioner": provisionerDataSource(), - "coder_parameter": parameterDataSource(), - "coder_git_auth": gitAuthDataSource(), + "coder_workspace": workspaceDataSource(), + "coder_provisioner": provisionerDataSource(), + "coder_parameter": parameterDataSource(), + "coder_git_auth": gitAuthDataSource(), + "coder_external_auth": externalAuthDataSource(), }, ResourcesMap: map[string]*schema.Resource{ "coder_agent": agentResource(), From d34cc7351bc642cc37c365b8c7e4f26cd8fd632d Mon Sep 17 00:00:00 2001 From: Kyle Carberry Date: Tue, 3 Oct 2023 15:02:01 +0000 Subject: [PATCH 2/2] Improve docs --- docs/data-sources/external_auth.md | 4 ++-- provider/externalauth.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/data-sources/external_auth.md b/docs/data-sources/external_auth.md index 19129cef..b875b874 100644 --- a/docs/data-sources/external_auth.md +++ b/docs/data-sources/external_auth.md @@ -3,12 +3,12 @@ page_title: "coder_external_auth Data Source - terraform-provider-coder" subcategory: "" description: |- - Use this data source to require users to authenticate with an external provider prior to workspace creation. This can be used to pre-authenticate external services in a workspace. + Use this data source to require users to authenticate with an external service prior to workspace creation. This can be used to pre-authenticate external services in a workspace. (e.g. gcloud, gh, docker, etc) --- # coder_external_auth (Data Source) -Use this data source to require users to authenticate with an external provider prior to workspace creation. This can be used to pre-authenticate external services in a workspace. +Use this data source to require users to authenticate with an external service prior to workspace creation. This can be used to pre-authenticate external services in a workspace. (e.g. gcloud, gh, docker, etc) diff --git a/provider/externalauth.go b/provider/externalauth.go index fafe3584..89ab5ecc 100644 --- a/provider/externalauth.go +++ b/provider/externalauth.go @@ -12,7 +12,7 @@ import ( // externalAuthDataSource returns a schema for an external authentication data source. func externalAuthDataSource() *schema.Resource { return &schema.Resource{ - Description: "Use this data source to require users to authenticate with an external provider prior to workspace creation. This can be used to pre-authenticate external services in a workspace.", + Description: "Use this data source to require users to authenticate with an external service prior to workspace creation. This can be used to pre-authenticate external services in a workspace. (e.g. gcloud, gh, docker, etc)", ReadContext: func(ctx context.Context, rd *schema.ResourceData, i interface{}) diag.Diagnostics { id, ok := rd.Get("id").(string) if !ok || id == "" { pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy