diff --git a/docs/resources/organization.md b/docs/resources/organization.md
new file mode 100644
index 0000000..09ffb5e
--- /dev/null
+++ b/docs/resources/organization.md
@@ -0,0 +1,31 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "coderd_organization Resource - coderd"
+subcategory: ""
+description: |-
+ An organization on the coder deployment.
+---
+
+# coderd_organization (Resource)
+
+An organization on the coder deployment.
+
+
+
+
+## Schema
+
+### Required
+
+- `name` (String)
+
+### Optional
+
+- `description` (String)
+- `display_name` (String)
+- `icon` (String)
+- `members` (Set of String) Members of the organization, by ID. If null, members will not be added or removed by Terraform.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
diff --git a/internal/provider/organization_resource.go b/internal/provider/organization_resource.go
new file mode 100644
index 0000000..5561858
--- /dev/null
+++ b/internal/provider/organization_resource.go
@@ -0,0 +1,322 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package provider
+
+import (
+ "context"
+ "fmt"
+
+ "github.com/coder/coder/v2/coderd/util/slice"
+ "github.com/coder/coder/v2/codersdk"
+ "github.com/google/uuid"
+ "github.com/hashicorp/terraform-plugin-framework/attr"
+ "github.com/hashicorp/terraform-plugin-framework/path"
+ "github.com/hashicorp/terraform-plugin-framework/resource"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/hashicorp/terraform-plugin-log/tflog"
+)
+
+// Ensure provider defined types fully satisfy framework interfaces.
+var _ resource.Resource = &OrganizationResource{}
+var _ resource.ResourceWithImportState = &OrganizationResource{}
+
+func NewOrganizationResource() resource.Resource {
+ return &OrganizationResource{}
+}
+
+// OrganizationResource defines the resource implementation.
+type OrganizationResource struct {
+ data *CoderdProviderData
+}
+
+// OrganizationResourceModel describes the resource data model.
+type OrganizationResourceModel struct {
+ ID UUID `tfsdk:"id"`
+
+ Name types.String `tfsdk:"name"`
+ DisplayName types.String `tfsdk:"display_name"`
+ Description types.String `tfsdk:"description"`
+ Icon types.String `tfsdk:"icon"`
+ Members types.Set `tfsdk:"members"`
+}
+
+func (r *OrganizationResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+ resp.TypeName = req.ProviderTypeName + "_organization"
+}
+
+func (r *OrganizationResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ MarkdownDescription: "An organization on the coder deployment.",
+
+ Attributes: map[string]schema.Attribute{
+ "id": schema.StringAttribute{
+ CustomType: UUIDType,
+ Computed: true,
+ PlanModifiers: []planmodifier.String{
+ stringplanmodifier.UseStateForUnknown(),
+ },
+ },
+ "name": schema.StringAttribute{
+ Required: true,
+ },
+ "display_name": schema.StringAttribute{
+ Optional: true,
+ Computed: true,
+ },
+ "description": schema.StringAttribute{
+ Optional: true,
+ Computed: true,
+ Default: stringdefault.StaticString(""),
+ },
+ "icon": schema.StringAttribute{
+ Optional: true,
+ Computed: true,
+ Default: stringdefault.StaticString(""),
+ },
+ "members": schema.SetAttribute{
+ MarkdownDescription: "Members of the organization, by ID. If null, members will not be added or removed by Terraform.",
+ ElementType: UUIDType,
+ Optional: true,
+ },
+ // TODO: Custom roles, premium license gated
+ },
+ }
+}
+
+func (r *OrganizationResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) {
+ // Prevent panic if the provider has not been configured.
+ if req.ProviderData == nil {
+ return
+ }
+
+ data, ok := req.ProviderData.(*CoderdProviderData)
+
+ if !ok {
+ resp.Diagnostics.AddError(
+ "Unexpected Resource Configure Type",
+ fmt.Sprintf("Expected *CoderdProviderData, got: %T. Please report this issue to the provider developers.", req.ProviderData),
+ )
+
+ return
+ }
+
+ r.data = data
+}
+
+func (r *OrganizationResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+ var data OrganizationResourceModel
+
+ // Read Terraform plan data into the model
+ resp.Diagnostics.Append(req.Plan.Get(ctx, &data)...)
+
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ client := r.data.Client
+
+ displayName := data.Name.ValueString()
+ if data.DisplayName.ValueString() != "" {
+ displayName = data.DisplayName.ValueString()
+ }
+
+ tflog.Trace(ctx, "creating organization")
+ org, err := client.CreateOrganization(ctx, codersdk.CreateOrganizationRequest{
+ Name: data.Name.ValueString(),
+ DisplayName: displayName,
+ Description: data.Description.ValueString(),
+ Icon: data.Icon.ValueString(),
+ })
+ if err != nil {
+ resp.Diagnostics.AddError("Failed to create organization", err.Error())
+ return
+ }
+ tflog.Trace(ctx, "successfully created organization", map[string]any{
+ "id": org.ID,
+ })
+ data.ID = UUIDValue(org.ID)
+ data.DisplayName = types.StringValue(org.DisplayName)
+
+ tflog.Trace(ctx, "setting organization members")
+ var members []UUID
+ resp.Diagnostics.Append(data.Members.ElementsAs(ctx, &members, false)...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+ for _, memberID := range members {
+ _, err = client.PostOrganizationMember(ctx, org.ID, memberID.ValueString())
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to add member %s to organization %s, got error: %s", memberID, org.ID, err))
+ return
+ }
+ }
+
+ me, err := client.User(ctx, codersdk.Me)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to get current user, got error: %s", err))
+ return
+ }
+
+ // If the logged-in user isn't in the members list, remove them from the organization (as they were added by default)
+ // Ideally, future Coder versions won't add the logged-in user by default.
+ if !slice.Contains(members, UUIDValue(me.ID)) {
+ err = client.DeleteOrganizationMember(ctx, org.ID, codersdk.Me)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to delete self from new organization: %s", err))
+ }
+ }
+
+ tflog.Trace(ctx, "successfully set organization members")
+ // Save data into Terraform state
+ resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+}
+
+func (r *OrganizationResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+ var data OrganizationResourceModel
+
+ // Read Terraform prior state data into the model
+ resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ client := r.data.Client
+
+ orgID := data.ID.ValueUUID()
+ org, err := client.Organization(ctx, orgID)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to get organization by ID, got error: %s", err))
+ }
+
+ data.Name = types.StringValue(org.Name)
+ data.DisplayName = types.StringValue(org.DisplayName)
+ data.Description = types.StringValue(org.Description)
+ data.Icon = types.StringValue(org.Icon)
+ if !data.Members.IsNull() {
+ members, err := client.OrganizationMembers(ctx, orgID)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to get organization members, got error: %s", err))
+ return
+ }
+ memberIDs := make([]attr.Value, 0, len(members))
+ for _, member := range members {
+ memberIDs = append(memberIDs, UUIDValue(member.UserID))
+ }
+ data.Members = types.SetValueMust(UUIDType, memberIDs)
+ }
+
+ // Save updated data into Terraform state
+ resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+}
+
+func (r *OrganizationResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+ var data OrganizationResourceModel
+
+ // Read Terraform plan data into the model
+ resp.Diagnostics.Append(req.Plan.Get(ctx, &data)...)
+
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ client := r.data.Client
+ orgID := data.ID.ValueUUID()
+
+ orgMembers, err := client.OrganizationMembers(ctx, orgID)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to get organization members , got error: %s", err))
+ return
+ }
+
+ if !data.Members.IsNull() {
+ var plannedMembers []UUID
+ resp.Diagnostics.Append(data.Members.ElementsAs(ctx, &plannedMembers, false)...)
+ if resp.Diagnostics.HasError() {
+ return
+ }
+ curMembers := make([]uuid.UUID, 0, len(orgMembers))
+ for _, member := range orgMembers {
+ curMembers = append(curMembers, member.UserID)
+ }
+ add, remove := memberDiff(curMembers, plannedMembers)
+ tflog.Trace(ctx, "updating organization members", map[string]any{
+ "new_members": add,
+ "removed_members": remove,
+ })
+ for _, memberID := range add {
+ _, err := client.PostOrganizationMember(ctx, orgID, memberID)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to add member %s to organization %s, got error: %s", memberID, orgID, err))
+ return
+ }
+ }
+ for _, memberID := range remove {
+ err := client.DeleteOrganizationMember(ctx, orgID, memberID)
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to remove member %s from organization %s, got error: %s", memberID, orgID, err))
+ return
+ }
+ }
+ tflog.Trace(ctx, "successfully updated organization members")
+ }
+
+ tflog.Trace(ctx, "updating organization", map[string]any{
+ "id": orgID,
+ "new_name": data.Name,
+ "new_display_name": data.DisplayName,
+ "new_description": data.Description,
+ "new_icon": data.Icon,
+ })
+ _, err = client.UpdateOrganization(ctx, orgID.String(), codersdk.UpdateOrganizationRequest{
+ Name: data.Name.ValueString(),
+ DisplayName: data.DisplayName.ValueString(),
+ Description: data.Description.ValueStringPointer(),
+ Icon: data.Icon.ValueStringPointer(),
+ })
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to update organization %s, got error: %s", orgID, err))
+ return
+ }
+ tflog.Trace(ctx, "successfully updated organization")
+
+ // Save updated data into Terraform state
+ resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+}
+
+func (r *OrganizationResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+ var data OrganizationResourceModel
+
+ // Read Terraform prior state data into the model
+ resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+
+ if resp.Diagnostics.HasError() {
+ return
+ }
+
+ client := r.data.Client
+ orgID := data.ID.ValueUUID()
+
+ tflog.Trace(ctx, "deleting organization", map[string]any{
+ "id": orgID,
+ })
+
+ err := client.DeleteOrganization(ctx, orgID.String())
+ if err != nil {
+ resp.Diagnostics.AddError("Client Error", fmt.Sprintf("Unable to delete organization %s, got error: %s", orgID, err))
+ return
+ }
+ tflog.Trace(ctx, "successfully deleted organization")
+
+ // Read Terraform prior state data into the model
+ resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+}
+
+func (r *OrganizationResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
+ resource.ImportStatePassthroughID(ctx, path.Root("id"), req, resp)
+}
diff --git a/internal/provider/organization_resource_test.go b/internal/provider/organization_resource_test.go
new file mode 100644
index 0000000..9792bd3
--- /dev/null
+++ b/internal/provider/organization_resource_test.go
@@ -0,0 +1,163 @@
+package provider
+
+import (
+ "context"
+ "os"
+ "strings"
+ "testing"
+ "text/template"
+
+ "github.com/coder/coder/v2/codersdk"
+ "github.com/coder/terraform-provider-coderd/integration"
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+ "github.com/stretchr/testify/require"
+)
+
+func TestAccOrganizationResource(t *testing.T) {
+ if os.Getenv("TF_ACC") == "" {
+ t.Skip("Acceptance tests are disabled.")
+ }
+
+ ctx := context.Background()
+ client := integration.StartCoder(ctx, t, "group_acc", true)
+ firstUser, err := client.User(ctx, codersdk.Me)
+ require.NoError(t, err)
+
+ user1, err := client.CreateUser(ctx, codersdk.CreateUserRequest{
+ Email: "example@coder.com",
+ Username: "example",
+ Password: "SomeSecurePassword!",
+ UserLoginType: "password",
+ OrganizationID: firstUser.OrganizationIDs[0],
+ })
+ require.NoError(t, err)
+
+ user2, err := client.CreateUser(ctx, codersdk.CreateUserRequest{
+ Email: "example2@coder.com",
+ Username: "example2",
+ Password: "SomeSecurePassword!",
+ UserLoginType: "password",
+ OrganizationID: firstUser.OrganizationIDs[0],
+ })
+ require.NoError(t, err)
+
+ cfg1 := testAccOrganizationResourceConfig{
+ URL: client.URL.String(),
+ Token: client.SessionToken(),
+ Name: PtrTo("example-org"),
+ DisplayName: PtrTo("Example Organization"),
+ Description: PtrTo("This is an example organization"),
+ Icon: PtrTo("https://google.com"),
+ Members: PtrTo([]string{user1.ID.String()}),
+ }
+
+ cfg2 := cfg1
+ cfg2.Name = PtrTo("example-org-new")
+ cfg2.DisplayName = PtrTo("Example Organization New")
+ cfg2.Members = PtrTo([]string{user2.ID.String()})
+
+ cfg3 := cfg2
+ cfg3.Members = nil
+
+ t.Run("CreateImportUpdateReadOk", func(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ IsUnitTest: true,
+ PreCheck: func() { testAccPreCheck(t) },
+ ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+ Steps: []resource.TestStep{
+ // Create and Read
+ {
+ Config: cfg1.String(t),
+ Check: resource.ComposeAggregateTestCheckFunc(
+ resource.TestCheckResourceAttr("coderd_organization.test", "name", "example-org"),
+ resource.TestCheckResourceAttr("coderd_organization.test", "display_name", "Example Organization"),
+ resource.TestCheckResourceAttr("coderd_organization.test", "icon", "https://google.com"),
+ resource.TestCheckResourceAttr("coderd_organization.test", "members.#", "1"),
+ resource.TestCheckResourceAttr("coderd_organization.test", "members.0", user1.ID.String()),
+ ),
+ },
+ // Import
+ {
+ Config: cfg1.String(t),
+ ResourceName: "coderd_organization.test",
+ ImportState: true,
+ ImportStateVerify: true,
+ ImportStateVerifyIgnore: []string{"members"},
+ },
+ // Update and Read
+ {
+ Config: cfg2.String(t),
+ Check: resource.ComposeAggregateTestCheckFunc(
+ resource.TestCheckResourceAttr("coderd_organization.test", "name", "example-org-new"),
+ resource.TestCheckResourceAttr("coderd_organization.test", "display_name", "Example Organization New"),
+ resource.TestCheckResourceAttr("coderd_organization.test", "members.#", "1"),
+ resource.TestCheckResourceAttr("coderd_organization.test", "members.0", user2.ID.String()),
+ ),
+ },
+ // Unmanaged members
+ {
+ Config: cfg3.String(t),
+ Check: resource.ComposeAggregateTestCheckFunc(
+ resource.TestCheckNoResourceAttr("coderd_organization.test", "members"),
+ ),
+ },
+ },
+ })
+ })
+
+ t.Run("CreateUnmanagedMembersOk", func(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ IsUnitTest: true,
+ PreCheck: func() { testAccPreCheck(t) },
+ ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+ Steps: []resource.TestStep{
+ {
+ Config: cfg3.String(t),
+ Check: resource.ComposeAggregateTestCheckFunc(
+ resource.TestCheckNoResourceAttr("coderd_organization.test", "members"),
+ ),
+ },
+ },
+ })
+ })
+}
+
+type testAccOrganizationResourceConfig struct {
+ URL string
+ Token string
+
+ Name *string
+ DisplayName *string
+ Description *string
+ Icon *string
+ Members *[]string
+}
+
+func (c testAccOrganizationResourceConfig) String(t *testing.T) string {
+ t.Helper()
+ tpl := `
+provider coderd {
+ url = "{{.URL}}"
+ token = "{{.Token}}"
+}
+
+resource "coderd_organization" "test" {
+ name = {{orNull .Name}}
+ display_name = {{orNull .DisplayName}}
+ description = {{orNull .Description}}
+ icon = {{orNull .Icon}}
+ members = {{orNull .Members}}
+}
+`
+ funcMap := template.FuncMap{
+ "orNull": PrintOrNull,
+ }
+
+ buf := strings.Builder{}
+ tmpl, err := template.New("organizationResource").Funcs(funcMap).Parse(tpl)
+ require.NoError(t, err)
+
+ err = tmpl.Execute(&buf, c)
+ require.NoError(t, err)
+ return buf.String()
+}
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
index bfeea5e..cc79997 100644
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -139,6 +139,7 @@ func (p *CoderdProvider) Resources(ctx context.Context) []func() resource.Resour
NewTemplateResource,
NewWorkspaceProxyResource,
NewLicenseResource,
+ NewOrganizationResource,
}
}
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy