├── .github ├── CODEOWNERS ├── ISSUE_TEMPLATE │ ├── bug.yaml │ └── feature.yaml ├── PULL_REQUEST_TEMPLATE.md ├── labeler.yml ├── release-drafter.yaml └── workflows │ ├── changelog-from-release.yaml │ ├── draft-release.yaml │ ├── pull_request.yaml │ └── update-labels.yaml ├── .gitignore ├── .goreleaser.yml ├── .travis.yml ├── CHANGELOG.md ├── CONTRIBUTING.md ├── GNUmakefile ├── LICENSE ├── README.md ├── codefresh.yml ├── codefresh ├── cfclient │ ├── account.go │ ├── api_key.go │ ├── client.go │ ├── context.go │ ├── current_account.go │ ├── gitops_abac_rules.go │ ├── gitops_account_settings.go │ ├── gql_client.go │ ├── hermes_trigger.go │ ├── hermes_trigger_event.go │ ├── idp.go │ ├── permission.go │ ├── pipeline.go │ ├── project.go │ ├── registry.go │ ├── service_user.go │ ├── step_types.go │ ├── team.go │ ├── user.go │ └── utils.go ├── context │ └── storage.go ├── data_account.go ├── data_account_gitops_settings.go ├── data_account_idp.go ├── data_context.go ├── data_current_account.go ├── data_current_account_user.go ├── data_idps.go ├── data_pipelines.go ├── data_project.go ├── data_registry.go ├── data_service_account.go ├── data_step_types.go ├── data_team.go ├── data_user.go ├── data_users.go ├── env.go ├── internal │ ├── acctestutil │ │ ├── doc.go │ │ └── resource.go │ ├── datautil │ │ ├── doc.go │ │ ├── strings.go │ │ └── yaml.go │ ├── gitops │ │ ├── account_settings.go │ │ └── doc.go │ ├── idp │ │ ├── doc.go │ │ ├── schema.go │ │ └── types.go │ └── schemautil │ │ ├── doc.go │ │ ├── normalize.go │ │ ├── supressdiff.go │ │ ├── validation.go │ │ ├── validation_cron.go │ │ ├── validation_strings.go │ │ └── validation_values.go ├── provider.go ├── provider_test.go ├── resource_abac_rules.go ├── resource_abac_rules_test.go ├── resource_account.go ├── resource_account_admins.go ├── resource_account_gitops_settings.go ├── resource_account_gitops_settings_test.go ├── resource_account_idp.go ├── resource_account_idp_test.go ├── resource_account_user_association.go ├── resource_account_user_association_test.go ├── resource_api_key.go ├── resource_api_key_test.go ├── resource_context.go ├── resource_context_test.go ├── resource_idp.go ├── resource_idp_accounts.go ├── resource_permission.go ├── resource_permission_test.go ├── resource_pipeline.go ├── resource_pipeline_cron_trigger.go ├── resource_pipeline_cron_trigger_test.go ├── resource_pipeline_test.go ├── resource_project.go ├── resource_project_test.go ├── resource_registry.go ├── resource_service_account.go ├── resource_service_account_test.go ├── resource_step_types.go ├── resource_step_types_test.go ├── resource_team.go └── resource_user.go ├── docs ├── data-sources │ ├── account.md │ ├── account_gitops_settings.md │ ├── account_idp.md │ ├── context.md │ ├── current_account.md │ ├── current_account_user.md │ ├── idps.md │ ├── pipelines.md │ ├── project.md │ ├── registry.md │ ├── service_account.md │ ├── step_types.md │ ├── team.md │ ├── user.md │ └── users.md ├── guides │ └── development.md ├── index.md └── resources │ ├── abac_rules.md │ ├── account.md │ ├── account_admins.md │ ├── account_gitops_settings.md │ ├── account_idp.md │ ├── account_user_association.md │ ├── api_key.md │ ├── context.md │ ├── idp.md │ ├── idp_accounts.md │ ├── permission.md │ ├── pipeline.md │ ├── pipeline_cron_trigger.md │ ├── project.md │ ├── registry.md │ ├── service_account.md │ ├── step_types.md │ ├── team.md │ └── user.md ├── examples ├── abac_rules │ ├── main.tf │ ├── provider.tf │ ├── terraform.tfvars │ ├── vars.tf │ └── versions.tf ├── account_tokens │ ├── main.tf │ ├── terraform.tfvars │ └── versions.tf ├── account_user_associations │ ├── main.tf │ └── versions.tf ├── accounts_users │ ├── main.tf │ ├── terraform.tfvars │ ├── vars.tf │ └── versions.tf ├── permissions │ ├── main.tf │ ├── provider.tf │ ├── terraform.tfvars │ ├── vars.tf │ └── versions.tf ├── pipelines.md ├── pipelines │ ├── main.tf │ ├── outputs.tf │ ├── terraform.tfvars │ ├── vars.tf │ └── versions.tf ├── registries │ ├── main.tf │ ├── terraform.tfvars │ └── versions.tf ├── storate_integration │ ├── main.tf │ ├── provider.tf │ ├── vars.tf │ └── versions.tf ├── teams │ ├── main.tf │ ├── terraform.tfvars │ └── versions.tf └── triggers │ ├── main.tf │ ├── terraform.tfvars │ ├── vars.tf │ └── versions.tf ├── go.mod ├── go.sum ├── main.go ├── scripts ├── gofmtcheck.sh └── gogetcookie.sh ├── templates ├── data-sources │ ├── account.md.tmpl │ ├── context.md.tmpl │ ├── current_account.md.tmpl │ ├── idps.md.tmpl │ ├── project.md.tmpl │ ├── registry.md.tmpl │ ├── step_types.md.tmpl │ ├── team.md.tmpl │ ├── user.md.tmpl │ └── users.md.tmpl ├── guides │ └── development.md.tmpl ├── index.md.tmpl └── resources │ ├── abac_rules.md.tmpl │ ├── account.md.tmpl │ ├── account_admins.md.tmpl │ ├── account_gitops_settings.md.tmpl │ ├── account_idp.md.tmpl │ ├── account_user_association.md.tmpl │ ├── api_key.md.tmpl │ ├── context.md.tmpl │ ├── idp.md.tmpl │ ├── idp_accounts.md.tmpl │ ├── permission.md.tmpl │ ├── pipeline.md.tmpl │ ├── pipeline_cron_trigger.md.tmpl │ ├── project.md.tmpl │ ├── registry.md.tmpl │ ├── service_account.md.tmpl │ ├── step_types.md.tmpl │ ├── team.md.tmpl │ └── user.md.tmpl ├── test_data └── step_types │ ├── testStepTypesOrder.yaml │ ├── testStepWithRuntimeData.yaml │ ├── testSteps.yaml │ └── testStepsTemplate.yaml ├── tf_modules ├── account_token │ ├── main.tf │ ├── provider.tf │ └── vars.tf ├── account_tokens │ ├── main.tf │ ├── provider.tf │ └── vars.tf ├── accounts_users │ ├── main.tf │ ├── output.tf │ ├── provider.tf │ └── vars.tf └── teams │ ├── main.tf │ ├── output.tf │ └── vars.tf └── tools.go /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @codefresh-io/devops @yaroslav-codefresh @denis-codefresh 2 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug.yaml: -------------------------------------------------------------------------------- 1 | name: Bug Report 2 | description: File a bug report 3 | title: "[Bug]: " 4 | labels: ["bug", "triage"] 5 | body: 6 | - type: markdown 7 | attributes: 8 | value: | 9 | Thanks for taking the time to fill out this bug report! 10 | - type: textarea 11 | id: what-happened 12 | attributes: 13 | label: What happened? 14 | description: Describe the bug in detail. What did you expect to happen? What actually happened? 15 | value: "A bug happened!" 16 | validations: 17 | required: true 18 | - type: textarea 19 | id: version 20 | attributes: 21 | label: Version 22 | description: What version of the Provider are you running? 23 | validations: 24 | required: true 25 | - type: textarea 26 | id: logs 27 | attributes: 28 | label: Relevant Terraform Configuration 29 | description: Please copy and paste any relevant Terraform configurations we can use to reproduce the bug. 30 | render: hcl 31 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature.yaml: -------------------------------------------------------------------------------- 1 | name: Feature Request 2 | description: Submit a feature request 3 | title: "[Feature]: " 4 | labels: ["enhancement"] 5 | body: 6 | - type: markdown 7 | attributes: 8 | value: | 9 | Thanks for taking the time to fill out this feature request! 10 | - type: textarea 11 | id: feature 12 | attributes: 13 | label: What would you like to be added? 14 | description: If applicable, add a mock Terraform schema for the new resource or data source. 15 | value: "The following feature would be great!" 16 | validations: 17 | required: true -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ## What 2 | 3 | ## Why 4 | 5 | ## Notes 6 | 7 | 8 | ## Checklist 9 | 10 | * [ ] _I have read [CONTRIBUTING.md](https://github.com/codefresh-io/terraform-provider-codefresh/blob/master/CONTRIBUTING.md)._ 11 | * [ ] _I have [allowed changes to my fork to be made](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)._ 12 | * [ ] _I have added tests, assuming new tests are warranted_. 13 | * [ ] _I understand that the `/test` comment will be ignored by the CI trigger [unless it is made by a repo admin or collaborator](https://codefresh.io/docs/docs/pipelines/triggers/git-triggers/#support-for-building-pull-requests-from-forks)._ 14 | -------------------------------------------------------------------------------- /.github/labeler.yml: -------------------------------------------------------------------------------- 1 | source: 2 | - "client/**/*" 3 | - "codefresh/**/*" 4 | - "*.go" 5 | - "*.mod" 6 | - "*.sum" 7 | 8 | docs: 9 | - README.md 10 | - docs/**/* 11 | - templates/**/* 12 | - examples/**/* 13 | - tf_modules/**/* 14 | - CHANGELOG.md 15 | 16 | automation: 17 | - scripts/**/* 18 | - .github/**/* 19 | - codefresh.yml 20 | - .goreleaser.yml 21 | - GNUmakefile 22 | -------------------------------------------------------------------------------- /.github/release-drafter.yaml: -------------------------------------------------------------------------------- 1 | name-template: "v$RESOLVED_VERSION" 2 | tag-template: "v$RESOLVED_VERSION" 3 | categories: 4 | - title: "🚀 Features" 5 | labels: 6 | - "feature" 7 | - "enhancement" 8 | - title: "🐛 Bug Fixes" 9 | labels: 10 | - "fix" 11 | - "bugfix" 12 | - "bug" 13 | - title: "🧰 Maintenance" 14 | label: "chore" 15 | change-template: "- $TITLE @$AUTHOR (#$NUMBER)" 16 | change-title-escapes: '\<*_&' 17 | exclude-labels: 18 | - "no-release" 19 | version-resolver: 20 | major: 21 | labels: 22 | - "major" 23 | minor: 24 | labels: 25 | - "minor" 26 | - "feature" 27 | - "enhancement" 28 | patch: 29 | labels: 30 | - "patch" 31 | - "fix" 32 | - "bugfix" 33 | - "bug" 34 | - "dependencies" 35 | default: patch 36 | template: | 37 | ## Changes 38 | $CHANGES 39 | -------------------------------------------------------------------------------- /.github/workflows/changelog-from-release.yaml: -------------------------------------------------------------------------------- 1 | name: "Changelog from Release" 2 | 3 | on: 4 | release: 5 | types: [published, released] 6 | 7 | jobs: 8 | update_changelog: 9 | runs-on: ubuntu-latest 10 | steps: 11 | - uses: actions/checkout@v3 12 | with: 13 | ref: master 14 | - uses: rhysd/changelog-from-release/action@v3 15 | with: 16 | file: CHANGELOG.md 17 | github_token: ${{ secrets.CF_CI_BOT_PAT }} 18 | commit_summary_template: 'Update CHANGELOG.md for %s' 19 | -------------------------------------------------------------------------------- /.github/workflows/draft-release.yaml: -------------------------------------------------------------------------------- 1 | name: Draft Release 2 | 3 | on: 4 | push: 5 | branches: 6 | - master 7 | pull_request: 8 | types: [opened, reopened, synchronize] 9 | 10 | jobs: 11 | update_release_draft: 12 | runs-on: ubuntu-latest 13 | permissions: 14 | contents: write 15 | pull-requests: write 16 | steps: 17 | - uses: release-drafter/release-drafter@v5 18 | env: 19 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 20 | with: 21 | publish: false 22 | config-name: release-drafter.yaml 23 | -------------------------------------------------------------------------------- /.github/workflows/pull_request.yaml: -------------------------------------------------------------------------------- 1 | name: "Pull Request" 2 | on: pull_request 3 | 4 | jobs: 5 | docs: 6 | name: "Ensure 'make docs' has been run" 7 | runs-on: ubuntu-latest 8 | steps: 9 | - name: Checkout repo 10 | uses: actions/checkout@v3 11 | with: 12 | token: ${{ secrets.GITHUB_TOKEN }} 13 | - name: Generate Docs 14 | run: | 15 | export PATH=$PATH:/home/runner/go/bin 16 | make docs 17 | - name: Validate No Changes 18 | run: | 19 | git diff --exit-code 20 | gofmt: 21 | name: "Ensure 'make fmt' has been run" 22 | runs-on: ubuntu-latest 23 | steps: 24 | - name: Checkout repo 25 | uses: actions/checkout@v3 26 | with: 27 | token: ${{ secrets.GITHUB_TOKEN }} 28 | - name: Run gofmt 29 | run: | 30 | go fmt 31 | - name: Validate No Changes 32 | run: | 33 | git diff --exit-code 34 | -------------------------------------------------------------------------------- /.github/workflows/update-labels.yaml: -------------------------------------------------------------------------------- 1 | name: "Pull Request Labeler" 2 | on: 3 | - pull_request_target 4 | 5 | jobs: 6 | triage: 7 | permissions: 8 | contents: read 9 | pull-requests: write 10 | runs-on: ubuntu-latest 11 | steps: 12 | - uses: actions/labeler@v4 13 | with: 14 | repo-token: "${{ secrets.GITHUB_TOKEN }}" -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | terraform-provider-codefresh 2 | dist/ 3 | .vscode/ 4 | **/__debug* 5 | 6 | **/.terraform 7 | **/terraform.tfstate 8 | **/terraform.tfstate.backup 9 | tests/ 10 | 11 | .idea 12 | **/*.lock.hcl 13 | **/*.backup -------------------------------------------------------------------------------- /.goreleaser.yml: -------------------------------------------------------------------------------- 1 | builds: 2 | - env: 3 | - CGO_ENABLED=0 4 | goos: 5 | - windows 6 | - linux 7 | - darwin 8 | goarch: 9 | - amd64 10 | - '386' 11 | - arm 12 | - arm64 13 | ignore: 14 | - goos: darwin 15 | goarch: '386' 16 | binary: '{{ .ProjectName }}_v{{ .Version }}' 17 | archives: 18 | - format: zip 19 | name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' 20 | checksum: 21 | name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS' 22 | algorithm: sha256 23 | signs: 24 | - artifacts: checksum 25 | args: 26 | # if you are using this in a GitHub action or some other automated pipeline, you 27 | # need to pass the batch flag to indicate its not interactive. 28 | - "--batch" 29 | - "--local-user" 30 | - "${GPG_FINGERPRINT}" 31 | - "--output" 32 | - "${signature}" 33 | - "--detach-sign" 34 | - "${artifact}" 35 | 36 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | dist: xenial 2 | sudo: required 3 | services: 4 | - docker 5 | language: go 6 | go: 7 | - "1.13.x" 8 | 9 | env: 10 | global: GOFLAGS=-mod=vendor 11 | 12 | install: 13 | # This script is used by the Travis build to install a cookie for 14 | # go.googlesource.com so rate limits are higher when using `go get` to fetch 15 | # packages that live there. 16 | # See: https://github.com/golang/go/issues/12933 17 | - bash scripts/gogetcookie.sh 18 | 19 | script: 20 | - make test 21 | - make vet 22 | #- make website-test 23 | 24 | branches: 25 | only: 26 | - master 27 | matrix: 28 | fast_finish: true 29 | allow_failures: 30 | - go: tip 31 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | ## Updating Provider Documentation 4 | 5 | The documentation is generated using [tfplugindocs](https://github.com/hashicorp/terraform-plugin-docs). 6 | 7 | `docs/` should never be edited by hand. Instead, update the documentation via updating `Description` fields within the `schema` blocks of the provider's resources and data sources. And if needed, update the templates in `templates/`. 8 | 9 | You can always run the following command locally to re-generate the documentation: 10 | 11 | ```bash 12 | make docs 13 | ``` 14 | 15 | ## Submitting a PR 16 | 17 | 1. Fork the repo 18 | 2. Create a PR from your fork against the `master` branch 19 | 20 | ### PR Requirements 21 | 22 | 1. Ensure that all tests pass (via commenting `/test` if you are an admin or a contributor with write access on this repo, otherwise wait for a maintainer to submit the comment. The comment will be ignored if you are not an admin or a contributor with write access on this repo. See: https://codefresh.io/docs/docs/pipelines/triggers/git-triggers/#support-for-building-pull-requests-from-forks) 23 | 4. Ensure `make docs` and `make fmt` have been run and the changes have been committed. Otherwise, you will have failing status checks. 24 | -------------------------------------------------------------------------------- /GNUmakefile: -------------------------------------------------------------------------------- 1 | TEST?=$$(go list ./... |grep -v 'vendor') 2 | GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor) 3 | WEBSITE_REPO=github.com/hashicorp/terraform-website 4 | HOSTNAME=codefresh.io 5 | PKG_NAME=codefresh 6 | NAMESPACE=app 7 | BINARY=terraform-provider-${PKG_NAME} 8 | OS_ARCH=darwin_amd64 9 | 10 | default: build 11 | 12 | build: fmtcheck 13 | go install 14 | go build -o ${BINARY} 15 | 16 | install: build 17 | mv ${BINARY} $(HOME)/go/bin/ 18 | 19 | fmt: 20 | @echo "==> Fixing source code with gofmt..." 21 | gofmt -s -w $(GOFMT_FILES) 22 | 23 | fmtcheck: 24 | @sh -c "'$(CURDIR)/scripts/gofmtcheck.sh'" 25 | 26 | lint: 27 | @echo "==> Checking source code against linters..." 28 | go tool golangci-lint run ./... 29 | 30 | test: fmtcheck 31 | go test -i $(TEST) || exit 1 32 | echo $(TEST) | \ 33 | xargs -t -n4 go test $(TESTARGS) -timeout=30s -parallel=4 34 | 35 | testacc: fmtcheck 36 | TF_ACC=1 go test $(TEST) -v $(TESTARGS) -timeout 120m 37 | 38 | test-compile: 39 | @if [ "$(TEST)" = "./..." ]; then \ 40 | echo "ERROR: Set TEST to a specific package. For example,"; \ 41 | echo " make test-compile TEST=./$(PKG_NAME)"; \ 42 | exit 1; \ 43 | fi 44 | go test -c $(TEST) $(TESTARGS) 45 | 46 | vet: 47 | @echo "go vet ." 48 | @go vet $$(go list ./... | grep -v vendor/) ; if [ $$? -eq 1 ]; then \ 49 | echo ""; \ 50 | echo "Vet found suspicious constructs. Please check the reported constructs"; \ 51 | echo "and fix them if necessary before submitting the code for review."; \ 52 | exit 1; \ 53 | fi 54 | 55 | docs: 56 | @echo "==> Generating Provider Documentation..." 57 | go tool tfplugindocs generate 58 | 59 | .PHONY: build test testacc vet fmt fmtcheck lint test-compile docs docs-prepare 60 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Terraform Provider for Codefresh 2 | 3 | This is the official Terraform Provider for Codefresh. 4 | 5 | Terraform Registry: [registry.terraform.io/providers/codefresh-io/codefresh](https://registry.terraform.io/providers/codefresh-io/codefresh/latest) 6 | 7 | ## Requirements 8 | 9 | - [Terraform](https://www.terraform.io/downloads.html) `1.x.x` 10 | 11 | ## Download the Provider 12 | 13 | Download and extract terraform-provider-codefresh from [releases](https://github.com/codefresh-io/terraform-provider-codefresh/releases) 14 | 15 | ## Using the Provider 16 | 17 | In `versions.tf`: 18 | 19 | ```terraform 20 | terraform { 21 | required_providers { 22 | codefresh = { 23 | version = "x.y.z" # Optional but recommended; replace with latest semantic version 24 | source = "codefresh-io/codefresh" 25 | } 26 | } 27 | } 28 | ``` 29 | 30 | ## Building the Provider Locally 31 | 32 | ```sh 33 | make install 34 | ``` 35 | 36 | ## [Provider Documentation](./docs) 37 | 38 | The documentation is generated using [tfplugindocs](https://github.com/hashicorp/terraform-plugin-docs). 39 | 40 | See: [CONTRIBUTING.md](./CONTRIBUTING.md#documentation) 41 | 42 | ## To configure Codefresh provider: 43 | 44 | ```hcl 45 | provider "codefresh" { 46 | api_url = "" # Default value - https://g.codefresh.io/api 47 | token = "" # If token isn't set the provider expects the $CODEFRESH_API_KEY env variable 48 | } 49 | ``` 50 | 51 | Get an API key from [Codefresh](https://g.codefresh.io/user/settings) and set the following scopes: 52 | 53 | - Environments-V2 54 | - Pipeline 55 | - Project 56 | - Repos 57 | - Step-Type 58 | - Step-Types 59 | - View 60 | 61 | ```bash 62 | export CODEFRESH_API_KEY='xyz' 63 | ``` 64 | 65 | ## Testing the Provider 66 | 67 | **NOTE:** Acceptance tests create real resources, including admin resources (accounts, users) so make sure that `CODEFRESH_API_KEY` is set to an account that you are ok with being modified. 68 | 69 | ```bash 70 | make testacc 71 | ``` 72 | 73 | ## Contributors 74 | 75 | 76 | 77 | 78 | 79 | ## Acknowledgements 80 | 81 | _This provider was initialized by [LightStep](https://lightstep.com/)_. 82 | 83 | ## License 84 | 85 | Copyright 2023 Codefresh. 86 | 87 | The Codefresh Provider is available under [MPL2.0 license](./LICENSE). 88 | -------------------------------------------------------------------------------- /codefresh.yml: -------------------------------------------------------------------------------- 1 | version: "1.0" 2 | stages: 3 | - clone 4 | - test 5 | - release 6 | steps: 7 | main_clone: 8 | title: "Cloning main repository..." 9 | stage: clone 10 | type: git-clone 11 | repo: "${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}" 12 | revision: "${{CF_REVISION}}" 13 | git: cf_github 14 | 15 | go_fmt: 16 | title: "Formatting" 17 | stage: test 18 | image: golang:1.24.3-alpine3.21 19 | commands: 20 | - go fmt 21 | 22 | go_test: 23 | title: "Run tests" 24 | stage: test 25 | image: golang:1.24.3-alpine3.21 26 | environment: 27 | - TF_ACC="test" 28 | - CGO_ENABLED=0 29 | commands: 30 | - go install github.com/warrensbox/terraform-switcher@0.13.1308 31 | - terraform-switcher --latest-stable ${TF_VERSION} 32 | - sleep $((RANDOM % 45)) 33 | - go test -v ./... 34 | retry: 35 | maxAttempts: 3 36 | delay: 5 37 | exponentialFactor: 2 38 | matrix: 39 | # The following will resolve to their latest patch version 40 | environment: 41 | - TF_VERSION=1.3.0 42 | - TF_VERSION=1.11.4 43 | when: 44 | condition: 45 | all: 46 | release: "'${{RELEASE}}' != 'true'" 47 | 48 | prepare_env_vars: 49 | title: "Preparing environment variables..." 50 | stage: release 51 | image: quay.io/codefresh/codefresh-shell:0.0.14 52 | shell: bash 53 | environment: 54 | - GPG_FINGERPRINT=${{GPG_FINGERPRINT}} 55 | - SIGNINGKEY=${{SIGNINGKEY}} 56 | commands: 57 | - source /scripts/get-gh-token.sh 58 | - cf_export GITHUB_TOKEN=$GITHUB_TOKEN --mask 59 | - cf_export GPG_FINGERPRINT 60 | - cf_export SIGNINGKEY 61 | - cf_export GPG_PRIVATE 62 | when: 63 | condition: 64 | all: 65 | release: "'${{RELEASE}}' == 'true'" 66 | 67 | release_binaries: 68 | title: Create release in Github 69 | image: goreleaser/goreleaser:v2.9.0 70 | stage: release 71 | environment: 72 | - GPG_FINGERPRINT=${{GPG_FINGERPRINT}} 73 | - SIGNINGKEY=${{SIGNINGKEY}} 74 | - GPG_PRIVATE=${{GPG_PRIVATE}} 75 | commands: 76 | - apk update 77 | - apk fetch gnupg 78 | - apk add gnupg 79 | - echo ${GPG_PRIVATE} | base64 -d > /tmp/private.key 80 | - gpg --import /tmp/private.key 81 | - git config user.signingkey ${GPG_FINGERPRINT} 82 | - git clean -fdx 83 | - goreleaser release 84 | when: 85 | condition: 86 | all: 87 | release: "'${{RELEASE}}' == 'true'" 88 | -------------------------------------------------------------------------------- /codefresh/cfclient/gitops_account_settings.go: -------------------------------------------------------------------------------- 1 | package cfclient 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | type GitopsActiveAccountResponse struct { 8 | Data struct { 9 | Me struct { 10 | ActiveAccount GitopsActiveAccountInfo `json:"activeAccount,omitempty"` 11 | } `json:"me,omitempty"` 12 | } `json:"data,omitempty"` 13 | } 14 | 15 | type GitopsActiveAccountInfo struct { 16 | ID string `json:"id,omitempty"` 17 | AccountName string `json:"name,omitempty"` 18 | GitProvider string `json:"gitProvider,omitempty"` 19 | GitApiUrl string `json:"gitApiUrl,omitempty"` 20 | SharedConfigRepo string `json:"sharedConfigRepo,omitempty"` 21 | Admins []string `json:"admins,omitempty"` 22 | } 23 | 24 | func (client *Client) GetActiveGitopsAccountInfo() (*GitopsActiveAccountInfo, error) { 25 | request := GraphQLRequest{ 26 | Query: ` 27 | query AccountInfo { 28 | me { 29 | activeAccount { 30 | id 31 | name 32 | gitProvider 33 | gitApiUrl 34 | sharedConfigRepo 35 | admins 36 | } 37 | } 38 | } 39 | `, 40 | } 41 | 42 | response, err := client.SendGqlRequest(request) 43 | if err != nil { 44 | fmt.Println("Error:", err) 45 | return nil, err 46 | } 47 | 48 | var gitopsAccountResponse GitopsActiveAccountResponse 49 | 50 | err = DecodeGraphQLResponseInto(response, &gitopsAccountResponse) 51 | 52 | if err != nil { 53 | return nil, err 54 | } 55 | 56 | gitopsActiveAccountInfo := gitopsAccountResponse.Data.Me.ActiveAccount 57 | 58 | return &gitopsActiveAccountInfo, nil 59 | } 60 | 61 | func (client *Client) UpdateActiveGitopsAccountSettings(gitProvider string, gitProviderApiUrl string, sharedConfigRepo string) error { 62 | request := GraphQLRequest{ 63 | Query: ` 64 | mutation updateCsdpSettings($gitProvider: GitProviders!, $gitApiUrl: String!, $sharedConfigRepo: String!) { 65 | updateCsdpSettings(gitProvider: $gitProvider, gitApiUrl: $gitApiUrl, sharedConfigRepo: $sharedConfigRepo) 66 | } 67 | `, 68 | Variables: map[string]interface{}{ 69 | "gitProvider": gitProvider, 70 | "gitApiUrl": gitProviderApiUrl, 71 | "sharedConfigRepo": sharedConfigRepo, 72 | }, 73 | } 74 | 75 | _, err := client.SendGqlRequest(request) 76 | 77 | if err != nil { 78 | fmt.Println("Error:", err) 79 | return err 80 | } 81 | 82 | return nil 83 | } 84 | -------------------------------------------------------------------------------- /codefresh/cfclient/gql_client.go: -------------------------------------------------------------------------------- 1 | package cfclient 2 | 3 | import ( 4 | "bytes" 5 | "encoding/json" 6 | "errors" 7 | "io" 8 | "net/http" 9 | ) 10 | 11 | // GraphQLRequest GraphQL query 12 | type GraphQLRequest struct { 13 | Query string `json:"query"` 14 | Variables map[string]interface{} `json:"variables,omitempty"` 15 | } 16 | 17 | func (client *Client) SendGqlRequest(request GraphQLRequest) ([]byte, error) { 18 | jsonRequest, err := json.Marshal(request) 19 | if err != nil { 20 | return nil, err 21 | } 22 | 23 | req, err := http.NewRequest("POST", client.HostV2, bytes.NewBuffer(jsonRequest)) 24 | if err != nil { 25 | return nil, err 26 | } 27 | 28 | tokenHeader := client.TokenHeader 29 | if tokenHeader == "" { 30 | tokenHeader = "Authorization" 31 | } 32 | req.Header.Set(tokenHeader, client.Token) 33 | req.Header.Set("Content-Type", "application/json; charset=utf-8") 34 | 35 | httpClient := &http.Client{} 36 | resp, err := httpClient.Do(req) 37 | if err != nil { 38 | return nil, err 39 | } 40 | if resp.StatusCode >= 400 { 41 | bodyBytes, _ := io.ReadAll(resp.Body) 42 | return nil, errors.New(resp.Status + " " + string(bodyBytes)) 43 | } 44 | defer resp.Body.Close() 45 | 46 | var buf bytes.Buffer 47 | _, err = buf.ReadFrom(resp.Body) 48 | if err != nil { 49 | return nil, err 50 | } 51 | 52 | return buf.Bytes(), nil 53 | } 54 | 55 | func DecodeGraphQLResponseInto(body []byte, target interface{}) error { 56 | return json.Unmarshal(body, target) 57 | } 58 | -------------------------------------------------------------------------------- /codefresh/cfclient/hermes_trigger.go: -------------------------------------------------------------------------------- 1 | package cfclient 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | type HermesTrigger struct { 8 | Event string `json:"event,omitempty"` 9 | PipelineID string `json:"pipeline,omitempty"` 10 | EventData EventData `json:"event-data,omitempty"` 11 | } 12 | 13 | type EventData struct { 14 | Uri string `json:"uri"` 15 | Type string `json:"type"` 16 | Kind string `json:"kind"` 17 | Account string `json:"account"` 18 | Secret string `json:"secret"` 19 | } 20 | 21 | func (client *Client) GetHermesTriggerByEventAndPipeline(event string, pipeline string) (*HermesTrigger, error) { 22 | 23 | fullPath := fmt.Sprintf("/hermes/triggers/event/%s", UriEncodeEvent(event)) 24 | opts := RequestOptions{ 25 | Path: fullPath, 26 | Method: "GET", 27 | } 28 | 29 | resp, err := client.RequestAPI(&opts) 30 | if err != nil { 31 | return nil, err 32 | } 33 | 34 | var hermesTriggerList []HermesTrigger 35 | 36 | err = DecodeResponseInto(resp, &hermesTriggerList) 37 | if err != nil { 38 | return nil, err 39 | } 40 | 41 | var hermesTrigger HermesTrigger 42 | for _, trigger := range hermesTriggerList { 43 | if trigger.PipelineID == pipeline { 44 | hermesTrigger = trigger 45 | } 46 | } 47 | if hermesTrigger.Event == "" { 48 | return nil, fmt.Errorf("no Trigger found for event: %s, pipeline: %s", event, pipeline) 49 | } 50 | 51 | return &hermesTrigger, nil 52 | } 53 | 54 | func (client *Client) CreateHermesTriggerByEventAndPipeline(event string, pipeline string) error { 55 | 56 | fullPath := fmt.Sprintf("/hermes/triggers/%s/%s", UriEncodeEvent(event), pipeline) 57 | opts := RequestOptions{ 58 | Path: fullPath, 59 | Method: "POST", 60 | } 61 | 62 | _, err := client.RequestAPI(&opts) 63 | return err 64 | } 65 | 66 | func (client *Client) DeleteHermesTriggerByEventAndPipeline(event string, pipeline string) error { 67 | fullPath := fmt.Sprintf("/hermes/triggers/%s/%s", UriEncodeEvent(event), pipeline) 68 | opts := RequestOptions{ 69 | Path: fullPath, 70 | Method: "DELETE", 71 | } 72 | 73 | _, err := client.RequestAPI(&opts) 74 | 75 | if err != nil { 76 | return fmt.Errorf("failed to delete Trigger: \n%v", err) 77 | } 78 | 79 | return nil 80 | } 81 | -------------------------------------------------------------------------------- /codefresh/cfclient/hermes_trigger_event.go: -------------------------------------------------------------------------------- 1 | package cfclient 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | type HermesTriggerEvent struct { 8 | Type string `json:"type,omitempty"` 9 | Kind string `json:"kind,omitempty"` 10 | Filter string `json:"filter,omitempty"` 11 | Secret string `json:"secret,omitempty"` 12 | Values map[string]string `json:"values,omitempty"` 13 | } 14 | 15 | func (client *Client) GetHermesTriggerEvent(event string) (*HermesTriggerEvent, error) { 16 | fullPath := fmt.Sprintf("/hermes/triggers/%s", UriEncodeEvent(event)) 17 | 18 | opts := RequestOptions{ 19 | Path: fullPath, 20 | Method: "GET", 21 | } 22 | 23 | resp, err := client.RequestAPI(&opts) 24 | if err != nil { 25 | return nil, fmt.Errorf("failed to retrieve Trigger Event: \n%v", err) 26 | } 27 | 28 | var hermesTriggerEvent HermesTriggerEvent 29 | err = DecodeResponseInto(resp, &hermesTriggerEvent) 30 | if err != nil { 31 | return nil, err 32 | } 33 | 34 | return &hermesTriggerEvent, nil 35 | } 36 | 37 | func (client *Client) CreateHermesTriggerEvent(event *HermesTriggerEvent) (string, error) { 38 | 39 | body, err := EncodeToJSON(event) 40 | if err != nil { 41 | return "", err 42 | } 43 | 44 | fullPath := "/hermes/events/" 45 | opts := RequestOptions{ 46 | Path: fullPath, 47 | Method: "POST", 48 | Body: body, 49 | } 50 | 51 | resp, err := client.RequestAPI(&opts) 52 | if err != nil { 53 | return "", fmt.Errorf("failed to create Trigger Event: \n%v", err) 54 | } 55 | 56 | var eventString string 57 | err = DecodeResponseInto(resp, &eventString) 58 | if err != nil { 59 | return "", err 60 | } 61 | 62 | return eventString, err 63 | } 64 | -------------------------------------------------------------------------------- /codefresh/cfclient/project.go: -------------------------------------------------------------------------------- 1 | package cfclient 2 | 3 | import ( 4 | "errors" 5 | "fmt" 6 | ) 7 | 8 | // Project spec 9 | type Project struct { 10 | ID string `json:"id,omitempty"` 11 | ProjectName string `json:"projectName,omitempty"` 12 | Tags []string `json:"tags,omitempty"` 13 | Variables []Variable `json:"variables,omitempty"` 14 | } 15 | 16 | // GetID implement CodefreshObject interface 17 | func (project *Project) GetID() string { 18 | return project.ID 19 | } 20 | 21 | // SetVariables project variables 22 | func (project *Project) SetVariables(variables map[string]interface{}, encrypted bool) { 23 | for key, value := range variables { 24 | project.Variables = append(project.Variables, Variable{Key: key, Value: value.(string), Encrypted: encrypted}) 25 | } 26 | } 27 | 28 | // GetProjectByName get project object by name 29 | func (client *Client) GetProjectByName(name string) (*Project, error) { 30 | fullPath := fmt.Sprintf("/projects/name/%s", name) 31 | opts := RequestOptions{ 32 | Path: fullPath, 33 | Method: "GET", 34 | } 35 | 36 | resp, err := client.RequestAPI(&opts) 37 | 38 | if err != nil { 39 | return nil, err 40 | } 41 | 42 | var project Project 43 | 44 | err = DecodeResponseInto(resp, &project) 45 | if err != nil { 46 | return nil, err 47 | } 48 | 49 | return &project, nil 50 | } 51 | 52 | // GetProjectByID get project object by id 53 | func (client *Client) GetProjectByID(id string) (*Project, error) { 54 | fullPath := fmt.Sprintf("/projects/%s", id) 55 | opts := RequestOptions{ 56 | Path: fullPath, 57 | Method: "GET", 58 | } 59 | 60 | resp, err := client.RequestAPI(&opts) 61 | 62 | if err != nil { 63 | return nil, err 64 | } 65 | 66 | var project Project 67 | 68 | err = DecodeResponseInto(resp, &project) 69 | if err != nil { 70 | return nil, err 71 | } 72 | 73 | return &project, nil 74 | } 75 | 76 | // CreateProject POST project 77 | func (client *Client) CreateProject(project *Project) (*Project, error) { 78 | 79 | body, err := EncodeToJSON(project) 80 | 81 | if err != nil { 82 | return nil, err 83 | } 84 | opts := RequestOptions{ 85 | Path: "/projects", 86 | Method: "POST", 87 | Body: body, 88 | } 89 | 90 | resp, err := client.RequestAPI(&opts) 91 | 92 | if err != nil { 93 | return nil, err 94 | } 95 | 96 | var respProject Project 97 | err = DecodeResponseInto(resp, &respProject) 98 | if err != nil { 99 | return nil, err 100 | } 101 | 102 | return &respProject, nil 103 | } 104 | 105 | // UpdateProject PATCH project 106 | func (client *Client) UpdateProject(project *Project) error { 107 | 108 | body, err := EncodeToJSON(project) 109 | 110 | if err != nil { 111 | return err 112 | } 113 | 114 | id := project.GetID() 115 | if id == "" { 116 | return errors.New("[ERROR] Project ID is empty") 117 | } 118 | 119 | fullPath := fmt.Sprintf("/projects/%s", id) 120 | opts := RequestOptions{ 121 | Path: fullPath, 122 | Method: "PATCH", 123 | Body: body, 124 | } 125 | 126 | _, err = client.RequestAPI(&opts) 127 | if err != nil { 128 | return err 129 | } 130 | 131 | return nil 132 | } 133 | 134 | // DeleteProject DELETE 135 | func (client *Client) DeleteProject(id string) error { 136 | fullPath := fmt.Sprintf("/projects/%s", id) 137 | opts := RequestOptions{ 138 | Path: fullPath, 139 | Method: "DELETE", 140 | } 141 | 142 | _, err := client.RequestAPI(&opts) 143 | 144 | if err != nil { 145 | return err 146 | } 147 | 148 | return nil 149 | } 150 | -------------------------------------------------------------------------------- /codefresh/cfclient/utils.go: -------------------------------------------------------------------------------- 1 | package cfclient 2 | 3 | import ( 4 | "net/url" 5 | "strings" 6 | ) 7 | 8 | // Variable spec 9 | type Variable struct { 10 | Key string `json:"key"` 11 | Value string `json:"value"` 12 | Encrypted bool `json:"encrypted,omitempty"` 13 | } 14 | 15 | // CodefreshObject codefresh interface 16 | type CodefreshObject interface { 17 | GetID() string 18 | } 19 | 20 | func FindInSlice(slice []string, val string) bool { 21 | for _, item := range slice { 22 | if item == val { 23 | return true 24 | } 25 | } 26 | return false 27 | } 28 | 29 | func uriEncode(path string) string { 30 | replacer := strings.NewReplacer("+", "%20", "%2A", "*") // match Javascript's encodeURIComponent() 31 | return replacer.Replace(url.QueryEscape(path)) 32 | } 33 | 34 | func UriEncodeEvent(event string) string { 35 | // The following is odd, but it's intentional. The event is URI encoded twice because 36 | // the Codefresh API expects it to be encoded twice. 37 | return uriEncode(uriEncode(event)) 38 | } 39 | -------------------------------------------------------------------------------- /codefresh/data_account.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceAccount() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "This data source retrieves an account by _id or name. Requires a Codefresh admin token and applies only to Codefresh on-premises installations.", 13 | Read: dataSourceAccountRead, 14 | Schema: map[string]*schema.Schema{ 15 | "_id": { 16 | Type: schema.TypeString, 17 | Optional: true, 18 | }, 19 | "name": { 20 | Type: schema.TypeString, 21 | Optional: true, 22 | }, 23 | "admins": { 24 | Type: schema.TypeList, 25 | Optional: true, 26 | Elem: &schema.Schema{ 27 | Type: schema.TypeString, 28 | }, 29 | }, 30 | }, 31 | } 32 | } 33 | 34 | func dataSourceAccountRead(d *schema.ResourceData, meta interface{}) error { 35 | 36 | client := meta.(*cfclient.Client) 37 | var account *cfclient.Account 38 | var err error 39 | 40 | if _id, _idOk := d.GetOk("_id"); _idOk { 41 | account, err = client.GetAccountByID(_id.(string)) 42 | } else if name, nameOk := d.GetOk("name"); nameOk { 43 | account, err = client.GetAccountByName(name.(string)) 44 | } else { 45 | return fmt.Errorf("data.codefresh_account - must specify _id or name") 46 | } 47 | if err != nil { 48 | return err 49 | } 50 | 51 | if account == nil { 52 | return fmt.Errorf("data.codefresh_account - cannot find account") 53 | } 54 | 55 | return mapDataAccountToResource(account, d) 56 | } 57 | 58 | func mapDataAccountToResource(account *cfclient.Account, d *schema.ResourceData) error { 59 | 60 | if account == nil || account.ID == "" { 61 | return fmt.Errorf("data.codefresh_account - failed to mapDataAccountToResource") 62 | } 63 | d.SetId(account.ID) 64 | 65 | err := d.Set("_id", account.ID) 66 | 67 | if err != nil { 68 | return err 69 | } 70 | 71 | err = d.Set("name", account.Name) 72 | 73 | if err != nil { 74 | return err 75 | } 76 | 77 | err = d.Set("admins", account.Admins) 78 | 79 | if err != nil { 80 | return err 81 | } 82 | 83 | return nil 84 | } 85 | -------------------------------------------------------------------------------- /codefresh/data_account_gitops_settings.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceAccountGitopsSettings() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "This data source retrieves gitops settings for the active account", 13 | Read: dataSourceAccountGitopsSettingsRead, 14 | Schema: map[string]*schema.Schema{ 15 | "id": { 16 | Type: schema.TypeString, 17 | Description: "Account Id", 18 | Computed: true, 19 | }, 20 | "name": { 21 | Type: schema.TypeString, 22 | Computed: true, 23 | Description: "Account name for active account", 24 | }, 25 | "git_provider": { 26 | Type: schema.TypeString, 27 | Computed: true, 28 | Description: "Git provider name", 29 | }, 30 | "git_provider_api_url": { 31 | Type: schema.TypeString, 32 | Computed: true, 33 | Description: "Git provider API url", 34 | }, 35 | "shared_config_repository": { 36 | Type: schema.TypeString, 37 | Computed: true, 38 | Description: "Shared config repository url", 39 | }, 40 | "admins": { 41 | Type: schema.TypeList, 42 | Computed: true, 43 | Elem: &schema.Schema{ 44 | Type: schema.TypeString, 45 | }, 46 | }, 47 | }, 48 | } 49 | } 50 | 51 | func dataSourceAccountGitopsSettingsRead(d *schema.ResourceData, meta interface{}) error { 52 | 53 | client := meta.(*cfclient.Client) 54 | var accountGitopsInfo *cfclient.GitopsActiveAccountInfo 55 | 56 | accountGitopsInfo, err := client.GetActiveGitopsAccountInfo() 57 | 58 | if err != nil { 59 | return err 60 | } 61 | 62 | return mapDataAccountGitopsSettingsToResource(accountGitopsInfo, d) 63 | } 64 | 65 | func mapDataAccountGitopsSettingsToResource(account *cfclient.GitopsActiveAccountInfo, d *schema.ResourceData) error { 66 | 67 | if account == nil || account.ID == "" { 68 | return fmt.Errorf("cannot get gitops settings as account wasn't properly retrived") 69 | } 70 | d.SetId(account.ID) 71 | 72 | err := d.Set("name", account.AccountName) 73 | 74 | if err != nil { 75 | return err 76 | } 77 | 78 | err = d.Set("admins", account.Admins) 79 | 80 | if err != nil { 81 | return err 82 | } 83 | 84 | err = d.Set("git_provider", account.GitProvider) 85 | 86 | if err != nil { 87 | return err 88 | } 89 | 90 | err = d.Set("git_provider_api_url", account.GitApiUrl) 91 | 92 | if err != nil { 93 | return err 94 | } 95 | 96 | err = d.Set("shared_config_repository", account.SharedConfigRepo) 97 | 98 | if err != nil { 99 | return err 100 | } 101 | 102 | return nil 103 | } 104 | -------------------------------------------------------------------------------- /codefresh/data_account_idp.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceAccountIdp() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "This data source retrieves an account level identity provider", 13 | Read: dataSourceAccountIdpRead, 14 | Schema: AccountIdpSchema(), 15 | } 16 | } 17 | 18 | // IdpSchema - 19 | func AccountIdpSchema() map[string]*schema.Schema { 20 | return map[string]*schema.Schema{ 21 | "_id": { 22 | Type: schema.TypeString, 23 | Optional: true, 24 | ExactlyOneOf: []string{"_id", "client_name"}, 25 | }, 26 | "client_name": { 27 | Type: schema.TypeString, 28 | Optional: true, 29 | ExactlyOneOf: []string{"_id", "client_name"}, 30 | }, 31 | "display_name": { 32 | Type: schema.TypeString, 33 | Computed: true, 34 | }, 35 | "client_type": { 36 | Type: schema.TypeString, 37 | Computed: true, 38 | }, 39 | "redirect_url": { 40 | Description: "API Callback url for the identity provider", 41 | Type: schema.TypeString, 42 | Computed: true, 43 | }, 44 | "redirect_ui_url": { 45 | Description: "UI Callback url for the identity provider", 46 | Type: schema.TypeString, 47 | Computed: true, 48 | }, 49 | "login_url": { 50 | Description: "Login url using the IDP to Codefresh", 51 | Type: schema.TypeString, 52 | Computed: true, 53 | }, 54 | } 55 | } 56 | 57 | func dataSourceAccountIdpRead(d *schema.ResourceData, meta interface{}) error { 58 | 59 | client := meta.(*cfclient.Client) 60 | 61 | idps, err := client.GetAccountIDPs() 62 | if err != nil { 63 | return err 64 | } 65 | 66 | _id, _idOk := d.GetOk("_id") 67 | clientName, clientNameOk := d.GetOk("client_name") 68 | 69 | for _, idp := range *idps { 70 | if clientNameOk && clientName.(string) != idp.ClientName { 71 | continue 72 | } 73 | if _idOk && _id.(string) != idp.ID { 74 | continue 75 | } 76 | 77 | err = mapDataAccountIdpToResource(idp, d) 78 | if err != nil { 79 | return err 80 | } 81 | } 82 | 83 | if d.Id() == "" { 84 | return fmt.Errorf("[EROOR] Idp wasn't found") 85 | } 86 | 87 | return nil 88 | } 89 | 90 | func mapDataAccountIdpToResource(cfClientIDP cfclient.IDP, d *schema.ResourceData) error { 91 | 92 | d.SetId(cfClientIDP.ID) 93 | err := d.Set("client_name", cfClientIDP.ClientName) 94 | 95 | if err != nil { 96 | return err 97 | } 98 | 99 | err = d.Set("client_type", cfClientIDP.ClientType) 100 | 101 | if err != nil { 102 | return err 103 | } 104 | 105 | err = d.Set("display_name", cfClientIDP.DisplayName) 106 | 107 | if err != nil { 108 | return err 109 | } 110 | 111 | err = d.Set("redirect_url", cfClientIDP.RedirectUrl) 112 | 113 | if err != nil { 114 | return err 115 | } 116 | 117 | err = d.Set("redirect_ui_url", cfClientIDP.RedirectUiUrl) 118 | 119 | if err != nil { 120 | return err 121 | } 122 | 123 | err = d.Set("login_url", cfClientIDP.LoginUrl) 124 | 125 | if err != nil { 126 | return err 127 | } 128 | 129 | return nil 130 | } 131 | -------------------------------------------------------------------------------- /codefresh/data_context.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/ghodss/yaml" 8 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 9 | ) 10 | 11 | func dataSourceContext() *schema.Resource { 12 | return &schema.Resource{ 13 | Description: "This data source allows to retrieve information on any defined context.", 14 | Read: dataSourceContextRead, 15 | Schema: map[string]*schema.Schema{ 16 | "name": { 17 | Type: schema.TypeString, 18 | Required: true, 19 | }, 20 | "type": { 21 | Type: schema.TypeString, 22 | Computed: true, 23 | }, 24 | "data": { 25 | Type: schema.TypeString, 26 | Computed: true, 27 | }, 28 | }, 29 | } 30 | } 31 | 32 | func dataSourceContextRead(d *schema.ResourceData, meta interface{}) error { 33 | 34 | client := meta.(*cfclient.Client) 35 | var context *cfclient.Context 36 | var err error 37 | 38 | if name, nameOk := d.GetOk("name"); nameOk { 39 | context, err = client.GetContext(name.(string)) 40 | } else { 41 | return fmt.Errorf("data.codefresh_context - must specify name") 42 | } 43 | if err != nil { 44 | return err 45 | } 46 | 47 | if context == nil { 48 | return fmt.Errorf("data.codefresh_context - cannot find context") 49 | } 50 | 51 | return mapDataContextToResource(context, d) 52 | } 53 | 54 | func mapDataContextToResource(context *cfclient.Context, d *schema.ResourceData) error { 55 | 56 | if context == nil || context.Metadata.Name == "" { 57 | return fmt.Errorf("data.codefresh_context - failed to mapDataContextToResource") 58 | } 59 | d.SetId(context.Metadata.Name) 60 | 61 | err := d.Set("name", context.Metadata.Name) 62 | 63 | if err != nil { 64 | return err 65 | } 66 | 67 | err = d.Set("type", context.Spec.Type) 68 | 69 | if err != nil { 70 | return err 71 | } 72 | 73 | data, err := yaml.Marshal(context.Spec.Data) 74 | if err != nil { 75 | return err 76 | } 77 | 78 | err = d.Set("data", string(data)) 79 | 80 | if err != nil { 81 | return err 82 | } 83 | 84 | return nil 85 | } 86 | -------------------------------------------------------------------------------- /codefresh/data_current_account.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceCurrentAccount() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "Returns the current account (owner of the token) and its users.", 13 | Read: dataSourceCurrentAccountRead, 14 | Schema: map[string]*schema.Schema{ 15 | "name": { 16 | Type: schema.TypeString, 17 | Optional: true, 18 | }, 19 | "_id": { 20 | Type: schema.TypeString, 21 | Optional: true, 22 | }, 23 | "users": { 24 | Type: schema.TypeList, 25 | Optional: true, 26 | Elem: &schema.Resource{ 27 | Schema: map[string]*schema.Schema{ 28 | "id": { 29 | Type: schema.TypeString, 30 | Required: true, 31 | }, 32 | "name": { 33 | Type: schema.TypeString, 34 | Required: true, 35 | }, 36 | "email": { 37 | Type: schema.TypeString, 38 | Required: true, 39 | }, 40 | }, 41 | }, 42 | }, 43 | }, 44 | } 45 | } 46 | 47 | func dataSourceCurrentAccountRead(d *schema.ResourceData, meta interface{}) error { 48 | client := meta.(*cfclient.Client) 49 | var currentAccount *cfclient.CurrentAccount 50 | var err error 51 | 52 | currentAccount, err = client.GetCurrentAccount() 53 | if err != nil { 54 | return err 55 | } 56 | 57 | if currentAccount == nil { 58 | return fmt.Errorf("data.codefresh_current_account - failed to get current_account") 59 | } 60 | 61 | return mapDataCurrentAccountToResource(currentAccount, d) 62 | 63 | } 64 | 65 | func mapDataCurrentAccountToResource(currentAccount *cfclient.CurrentAccount, d *schema.ResourceData) error { 66 | 67 | if currentAccount == nil || currentAccount.ID == "" { 68 | return fmt.Errorf("data.codefresh_current_account - failed to mapDataCurrentAccountToResource") 69 | } 70 | d.SetId(currentAccount.ID) 71 | 72 | err := d.Set("_id", currentAccount.ID) 73 | 74 | if err != nil { 75 | return err 76 | } 77 | 78 | err = d.Set("name", currentAccount.Name) 79 | 80 | if err != nil { 81 | return err 82 | } 83 | 84 | // users := make(map[string](map[string]interface{})) 85 | // for n, user := range currentAccount.Users { 86 | // users[n] = make(map[string]interface{}) 87 | // users[n]["name"] = user.UserName 88 | // users[n]["email"] = user.Email 89 | // users[n]["id"] = user.ID 90 | // } 91 | 92 | // d.Set("users", []map[string](map[string]interface{}){users}) 93 | users := make([](map[string]interface{}), len(currentAccount.Users)) 94 | for n, user := range currentAccount.Users { 95 | users[n] = make(map[string]interface{}) 96 | users[n]["name"] = user.UserName 97 | users[n]["email"] = user.Email 98 | users[n]["id"] = user.ID 99 | } 100 | 101 | err = d.Set("users", users) 102 | 103 | if err != nil { 104 | return err 105 | } 106 | 107 | return nil 108 | } 109 | -------------------------------------------------------------------------------- /codefresh/data_current_account_user.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceCurrentAccountUser() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "Returns a user the current Codefresh account by name or email.", 13 | Read: dataSourceCurrentAccountUserRead, 14 | Schema: map[string]*schema.Schema{ 15 | "name": { 16 | Type: schema.TypeString, 17 | ExactlyOneOf: []string{"name", "email"}, 18 | Optional: true, 19 | }, 20 | "email": { 21 | Type: schema.TypeString, 22 | ExactlyOneOf: []string{"name", "email"}, 23 | Optional: true, 24 | }, 25 | }, 26 | } 27 | } 28 | 29 | func dataSourceCurrentAccountUserRead(d *schema.ResourceData, meta interface{}) error { 30 | client := meta.(*cfclient.Client) 31 | var currentAccount *cfclient.CurrentAccount 32 | var err error 33 | 34 | currentAccount, err = client.GetCurrentAccount() 35 | 36 | if err != nil { 37 | return err 38 | } 39 | 40 | if currentAccount == nil { 41 | return fmt.Errorf("data.codefresh_current_account - failed to get current_account") 42 | } 43 | 44 | var ( 45 | userAttributeName string 46 | userAttributeValue string 47 | ) 48 | 49 | if _email, _emailOk := d.GetOk("email"); _emailOk { 50 | userAttributeName = "email" 51 | userAttributeValue = _email.(string) 52 | } else if _name, _nameOk := d.GetOk("name"); _nameOk { 53 | userAttributeName = "name" 54 | userAttributeValue = _name.(string) 55 | } else { 56 | return fmt.Errorf("data.codefresh_current_account_user - must specify name or email") 57 | } 58 | 59 | return mapDataCurrentAccountUserToResource(currentAccount, d, userAttributeName, userAttributeValue) 60 | 61 | } 62 | 63 | func mapDataCurrentAccountUserToResource(currentAccount *cfclient.CurrentAccount, d *schema.ResourceData, userAttributeName string, userAttributeValue string) error { 64 | 65 | if currentAccount == nil || currentAccount.ID == "" { 66 | return fmt.Errorf("data.codefresh_current_account - failed to mapDataCurrentAccountUserToResource no id for current account set") 67 | } 68 | 69 | isFound := false 70 | 71 | for _, user := range currentAccount.Users { 72 | if (userAttributeName == "name" && user.UserName == userAttributeValue) || (userAttributeName == "email" && user.Email == userAttributeValue) { 73 | isFound = true 74 | d.SetId(user.ID) 75 | err := d.Set("name", user.UserName) 76 | 77 | if err != nil { 78 | return err 79 | } 80 | 81 | err = d.Set("email", user.Email) 82 | 83 | if err != nil { 84 | return err 85 | } 86 | 87 | break 88 | } 89 | } 90 | 91 | if !isFound { 92 | return fmt.Errorf("data.codefresh_current_account_user - cannot find user with %s %s", userAttributeName, userAttributeValue) 93 | } 94 | 95 | return nil 96 | } 97 | -------------------------------------------------------------------------------- /codefresh/data_pipelines.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | "regexp" 6 | "time" 7 | 8 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 9 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 10 | ) 11 | 12 | func dataSourcePipelines() *schema.Resource { 13 | return &schema.Resource{ 14 | Description: "This resource retrives all pipelines belonging to the current user, which can be optionally filtered by the name.", 15 | Read: dataSourcePipelinesRead, 16 | Schema: map[string]*schema.Schema{ 17 | "name_regex": { 18 | Description: "The name regular expression to filter pipelines by.", 19 | Type: schema.TypeString, 20 | Optional: true, 21 | }, 22 | "pipelines": { 23 | Description: "The returned list of pipelines. Note that `spec` is currently limited to the YAML, because of the complexity of the object.", 24 | Type: schema.TypeList, 25 | Computed: true, 26 | Elem: &schema.Resource{ 27 | Schema: map[string]*schema.Schema{ 28 | "id": { 29 | Type: schema.TypeString, 30 | Computed: true, 31 | }, 32 | "name": { 33 | Type: schema.TypeString, 34 | Computed: true, 35 | }, 36 | "project": { 37 | Type: schema.TypeString, 38 | Computed: true, 39 | }, 40 | "tags": { 41 | Type: schema.TypeList, 42 | Computed: true, 43 | Elem: schema.TypeString, 44 | }, 45 | "is_public": { 46 | Type: schema.TypeBool, 47 | Computed: true, 48 | }, 49 | "spec": { 50 | Type: schema.TypeString, 51 | Computed: true, 52 | }, 53 | }, 54 | }, 55 | }, 56 | }, 57 | } 58 | } 59 | 60 | func dataSourcePipelinesRead(d *schema.ResourceData, meta interface{}) error { 61 | 62 | client := meta.(*cfclient.Client) 63 | 64 | pipelines, err := client.GetPipelines() 65 | if err != nil { 66 | return err 67 | } 68 | 69 | err = mapDataPipelinesToResource(*pipelines, d) 70 | if err != nil { 71 | return err 72 | } 73 | 74 | d.SetId(time.Now().UTC().String()) 75 | 76 | return nil 77 | } 78 | 79 | func mapDataPipelinesToResource(pipelines []cfclient.Pipeline, d *schema.ResourceData) error { 80 | var res = make([]map[string]interface{}, len(pipelines)) 81 | for i, p := range pipelines { 82 | m := make(map[string]interface{}) 83 | m["id"] = p.Metadata.ID 84 | m["name"] = p.Metadata.Name 85 | m["project"] = p.Metadata.Project 86 | m["tags"] = p.Metadata.Labels.Tags 87 | m["is_public"] = p.Metadata.IsPublic 88 | m["spec"] = p.Metadata.OriginalYamlString 89 | 90 | res[i] = m 91 | } 92 | 93 | filteredPipelines := make([]map[string]interface{}, 0) 94 | for _, p := range res { 95 | match := false 96 | 97 | name, ok := d.GetOk("name_regex") 98 | if !ok { 99 | match = true 100 | } else { 101 | r, err := regexp.Compile(name.(string)) 102 | if err != nil { 103 | return fmt.Errorf("`name_regex` is not a valid regular expression, %s", err.Error()) 104 | } 105 | match = r.MatchString(p["name"].(string)) 106 | } 107 | 108 | if match { 109 | filteredPipelines = append(filteredPipelines, p) 110 | } 111 | } 112 | 113 | err := d.Set("pipelines", filteredPipelines) 114 | if err != nil { 115 | return err 116 | } 117 | 118 | return nil 119 | } 120 | -------------------------------------------------------------------------------- /codefresh/data_project.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | cfClient "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceProject() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "This data source retrieves a project by its ID or name.", 13 | Read: dataSourceProjectRead, 14 | Schema: map[string]*schema.Schema{ 15 | "_id": { 16 | Type: schema.TypeString, 17 | Optional: true, 18 | }, 19 | "name": { 20 | Type: schema.TypeString, 21 | Optional: true, 22 | }, 23 | "tags": { 24 | Type: schema.TypeList, 25 | Optional: true, 26 | Elem: &schema.Schema{ 27 | Type: schema.TypeString, 28 | }, 29 | }, 30 | }, 31 | } 32 | } 33 | 34 | func dataSourceProjectRead(d *schema.ResourceData, meta interface{}) error { 35 | 36 | client := meta.(*cfClient.Client) 37 | var project *cfClient.Project 38 | var err error 39 | 40 | if _id, _idOk := d.GetOk("_id"); _idOk { 41 | project, err = client.GetProjectByID(_id.(string)) 42 | } else if name, nameOk := d.GetOk("name"); nameOk { 43 | project, err = client.GetProjectByName(name.(string)) 44 | } 45 | 46 | if err != nil { 47 | return err 48 | } 49 | 50 | if project == nil { 51 | return fmt.Errorf("data.codefresh_project - cannot find project") 52 | } 53 | 54 | return mapDataProjectToResource(project, d) 55 | 56 | } 57 | 58 | func mapDataProjectToResource(project *cfClient.Project, d *schema.ResourceData) error { 59 | 60 | if project == nil || project.ID == "" { 61 | return fmt.Errorf("data.codefresh_project - failed to mapDataProjectToResource") 62 | } 63 | d.SetId(project.ID) 64 | 65 | err := d.Set("_id", project.ID) 66 | 67 | if err != nil { 68 | return err 69 | } 70 | 71 | err = d.Set("tags", project.Tags) 72 | 73 | if err != nil { 74 | return err 75 | } 76 | 77 | return nil 78 | } 79 | -------------------------------------------------------------------------------- /codefresh/data_registry.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceRegistry() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "This data source allows retrieving information on any existing registry.", 13 | Read: dataSourceRegistryRead, 14 | Schema: map[string]*schema.Schema{ 15 | "name": { 16 | Type: schema.TypeString, 17 | Required: true, 18 | }, 19 | "kind": { 20 | Type: schema.TypeString, 21 | Computed: true, 22 | }, 23 | "domain": { 24 | Type: schema.TypeString, 25 | Computed: true, 26 | }, 27 | "registry_provider": { 28 | Type: schema.TypeString, 29 | Computed: true, 30 | }, 31 | "default": { 32 | Type: schema.TypeBool, 33 | Computed: true, 34 | }, 35 | "primary": { 36 | Type: schema.TypeBool, 37 | Computed: true, 38 | }, 39 | "fallback_registry": { 40 | Type: schema.TypeString, 41 | Computed: true, 42 | }, 43 | "repository_prefix": { 44 | Type: schema.TypeString, 45 | Computed: true, 46 | }, 47 | }, 48 | } 49 | } 50 | 51 | func dataSourceRegistryRead(d *schema.ResourceData, meta interface{}) error { 52 | 53 | client := meta.(*cfclient.Client) 54 | var registry *cfclient.Registry 55 | var err error 56 | 57 | if name, nameOk := d.GetOk("name"); nameOk { 58 | registry, err = client.GetRegistry(name.(string)) 59 | } else { 60 | return fmt.Errorf("data.codefresh_registry - must specify name") 61 | } 62 | if err != nil { 63 | return err 64 | } 65 | 66 | if registry == nil { 67 | return fmt.Errorf("data.codefresh_registry - cannot find registry") 68 | } 69 | 70 | return mapDataRegistryToResource(registry, d) 71 | } 72 | 73 | func mapDataRegistryToResource(registry *cfclient.Registry, d *schema.ResourceData) error { 74 | 75 | if registry == nil || registry.Name == "" { 76 | return fmt.Errorf("data.codefresh_registry - failed to mapDataRegistryToResource") 77 | } 78 | d.SetId(registry.Id) 79 | 80 | err := d.Set("name", registry.Name) 81 | 82 | if err != nil { 83 | return err 84 | } 85 | 86 | err = d.Set("registry_provider", registry.Provider) 87 | 88 | if err != nil { 89 | return err 90 | } 91 | 92 | err = d.Set("kind", registry.Kind) 93 | 94 | if err != nil { 95 | return err 96 | } 97 | 98 | err = d.Set("domain", registry.Domain) 99 | 100 | if err != nil { 101 | return err 102 | } 103 | 104 | err = d.Set("primary", registry.Primary) 105 | 106 | if err != nil { 107 | return err 108 | } 109 | 110 | err = d.Set("default", registry.Default) 111 | 112 | if err != nil { 113 | return err 114 | } 115 | 116 | err = d.Set("fallback_registry", registry.FallbackRegistry) 117 | 118 | if err != nil { 119 | return err 120 | } 121 | 122 | err = d.Set("repository_prefix", registry.RepositoryPrefix) 123 | 124 | if err != nil { 125 | return err 126 | } 127 | 128 | return nil 129 | } 130 | -------------------------------------------------------------------------------- /codefresh/data_service_account.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | cfClient "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceServiceAccount() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "This data source retrieves a Codefresh service account by its ID or name.", 13 | Read: dataSourceServiceAccountRead, 14 | Schema: map[string]*schema.Schema{ 15 | "_id": { 16 | Type: schema.TypeString, 17 | Optional: true, 18 | }, 19 | "name": { 20 | Description: "Service account name", 21 | Type: schema.TypeString, 22 | Optional: true, 23 | AtLeastOneOf: []string{"_id", "name"}, 24 | }, 25 | "assign_admin_role": { 26 | Description: "Whether or not account admin role is assigned to the service account", 27 | Type: schema.TypeBool, 28 | Optional: true, 29 | }, 30 | "assigned_teams": { 31 | Description: "A list of team IDs the service account is be assigned to", 32 | Type: schema.TypeSet, 33 | Optional: true, 34 | Elem: &schema.Schema{ 35 | Type: schema.TypeString, 36 | }, 37 | }, 38 | }, 39 | } 40 | } 41 | 42 | func dataSourceServiceAccountRead(d *schema.ResourceData, meta interface{}) error { 43 | 44 | client := meta.(*cfClient.Client) 45 | var serviceAccount *cfClient.ServiceUser 46 | var err error 47 | 48 | if _id, _idOk := d.GetOk("_id"); _idOk { 49 | serviceAccount, err = client.GetServiceUserByID(_id.(string)) 50 | } else if name, nameOk := d.GetOk("name"); nameOk { 51 | serviceAccount, err = client.GetServiceUserByName(name.(string)) 52 | } 53 | 54 | if err != nil { 55 | return err 56 | } 57 | 58 | if serviceAccount == nil { 59 | return fmt.Errorf("data.codefresh_service_account - cannot find service account") 60 | } 61 | 62 | return mapDataServiceAccountToResource(serviceAccount, d) 63 | 64 | } 65 | 66 | func mapDataServiceAccountToResource(serviceAccount *cfClient.ServiceUser, d *schema.ResourceData) error { 67 | 68 | if serviceAccount == nil || serviceAccount.ID == "" { 69 | return fmt.Errorf("data.codefresh_service_account - failed to mapDataServiceAccountToResource") 70 | } 71 | 72 | d.SetId(serviceAccount.ID) 73 | err := d.Set("name", serviceAccount.Name) 74 | 75 | if err != nil { 76 | return err 77 | } 78 | 79 | err = d.Set("assign_admin_role", serviceAccount.HasAdminRole()) 80 | 81 | if err != nil { 82 | return err 83 | } 84 | 85 | teamIds := []string{} 86 | 87 | for _, team := range serviceAccount.Teams { 88 | teamIds = append(teamIds, team.ID) 89 | } 90 | 91 | err = d.Set("assigned_teams", teamIds) 92 | 93 | if err != nil { 94 | return err 95 | } 96 | 97 | return nil 98 | } 99 | -------------------------------------------------------------------------------- /codefresh/data_step_types.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | "log" 6 | 7 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 8 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 9 | ) 10 | 11 | func dataSourceStepTypes() *schema.Resource { 12 | return &schema.Resource{ 13 | Description: "This data source allows to retrieve the published versions of step-types.", 14 | Read: dataSourceStepTypesRead, 15 | Schema: map[string]*schema.Schema{ 16 | "name": { 17 | Type: schema.TypeString, 18 | Required: true, 19 | }, 20 | "version": { 21 | Type: schema.TypeSet, 22 | Computed: true, 23 | Elem: &schema.Resource{ 24 | Schema: map[string]*schema.Schema{ 25 | "version_number": { 26 | Type: schema.TypeString, 27 | Computed: true, 28 | }, 29 | "step_types_yaml": { 30 | Type: schema.TypeString, 31 | Computed: true, 32 | }, 33 | }, 34 | }, 35 | }, 36 | }, 37 | } 38 | } 39 | 40 | func dataSourceStepTypesRead(d *schema.ResourceData, meta interface{}) error { 41 | 42 | client := meta.(*cfclient.Client) 43 | var err error 44 | var versions []string 45 | stepTypesIdentifier := d.Get("name").(string) 46 | 47 | d.SetId(stepTypesIdentifier) 48 | if versions, err = client.GetStepTypesVersions(stepTypesIdentifier); err == nil { 49 | var stepVersions cfclient.StepTypesVersions 50 | stepVersions.Name = stepTypesIdentifier 51 | err = d.Set("versions", versions) 52 | 53 | if err != nil { 54 | return err 55 | } 56 | 57 | for _, version := range versions { 58 | stepTypes, err := client.GetStepTypes(stepTypesIdentifier + ":" + version) 59 | if err != nil { 60 | log.Printf("[DEBUG] Skipping version %v due to error %v", version, err) 61 | } else { 62 | stepVersion := cfclient.StepTypesVersion{ 63 | VersionNumber: version, 64 | StepTypes: *stepTypes, 65 | } 66 | stepVersions.Versions = append(stepVersions.Versions, stepVersion) 67 | } 68 | } 69 | return mapStepTypesVersionsToResource(stepVersions, d) 70 | } 71 | 72 | return fmt.Errorf("data.codefresh_step_types - was unable to retrieve the versions for step_type %s", stepTypesIdentifier) 73 | 74 | } 75 | 76 | // func mapDataSetTypesToResource(stepTypesVersions cfclient.StepTypesVersions, d *schema.ResourceData) error { 77 | // err := d.Set("name", stepTypesVersions.Name) 78 | // if err != nil { 79 | // return err 80 | // } 81 | // err = d.Set("version", flattenVersions(stepTypesVersions.Name, stepTypesVersions.Versions)) 82 | // return err 83 | // } 84 | -------------------------------------------------------------------------------- /codefresh/data_team.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceTeam() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "This data source retrieves a team by its ID or name.", 13 | Read: dataSourceTeamRead, 14 | Schema: map[string]*schema.Schema{ 15 | "_id": { 16 | Type: schema.TypeString, 17 | Optional: true, 18 | }, 19 | "name": { 20 | Type: schema.TypeString, 21 | Optional: true, 22 | }, 23 | "account_id": { 24 | Type: schema.TypeString, 25 | Optional: true, 26 | }, 27 | "type": { 28 | Type: schema.TypeString, 29 | Optional: true, 30 | }, 31 | "users": { 32 | Type: schema.TypeList, 33 | Optional: true, 34 | Elem: &schema.Schema{ 35 | Type: schema.TypeString, 36 | }, 37 | }, 38 | "tags": { 39 | Type: schema.TypeList, 40 | Optional: true, 41 | Elem: &schema.Schema{ 42 | Type: schema.TypeString, 43 | }, 44 | }, 45 | }, 46 | } 47 | } 48 | 49 | func dataSourceTeamRead(d *schema.ResourceData, meta interface{}) error { 50 | 51 | client := meta.(*cfclient.Client) 52 | var team *cfclient.Team 53 | var err error 54 | 55 | if _id, _idOk := d.GetOk("_id"); _idOk { 56 | team, err = client.GetTeamByID(_id.(string)) 57 | } else if name, nameOk := d.GetOk("name"); nameOk { 58 | // accountID, accountOk := d.GetOk("account_id"); 59 | team, err = client.GetTeamByName(name.(string)) 60 | } 61 | 62 | if err != nil { 63 | return err 64 | } 65 | 66 | if team == nil { 67 | return fmt.Errorf("data.codefresh_team - cannot find team") 68 | } 69 | 70 | return mapDataTeamToResource(team, d) 71 | 72 | } 73 | 74 | func mapDataTeamToResource(team *cfclient.Team, d *schema.ResourceData) error { 75 | 76 | if team == nil || team.ID == "" { 77 | return fmt.Errorf("data.codefresh_team - failed to mapDataTeamToResource") 78 | } 79 | d.SetId(team.ID) 80 | 81 | err := d.Set("_id", team.ID) 82 | 83 | if err != nil { 84 | return err 85 | } 86 | 87 | err = d.Set("account_id", team.Account) 88 | 89 | if err != nil { 90 | return err 91 | } 92 | 93 | err = d.Set("type", team.Type) 94 | 95 | if err != nil { 96 | return err 97 | } 98 | 99 | var users []string 100 | for _, user := range team.Users { 101 | users = append(users, user.ID) 102 | } 103 | 104 | err = d.Set("users", users) 105 | 106 | if err != nil { 107 | return err 108 | } 109 | 110 | err = d.Set("tags", team.Tags) 111 | 112 | if err != nil { 113 | return err 114 | } 115 | 116 | return nil 117 | } 118 | -------------------------------------------------------------------------------- /codefresh/data_users.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "time" 5 | 6 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | func dataSourceUsers() *schema.Resource { 11 | return &schema.Resource{ 12 | Description: "This data source retrieves all users in the system. Requires a Codefresh admin token and applies only to Codefresh on-premises installations.", 13 | Read: dataSourceUsersRead, 14 | Schema: map[string]*schema.Schema{ 15 | "users": { 16 | Type: schema.TypeList, 17 | Computed: true, 18 | Elem: &schema.Resource{ 19 | Schema: *UserSchema(), 20 | }, 21 | }, 22 | }, 23 | } 24 | } 25 | 26 | func dataSourceUsersRead(d *schema.ResourceData, meta interface{}) error { 27 | 28 | client := meta.(*cfclient.Client) 29 | 30 | users, err := client.GetAllUsers() 31 | if err != nil { 32 | return err 33 | } 34 | 35 | err = mapDataUsersToResource(*users, d) 36 | if err != nil { 37 | return err 38 | } 39 | 40 | d.SetId(time.Now().UTC().String()) 41 | 42 | return nil 43 | } 44 | 45 | func mapDataUsersToResource(users []cfclient.User, d *schema.ResourceData) error { 46 | 47 | var res = make([]map[string]interface{}, len(users)) 48 | for i, user := range users { 49 | m := make(map[string]interface{}) 50 | m["user_name"] = user.UserName 51 | m["email"] = user.Email 52 | m["status"] = user.Status 53 | if user.Personal != nil { 54 | m["personal"] = flattenPersonal(user.Personal) 55 | } 56 | m["short_profile"] = []map[string]interface{}{ 57 | {"user_name": user.ShortProfile.UserName}} 58 | m["roles"] = user.Roles 59 | m["logins"] = flattenLogins(&user.Logins) 60 | m["user_id"] = user.ID 61 | 62 | res[i] = m 63 | } 64 | 65 | err := d.Set("users", res) 66 | 67 | if err != nil { 68 | return err 69 | } 70 | 71 | return nil 72 | } 73 | -------------------------------------------------------------------------------- /codefresh/env.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | const ( 4 | ENV_CODEFRESH_PLUGIN_DEBUG = "CODEFRESH_PLUGIN_DEBUG" 5 | ENV_CODEFRESH_PLUGIN_ADDR = "CODEFRESH_PLUGIN_ADDR" 6 | ENV_CODEFRESH_API_URL = "CODEFRESH_API_URL" 7 | ENV_CODEFRESH_API2_URL = "CODEFRESH_API2_URL" 8 | ENV_CODEFRESH_API_KEY = "CODEFRESH_API_KEY" 9 | DEFAULT_CODEFRESH_API_URL = "https://g.codefresh.io/api" 10 | DEFAULT_CODEFRESH_API2_URL = "https://g.codefresh.io/2.0/api/graphql" 11 | DEFAULT_CODEFRESH_PLUGIN_ADDR = "registry.terraform.io/codefresh-io/codefresh" 12 | ) 13 | -------------------------------------------------------------------------------- /codefresh/internal/acctestutil/doc.go: -------------------------------------------------------------------------------- 1 | // Package acctestutil provides utilities for Terraform acceptance tests. 2 | package acctestutil 3 | -------------------------------------------------------------------------------- /codefresh/internal/acctestutil/resource.go: -------------------------------------------------------------------------------- 1 | package acctestutil 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" 7 | ) 8 | 9 | // TestAccGetResourceId returns the ID of the resource with the given name, 10 | // when provided with the Terraform state. 11 | // 12 | // This is useful for acceptance tests, in order to verify that a resource has 13 | // been recreated and hence its ID has changed. 14 | func GetResourceId(s *terraform.State, resourceName string) (string, error) { 15 | rs, ok := s.RootModule().Resources[resourceName] 16 | if !ok { 17 | return "", fmt.Errorf("resource %s not found", resourceName) 18 | } 19 | return rs.Primary.ID, nil 20 | } 21 | -------------------------------------------------------------------------------- /codefresh/internal/datautil/doc.go: -------------------------------------------------------------------------------- 1 | // Package datautil provides utilities for working with data types. 2 | package datautil 3 | -------------------------------------------------------------------------------- /codefresh/internal/datautil/strings.go: -------------------------------------------------------------------------------- 1 | package datautil 2 | 3 | import ( 4 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 5 | "hash/crc32" 6 | ) 7 | 8 | // ConvertStringArr converts an array of interfaces to an array of strings. 9 | func ConvertStringArr(ifaceArr []interface{}) []string { 10 | return ConvertAndMapStringArr(ifaceArr, func(s string) string { return s }) 11 | } 12 | 13 | // ConvertAndMapStringArr converts an array of interfaces to an array of strings, 14 | // applying the supplied function to each element. 15 | func ConvertAndMapStringArr(ifaceArr []interface{}, f func(string) string) []string { 16 | var arr []string 17 | for _, v := range ifaceArr { 18 | if v == nil { 19 | continue 20 | } 21 | arr = append(arr, f(v.(string))) 22 | } 23 | return arr 24 | } 25 | 26 | // ConvertVariables converts an array of cfclient. Variables to 2 maps of key/value pairs - first one for un-encrypted variables second one for encrypted variables. 27 | func ConvertVariables(vars []cfclient.Variable) (map[string]string, map[string]string) { 28 | 29 | numberOfEncryptedVars := 0 30 | 31 | for _, v := range vars { 32 | if v.Encrypted { 33 | numberOfEncryptedVars++ 34 | } 35 | } 36 | 37 | resUnencrptedVars := make(map[string]string, len(vars)-numberOfEncryptedVars) 38 | resEncryptedVars := make(map[string]string, numberOfEncryptedVars) 39 | 40 | for _, v := range vars { 41 | if v.Encrypted { 42 | resEncryptedVars[v.Key] = v.Value 43 | } else { 44 | resUnencrptedVars[v.Key] = v.Value 45 | } 46 | } 47 | 48 | return resUnencrptedVars, resEncryptedVars 49 | } 50 | 51 | // FlattenStringArr flattens an array of strings. 52 | func FlattenStringArr(sArr []string) []interface{} { 53 | iArr := []interface{}{} 54 | for _, s := range sArr { 55 | iArr = append(iArr, s) 56 | } 57 | return iArr 58 | } 59 | 60 | // String hashes a string to a unique hashcode. 61 | // 62 | // Copied from github.com/hashicorp/terraform-plugin-sdk/helper/hashcode as it is removed in v2 and used within the provider. 63 | // By copying the implementation we can avoid a dependency on the terraform-plugin-sdk which is no longer maintained. 64 | func Hashcode(s string) int { 65 | v := int(crc32.ChecksumIEEE([]byte(s))) 66 | if v >= 0 { 67 | return v 68 | } 69 | if -v >= 0 { 70 | return -v 71 | } 72 | // v == MinInt 73 | return 0 74 | } 75 | -------------------------------------------------------------------------------- /codefresh/internal/datautil/yaml.go: -------------------------------------------------------------------------------- 1 | package datautil 2 | 3 | import ( 4 | "github.com/mikefarah/yq/v4/pkg/yqlib" 5 | "gopkg.in/op/go-logging.v1" 6 | "io" 7 | "strings" 8 | ) 9 | 10 | const ( 11 | YQ_OUTPUT_FORMAT_JSON = "json" 12 | YQ_OUTPUT_FORMAT_YAML = "yaml" 13 | ) 14 | 15 | // Yq gets a value from a YAML string using yq 16 | func Yq(yamlString string, expression string, outputformat string) (string, error) { 17 | yqEncoder := yqlib.NewYamlEncoder(yqlib.YamlPreferences{Indent: 0, ColorsEnabled: false}) 18 | 19 | if outputformat == YQ_OUTPUT_FORMAT_JSON { 20 | yqEncoder = yqlib.NewJSONEncoder(yqlib.JsonPreferences{Indent: 0, ColorsEnabled: false, UnwrapScalar: false}) 21 | } 22 | yqDecoder := yqlib.NewYamlDecoder(yqlib.NewDefaultYamlPreferences()) 23 | yqEvaluator := yqlib.NewStringEvaluator() 24 | 25 | // Disable yq logging 26 | yqLogBackend := logging.AddModuleLevel(logging.NewLogBackend(io.Discard, "", 0)) 27 | yqlib.GetLogger().SetBackend(yqLogBackend) 28 | 29 | yamlString, err := yqEvaluator.Evaluate(yamlString, expression, yqEncoder, yqDecoder) 30 | yamlString = strings.TrimSpace(yamlString) 31 | 32 | if yamlString == "null" { // yq's Evaluate() returns "null" if the expression does not match anything 33 | return "", err 34 | } 35 | return yamlString, err 36 | } 37 | -------------------------------------------------------------------------------- /codefresh/internal/gitops/account_settings.go: -------------------------------------------------------------------------------- 1 | package gitops 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | const ( 8 | // Git providers enum from https://github.com/codefresh-io/argo-platform/blob/90f86de326422ca3bd1f64ca5dd26aeedf985e3e/libs/ql/schema/entities/common/integration.graphql#L200 9 | GitProviderGitHub string = "GITHUB" 10 | GitProviderGerrit string = "GERRIT" 11 | GitProviderGitlab string = "GITLAB" 12 | GitProviderBitbucket string = "BITBUCKET" 13 | GitProviderBitbucketServer string = "BITBUCKET_SERVER" 14 | ) 15 | 16 | func GetSupportedGitProvidersList() []string { 17 | return []string{GitProviderGitHub, GitProviderGerrit, GitProviderGitlab, GitProviderBitbucket, GitProviderBitbucketServer} 18 | } 19 | 20 | // Matching implementation for https://github.com/codefresh-io/argo-platform/blob/3c6af5b5cbb29aef58ef6617e71159e882987f5c/libs/git/src/helpers.ts#L37. 21 | // Must be updated accordingly 22 | func GetDefaultAPIUrlForProvider(gitProvider string) (*string, error) { 23 | 24 | defaultApiUrlProvider := map[string]string{ 25 | GitProviderGitHub: "https://api.github.com", 26 | GitProviderGitlab: "https://gitlab.com/api/v4", 27 | GitProviderBitbucket: "https://api.bitbucket.org/2.0", 28 | GitProviderGerrit: "https://gerrit-review.googlesource.com/a", 29 | } 30 | 31 | if val, ok := defaultApiUrlProvider[gitProvider]; ok { 32 | return &val, nil 33 | } 34 | 35 | return nil, fmt.Errorf("no default API URL for provider %s can be found. For self hosted git providers URL must be provided explicitly", gitProvider) 36 | } 37 | -------------------------------------------------------------------------------- /codefresh/internal/gitops/doc.go: -------------------------------------------------------------------------------- 1 | // Shared types, schemas and functions for gitops 2 | package gitops 3 | -------------------------------------------------------------------------------- /codefresh/internal/idp/doc.go: -------------------------------------------------------------------------------- 1 | // Package idp is shared by idp-related resources. 2 | package idp 3 | -------------------------------------------------------------------------------- /codefresh/internal/idp/types.go: -------------------------------------------------------------------------------- 1 | package idp 2 | 3 | const ( 4 | GitHub string = "github" 5 | GitLab string = "gitlab" 6 | Bitbucket string = "bitbucket" 7 | Okta string = "okta" 8 | Google string = "google" 9 | Auth0 string = "auth0" 10 | Azure string = "azure" 11 | OneLogin string = "onelogin" 12 | Keycloak string = "keycloak" 13 | SAML string = "saml" 14 | LDAP string = "ldap" 15 | ) 16 | -------------------------------------------------------------------------------- /codefresh/internal/schemautil/doc.go: -------------------------------------------------------------------------------- 1 | // Package schemautil provides utilities for working with Terraform resource schemas. 2 | package schemautil 3 | -------------------------------------------------------------------------------- /codefresh/internal/schemautil/normalize.go: -------------------------------------------------------------------------------- 1 | package schemautil 2 | 3 | import ( 4 | "log" 5 | "regexp" 6 | 7 | "gopkg.in/yaml.v2" 8 | ) 9 | 10 | const ( 11 | NormalizedFieldNameRegex string = `[^a-z0-9_]+` 12 | ) 13 | 14 | // NormalizeFieldName normalizes a field name to be lowercase and contain only alphanumeric characters and dashes. 15 | func NormalizeFieldName(fieldName string) (string, error) { 16 | reg, err := regexp.Compile(NormalizedFieldNameRegex) 17 | if err != nil { 18 | return "", err 19 | } 20 | return reg.ReplaceAllString(fieldName, ""), nil 21 | } 22 | 23 | // MustNormalizeFieldName is the same as NormalizeFieldName, but will log an error (legacy logging) instead of returning it. 24 | func MustNormalizeFieldName(fieldName string) string { 25 | normalizedFieldName, err := NormalizeFieldName(fieldName) 26 | if err != nil { 27 | log.Printf("[ERROR] Failed to normalize field name %q: %s", fieldName, err) 28 | } 29 | return normalizedFieldName 30 | } 31 | 32 | // NormalizeYAMLString normalizes a YAML string to a standardized order, format and indentation. 33 | func NormalizeYamlString(yamlString interface{}) (string, error) { 34 | var j map[string]interface{} 35 | 36 | if yamlString == nil || yamlString.(string) == "" { 37 | return "", nil 38 | } 39 | 40 | s := yamlString.(string) 41 | err := yaml.Unmarshal([]byte(s), &j) 42 | if err != nil { 43 | return s, err 44 | } 45 | 46 | bytes, _ := yaml.Marshal(j) 47 | return string(bytes[:]), nil 48 | } 49 | 50 | // MustNormalizeYamlString is the same as NormalizeYamlString, but will log an error (legacy logging) instead of returning it. 51 | func MustNormalizeYamlString(yamlString interface{}) string { 52 | normalizedYamlString, err := NormalizeYamlString(yamlString) 53 | if err != nil { 54 | log.Printf("[ERROR] Failed to normalize YAML string %q: %s", yamlString, err) 55 | } 56 | return normalizedYamlString 57 | } 58 | -------------------------------------------------------------------------------- /codefresh/internal/schemautil/supressdiff.go: -------------------------------------------------------------------------------- 1 | // Package schemautil provides utilities for working with Terraform resource schemas. 2 | // 3 | // Note that this package uses legacy logging because the provider context is not available 4 | package schemautil 5 | 6 | import ( 7 | "log" 8 | 9 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 10 | ) 11 | 12 | const ( 13 | normalizationFailedErrorFormat = "[ERROR] Unable to normalize data body: %s" 14 | ) 15 | 16 | // SuppressEquivalentYamlDiffs returns SchemaDiffSuppressFunc that suppresses diffs between 17 | // equivalent YAML strings. 18 | func SuppressEquivalentYamlDiffs() schema.SchemaDiffSuppressFunc { 19 | return func(k, old, new string, d *schema.ResourceData) bool { 20 | normalizedOld, err := NormalizeYamlString(old) 21 | if err != nil { 22 | log.Printf(normalizationFailedErrorFormat, err) 23 | return false 24 | } 25 | 26 | normalizedNew, err := NormalizeYamlString(new) 27 | if err != nil { 28 | log.Printf(normalizationFailedErrorFormat, err) 29 | return false 30 | } 31 | 32 | return normalizedOld == normalizedNew 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /codefresh/internal/schemautil/validation.go: -------------------------------------------------------------------------------- 1 | package schemautil 2 | 3 | import ( 4 | "github.com/dlclark/regexp2" 5 | "github.com/hashicorp/terraform-plugin-sdk/v2/diag" 6 | "github.com/robfig/cron" 7 | ) 8 | 9 | type ValidationOptions struct { 10 | severity diag.Severity 11 | summary string 12 | detailFormat string 13 | cronValidationOptions *CronValidationOptions 14 | stringValidationOptions *StringValidationOptions 15 | } 16 | 17 | type ValidationOptionSetter func(*ValidationOptions) 18 | 19 | // NewValidationOptions returns a new ValidationOptions struct with default values. 20 | func NewValidationOptions() *ValidationOptions { 21 | return &ValidationOptions{ 22 | severity: diag.Error, 23 | summary: "", 24 | detailFormat: "", 25 | cronValidationOptions: &CronValidationOptions{ 26 | parser: cron.NewParser(cron.Minute | cron.Hour | cron.Dom | cron.Month | cron.Dow), 27 | }, 28 | stringValidationOptions: &StringValidationOptions{ 29 | regexp2.RE2, 30 | }, 31 | } 32 | } 33 | 34 | // WithSeverity overrides the severity of the validation error. 35 | func WithSeverity(severity diag.Severity) ValidationOptionSetter { 36 | return func(o *ValidationOptions) { 37 | o.setSeverity(severity) 38 | } 39 | } 40 | 41 | // WithSummary overrides the summary of the validation error. 42 | func WithSummary(summary string) ValidationOptionSetter { 43 | return func(o *ValidationOptions) { 44 | o.setSummary(summary) 45 | } 46 | } 47 | 48 | // WithDetailFormat overrides the detail format string of the validation error. 49 | // 50 | // This string is passed to fmt.Sprintf. 51 | // The verbs used in the format string depend on the implementation of the validation function. 52 | func WithDetailFormat(detailFormat string) ValidationOptionSetter { 53 | return func(o *ValidationOptions) { 54 | o.setDetailFormat(detailFormat) 55 | } 56 | } 57 | 58 | // WithParser overrides the cron parser used to validate cron expressions. 59 | func WithCronParser(parser cron.Parser) ValidationOptionSetter { 60 | return func(o *ValidationOptions) { 61 | o.setCronParser(parser) 62 | } 63 | } 64 | 65 | // WithRegexOptions overrides the regex options used to validate regular expressions. 66 | func WithRegexOptions(options regexp2.RegexOptions) ValidationOptionSetter { 67 | return func(o *ValidationOptions) { 68 | o.setRegexOptions(options) 69 | } 70 | } 71 | 72 | func (o *ValidationOptions) apply(setters []ValidationOptionSetter) *ValidationOptions { 73 | for _, opt := range setters { 74 | opt(o) 75 | } 76 | return o 77 | } 78 | 79 | func (o *ValidationOptions) setSeverity(severity diag.Severity) *ValidationOptions { 80 | o.severity = severity 81 | return o 82 | } 83 | 84 | func (o *ValidationOptions) setSummary(summary string) *ValidationOptions { 85 | o.summary = summary 86 | return o 87 | } 88 | 89 | func (o *ValidationOptions) setDetailFormat(detailFormat string) *ValidationOptions { 90 | o.detailFormat = detailFormat 91 | return o 92 | } 93 | -------------------------------------------------------------------------------- /codefresh/internal/schemautil/validation_cron.go: -------------------------------------------------------------------------------- 1 | package schemautil 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/hashicorp/go-cty/cty" 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/diag" 8 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 9 | "github.com/robfig/cron" 10 | ) 11 | 12 | // CronValidationOptions contains options for validating cron expressions. 13 | type CronValidationOptions struct { 14 | parser cron.Parser 15 | } 16 | 17 | func (o *ValidationOptions) setCronParser(parser cron.Parser) *ValidationOptions { 18 | o.cronValidationOptions.parser = parser 19 | return o 20 | } 21 | 22 | // CronExpression returns a SchemaValidateDiagFunc that validates a cron expression. 23 | func CronExpression(opts ...ValidationOptionSetter) schema.SchemaValidateDiagFunc { 24 | // Cron expression requirements: 5 fields, with ability to use descriptors (e.g. @yearly) 25 | parser := cron.NewParser(cron.Minute | cron.Hour | cron.Dom | cron.Month | cron.Dow | cron.Descriptor) 26 | options := NewValidationOptions(). 27 | setSeverity(diag.Error). 28 | setSummary("Invalid cron expression."). 29 | setDetailFormat("The cron expression %q is invalid: %s"). 30 | setCronParser(parser). 31 | apply(opts) 32 | 33 | return func(v interface{}, path cty.Path) (diags diag.Diagnostics) { 34 | expression := v.(string) 35 | 36 | if _, err := options.cronValidationOptions.parser.Parse(expression); err != nil { 37 | diags = append(diags, diag.Diagnostic{ 38 | Severity: options.severity, 39 | Summary: options.summary, 40 | Detail: fmt.Sprintf(options.detailFormat, expression, err), 41 | }) 42 | } 43 | 44 | return diags 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /codefresh/internal/schemautil/validation_values.go: -------------------------------------------------------------------------------- 1 | package schemautil 2 | 3 | const ( 4 | // https://github.com/codefresh-io/hermes/blob/6d75b347cb8ff471ce970a766b2285788e5e19fe/pkg/backend/dev_compose_types.json#L226 5 | ValidCronMessageRegex string = `^[a-zA-Z0-9_+\s-#?.:]{2,128}$` 6 | ) 7 | -------------------------------------------------------------------------------- /codefresh/provider_test.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "os" 5 | "testing" 6 | 7 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 8 | ) 9 | 10 | var testAccProvider *schema.Provider 11 | var testAccProviders map[string]*schema.Provider 12 | 13 | func init() { 14 | testAccProvider = Provider() 15 | testAccProviders = map[string]*schema.Provider{ 16 | "codefresh": testAccProvider, 17 | } 18 | } 19 | 20 | func TestProvider(t *testing.T) { 21 | if err := Provider().InternalValidate(); err != nil { 22 | t.Fatalf("err: %s", err) 23 | } 24 | } 25 | 26 | func testAccPreCheck(t *testing.T) { 27 | if v := os.Getenv(ENV_CODEFRESH_API_KEY); v == "" { 28 | t.Fatalf("%s must be set for acceptance tests", ENV_CODEFRESH_API_KEY) 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /codefresh/resource_account_admins.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 5 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/internal/datautil" 6 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 7 | ) 8 | 9 | func resourceAccountAdmins() *schema.Resource { 10 | return &schema.Resource{ 11 | Description: ` 12 | Use this resource to set a list of admins for any account. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 13 | `, 14 | Create: resourceAccountAdminsCreate, 15 | Read: resourceAccountAdminsRead, 16 | Update: resourceAccountAdminsUpdate, 17 | Delete: resourceAccountAdminsDelete, 18 | Importer: &schema.ResourceImporter{ 19 | StateContext: schema.ImportStatePassthroughContext, 20 | }, 21 | Schema: map[string]*schema.Schema{ 22 | "account_id": { 23 | Description: "The account ID for which to set up the list of admins.", 24 | Type: schema.TypeString, 25 | Required: true, 26 | }, 27 | "users": { 28 | Description: "A list of users to set up as account admins.", 29 | Type: schema.TypeSet, 30 | Required: true, 31 | Elem: &schema.Schema{ 32 | Type: schema.TypeString, 33 | }, 34 | }, 35 | }, 36 | } 37 | } 38 | 39 | func resourceAccountAdminsCreate(d *schema.ResourceData, meta interface{}) error { 40 | 41 | client := meta.(*cfclient.Client) 42 | 43 | admins := d.Get("users").(*schema.Set).List() 44 | 45 | accountId := d.Get("account_id").(string) 46 | 47 | for _, admin := range datautil.ConvertStringArr(admins) { 48 | err := client.SetUserAsAccountAdmin(accountId, admin) 49 | if err != nil { 50 | return err 51 | } 52 | } 53 | 54 | // d.SetId(time.Now().UTC().String()) 55 | d.SetId(accountId) 56 | 57 | return nil 58 | } 59 | 60 | func resourceAccountAdminsDelete(d *schema.ResourceData, meta interface{}) error { 61 | 62 | client := meta.(*cfclient.Client) 63 | 64 | admins := d.Get("users").(*schema.Set).List() 65 | 66 | accountId := d.Get("account_id").(string) 67 | 68 | for _, admin := range datautil.ConvertStringArr(admins) { 69 | err := client.DeleteUserAsAccountAdmin(accountId, admin) 70 | if err != nil { 71 | return err 72 | } 73 | } 74 | 75 | return nil 76 | } 77 | 78 | func resourceAccountAdminsRead(d *schema.ResourceData, meta interface{}) error { 79 | 80 | client := meta.(*cfclient.Client) 81 | 82 | accountId := d.Id() 83 | 84 | err := d.Set("account_id", accountId) 85 | 86 | if err != nil { 87 | return err 88 | } 89 | 90 | account, err := client.GetAccountByID(accountId) 91 | if err != nil { 92 | return nil 93 | } 94 | err = d.Set("users", account.Admins) 95 | if err != nil { 96 | return err 97 | } 98 | 99 | return nil 100 | } 101 | 102 | func resourceAccountAdminsUpdate(d *schema.ResourceData, meta interface{}) error { 103 | 104 | client := meta.(*cfclient.Client) 105 | 106 | accountId := d.Get("account_id").(string) 107 | desiredAdmins := d.Get("users").(*schema.Set).List() 108 | 109 | account, err := client.GetAccountByID(accountId) 110 | if err != nil { 111 | return err 112 | } 113 | 114 | adminsToAdd, AdminsToDelete := cfclient.GetAccountAdminsDiff(datautil.ConvertStringArr(desiredAdmins), account.Admins) 115 | 116 | for _, userId := range AdminsToDelete { 117 | err := client.DeleteUserAsAccountAdmin(accountId, userId) 118 | if err != nil { 119 | return err 120 | } 121 | } 122 | 123 | for _, userId := range adminsToAdd { 124 | err := client.SetUserAsAccountAdmin(accountId, userId) 125 | if err != nil { 126 | return err 127 | } 128 | } 129 | 130 | return nil 131 | } 132 | -------------------------------------------------------------------------------- /codefresh/resource_idp_accounts.go: -------------------------------------------------------------------------------- 1 | package codefresh 2 | 3 | import ( 4 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient" 5 | "github.com/codefresh-io/terraform-provider-codefresh/codefresh/internal/datautil" 6 | "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" 7 | ) 8 | 9 | func resourceIDPAccounts() *schema.Resource { 10 | return &schema.Resource{ 11 | Description: ` 12 | This resource adds the list of provided account IDs to the IDP. 13 | Because of the current Codefresh API limitation it's impossible to remove account from IDP, thus deletion is not supported. 14 | `, 15 | Create: resourceIDPAccountsCreate, 16 | Read: resourceIDPAccountsRead, 17 | Update: resourceIDPAccountsUpdate, 18 | Delete: resourceIDPAccountsDelete, 19 | Importer: &schema.ResourceImporter{ 20 | StateContext: schema.ImportStatePassthroughContext, 21 | }, 22 | Schema: map[string]*schema.Schema{ 23 | "idp_id": { 24 | Description: "The IdP name.", 25 | Type: schema.TypeString, 26 | Required: true, 27 | }, 28 | "account_ids": { 29 | Description: "A list of account IDs to add to the IdP.", 30 | Type: schema.TypeSet, 31 | Required: true, 32 | Elem: &schema.Schema{ 33 | Type: schema.TypeString, 34 | }, 35 | }, 36 | }, 37 | } 38 | } 39 | 40 | func resourceIDPAccountsCreate(d *schema.ResourceData, meta interface{}) error { 41 | client := meta.(*cfclient.Client) 42 | 43 | accountIds := datautil.ConvertStringArr(d.Get("account_ids").(*schema.Set).List()) 44 | 45 | idpID := d.Get("idp_id").(string) 46 | 47 | idp, err := client.GetIdpByID(idpID) 48 | if err != nil { 49 | return err 50 | } 51 | 52 | for _, accountID := range accountIds { 53 | err = client.AddAccountToIDP(accountID, idp.ID) 54 | 55 | if err != nil { 56 | return err 57 | } 58 | } 59 | 60 | d.SetId(idp.ID) 61 | 62 | return nil 63 | } 64 | 65 | func resourceIDPAccountsRead(d *schema.ResourceData, meta interface{}) error { 66 | client := meta.(*cfclient.Client) 67 | 68 | idpID := d.Id() 69 | if idpID == "" { 70 | d.SetId("") 71 | return nil 72 | } 73 | 74 | idp, err := client.GetIdpByID(idpID) 75 | if err != nil { 76 | return err 77 | } 78 | 79 | err = d.Set("idp_id", idp.ID) 80 | if err != nil { 81 | return err 82 | } 83 | 84 | err = d.Set("account_ids", idp.Accounts) 85 | if err != nil { 86 | return err 87 | } 88 | 89 | return nil 90 | } 91 | 92 | func resourceIDPAccountsDelete(_ *schema.ResourceData, _ interface{}) error { 93 | // todo 94 | // warning message 95 | return nil 96 | } 97 | 98 | func resourceIDPAccountsUpdate(d *schema.ResourceData, meta interface{}) error { 99 | client := meta.(*cfclient.Client) 100 | 101 | idpID := d.Id() 102 | 103 | idp, err := client.GetIdpByID(idpID) 104 | if err != nil { 105 | return err 106 | } 107 | 108 | existingAccounts := idp.Accounts 109 | 110 | desiredAccounts := datautil.ConvertStringArr(d.Get("account_ids").(*schema.Set).List()) 111 | 112 | for _, account := range desiredAccounts { 113 | if ok := cfclient.FindInSlice(existingAccounts, account); !ok { 114 | err := client.AddAccountToIDP(account, idp.ID) 115 | 116 | if err != nil { 117 | return err 118 | } 119 | } 120 | } 121 | 122 | return nil 123 | } 124 | -------------------------------------------------------------------------------- /docs/data-sources/account.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_account Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source retrieves an account by _id or name. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 6 | --- 7 | 8 | # codefresh_account (Data Source) 9 | 10 | This data source retrieves an account by _id or name. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_account" "acc" { 16 | name = "acc1" 17 | } 18 | 19 | resource "codefresh_user" "user1" { 20 | email = "user1@example.com" 21 | user_name = "user1" 22 | 23 | accounts = [ 24 | data.codefresh_account.acc.id 25 | ] 26 | 27 | activate = true 28 | 29 | roles = [ 30 | "Admin", 31 | "User" 32 | ] 33 | 34 | login { 35 | idp_id = data.codefresh_idps.idp_azure.id 36 | sso = true 37 | } 38 | 39 | login { 40 | idp_id = data.codefresh_idps.local.id 41 | //sso = false 42 | } 43 | 44 | 45 | personal { 46 | first_name = "John" 47 | last_name = "Smith" 48 | } 49 | } 50 | ``` 51 | 52 | 53 | ## Schema 54 | 55 | ### Optional 56 | 57 | - `_id` (String) 58 | - `admins` (List of String) 59 | - `name` (String) 60 | 61 | ### Read-Only 62 | 63 | - `id` (String) The ID of this resource. -------------------------------------------------------------------------------- /docs/data-sources/account_gitops_settings.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "codefresh_account_gitops_settings Data Source - terraform-provider-codefresh" 4 | subcategory: "" 5 | description: |- 6 | This data source retrieves gitops settings for the active account 7 | --- 8 | 9 | # codefresh_account_gitops_settings (Data Source) 10 | 11 | This data source retrieves gitops settings for the active account 12 | 13 | 14 | 15 | 16 | ## Schema 17 | 18 | ### Read-Only 19 | 20 | - `admins` (List of String) 21 | - `git_provider` (String) Git provider name 22 | - `git_provider_api_url` (String) Git provider API url 23 | - `id` (String) Account Id 24 | - `name` (String) Account name for active account 25 | - `shared_config_repository` (String) Shared config repository url 26 | -------------------------------------------------------------------------------- /docs/data-sources/account_idp.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "codefresh_account_idp Data Source - terraform-provider-codefresh" 4 | subcategory: "" 5 | description: |- 6 | This data source retrieves an account level identity provider 7 | --- 8 | 9 | # codefresh_account_idp (Data Source) 10 | 11 | This data source retrieves an account level identity provider 12 | 13 | 14 | 15 | 16 | ## Schema 17 | 18 | ### Optional 19 | 20 | - `_id` (String) 21 | - `client_name` (String) 22 | 23 | ### Read-Only 24 | 25 | - `client_type` (String) 26 | - `display_name` (String) 27 | - `id` (String) The ID of this resource. 28 | - `login_url` (String) Login url using the IDP to Codefresh 29 | - `redirect_ui_url` (String) UI Callback url for the identity provider 30 | - `redirect_url` (String) API Callback url for the identity provider 31 | -------------------------------------------------------------------------------- /docs/data-sources/context.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_context Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source allows to retrieve information on any defined context. 6 | --- 7 | 8 | # codefresh_context (Data Source) 9 | 10 | This data source allows to retrieve information on any defined context. 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | # Assuming runtimes-list is a context of type "config" with the following values 16 | # runtime_a: dev 17 | # runtime_b: test 18 | # runtime_c: prod 19 | 20 | data "codefresh_context" "runtimes_list" { 21 | name = "runtimes-list" 22 | } 23 | 24 | resource "codefresh_project" "test" { 25 | name = "myproject" 26 | } 27 | 28 | resource "codefresh_pipeline" "test" { 29 | 30 | lifecycle { 31 | ignore_changes = [ 32 | revision 33 | ] 34 | } 35 | 36 | name = "${codefresh_project.test.name}/react-sample-app" 37 | 38 | runtime_environment { 39 | name = yamldecode(data.codefresh_context.runtimes_list.data).runtime_a 40 | } 41 | 42 | spec { 43 | 44 | spec_template { 45 | repo = "codefresh-contrib/react-sample-app" 46 | path = "./codefresh.yml" 47 | revision = "master" 48 | context = "git" 49 | } 50 | } 51 | } 52 | ``` 53 | 54 | 55 | ## Schema 56 | 57 | ### Required 58 | 59 | - `name` (String) 60 | 61 | ### Read-Only 62 | 63 | - `data` (String) 64 | - `id` (String) The ID of this resource. 65 | - `type` (String) -------------------------------------------------------------------------------- /docs/data-sources/current_account.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_current_account Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | Returns the current account (owner of the token) and its users. 6 | --- 7 | 8 | # codefresh_current_account (Data Source) 9 | 10 | Returns the current account (owner of the token) and its users. 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | provider "codefresh" { 16 | api_url = var.api_url 17 | token = var.token 18 | } 19 | 20 | data "codefresh_current_account" "acc" { 21 | 22 | } 23 | 24 | 25 | output "current_ac" { 26 | value = data.codefresh_current_account.acc 27 | } 28 | ``` 29 | 30 | The output example: 31 | ```hcl 32 | Outputs: 33 | 34 | current_ac = { 35 | "_id" = "5f1fd9044d0fc94ddff0d745" 36 | "id" = "5f1fd9044d0fc94ddff0d745" 37 | "name" = "acc1" 38 | "users" = [ 39 | { 40 | "email" = "kosta@codefresh.io" 41 | "id" = "5f1fd9094d0fc9c656f0d75a" 42 | "name" = "user1" 43 | }, 44 | { 45 | "email" = "kosta@sysadmiral.io" 46 | "id" = "5f1fd9094d0fc93b52f0d75c" 47 | "name" = "user3" 48 | }, 49 | ] 50 | } 51 | ``` 52 | 53 | 54 | ## Schema 55 | 56 | ### Optional 57 | 58 | - `_id` (String) 59 | - `name` (String) 60 | - `users` (Block List) (see [below for nested schema](#nestedblock--users)) 61 | 62 | ### Read-Only 63 | 64 | - `id` (String) The ID of this resource. 65 | 66 | 67 | ### Nested Schema for `users` 68 | 69 | Required: 70 | 71 | - `email` (String) 72 | - `id` (String) 73 | - `name` (String) -------------------------------------------------------------------------------- /docs/data-sources/current_account_user.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "codefresh_current_account_user Data Source - terraform-provider-codefresh" 4 | subcategory: "" 5 | description: |- 6 | Returns a user the current Codefresh account by name or email. 7 | --- 8 | 9 | # codefresh_current_account_user (Data Source) 10 | 11 | Returns a user the current Codefresh account by name or email. 12 | 13 | 14 | 15 | 16 | ## Schema 17 | 18 | ### Optional 19 | 20 | - `email` (String) 21 | - `name` (String) 22 | 23 | ### Read-Only 24 | 25 | - `id` (String) The ID of this resource. 26 | -------------------------------------------------------------------------------- /docs/data-sources/idps.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_idps Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source retrieves all Identity Providers (IdPs) in the system. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 6 | --- 7 | 8 | # codefresh_idps (Data Source) 9 | 10 | This data source retrieves all Identity Providers (IdPs) in the system. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_idps" "idp_azure" { 16 | display_name = "codefresh-onprem-tst-2" 17 | # client_name = "2222" 18 | # _id = "5df234543" 19 | client_type = "azure" 20 | } 21 | 22 | data "codefresh_idps" "local" { 23 | display_name = "local" 24 | } 25 | 26 | resource "codefresh_account" "acc" { 27 | name = "acc1" 28 | 29 | features = var.accountFeatures 30 | 31 | limits { 32 | collaborators = 25 33 | data_retention_weeks = 5 34 | } 35 | 36 | build { 37 | parallel = 25 38 | nodes = 7 39 | } 40 | 41 | } 42 | 43 | resource "codefresh_user" "user1" { 44 | email = "user1@example.com" 45 | user_name = "user1" 46 | 47 | activate = true 48 | 49 | roles = [ 50 | "Admin", 51 | "User" 52 | ] 53 | 54 | login { 55 | idp_id = data.codefresh_idps.idp_azure.id 56 | sso = true 57 | } 58 | 59 | login { 60 | idp_id = data.codefresh_idps.local.id 61 | //sso = false 62 | } 63 | 64 | personal { 65 | first_name = "John" 66 | last_name = "Smith" 67 | } 68 | 69 | accounts = [ 70 | codefresh_account.acc.id 71 | ] 72 | } 73 | 74 | resource "codefresh_idp_accounts" "acc_idp" { 75 | idp_id = data.codefresh_idps.idp_azure.id 76 | account_ids = [codefresh_account.acc.id] 77 | } 78 | ``` 79 | 80 | 81 | ## Schema 82 | 83 | ### Optional 84 | 85 | - `_id` (String) 86 | - `client_name` (String) 87 | - `client_type` (String) 88 | - `display_name` (String) 89 | 90 | ### Read-Only 91 | 92 | - `access_token` (String) 93 | - `accounts` (Set of String) 94 | - `app_id` (String) 95 | - `client_host` (String) 96 | - `client_id` (String) 97 | - `client_secret` (String) 98 | - `cookie_iv` (String) 99 | - `cookie_key` (String) 100 | - `id` (String) The ID of this resource. 101 | - `scopes` (Set of String) 102 | - `tenant` (String) -------------------------------------------------------------------------------- /docs/data-sources/pipelines.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "codefresh_pipelines Data Source - terraform-provider-codefresh" 4 | subcategory: "" 5 | description: |- 6 | This resource retrives all pipelines belonging to the current user, which can be optionally filtered by the name. 7 | --- 8 | 9 | # codefresh_pipelines (Data Source) 10 | 11 | This resource retrives all pipelines belonging to the current user, which can be optionally filtered by the name. 12 | 13 | 14 | 15 | 16 | ## Schema 17 | 18 | ### Optional 19 | 20 | - `name_regex` (String) The name regular expression to filter pipelines by. 21 | 22 | ### Read-Only 23 | 24 | - `id` (String) The ID of this resource. 25 | - `pipelines` (List of Object) The returned list of pipelines. Note that `spec` is currently limited to the YAML, because of the complexity of the object. (see [below for nested schema](#nestedatt--pipelines)) 26 | 27 | 28 | ### Nested Schema for `pipelines` 29 | 30 | Read-Only: 31 | 32 | - `id` (String) 33 | - `is_public` (Boolean) 34 | - `name` (String) 35 | - `project` (String) 36 | - `spec` (String) 37 | - `tags` (List of String) 38 | -------------------------------------------------------------------------------- /docs/data-sources/project.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_project Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source retrieves a project by its ID or name. 6 | --- 7 | 8 | # codefresh_project (Data Source) 9 | 10 | This data source retrieves a project by its ID or name. 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_project" "myapp" { 16 | name = "myapp" 17 | } 18 | 19 | 20 | resource "codefresh_pipeline" "myapp-deploy" { 21 | 22 | name = "${data.codefresh_project.myapp.projectName}/myapp-deploy" 23 | 24 | ... 25 | } 26 | 27 | ``` 28 | 29 | 30 | ## Schema 31 | 32 | ### Optional 33 | 34 | - `_id` (String) 35 | - `name` (String) 36 | - `tags` (List of String) 37 | 38 | ### Read-Only 39 | 40 | - `id` (String) The ID of this resource. -------------------------------------------------------------------------------- /docs/data-sources/registry.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_registry Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source allows retrieving information on any existing registry. 6 | --- 7 | 8 | # codefresh_registry (Data Source) 9 | 10 | This data source allows retrieving information on any existing registry. 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | # some pre-existing registry 16 | data "codefresh_registry" "dockerhub" { 17 | name = "dockerhub" 18 | } 19 | 20 | # example with using data reference to existing registry, not managed by terraform 21 | # "dockerhub" registry will be used as fallback for "dockerhub1" 22 | resource "codefresh_registry" "dockerhub1" { 23 | name = "dockerhub1" 24 | primary = !data.codefresh_registry.dockerhub.primary 25 | 26 | spec { 27 | dockerhub { 28 | username = "test" 29 | password = "test" 30 | } 31 | } 32 | fallback_registry = data.codefresh_registry.dockerhub.id 33 | } 34 | ``` 35 | 36 | 37 | ## Schema 38 | 39 | ### Required 40 | 41 | - `name` (String) 42 | 43 | ### Read-Only 44 | 45 | - `default` (Boolean) 46 | - `domain` (String) 47 | - `fallback_registry` (String) 48 | - `id` (String) The ID of this resource. 49 | - `kind` (String) 50 | - `primary` (Boolean) 51 | - `registry_provider` (String) 52 | - `repository_prefix` (String) 53 | -------------------------------------------------------------------------------- /docs/data-sources/service_account.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "codefresh_service_account Data Source - terraform-provider-codefresh" 4 | subcategory: "" 5 | description: |- 6 | This data source retrieves a Codefresh service account by its ID or name. 7 | --- 8 | 9 | # codefresh_service_account (Data Source) 10 | 11 | This data source retrieves a Codefresh service account by its ID or name. 12 | 13 | 14 | 15 | 16 | ## Schema 17 | 18 | ### Optional 19 | 20 | - `_id` (String) 21 | - `assign_admin_role` (Boolean) Whether or not account admin role is assigned to the service account 22 | - `assigned_teams` (Set of String) A list of team IDs the service account is be assigned to 23 | - `name` (String) Service account name 24 | 25 | ### Read-Only 26 | 27 | - `id` (String) The ID of this resource. 28 | -------------------------------------------------------------------------------- /docs/data-sources/step_types.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_step_types Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source allows to retrieve the published versions of step-types. 6 | --- 7 | 8 | # codefresh_step_types (Data Source) 9 | 10 | This data source allows to retrieve the published versions of step-types. 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_step_types" "freestyle" { 16 | name = "freestyle" 17 | } 18 | 19 | local { 20 | freestyle_map = { for step_definition in data.codefresh_step_types.freestyle.version: step_definition.version_number => step_definition } 21 | } 22 | 23 | output "test" { 24 | # Value is return as YAML 25 | value = local.freestyle_map[keys(local.freestyle_map)[0]].version_number 26 | } 27 | 28 | ``` 29 | 30 | 31 | ## Schema 32 | 33 | ### Required 34 | 35 | - `name` (String) 36 | 37 | ### Read-Only 38 | 39 | - `id` (String) The ID of this resource. 40 | - `version` (Set of Object) (see [below for nested schema](#nestedatt--version)) 41 | 42 | 43 | ### Nested Schema for `version` 44 | 45 | Read-Only: 46 | 47 | - `step_types_yaml` (String) 48 | - `version_number` (String) -------------------------------------------------------------------------------- /docs/data-sources/team.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_team Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source retrieves a team by its ID or name. 6 | --- 7 | 8 | # codefresh_team (Data Source) 9 | 10 | This data source retrieves a team by its ID or name. 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_team" "admin" { 16 | provider = codefresh.acc1 17 | name = "users" 18 | } 19 | 20 | resource "codefresh_permission" "permission2" { 21 | provider = codefresh.acc1 22 | team = data.codefresh_team.admin.id 23 | action = "create" 24 | resource = "pipeline" 25 | tags = ["frontend"] 26 | } 27 | 28 | ``` 29 | 30 | 31 | ## Schema 32 | 33 | ### Optional 34 | 35 | - `_id` (String) 36 | - `account_id` (String) 37 | - `name` (String) 38 | - `tags` (List of String) 39 | - `type` (String) 40 | - `users` (List of String) 41 | 42 | ### Read-Only 43 | 44 | - `id` (String) The ID of this resource. -------------------------------------------------------------------------------- /docs/data-sources/user.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_user Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source retrieves a user by email. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 6 | --- 7 | 8 | # codefresh_user (Data Source) 9 | 10 | This data source retrieves a user by email. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 11 | 12 | ## Example usage 13 | 14 | ```hcl 15 | data "codefresh_user" "admin" { 16 | email = "admin@codefresh.io" 17 | } 18 | 19 | resource "codefresh_team" "admins" { 20 | 21 | name = "testsuperteam123" 22 | 23 | users = [ 24 | data.codefresh_user.admin.user_id, 25 | "", 26 | ] 27 | } 28 | ``` 29 | 30 | 31 | ## Schema 32 | 33 | ### Required 34 | 35 | - `email` (String) 36 | 37 | ### Read-Only 38 | 39 | - `id` (String) The ID of this resource. 40 | - `logins` (List of Object) (see [below for nested schema](#nestedatt--logins)) 41 | - `personal` (List of Object) (see [below for nested schema](#nestedatt--personal)) 42 | - `roles` (Set of String) 43 | - `short_profile` (List of Object) (see [below for nested schema](#nestedatt--short_profile)) 44 | - `status` (String) 45 | - `user_id` (String) 46 | - `user_name` (String) 47 | 48 | 49 | ### Nested Schema for `logins` 50 | 51 | Read-Only: 52 | 53 | - `credentials` (List of Object) (see [below for nested schema](#nestedobjatt--logins--credentials)) 54 | - `idp` (List of Object) (see [below for nested schema](#nestedobjatt--logins--idp)) 55 | 56 | 57 | ### Nested Schema for `logins.credentials` 58 | 59 | Read-Only: 60 | 61 | - `permissions` (Set of String) 62 | 63 | 64 | 65 | ### Nested Schema for `logins.idp` 66 | 67 | Read-Only: 68 | 69 | - `client_type` (String) 70 | - `id` (String) 71 | 72 | 73 | 74 | 75 | ### Nested Schema for `personal` 76 | 77 | Read-Only: 78 | 79 | - `company_name` (String) 80 | - `country` (String) 81 | - `first_name` (String) 82 | - `last_name` (String) 83 | - `phone_number` (String) 84 | 85 | 86 | 87 | ### Nested Schema for `short_profile` 88 | 89 | Read-Only: 90 | 91 | - `user_name` (String) -------------------------------------------------------------------------------- /docs/data-sources/users.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_users Data Source - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This data source retrieves all users in the system. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 6 | --- 7 | 8 | # codefresh_users (Data Source) 9 | 10 | This data source retrieves all users in the system. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 11 | 12 | ## Example usage 13 | 14 | ```hcl 15 | data "codefresh_users" "users" {} 16 | } 17 | ``` 18 | 19 | 20 | ## Schema 21 | 22 | ### Read-Only 23 | 24 | - `id` (String) The ID of this resource. 25 | - `users` (List of Object) (see [below for nested schema](#nestedatt--users)) 26 | 27 | 28 | ### Nested Schema for `users` 29 | 30 | Read-Only: 31 | 32 | - `email` (String) 33 | - `logins` (List of Object) (see [below for nested schema](#nestedobjatt--users--logins)) 34 | - `personal` (List of Object) (see [below for nested schema](#nestedobjatt--users--personal)) 35 | - `roles` (Set of String) 36 | - `short_profile` (List of Object) (see [below for nested schema](#nestedobjatt--users--short_profile)) 37 | - `status` (String) 38 | - `user_id` (String) 39 | - `user_name` (String) 40 | 41 | 42 | ### Nested Schema for `users.logins` 43 | 44 | Read-Only: 45 | 46 | - `credentials` (List of Object) (see [below for nested schema](#nestedobjatt--users--logins--credentials)) 47 | - `idp` (List of Object) (see [below for nested schema](#nestedobjatt--users--logins--idp)) 48 | 49 | 50 | ### Nested Schema for `users.logins.credentials` 51 | 52 | Read-Only: 53 | 54 | - `permissions` (Set of String) 55 | 56 | 57 | 58 | ### Nested Schema for `users.logins.idp` 59 | 60 | Read-Only: 61 | 62 | - `client_type` (String) 63 | - `id` (String) 64 | 65 | 66 | 67 | 68 | ### Nested Schema for `users.personal` 69 | 70 | Read-Only: 71 | 72 | - `company_name` (String) 73 | - `country` (String) 74 | - `first_name` (String) 75 | - `last_name` (String) 76 | - `phone_number` (String) 77 | 78 | 79 | 80 | ### Nested Schema for `users.short_profile` 81 | 82 | Read-Only: 83 | 84 | - `user_name` (String) -------------------------------------------------------------------------------- /docs/guides/development.md: -------------------------------------------------------------------------------- 1 | ## Development 2 | 3 | We are currently using [Terraform Plugin SDK v2](https://github.com/hashicorp/terraform-plugin-sdk). 4 | 5 | It is possible that we will switch to the [Terraform Plugin Framework](https://github.com/hashicorp/terraform-plugin-framework) sometime in the future. 6 | 7 | ### Prerequisites (other than Terraform) 8 | 9 | - GNU Make 10 | - [Go](https://golang.org/doc/install) `1.18.x` (minimum supported Go version required to build the provider). 11 | 12 | ### Building and Running a Local Build of the Provider 13 | 14 | ```bash 15 | make install 16 | ``` 17 | 18 | Set the [developer overrides](https://developer.hashicorp.com/terraform/cli/config/config-file#development-overrides-for-provider-developers) to point Terraform at the locally-built binary: 19 | 20 | ```terraform 21 | # `~/.terraformrc (Windows: %APPDATA%/.terraformrc) 22 | provider_installation { 23 | dev_overrides { 24 | "codefresh-io/codefresh" = "[REPLACE WITH GOPATH]/bin" 25 | } 26 | direct {} 27 | } 28 | ``` 29 | 30 | Note that if developer overrides are set, Terraform will ignore the version pinned in `versions.tf`, so you do not need to remove the version pin when testing. You can keep it. 31 | 32 | ### Debugging with Delve 33 | 34 | [Reference guide](https://www.terraform.io/docs/extend/guides/v2-upgrade-guide.html#support-for-debuggable-provider-binaries) 35 | 36 | [SDK code](https://github.com/hashicorp/terraform-plugin-sdk/blob/v2.0.0-rc.2/plugin/debug.go#L97) 37 | 38 | Run the provider with `CODEFRESH_PLUGIN_DEBUG=true` in Delve debugger. 39 | 40 | For vscode, set `launch.json` as follows: 41 | 42 | ```json 43 | { 44 | // Use IntelliSense to learn about possible attributes. 45 | // Hover to view descriptions of existing attributes. 46 | // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 47 | "version": "0.2.1", 48 | "configurations": [ 49 | { 50 | "name": "terraform-provider-codefresh", 51 | "type": "go", 52 | "request": "launch", 53 | "mode": "debug", 54 | "port": 2345, 55 | "host": "127.0.0.1", 56 | "env": {"CODEFRESH_PLUGIN_DEBUG": "true"}, 57 | "program": "/home/mitchellh/go/src/github.com/codefresh-io/terraform-provider-codefresh/main.go", 58 | "showLog": true, 59 | "trace": "verbose" 60 | } 61 | ] 62 | } 63 | ``` 64 | 65 | Then, copy the value of `TF_REATTACH_PROVIDERS` from the output of debug console and set it for terraform exec: 66 | 67 | ```bash 68 | export TF_REATTACH_PROVIDERS='{"registry.terraform.io/-/codefresh":{"Protocol":"grpc","Pid":614875,"Test":true,"Addr":{"Network":"unix","String":"/tmp/plugin369955425"}}}' 69 | 70 | terraform apply 71 | ``` 72 | -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: "codefresh" 3 | page_title: "Provider: Codefresh" 4 | sidebar_current: "docs-codefresh-index" 5 | description: |- 6 | The Codefresh provider is used to manage Codefresh resources. 7 | --- 8 | 9 | # Codefresh Provider 10 | 11 | The Codefresh Provider can be used to configure [Codefresh](https://codefresh.io/) resources - pipelines, projects, accounts, etc using the [Codefresh API](https://codefresh.io/docs/docs/integrations/codefresh-api/). 12 | 13 | ## Authenticating to Codefresh 14 | 15 | The Codefresh API requires the [authentication key](https://codefresh.io/docs/docs/integrations/codefresh-api/#authentication-instructions) to authenticate. 16 | The key can be passed either as the provider's attribute or as environment variable - `CODEFRESH_API_KEY`. 17 | 18 | 19 | ## Schema 20 | 21 | ### Optional 22 | 23 | - `api_url` (String) The Codefresh API URL. Defaults to `https://g.codefresh.io/api`. Can also be set using the `CODEFRESH_API_URL` environment variable. 24 | - `api_url_v2` (String) The Codefresh gitops API URL. Defaults to `https://g.codefresh.io/2.0/api/graphql`. Can also be set using the `CODEFRESH_API2_URL` environment variable. 25 | - `token` (String) The Codefresh API token. Can also be set using the `CODEFRESH_API_KEY` environment variable. 26 | 27 | ## Managing Resources Across Different Accounts 28 | 29 | The Codefresh API only allows one to operate with the entities in the account tied to the API Key the provider is configured for. 30 | 31 | To be able to operate with entities in different accounts, you should create a new key in the relevant account and use providers [aliases](https://www.terraform.io/docs/configuration/providers.html#alias-multiple-provider-instances). 32 | 33 | For example: 34 | 35 | ```hcl 36 | provider "codefresh" { 37 | api_key = "..." 38 | } 39 | provider "codefresh" { 40 | api_key = "..." 41 | alias = "acme-dev" 42 | } 43 | 44 | resource "codefresh_pipeline" "pipeline" { 45 | ... # Omited for brevity 46 | } 47 | 48 | resource "codefresh_pipeline" "pipeline-dev" { 49 | provider = codefresh.acme-dev 50 | ... # Omited for brevity 51 | } 52 | ``` 53 | -------------------------------------------------------------------------------- /docs/resources/abac_rules.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_abac_rules Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | Gitops ABAC Rules are used to setup access control and allow to define which teams have access to which resources based on tags and attributes. 6 | --- 7 | 8 | # codefresh_abac_rules (Resource) 9 | 10 | Gitops ABAC Rules are used to setup access control and allow to define which teams have access to which resources based on tags and attributes. 11 | 12 | See the [GitOps Access Control documentation](https://codefresh.io/docs/docs/administration/account-user-management/gitops-abac/). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_team" "developers" { 18 | name = "developers" 19 | 20 | users = [ 21 | "5efc3cb6355c6647041b6e49", 22 | "59009221c102763beda7cf04" 23 | ] 24 | } 25 | 26 | resource "codefresh_abac_rules" "app_rule" { 27 | entity_type = "gitopsApplications" 28 | teams = [data.codefresh_team.developers.id] 29 | actions = ["REFRESH", "SYNC", "TERMINATE_SYNC", "APP_ROLLBACK"] 30 | 31 | attribute { 32 | name = "LABEL" 33 | key = "KEY" 34 | value = "VALUE" 35 | } 36 | } 37 | 38 | ``` 39 | 40 | 41 | ## Schema 42 | 43 | ### Required 44 | 45 | - `actions` (Set of String) Action to be allowed. Possible values: 46 | * REFRESH 47 | * SYNC 48 | * TERMINATE_SYNC 49 | * VIEW_POD_LOGS 50 | * APP_ROLLBACK 51 | * TRIGGER_PROMOTION 52 | * RETRY_RELEASE 53 | * PROMOTE_TO 54 | - `entity_type` (String) The type of resources the ABAC rules applies to. Possible values: 55 | * gitopsApplications 56 | * promotionFlows 57 | * products 58 | * environments 59 | - `teams` (Set of String) The IDs of the teams the ABAC rules apply to. 60 | 61 | ### Optional 62 | 63 | - `attribute` (Block List) Resource attribute that need to be validated (see [below for nested schema](#nestedblock--attribute)) 64 | - `id` (String) The abac rule ID. 65 | - `tags` (Set of String) The effective tags of the resource to apply the permission to. There are two special tags: 66 | * untagged: Apply to all resources without tags. 67 | * * (asterisk): Apply to all resources with any tag. 68 | 69 | 70 | ### Nested Schema for `attribute` 71 | 72 | Required: 73 | 74 | - `name` (String) 75 | - `value` (String) 76 | 77 | Optional: 78 | 79 | - `key` (String) 80 | -------------------------------------------------------------------------------- /docs/resources/account.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_account Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | By creating different accounts for different teams within the same company a customer can achieve complete segregation of assets between the teams. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 6 | --- 7 | 8 | # codefresh_account (Resource) 9 | 10 | By creating different accounts for different teams within the same company a customer can achieve complete segregation of assets between the teams. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/administration/account-user-management/). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_account" "test" { 18 | name = "my_account_name" 19 | 20 | limits { 21 | collaborators = 25 22 | data_retention_weeks = 5 23 | } 24 | 25 | build { 26 | parallel = 27 27 | } 28 | 29 | features = { 30 | OfflineLogging = true, 31 | ssoManagement = true, 32 | teamsManagement = true, 33 | abac = true, 34 | customKubernetesCluster = true, 35 | launchDarklyManagement = false, 36 | } 37 | } 38 | ``` 39 | 40 | 41 | ## Schema 42 | 43 | ### Required 44 | 45 | - `name` (String) The display name for the account. 46 | 47 | ### Optional 48 | 49 | - `build` (Block List) Build limits for this account. (see [below for nested schema](#nestedblock--build)) 50 | - `features` (Map of Boolean) Features toggles for this account. Default: 51 | 52 | * OfflineLogging: true 53 | * ssoManagement: true 54 | * teamsManagement: true 55 | * abac: true 56 | * customKubernetesCluster: true 57 | - `limits` (Block List) Limits for this account. (see [below for nested schema](#nestedblock--limits)) 58 | 59 | ### Read-Only 60 | 61 | - `id` (String) The ID of this resource. 62 | 63 | 64 | ### Nested Schema for `build` 65 | 66 | Required: 67 | 68 | - `parallel` (Number) The number of parallel builds allowed for this account. 69 | 70 | Optional: 71 | 72 | - `nodes` (Number) The number of nodes allowed for this account (default: `1`). 73 | 74 | 75 | 76 | ### Nested Schema for `limits` 77 | 78 | Required: 79 | 80 | - `collaborators` (Number) The number of collaborators allowed for this account. 81 | 82 | Optional: 83 | 84 | - `data_retention_weeks` (Number) Specifies the number of weeks for which to store the builds (default: `5`). 85 | 86 | ## Import 87 | ```sh 88 | terraform import codefresh_account.test xxxxxxxxxxxxxxxxxxx 89 | ``` -------------------------------------------------------------------------------- /docs/resources/account_admins.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_account_admins Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | Use this resource to set a list of admins for any account. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 6 | --- 7 | 8 | # codefresh_account_admins (Resource) 9 | 10 | Use this resource to set a list of admins for any account. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 11 | 12 | ## Example usage 13 | 14 | #### Example 1 15 | 16 | ```hcl 17 | resource "codefresh_account_admins" "test" { 18 | 19 | account_id = 20 | 21 | users = [ 22 | , 23 | ] 24 | } 25 | ``` 26 | 27 | #### Example 2 28 | 29 | ```hcl 30 | resource "codefresh_account" "test" { 31 | 32 | name = "mynewaccount" 33 | 34 | limits { 35 | collaborators = 25 36 | data_retention_weeks = 5 37 | } 38 | 39 | build { 40 | parallel = 2 41 | } 42 | 43 | } 44 | 45 | data "codefresh_user" "admin" { 46 | email = "" 47 | } 48 | 49 | resource "codefresh_account_admins" "test" { 50 | 51 | account_id = codefresh_account.test.id 52 | 53 | users = [ 54 | data.codefresh_user.admin.user_id 55 | ] 56 | } 57 | ``` 58 | 59 | 60 | ## Schema 61 | 62 | ### Required 63 | 64 | - `account_id` (String) The account ID for which to set up the list of admins. 65 | - `users` (Set of String) A list of users to set up as account admins. 66 | 67 | ### Read-Only 68 | 69 | - `id` (String) The ID of this resource. 70 | 71 | ## Import 72 | 73 | ```sh 74 | terraform import codefresh_account_admins.test xxxxxxxxxxxxxxxxxxx 75 | ``` -------------------------------------------------------------------------------- /docs/resources/account_gitops_settings.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_account_gitops_settings Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | Codefresh account gitops setting - such as git provider, API URL for the git provider and internal shared config repository 6 | --- 7 | 8 | # codefresh_account_gitops_settings (Resource) 9 | 10 | Codefresh account gitops setting - such as git provider, API URL for the git provider and internal shared config repository 11 | 12 | ## Example usage 13 | ```hcl 14 | resource "codefresh_account_gitops_settings" "gitops-settings" { 15 | git_provider = "GITHUB" 16 | shared_config_repository = "https://github.com/example-org/codefresh-internal-shared-config.git?ref=main" 17 | } 18 | ``` 19 | ```hcl 20 | resource "codefresh_account_gitops_settings" "gitops-settings" { 21 | git_provider = "BITBUCKET_SERVER" 22 | git_provider_api_url = https://bitbucket.example.com/rest/api/1.0 23 | shared_config_repository = "http://example-bitbucket.com/scm/proj/codefresh-internal-shared-config.git" 24 | } 25 | ``` 26 | 27 | 28 | ## Schema 29 | 30 | ### Required 31 | 32 | - `git_provider` (String) Git provider name - currently supported values are: GITHUB ,GERRIT ,GITLAB ,BITBUCKET ,BITBUCKET_SERVER 33 | - `shared_config_repository` (String) Shared config repository url. Must be a valid git url which contains `.git`. May also include path and branch references 34 | 35 | ### Optional 36 | 37 | - `git_provider_api_url` (String) Git provider API url. If not provided can automatically be set for known SaaS git providers. For example - for github it will be set to https://api.github.com 38 | 39 | ### Read-Only 40 | 41 | - `id` (String) Account Id 42 | - `name` (String) Account name for active account 43 | 44 | ~> 45 | Once internal config repository is cloned successfully by one or more runtimes it can no longer be changed and all attempted updates will fail. 46 | If you need to change the repository please contact Codefresh support. 47 | 48 | ## Import 49 | ```sh 50 | terraform import codefresh_account_idp.test 51 | ``` 52 | -------------------------------------------------------------------------------- /docs/resources/account_user_association.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_account_user_association Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | Associates a user with the account which the provider is authenticated against. If the user is not present in the system, an invitation will be sent to the specified email address. 6 | --- 7 | 8 | # codefresh_account_user_association (Resource) 9 | 10 | Associates a user with the account which the provider is authenticated against. If the user is not present in the system, an invitation will be sent to the specified email address. 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/administration/account-user-management/add-users/#users-in-codefresh). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | locals { 18 | users = { 19 | ed = { 20 | email = "ed@rethink.io", 21 | admin = true, 22 | } 23 | edd = { 24 | email = "edd@rethink.io", 25 | admin = true, 26 | } 27 | eddy = { 28 | email = "eddy@rethink.io", 29 | admin = false, 30 | } 31 | } 32 | } 33 | 34 | resource "codefresh_account_user_association" "users" { 35 | for_each = local.users, 36 | email = each.value.email, 37 | admin = each.value.admin, 38 | } 39 | ``` 40 | 41 | 42 | ## Schema 43 | 44 | ### Required 45 | 46 | - `email` (String) The email of the user to associate with the specified account. 47 | If the user is not present in the system, an invitation will be sent to this email. 48 | This field can only be changed when 'status' is 'pending'. 49 | 50 | ### Optional 51 | 52 | - `admin` (Boolean) Whether to make this user an account admin. 53 | 54 | ### Read-Only 55 | 56 | - `id` (String) The ID of this resource. 57 | - `status` (String) The status of the association. 58 | - `username` (String) The username of the associated user. 59 | 60 | ## Import 61 | 62 | An existing account user association can be imported via the user ID: 63 | 64 | ```sh 65 | terraform import codefresh_account_user_association.test_user xxxxxxxxxxxxxxxxxxx 66 | ``` -------------------------------------------------------------------------------- /docs/resources/idp_accounts.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_idp_accounts Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This resource adds the list of provided account IDs to the IDP. 6 | Because of the current Codefresh API limitation it's impossible to remove account from IDP, thus deletion is not supported. 7 | --- 8 | 9 | # codefresh_idp_accounts (Resource) 10 | 11 | This resource adds the list of provided account IDs to the IDP. 12 | Because of the current Codefresh API limitation it's impossible to remove account from IDP, thus deletion is not supported. 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_account" "test" { 18 | name = "" 19 | } 20 | 21 | resource "codefresh_idp_accounts" "test" { 22 | 23 | idp = "azure" 24 | 25 | accounts = [ 26 | codefresh_account.test.id, 27 | "" 28 | ] 29 | } 30 | ``` 31 | 32 | 33 | ## Schema 34 | 35 | ### Required 36 | 37 | - `account_ids` (Set of String) A list of account IDs to add to the IdP. 38 | - `idp_id` (String) The IdP name. 39 | 40 | ### Read-Only 41 | 42 | - `id` (String) The ID of this resource. 43 | 44 | ## Import 45 | 46 | ```sh 47 | terraform import codefresh_idp_accounts.test xxxxxxxxxxxxxxxxxxx 48 | ``` 49 | -------------------------------------------------------------------------------- /docs/resources/permission.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_permission Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | Permissions are used to set up access control and define which teams have access to which clusters and pipelines based on tags. 6 | --- 7 | 8 | # codefresh_permission (Resource) 9 | 10 | Permissions are used to set up access control and define which teams have access to which clusters and pipelines based on tags. 11 | 12 | See the [Access Control documentation](https://codefresh.io/docs/docs/administration/account-user-management/access-control/). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_team" "developers" { 18 | name = "developers" 19 | 20 | users = [ 21 | "5efc3cb6355c6647041b6e49", 22 | "59009221c102763beda7cf04" 23 | ] 24 | } 25 | 26 | resource "codefresh_permission" "developers" { 27 | 28 | team = codefresh_team.developers.id 29 | resource = "pipeline" 30 | action = "run" 31 | tags = [ 32 | "demo", 33 | "test" 34 | ] 35 | } 36 | ``` 37 | 38 | 39 | ## Schema 40 | 41 | ### Required 42 | 43 | - `action` (String) Action to be allowed. Possible values: 44 | * create 45 | * read (For runtime-environment resource, 'read' means 'assign') 46 | * update 47 | * delete 48 | * run (Only valid for pipeline resource) 49 | * approve (Only valid for pipeline resource) 50 | * debug (Only valid for pipeline resource) 51 | - `resource` (String) The type of resources the permission applies to. Possible values: 52 | * pipeline 53 | * cluster 54 | * project 55 | * runtime-environment 56 | - `team` (String) The Id of the team the permissions apply to. 57 | 58 | ### Optional 59 | 60 | - `_id` (String) The permission ID. 61 | - `related_resource` (String) Specifies the resource to use when evaluating the tags. Possible values: 62 | * project 63 | - `tags` (Set of String) The tags for which to apply the permission. Supports two custom tags: 64 | * untagged: Apply to all resources without tags 65 | * (asterisk): Apply to all resources with any tag 66 | 67 | ### Read-Only 68 | 69 | - `id` (String) The ID of this resource. -------------------------------------------------------------------------------- /docs/resources/pipeline_cron_trigger.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_pipeline_cron_trigger Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This resource is used to create cron-based triggers for pipeilnes. 6 | --- 7 | 8 | # codefresh_pipeline_cron_trigger (Resource) 9 | 10 | This resource is used to create cron-based triggers for pipeilnes. 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/configure-ci-cd-pipeline/triggers/cron-triggers/). 13 | 14 | ~> **DEPRECATED:** This resource is being deprecated in favor of the `cron_trigger` attribute of the [codefresh_pipeline](https://registry.terraform.io/providers/codefresh-io/codefresh/latest/docs/resources/pipeline) resource. 15 | 16 | ## Example usage 17 | 18 | ```hcl 19 | resource "codefresh_project" "test" { 20 | name = "myproject" 21 | } 22 | 23 | resource "codefresh_pipeline" "test" { 24 | 25 | name = "${codefresh_project.test.name}/react-sample-app" 26 | 27 | ... 28 | } 29 | 30 | resource "codefresh_pipeline_cron_trigger" "test" { 31 | pipeline_id = codefresh_pipeline.test.id 32 | expression = "*/1 * * * *" 33 | message = "Example Cron Trigger" 34 | } 35 | ``` 36 | 37 | 38 | ## Schema 39 | 40 | ### Required 41 | 42 | - `expression` (String) 43 | - `message` (String) 44 | - `pipeline_id` (String) 45 | 46 | ### Read-Only 47 | 48 | - `id` (String) The ID of this resource. -------------------------------------------------------------------------------- /docs/resources/project.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_project Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | The top-level concept in Codefresh. You can create projects to group pipelines that are related. 6 | In most cases a single project will be a single application (that itself contains many micro-services). 7 | You are free to use projects as you see fit. For example, you could create a project for a specific Kubernetes cluster or a specific team/department. 8 | --- 9 | 10 | # codefresh_project (Resource) 11 | 12 | The top-level concept in Codefresh. You can create projects to group pipelines that are related. 13 | In most cases a single project will be a single application (that itself contains many micro-services). 14 | You are free to use projects as you see fit. For example, you could create a project for a specific Kubernetes cluster or a specific team/department. 15 | 16 | More about pipeline concepts see in the [official documentation](https://codefresh.io/docs/docs/configure-ci-cd-pipeline/pipelines/#pipeline-concepts). 17 | 18 | ## Example Usage 19 | 20 | ```hcl 21 | resource "codefresh_project" "test" { 22 | name = "myproject" 23 | 24 | tags = [ 25 | "production", 26 | "docker", 27 | ] 28 | 29 | variables = { 30 | go_version = "1.13" 31 | } 32 | } 33 | ``` 34 | 35 | 36 | ## Schema 37 | 38 | ### Required 39 | 40 | - `name` (String) The display name for the project. 41 | 42 | ### Optional 43 | 44 | - `encrypted_variables` (Map of String) Project level encrypted variables. Please note that drift will not be detected for encrypted variables 45 | - `tags` (Set of String) A list of tags to mark a project for easy management and access control. 46 | - `variables` (Map of String) Project variables. 47 | 48 | ### Read-Only 49 | 50 | - `id` (String) The ID of this resource. 51 | 52 | ## Import 53 | 54 | ```sh 55 | terraform import codefresh_project.test xxxxxxxxxxxxxxxxxxx 56 | ``` 57 | -------------------------------------------------------------------------------- /docs/resources/service_account.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_service_account Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | A service account is an identity that provides automated processes, applications, and services with the necessary permissions to interact securely with the Codefresh platform 6 | --- 7 | 8 | # codefresh_service_account (Resource) 9 | 10 | A service account is an identity that provides automated processes, applications, and services with the necessary permissions to interact securely with the Codefresh platform 11 | 12 | For more information about service accounts in Codefresh see [official documentation](https://codefresh.io/docs/docs/administration/account-user-management/service-accounts). 13 | 14 | It is also possible to generate API tokens for service accounts, see the documentation for `codefresh_api_key` resource for usage example. 15 | 16 | ## Example Usage 17 | 18 | ```hcl 19 | data "codefresh_team" "serviceaccounts" { 20 | name = "service-accounts" 21 | } 22 | 23 | resource "codefresh_service_account" "example" { 24 | name = "tf-test1" 25 | assign_admin_role = true 26 | assigned_teams = [data.codefresh_team.serviceaccounts.id] 27 | } 28 | ``` 29 | 30 | 31 | ## Schema 32 | 33 | ### Required 34 | 35 | - `name` (String) Service account display name 36 | 37 | ### Optional 38 | 39 | - `assign_admin_role` (Boolean) Whether or not to assign account admin role to the service account 40 | - `assigned_teams` (Set of String) A list of team IDs the service account is be assigned to 41 | 42 | ### Read-Only 43 | 44 | - `id` (String) The ID of this resource. 45 | 46 | ## Import 47 | 48 | ```sh 49 | terraform import codefresh_service_account.test xxxxxxxxxxxxxxxxxxx 50 | ``` 51 | -------------------------------------------------------------------------------- /docs/resources/step_types.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_step_types Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This resource allows to create your own typed step and manage all of its published versions. 6 | The resource allows to handle the life-cycle of the version by allowing specifying multiple blocks 'version' where the user provides a version number and the yaml file representing the plugin. 7 | --- 8 | 9 | # codefresh_step_types (Resource) 10 | 11 | This resource allows to create your own typed step and manage all of its published versions. 12 | The resource allows to handle the life-cycle of the version by allowing specifying multiple blocks 'version' where the user provides a version number and the yaml file representing the plugin. 13 | 14 | More about custom steps in the [official documentation](https://codefresh.io/docs/docs/codefresh-yaml/steps/#creating-a-typed-codefresh-plugin). 15 | 16 | ## Known limitations and disclaimers 17 | 18 | ### Version and name in yaml Metadata are ignored. 19 | 20 | The version and name of the step declared in the yaml files are superseeded by the attributes specified at resource level: 21 | - `name` : at top level 22 | - `version_numer`: specified in the `version` block 23 | The above are added/replaced at runtime time. 24 | 25 | ### Number of API requests 26 | 27 | This resource makes a lot of additional API calls to validate the steps and retrieve all the version available. 28 | Caution is recommended on the amount of versions maintained and the number of resources defined in a single project. 29 | 30 | 31 | ## Example Usage 32 | 33 | ```hcl 34 | 35 | data "codefresh_current_account" "acc" { 36 | } 37 | 38 | resource "codefresh_step_types_versions" "my-custom-step" { 39 | name = "${data.codefresh_current_account.acc.name}/my-custom-step" 40 | 41 | version { 42 | version_number = "0.0.1" 43 | step_types_yaml = file("./templates/plugin-0.0.1.yaml") 44 | } 45 | version { 46 | version_number = "0.0.2" 47 | step_types_yaml = file("./templates/plugin-0.0.2.yaml") 48 | } 49 | .... 50 | } 51 | ``` 52 | 53 | 54 | ## Schema 55 | 56 | ### Required 57 | 58 | - `name` (String) The name for the step-type 59 | - `version` (Set of Object) The versions of the step-type (see [below for nested schema](#nestedatt--version)) 60 | 61 | ### Read-Only 62 | 63 | - `id` (String) The ID of this resource. 64 | 65 | 66 | ### Nested Schema for `version` 67 | 68 | Required: 69 | 70 | - `step_types_yaml` (String) 71 | - `version_number` (String) 72 | -------------------------------------------------------------------------------- /docs/resources/team.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_team Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | Teams are groups of users that are used to enforce access control. 6 | --- 7 | 8 | # codefresh_team (Resource) 9 | 10 | Teams are groups of users that are used to enforce access control. 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/administration/access-control/). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_team" "developers" { 18 | 19 | name = "developers" 20 | 21 | users = [ 22 | "5efc3cb6355c6647041b6e49", 23 | "59009221c102763beda7cf04" 24 | ] 25 | } 26 | ``` 27 | 28 | 29 | ## Schema 30 | 31 | ### Required 32 | 33 | - `name` (String) The name of the team. 34 | 35 | ### Optional 36 | 37 | - `account_id` (String) The account id where to create the team. 38 | - `tags` (Set of String) The tags of the team. 39 | - `type` (String) The type of the team. Possible values: 40 | * __default__ 41 | * __admin__ 42 | - `users` (Set of String) A list of user IDs that should be in the team. 43 | 44 | ### Read-Only 45 | 46 | - `id` (String) The ID of this resource. -------------------------------------------------------------------------------- /docs/resources/user.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "codefresh_user Resource - terraform-provider-codefresh" 3 | subcategory: "" 4 | description: |- 5 | This resource is used to manage a Codefresh user. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 6 | --- 7 | 8 | # codefresh_user (Resource) 9 | 10 | This resource is used to manage a Codefresh user. Requires a Codefresh admin token and applies only to Codefresh on-premises installations. 11 | 12 | 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_account" "test" { 18 | 19 | name = "mynewaccount" 20 | 21 | limits { 22 | collaborators = 25 23 | data_retention_weeks = 5 24 | } 25 | 26 | build { 27 | parallel = 2 28 | } 29 | } 30 | 31 | resource "codefresh_user" "new" { 32 | email = "" 33 | user_name = "" 34 | 35 | activate = true 36 | 37 | roles = [ 38 | "Admin", 39 | "User" 40 | ] 41 | 42 | login { 43 | idp_id = data.codefresh_idps.idp_azure.id 44 | sso = true 45 | } 46 | 47 | login { 48 | idp_id = data.codefresh_idps.local.id 49 | //sso = false 50 | } 51 | 52 | 53 | personal { 54 | first_name = "John" 55 | last_name = "Smith" 56 | } 57 | 58 | accounts = [ 59 | codefresh_account.test.id, 60 | "59009117c102763beda7ce71", 61 | ] 62 | } 63 | ``` 64 | 65 | 66 | ## Schema 67 | 68 | ### Required 69 | 70 | - `accounts` (Set of String) A list of accounts IDs to assign the user to. 71 | - `email` (String) The email of the user. 72 | - `user_name` (String) The username of the user. 73 | 74 | ### Optional 75 | 76 | - `activate` (Boolean) Whether to activate the user or to leave it as `pending`. 77 | - `login` (Block Set) Login settings for the user. (see [below for nested schema](#nestedblock--login)) 78 | - `password` (String, Sensitive) Password - for users without SSO. 79 | - `personal` (Block List, Max: 1) Personal information about the user. (see [below for nested schema](#nestedblock--personal)) 80 | - `roles` (Set of String) The roles of the user. 81 | 82 | ### Read-Only 83 | 84 | - `has_password` (Boolean) Whether the user has a local password. 85 | - `id` (String) The ID of this resource. 86 | - `short_profile` (List of Object) The computed short profile of the user. (see [below for nested schema](#nestedatt--short_profile)) 87 | - `status` (String) The status of the user (e.g. `new`, `pending`). 88 | 89 | 90 | ### Nested Schema for `login` 91 | 92 | Optional: 93 | 94 | - `idp_id` (String) The IdP ID for the user's login. 95 | - `sso` (Boolean) Whether to enforce SSO for the user. 96 | 97 | 98 | 99 | ### Nested Schema for `personal` 100 | 101 | Optional: 102 | 103 | - `company_name` (String) The company name of the user. 104 | - `country` (String) The country of the user. 105 | - `first_name` (String) The first name of the user. 106 | - `last_name` (String) The last name of the user. 107 | - `phone_number` (String) The phone number of the user. 108 | 109 | 110 | 111 | ### Nested Schema for `short_profile` 112 | 113 | Read-Only: 114 | 115 | - `user_name` (String) 116 | 117 | ## Import 118 | 119 | ```sh 120 | terraform import codefresh_user.new xxxxxxxxxxxxxxxxxxx 121 | ``` 122 | 123 | -------------------------------------------------------------------------------- /examples/abac_rules/main.tf: -------------------------------------------------------------------------------- 1 | data "codefresh_team" "admins" { 2 | name = "admins" 3 | } 4 | 5 | data "codefresh_team" "users" { 6 | name = "users" 7 | } 8 | 9 | resource "codefresh_abac_rules" "app_rule" { 10 | entity_type = "gitopsApplications" 11 | teams = [data.codefresh_team.users.id] 12 | actions = ["REFRESH", "SYNC", "TERMINATE_SYNC", "VIEW_POD_LOGS", "APP_ROLLBACK"] 13 | 14 | attribute { 15 | name = "LABEL" 16 | key = "KEY" 17 | value = "VALUE" 18 | } 19 | 20 | tags = ["dev", "untagged"] 21 | } 22 | -------------------------------------------------------------------------------- /examples/abac_rules/provider.tf: -------------------------------------------------------------------------------- 1 | provider "codefresh" { 2 | api_url = var.api_url 3 | api_url_v2 = var.api_url_v2 4 | token = var.token # If token isn't set the provider expects the $CODEFRESH_API_KEY env variable 5 | } -------------------------------------------------------------------------------- /examples/abac_rules/terraform.tfvars: -------------------------------------------------------------------------------- 1 | api_url = "https://my-codefresh.example.com/api" 2 | api_url_v2 = "https://my-codefresh.example.com/2.0/api/graphql" 3 | token = "" 4 | -------------------------------------------------------------------------------- /examples/abac_rules/vars.tf: -------------------------------------------------------------------------------- 1 | variable api_url { 2 | type = string 3 | } 4 | 5 | variable api_url_v2 { 6 | type = string 7 | } 8 | 9 | variable token { 10 | type = string 11 | default = "" 12 | } -------------------------------------------------------------------------------- /examples/abac_rules/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | codefresh = { 4 | source = "codefresh-io/codefresh" 5 | version = "~> 0.1" 6 | } 7 | } 8 | } -------------------------------------------------------------------------------- /examples/account_tokens/main.tf: -------------------------------------------------------------------------------- 1 | variable api_url { 2 | type = string 3 | } 4 | 5 | # 6 | variable token { 7 | type = string 8 | default = "" 9 | } 10 | 11 | ## Set of account names 12 | variable accounts { 13 | type = set(string) 14 | } 15 | 16 | module "account_tokens" { 17 | source = "../../tf_modules/account_tokens" 18 | api_url = var.api_url 19 | accounts = var.accounts 20 | } 21 | 22 | output "account_tokens" { 23 | value = module.account_tokens.tokens 24 | } -------------------------------------------------------------------------------- /examples/account_tokens/terraform.tfvars: -------------------------------------------------------------------------------- 1 | api_url = "https://my-codefresh-example.com/api" 2 | 3 | accounts = [ 4 | "acc1", "acc2" 5 | ] -------------------------------------------------------------------------------- /examples/account_tokens/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | codefresh = { 4 | source = "codefresh-io/codefresh" 5 | version = "~> 0.1" 6 | } 7 | } 8 | } -------------------------------------------------------------------------------- /examples/account_user_associations/main.tf: -------------------------------------------------------------------------------- 1 | resource "codefresh_account_user_association" "user" { 2 | email = "terraform-test-user+user@codefresh.io" 3 | } 4 | 5 | resource "codefresh_account_user_association" "admin" { 6 | email = "terraform-test-user+admin@codefresh.io" 7 | admin = true 8 | } -------------------------------------------------------------------------------- /examples/account_user_associations/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | codefresh = { 4 | source = "codefresh-io/codefresh" 5 | } 6 | } 7 | } -------------------------------------------------------------------------------- /examples/accounts_users/main.tf: -------------------------------------------------------------------------------- 1 | module "codefresh_access_control" { 2 | source = "../../tf_modules/accounts_users" 3 | api_url = var.api_url 4 | default_idps = var.default_idps 5 | accounts = var.accounts 6 | users = var.users 7 | 8 | default_acccount_limits = var.default_acccount_limits 9 | } -------------------------------------------------------------------------------- /examples/accounts_users/terraform.tfvars: -------------------------------------------------------------------------------- 1 | api_url = "https://my-codefresh.example.com/api" 2 | token = "cfAdmin-token" 3 | 4 | default_idps = { 5 | local = { 6 | display_name = "local" 7 | sso = false 8 | } 9 | azure_sso = { 10 | display_name = "azure-sso-1" 11 | sso = true 12 | } 13 | } 14 | 15 | accounts = { 16 | acc1 = {} 17 | acc2 = { 18 | limits = { 19 | collaborators = 50 20 | parallel_builds = 5 21 | } 22 | } 23 | } 24 | 25 | users = { 26 | user1 = { 27 | email = "user1@example.com" 28 | personal = { 29 | first_name = "John" 30 | last_name = "Smith" 31 | } 32 | accounts = ["acc1", "acc2"] 33 | admin_of_accounts = ["acc1"] 34 | global_admin = true 35 | } 36 | user2 = { 37 | email = "live.com#user2@gmail.com" 38 | personal = { 39 | first_name = "Q" 40 | last_name = "D" 41 | } 42 | accounts = ["acc2"] 43 | admin_of_accounts = [] 44 | global_admin = false 45 | } 46 | user3 = { 47 | email = "user3@example.com" 48 | personal = { 49 | first_name = "Sam" 50 | last_name = "Johnson" 51 | } 52 | accounts = ["acc1", "acc2"] 53 | admin_of_accounts = ["acc1", "acc2"] 54 | global_admin = true 55 | } 56 | } -------------------------------------------------------------------------------- /examples/accounts_users/vars.tf: -------------------------------------------------------------------------------- 1 | variable api_url {} 2 | 3 | variable default_acccount_limits { 4 | type = map(any) 5 | default = { 6 | collaborators = 100 7 | parallel_builds = 10 8 | } 9 | } 10 | 11 | variable default_idps { 12 | type = map(any) 13 | } 14 | 15 | variable accounts { 16 | type = map(any) 17 | } 18 | 19 | variable users { 20 | //type = map(any) 21 | } 22 | 23 | -------------------------------------------------------------------------------- /examples/accounts_users/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | codefresh = { 4 | source = "codefresh-io/codefresh" 5 | version = "~> 0.1" 6 | } 7 | } 8 | } -------------------------------------------------------------------------------- /examples/permissions/main.tf: -------------------------------------------------------------------------------- 1 | data "codefresh_team" "admins" { 2 | name = "admins" 3 | } 4 | 5 | data "codefresh_team" "developers" { 6 | name = "developers" 7 | } 8 | 9 | resource "codefresh_permission" "dev_pipeline" { 10 | for_each = toset(["run", "create", "update", "delete", "read"]) 11 | team = data.codefresh_team.developers.id 12 | action = each.value 13 | resource = "pipeline" 14 | tags = ["dev", "untagged"] 15 | } 16 | 17 | resource "codefresh_permission" "admin_pipeline" { 18 | for_each = toset(["run", "create", "update", "delete", "read", "approve"]) 19 | team = data.codefresh_team.admins.id 20 | action = each.value 21 | resource = "pipeline" 22 | tags = ["production", "*"] 23 | } 24 | 25 | resource "codefresh_permission" "admin_pipeline_related_resource" { 26 | for_each = toset(["run", "create", "update", "delete", "read", "approve"]) 27 | team = data.codefresh_team.admins.id 28 | action = each.value 29 | resource = "pipeline" 30 | related_resource = "project" 31 | tags = ["production", "*"] 32 | } 33 | -------------------------------------------------------------------------------- /examples/permissions/provider.tf: -------------------------------------------------------------------------------- 1 | provider "codefresh" { 2 | api_url = var.api_url 3 | token = var.token # If token isn't set the provider expects the $CODEFRESH_API_KEY env variable 4 | } -------------------------------------------------------------------------------- /examples/permissions/terraform.tfvars: -------------------------------------------------------------------------------- 1 | api_url = "https://my-codefresh.example.com/api" -------------------------------------------------------------------------------- /examples/permissions/vars.tf: -------------------------------------------------------------------------------- 1 | variable api_url { 2 | type = string 3 | } 4 | 5 | variable token { 6 | type = string 7 | default = "" 8 | } -------------------------------------------------------------------------------- /examples/permissions/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | codefresh = { 4 | source = "codefresh-io/codefresh" 5 | version = "~> 0.1" 6 | } 7 | } 8 | } -------------------------------------------------------------------------------- /examples/pipelines.md: -------------------------------------------------------------------------------- 1 | # Example 2 | 3 | In the example the Codefresh Provider is configured to authenticate with Codefresh API, and new project and pipeline are created. 4 | Pipeline includes link to the original __codefresh.yml__ spec and two git triggres. 5 | 6 | Run `terraform plan` or `terraform apply` as usual. Note this will modify the actual Codefresh configuration. 7 | 8 | ```hcl 9 | provider "codefresh" { 10 | api_url = "https://my.onpremcodefresh.com/api" 11 | token = "xxxxxxxxxxxxxxx.xxxxxxxxxxxxxx" 12 | } 13 | 14 | resource "codefresh_project" "test" { 15 | name = "myproject" 16 | 17 | tags = [ 18 | "docker", 19 | ] 20 | 21 | variables { 22 | go_version = "1.13" 23 | } 24 | } 25 | 26 | resource "codefresh_pipeline" "test" { 27 | name = "${codefresh_project.test.name}/react-sample-app" 28 | 29 | tags = [ 30 | "production", 31 | "docker", 32 | ] 33 | 34 | spec { 35 | concurrency = 1 36 | priority = 5 37 | 38 | spec_template { 39 | repo = "codefresh-contrib/react-sample-app" 40 | path = "./codefresh.yml" 41 | revision = "master" 42 | context = "git" 43 | } 44 | 45 | contexts = [ 46 | "context1-name", 47 | "context2-name", 48 | ] 49 | 50 | trigger { 51 | branch_regex = "/.*/gi" 52 | context = "git" 53 | description = "Trigger for commits" 54 | disabled = false 55 | events = [ 56 | "push.heads" 57 | ] 58 | modified_files_glob = "" 59 | name = "commits" 60 | provider = "github" 61 | repo = "codefresh-contrib/react-sample-app" 62 | type = "git" 63 | } 64 | 65 | trigger { 66 | branch_regex = "/.*/gi" 67 | context = "git" 68 | description = "Trigger for tags" 69 | disabled = false 70 | events = [ 71 | "push.tags" 72 | ] 73 | modified_files_glob = "" 74 | name = "tags" 75 | provider = "github" 76 | repo = "codefresh-contrib/react-sample-app" 77 | type = "git" 78 | } 79 | 80 | variables = { 81 | MY_PIP_VAR = "value" 82 | ANOTHER_PIP_VAR = "another_value" 83 | } 84 | } 85 | } 86 | ``` 87 | -------------------------------------------------------------------------------- /examples/pipelines/main.tf: -------------------------------------------------------------------------------- 1 | provider "codefresh" { 2 | api_url = var.api_url 3 | token = var.token 4 | } 5 | 6 | resource "codefresh_project" "test" { 7 | name = "myproject" 8 | 9 | tags = [ 10 | "docker", 11 | ] 12 | } 13 | 14 | resource "codefresh_pipeline" "test" { 15 | name = "${codefresh_project.test.name}/react-sample-app" 16 | 17 | tags = [ 18 | "production", 19 | "docker", 20 | ] 21 | 22 | original_yaml_string = < Checking that code complies with gofmt requirements..." 5 | gofmt_files=$(find . -name '*.go' | grep -v vendor | xargs gofmt -l -s) 6 | if [[ -n ${gofmt_files} ]]; then 7 | echo 'gofmt needs running on the following files:' 8 | echo "${gofmt_files}" 9 | echo "You can use the command: \`make fmt\` to reformat code." 10 | exit 1 11 | fi 12 | 13 | exit 0 14 | -------------------------------------------------------------------------------- /scripts/gogetcookie.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | touch ~/.gitcookies 4 | chmod 0600 ~/.gitcookies 5 | 6 | git config --global http.cookiefile ~/.gitcookies 7 | 8 | tr , \\t <<\__END__ >>~/.gitcookies 9 | .googlesource.com,TRUE,/,TRUE,2147483647,o,git-paul.hashicorp.com=1/z7s05EYPudQ9qoe6dMVfmAVwgZopEkZBb1a2mA5QtHE 10 | __END__ 11 | -------------------------------------------------------------------------------- /templates/data-sources/account.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_account" "acc" { 16 | name = "acc1" 17 | } 18 | 19 | resource "codefresh_user" "user1" { 20 | email = "user1@example.com" 21 | user_name = "user1" 22 | 23 | accounts = [ 24 | data.codefresh_account.acc.id 25 | ] 26 | 27 | activate = true 28 | 29 | roles = [ 30 | "Admin", 31 | "User" 32 | ] 33 | 34 | login { 35 | idp_id = data.codefresh_idps.idp_azure.id 36 | sso = true 37 | } 38 | 39 | login { 40 | idp_id = data.codefresh_idps.local.id 41 | //sso = false 42 | } 43 | 44 | 45 | personal { 46 | first_name = "John" 47 | last_name = "Smith" 48 | } 49 | } 50 | ``` 51 | 52 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/data-sources/context.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | # Assuming runtimes-list is a context of type "config" with the following values 16 | # runtime_a: dev 17 | # runtime_b: test 18 | # runtime_c: prod 19 | 20 | data "codefresh_context" "runtimes_list" { 21 | name = "runtimes-list" 22 | } 23 | 24 | resource "codefresh_project" "test" { 25 | name = "myproject" 26 | } 27 | 28 | resource "codefresh_pipeline" "test" { 29 | 30 | lifecycle { 31 | ignore_changes = [ 32 | revision 33 | ] 34 | } 35 | 36 | name = "${codefresh_project.test.name}/react-sample-app" 37 | 38 | runtime_environment { 39 | name = yamldecode(data.codefresh_context.runtimes_list.data).runtime_a 40 | } 41 | 42 | spec { 43 | 44 | spec_template { 45 | repo = "codefresh-contrib/react-sample-app" 46 | path = "./codefresh.yml" 47 | revision = "master" 48 | context = "git" 49 | } 50 | } 51 | } 52 | ``` 53 | 54 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/data-sources/current_account.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | provider "codefresh" { 16 | api_url = var.api_url 17 | token = var.token 18 | } 19 | 20 | data "codefresh_current_account" "acc" { 21 | 22 | } 23 | 24 | 25 | output "current_ac" { 26 | value = data.codefresh_current_account.acc 27 | } 28 | ``` 29 | 30 | The output example: 31 | ```hcl 32 | Outputs: 33 | 34 | current_ac = { 35 | "_id" = "5f1fd9044d0fc94ddff0d745" 36 | "id" = "5f1fd9044d0fc94ddff0d745" 37 | "name" = "acc1" 38 | "users" = [ 39 | { 40 | "email" = "kosta@codefresh.io" 41 | "id" = "5f1fd9094d0fc9c656f0d75a" 42 | "name" = "user1" 43 | }, 44 | { 45 | "email" = "kosta@sysadmiral.io" 46 | "id" = "5f1fd9094d0fc93b52f0d75c" 47 | "name" = "user3" 48 | }, 49 | ] 50 | } 51 | ``` 52 | 53 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/data-sources/idps.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_idps" "idp_azure" { 16 | display_name = "codefresh-onprem-tst-2" 17 | # client_name = "2222" 18 | # _id = "5df234543" 19 | client_type = "azure" 20 | } 21 | 22 | data "codefresh_idps" "local" { 23 | display_name = "local" 24 | } 25 | 26 | resource "codefresh_account" "acc" { 27 | name = "acc1" 28 | 29 | features = var.accountFeatures 30 | 31 | limits { 32 | collaborators = 25 33 | data_retention_weeks = 5 34 | } 35 | 36 | build { 37 | parallel = 25 38 | nodes = 7 39 | } 40 | 41 | } 42 | 43 | resource "codefresh_user" "user1" { 44 | email = "user1@example.com" 45 | user_name = "user1" 46 | 47 | activate = true 48 | 49 | roles = [ 50 | "Admin", 51 | "User" 52 | ] 53 | 54 | login { 55 | idp_id = data.codefresh_idps.idp_azure.id 56 | sso = true 57 | } 58 | 59 | login { 60 | idp_id = data.codefresh_idps.local.id 61 | //sso = false 62 | } 63 | 64 | personal { 65 | first_name = "John" 66 | last_name = "Smith" 67 | } 68 | 69 | accounts = [ 70 | codefresh_account.acc.id 71 | ] 72 | } 73 | 74 | resource "codefresh_idp_accounts" "acc_idp" { 75 | idp_id = data.codefresh_idps.idp_azure.id 76 | account_ids = [codefresh_account.acc.id] 77 | } 78 | ``` 79 | 80 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/data-sources/project.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_project" "myapp" { 16 | name = "myapp" 17 | } 18 | 19 | 20 | resource "codefresh_pipeline" "myapp-deploy" { 21 | 22 | name = "${data.codefresh_project.myapp.projectName}/myapp-deploy" 23 | 24 | ... 25 | } 26 | 27 | ``` 28 | 29 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/data-sources/registry.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | # some pre-existing registry 16 | data "codefresh_registry" "dockerhub" { 17 | name = "dockerhub" 18 | } 19 | 20 | # example with using data reference to existing registry, not managed by terraform 21 | # "dockerhub" registry will be used as fallback for "dockerhub1" 22 | resource "codefresh_registry" "dockerhub1" { 23 | name = "dockerhub1" 24 | primary = !data.codefresh_registry.dockerhub.primary 25 | 26 | spec { 27 | dockerhub { 28 | username = "test" 29 | password = "test" 30 | } 31 | } 32 | fallback_registry = data.codefresh_registry.dockerhub.id 33 | } 34 | ``` 35 | 36 | {{ .SchemaMarkdown | trimspace }} 37 | -------------------------------------------------------------------------------- /templates/data-sources/step_types.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_step_types" "freestyle" { 16 | name = "freestyle" 17 | } 18 | 19 | local { 20 | freestyle_map = { for step_definition in data.codefresh_step_types.freestyle.version: step_definition.version_number => step_definition } 21 | } 22 | 23 | output "test" { 24 | # Value is return as YAML 25 | value = local.freestyle_map[keys(local.freestyle_map)[0]].version_number 26 | } 27 | 28 | ``` 29 | 30 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/data-sources/team.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | ```hcl 15 | data "codefresh_team" "admin" { 16 | provider = codefresh.acc1 17 | name = "users" 18 | } 19 | 20 | resource "codefresh_permission" "permission2" { 21 | provider = codefresh.acc1 22 | team = data.codefresh_team.admin.id 23 | action = "create" 24 | resource = "pipeline" 25 | tags = ["frontend"] 26 | } 27 | 28 | ``` 29 | 30 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/data-sources/user.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example usage 13 | 14 | ```hcl 15 | data "codefresh_user" "admin" { 16 | email = "admin@codefresh.io" 17 | } 18 | 19 | resource "codefresh_team" "admins" { 20 | 21 | name = "testsuperteam123" 22 | 23 | users = [ 24 | data.codefresh_user.admin.user_id, 25 | "", 26 | ] 27 | } 28 | ``` 29 | 30 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/data-sources/users.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example usage 13 | 14 | ```hcl 15 | data "codefresh_users" "users" {} 16 | } 17 | ``` 18 | 19 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/guides/development.md.tmpl: -------------------------------------------------------------------------------- 1 | ## Development 2 | 3 | We are currently using [Terraform Plugin SDK v2](https://github.com/hashicorp/terraform-plugin-sdk). 4 | 5 | It is possible that we will switch to the [Terraform Plugin Framework](https://github.com/hashicorp/terraform-plugin-framework) sometime in the future. 6 | 7 | ### Prerequisites (other than Terraform) 8 | 9 | - GNU Make 10 | - [Go](https://golang.org/doc/install) `1.18.x` (minimum supported Go version required to build the provider). 11 | 12 | ### Building and Running a Local Build of the Provider 13 | 14 | ```bash 15 | make install 16 | ``` 17 | 18 | Set the [developer overrides](https://developer.hashicorp.com/terraform/cli/config/config-file#development-overrides-for-provider-developers) to point Terraform at the locally-built binary: 19 | 20 | ```terraform 21 | # `~/.terraformrc (Windows: %APPDATA%/.terraformrc) 22 | provider_installation { 23 | dev_overrides { 24 | "codefresh-io/codefresh" = "[REPLACE WITH GOPATH]/bin" 25 | } 26 | direct {} 27 | } 28 | ``` 29 | 30 | Note that if developer overrides are set, Terraform will ignore the version pinned in `versions.tf`, so you do not need to remove the version pin when testing. You can keep it. 31 | 32 | ### Debugging with Delve 33 | 34 | [Reference guide](https://www.terraform.io/docs/extend/guides/v2-upgrade-guide.html#support-for-debuggable-provider-binaries) 35 | 36 | [SDK code](https://github.com/hashicorp/terraform-plugin-sdk/blob/v2.0.0-rc.2/plugin/debug.go#L97) 37 | 38 | Run the provider with `CODEFRESH_PLUGIN_DEBUG=true` in Delve debugger. 39 | 40 | For vscode, set `launch.json` as follows: 41 | 42 | ```json 43 | { 44 | // Use IntelliSense to learn about possible attributes. 45 | // Hover to view descriptions of existing attributes. 46 | // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 47 | "version": "0.2.1", 48 | "configurations": [ 49 | { 50 | "name": "terraform-provider-codefresh", 51 | "type": "go", 52 | "request": "launch", 53 | "mode": "debug", 54 | "port": 2345, 55 | "host": "127.0.0.1", 56 | "env": {"CODEFRESH_PLUGIN_DEBUG": "true"}, 57 | "program": "/home/mitchellh/go/src/github.com/codefresh-io/terraform-provider-codefresh/main.go", 58 | "showLog": true, 59 | "trace": "verbose" 60 | } 61 | ] 62 | } 63 | ``` 64 | 65 | Then, copy the value of `TF_REATTACH_PROVIDERS` from the output of debug console and set it for terraform exec: 66 | 67 | ```bash 68 | export TF_REATTACH_PROVIDERS='{"registry.terraform.io/-/codefresh":{"Protocol":"grpc","Pid":614875,"Test":true,"Addr":{"Network":"unix","String":"/tmp/plugin369955425"}}}' 69 | 70 | terraform apply 71 | ``` 72 | -------------------------------------------------------------------------------- /templates/index.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | layout: "codefresh" 3 | page_title: "Provider: Codefresh" 4 | sidebar_current: "docs-codefresh-index" 5 | description: |- 6 | The Codefresh provider is used to manage Codefresh resources. 7 | --- 8 | 9 | # {{ .ProviderShortName | title }} Provider 10 | 11 | The {{ .ProviderShortName | title }} Provider can be used to configure [Codefresh](https://codefresh.io/) resources - pipelines, projects, accounts, etc using the [Codefresh API](https://codefresh.io/docs/docs/integrations/codefresh-api/). 12 | 13 | ## Authenticating to Codefresh 14 | 15 | The Codefresh API requires the [authentication key](https://codefresh.io/docs/docs/integrations/codefresh-api/#authentication-instructions) to authenticate. 16 | The key can be passed either as the provider's attribute or as environment variable - `CODEFRESH_API_KEY`. 17 | 18 | {{ .SchemaMarkdown | trimspace }} 19 | 20 | ## Managing Resources Across Different Accounts 21 | 22 | The Codefresh API only allows one to operate with the entities in the account tied to the API Key the provider is configured for. 23 | 24 | To be able to operate with entities in different accounts, you should create a new key in the relevant account and use providers [aliases](https://www.terraform.io/docs/configuration/providers.html#alias-multiple-provider-instances). 25 | 26 | For example: 27 | 28 | ```hcl 29 | provider "codefresh" { 30 | api_key = "..." 31 | } 32 | provider "codefresh" { 33 | api_key = "..." 34 | alias = "acme-dev" 35 | } 36 | 37 | resource "codefresh_pipeline" "pipeline" { 38 | ... # Omited for brevity 39 | } 40 | 41 | resource "codefresh_pipeline" "pipeline-dev" { 42 | provider = codefresh.acme-dev 43 | ... # Omited for brevity 44 | } 45 | ``` 46 | -------------------------------------------------------------------------------- /templates/resources/abac_rules.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | See the [GitOps Access Control documentation](https://codefresh.io/docs/docs/administration/account-user-management/gitops-abac/). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_team" "developers" { 18 | name = "developers" 19 | 20 | users = [ 21 | "5efc3cb6355c6647041b6e49", 22 | "59009221c102763beda7cf04" 23 | ] 24 | } 25 | 26 | resource "codefresh_abac_rules" "app_rule" { 27 | entity_type = "gitopsApplications" 28 | teams = [data.codefresh_team.developers.id] 29 | actions = ["REFRESH", "SYNC", "TERMINATE_SYNC", "APP_ROLLBACK"] 30 | 31 | attribute { 32 | name = "LABEL" 33 | key = "KEY" 34 | value = "VALUE" 35 | } 36 | } 37 | 38 | ``` 39 | 40 | {{ .SchemaMarkdown | trimspace }} 41 | -------------------------------------------------------------------------------- /templates/resources/account.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/administration/account-user-management/). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_account" "test" { 18 | name = "my_account_name" 19 | 20 | limits { 21 | collaborators = 25 22 | data_retention_weeks = 5 23 | } 24 | 25 | build { 26 | parallel = 27 27 | } 28 | 29 | features = { 30 | OfflineLogging = true, 31 | ssoManagement = true, 32 | teamsManagement = true, 33 | abac = true, 34 | customKubernetesCluster = true, 35 | launchDarklyManagement = false, 36 | } 37 | } 38 | ``` 39 | 40 | {{ .SchemaMarkdown | trimspace }} 41 | 42 | ## Import 43 | ```sh 44 | terraform import codefresh_account.test xxxxxxxxxxxxxxxxxxx 45 | ``` -------------------------------------------------------------------------------- /templates/resources/account_admins.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example usage 13 | 14 | #### Example 1 15 | 16 | ```hcl 17 | resource "codefresh_account_admins" "test" { 18 | 19 | account_id = 20 | 21 | users = [ 22 | , 23 | ] 24 | } 25 | ``` 26 | 27 | #### Example 2 28 | 29 | ```hcl 30 | resource "codefresh_account" "test" { 31 | 32 | name = "mynewaccount" 33 | 34 | limits { 35 | collaborators = 25 36 | data_retention_weeks = 5 37 | } 38 | 39 | build { 40 | parallel = 2 41 | } 42 | 43 | } 44 | 45 | data "codefresh_user" "admin" { 46 | email = "" 47 | } 48 | 49 | resource "codefresh_account_admins" "test" { 50 | 51 | account_id = codefresh_account.test.id 52 | 53 | users = [ 54 | data.codefresh_user.admin.user_id 55 | ] 56 | } 57 | ``` 58 | 59 | {{ .SchemaMarkdown | trimspace }} 60 | 61 | ## Import 62 | 63 | ```sh 64 | terraform import codefresh_account_admins.test xxxxxxxxxxxxxxxxxxx 65 | ``` -------------------------------------------------------------------------------- /templates/resources/account_gitops_settings.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example usage 13 | ```hcl 14 | resource "codefresh_account_gitops_settings" "gitops-settings" { 15 | git_provider = "GITHUB" 16 | shared_config_repository = "https://github.com/example-org/codefresh-internal-shared-config.git?ref=main" 17 | } 18 | ``` 19 | ```hcl 20 | resource "codefresh_account_gitops_settings" "gitops-settings" { 21 | git_provider = "BITBUCKET_SERVER" 22 | git_provider_api_url = https://bitbucket.example.com/rest/api/1.0 23 | shared_config_repository = "http://example-bitbucket.com/scm/proj/codefresh-internal-shared-config.git" 24 | } 25 | ``` 26 | 27 | {{ .SchemaMarkdown | trimspace }} 28 | 29 | ~> 30 | Once internal config repository is cloned successfully by one or more runtimes it can no longer be changed and all attempted updates will fail. 31 | If you need to change the repository please contact Codefresh support. 32 | 33 | ## Import 34 | ```sh 35 | terraform import codefresh_account_idp.test 36 | ``` 37 | -------------------------------------------------------------------------------- /templates/resources/account_idp.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example usage 13 | ```hcl 14 | resource "codefresh_account_idp" "auth0-test" { 15 | display_name = "tf-auth0-example" 16 | 17 | auth0 { 18 | client_id = "auht0-codefresh-example" 19 | client_secret = "mysecret" 20 | domain = "codefresh.auth0.com" 21 | } 22 | } 23 | ``` 24 | ```hcl 25 | resource "codefresh_account_idp" "google-example" { 26 | display_name = "tf-google-example" 27 | 28 | google { 29 | client_id = "google-codefresh-example" 30 | client_secret = "mysecret99" 31 | admin_email = "admin@codefresh.io" 32 | sync_field = "myfield" 33 | json_keyfile = <All secrets should be provided in the configuration and applied after the import for the state to be consistent. 54 | 55 | ```sh 56 | terraform import codefresh_account_idp.test 57 | ``` 58 | -------------------------------------------------------------------------------- /templates/resources/account_user_association.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/administration/account-user-management/add-users/#users-in-codefresh). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | locals { 18 | users = { 19 | ed = { 20 | email = "ed@rethink.io", 21 | admin = true, 22 | } 23 | edd = { 24 | email = "edd@rethink.io", 25 | admin = true, 26 | } 27 | eddy = { 28 | email = "eddy@rethink.io", 29 | admin = false, 30 | } 31 | } 32 | } 33 | 34 | resource "codefresh_account_user_association" "users" { 35 | for_each = local.users, 36 | email = each.value.email, 37 | admin = each.value.admin, 38 | } 39 | ``` 40 | 41 | {{ .SchemaMarkdown | trimspace }} 42 | 43 | ## Import 44 | 45 | An existing account user association can be imported via the user ID: 46 | 47 | ```sh 48 | terraform import codefresh_account_user_association.test_user xxxxxxxxxxxxxxxxxxx 49 | ``` -------------------------------------------------------------------------------- /templates/resources/api_key.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | {{ .ProviderName }} itself uses an API key, passed as provider's attribute, but it's possible to use that API Key to generate a new one. 13 | 14 | ## Example usage 15 | 16 | ### With service accounts 17 | 18 | ```hcl 19 | provider "codefresh" { 20 | api_url = "my API URL" 21 | token = "my init API token" 22 | } 23 | 24 | resource "codefresh_service_account" "example" { 25 | name = "example-service-account" 26 | } 27 | 28 | resource "codefresh_api_key" "example" { 29 | service_account_id = codefresh_service_account.example.id 30 | name = "example-token" 31 | scopes = [ 32 | "project" 33 | ] 34 | } 35 | 36 | provider "codefresh" { 37 | alias = "project_creator_sa" 38 | api_url = "my API URL" 39 | token = codefresh_api_key.example.token 40 | } 41 | 42 | resource "codefresh_project" "example" { 43 | 44 | provider = codefresh.project_creator_sa 45 | 46 | name = "myproject" 47 | 48 | tags = [ 49 | "team_1" 50 | ] 51 | } 52 | ``` 53 | 54 | ### With user and account combination (on-premise only) 55 | ```hcl 56 | provider "codefresh" { 57 | api_url = "my API URL" 58 | token = "my init API token" 59 | } 60 | 61 | resource "codefresh_account" "test" { 62 | name = "my new account" 63 | } 64 | 65 | resource "random_string" "random" { 66 | length = 16 67 | special = false 68 | } 69 | 70 | resource "codefresh_api_key" "new" { 71 | account_id = codefresh_account.test.id 72 | user_id = data.codefresh_account.test_account_user.user_id 73 | name = "tfkey_${random_string.random.result}" 74 | 75 | scopes = [ 76 | "agent", 77 | "agents", 78 | "audit", 79 | "build", 80 | "cluster", 81 | "clusters", 82 | "environments-v2", 83 | "github-action", 84 | "helm", 85 | "kubernetes", 86 | "pipeline", 87 | "project", 88 | "repos", 89 | "runner-installation", 90 | "step-type", 91 | "step-types", 92 | "view", 93 | "workflow", 94 | ] 95 | } 96 | 97 | provider "codefresh" { 98 | alias = "new_account" 99 | api_url = "my API URL" 100 | token = codefresh_api_key.new.token 101 | } 102 | 103 | 104 | resource "codefresh_team" "team_1" { 105 | 106 | provider = codefresh.new_account 107 | 108 | name = "team name" 109 | } 110 | ``` 111 | 112 | {{ .SchemaMarkdown | trimspace }} 113 | -------------------------------------------------------------------------------- /templates/resources/idp.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example usage 13 | ```hcl 14 | resource "codefresh_idp" "auth0-test" { 15 | display_name = "tf-auth0-example" 16 | 17 | auth0 { 18 | client_id = "auht0-codefresh-example" 19 | client_secret = "mysecret" 20 | domain = "codefresh.auth0.com" 21 | } 22 | } 23 | ``` 24 | ```hcl 25 | resource "codefresh_idp" "google-example" { 26 | display_name = "tf-google-example" 27 | 28 | google { 29 | client_id = "google-codefresh-example" 30 | client_secret = "mysecret99" 31 | admin_email = "admin@codefresh.io" 32 | sync_field = "myfield" 33 | json_keyfile = <All secrets should be provided in the configuration and applied after the import for the state to be consistent. 54 | 55 | ```sh 56 | terraform import codefresh_account_idp.test 57 | ``` 58 | -------------------------------------------------------------------------------- /templates/resources/idp_accounts.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example usage 13 | 14 | ```hcl 15 | resource "codefresh_account" "test" { 16 | name = "" 17 | } 18 | 19 | resource "codefresh_idp_accounts" "test" { 20 | 21 | idp = "azure" 22 | 23 | accounts = [ 24 | codefresh_account.test.id, 25 | "" 26 | ] 27 | } 28 | ``` 29 | 30 | {{ .SchemaMarkdown | trimspace }} 31 | 32 | ## Import 33 | 34 | ```sh 35 | terraform import codefresh_idp_accounts.test xxxxxxxxxxxxxxxxxxx 36 | ``` 37 | -------------------------------------------------------------------------------- /templates/resources/permission.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | See the [Access Control documentation](https://codefresh.io/docs/docs/administration/account-user-management/access-control/). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_team" "developers" { 18 | name = "developers" 19 | 20 | users = [ 21 | "5efc3cb6355c6647041b6e49", 22 | "59009221c102763beda7cf04" 23 | ] 24 | } 25 | 26 | resource "codefresh_permission" "developers" { 27 | 28 | team = codefresh_team.developers.id 29 | resource = "pipeline" 30 | action = "run" 31 | tags = [ 32 | "demo", 33 | "test" 34 | ] 35 | } 36 | ``` 37 | 38 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/resources/pipeline.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/configure-ci-cd-pipeline/introduction-to-codefresh-pipelines/) for the details. 13 | 14 | ~> **NOTE:** `cron_trigger` conflicts with the deprecated [codefresh_pipeline_cron_trigger](https://registry.terraform.io/providers/codefresh-io/codefresh/latest/docs/resources/pipeline_cron_trigger) resource. 15 | 16 | ~> **v1.0 Changed behavior:** Previously, `permit_restart_from_failed_steps = false` resulted in “Permit restart from failed step: Use account settings”. 17 | From now on, setting `permit_restart_from_failed_steps = false` will result in “Permit restart from failed step: Forbid”. To keep previous behavior, set `permit_restart_from_failed_steps_use_account_settings = true`. 18 | 19 | ## Example Usage 20 | 21 | ```hcl 22 | resource "codefresh_project" "test" { 23 | name = "myproject" 24 | } 25 | 26 | resource "codefresh_pipeline" "test" { 27 | 28 | lifecycle { 29 | ignore_changes = [ 30 | revision 31 | ] 32 | } 33 | 34 | name = "${codefresh_project.test.name}/react-sample-app" 35 | 36 | tags = [ 37 | "production", 38 | "docker", 39 | ] 40 | 41 | spec { 42 | concurrency = 1 43 | branch_concurrency = 1 44 | trigger_concurrency = 1 45 | 46 | priority = 5 47 | 48 | spec_template { 49 | repo = "codefresh-contrib/react-sample-app" 50 | path = "./codefresh.yml" 51 | revision = "master" 52 | context = "git" 53 | } 54 | 55 | contexts = [ 56 | "context1-name", 57 | "context2-name", 58 | ] 59 | 60 | trigger { 61 | branch_regex = "/.*/gi" 62 | context = "git" 63 | description = "Trigger for commits" 64 | disabled = false 65 | events = [ 66 | "push.heads" 67 | ] 68 | modified_files_glob = "" 69 | name = "commits" 70 | provider = "github" 71 | repo = "codefresh-contrib/react-sample-app" 72 | type = "git" 73 | } 74 | 75 | trigger { 76 | branch_regex = "/.*/gi" 77 | context = "git" 78 | description = "Trigger for tags" 79 | disabled = false 80 | events = [ 81 | "push.tags" 82 | ] 83 | modified_files_glob = "" 84 | commit_status_title = "tags-trigger" 85 | name = "tags" 86 | provider = "github" 87 | repo = "codefresh-contrib/react-sample-app" 88 | type = "git" 89 | } 90 | 91 | variables = { 92 | MY_PIP_VAR = "value" 93 | ANOTHER_PIP_VAR = "another_value" 94 | } 95 | } 96 | } 97 | ``` 98 | 99 | {{ .SchemaMarkdown | trimspace }} 100 | 101 | ## Import 102 | 103 | ```sh 104 | terraform import codefresh_pipeline.test xxxxxxxxxxxxxxxxxxx 105 | ``` 106 | -------------------------------------------------------------------------------- /templates/resources/pipeline_cron_trigger.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/configure-ci-cd-pipeline/triggers/cron-triggers/). 13 | 14 | ~> **DEPRECATED:** This resource is being deprecated in favor of the `cron_trigger` attribute of the [codefresh_pipeline](https://registry.terraform.io/providers/codefresh-io/codefresh/latest/docs/resources/pipeline) resource. 15 | 16 | ## Example usage 17 | 18 | ```hcl 19 | resource "codefresh_project" "test" { 20 | name = "myproject" 21 | } 22 | 23 | resource "codefresh_pipeline" "test" { 24 | 25 | name = "${codefresh_project.test.name}/react-sample-app" 26 | 27 | ... 28 | } 29 | 30 | resource "codefresh_pipeline_cron_trigger" "test" { 31 | pipeline_id = codefresh_pipeline.test.id 32 | expression = "*/1 * * * *" 33 | message = "Example Cron Trigger" 34 | } 35 | ``` 36 | 37 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/resources/project.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | More about pipeline concepts see in the [official documentation](https://codefresh.io/docs/docs/configure-ci-cd-pipeline/pipelines/#pipeline-concepts). 13 | 14 | ## Example Usage 15 | 16 | ```hcl 17 | resource "codefresh_project" "test" { 18 | name = "myproject" 19 | 20 | tags = [ 21 | "production", 22 | "docker", 23 | ] 24 | 25 | variables = { 26 | go_version = "1.13" 27 | } 28 | } 29 | ``` 30 | 31 | {{ .SchemaMarkdown | trimspace }} 32 | 33 | ## Import 34 | 35 | ```sh 36 | terraform import codefresh_project.test xxxxxxxxxxxxxxxxxxx 37 | ``` 38 | -------------------------------------------------------------------------------- /templates/resources/registry.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | For more details see the [Codefresh Docker Registries](https://codefresh.io/docs/docs/integrations/docker-registries/) 13 | 14 | 15 | ## Concurrency Limitation 16 | 17 | Codefresh Registry API was not designed initially to handle concurrent modifications on `registry` entity. 18 | Thus, you need to take one of the following approaches to avoid **errors** and **non-expected behavior**: 19 | 20 | 1) run terraform write operations with `-parallelism=1` option 21 | ```shell 22 | terraform apply -parallelism=1 23 | terraform destroy -parallelism=1 24 | ``` 25 | 26 | 2) make each registry resource `depend_on` each other - so the CRUD operations will be performed for each registry **sequentially** 27 | ```hcl 28 | resource "codefresh_registry" "dockerhub" { 29 | name = "dockerhub" 30 | 31 | spec { 32 | dockerhub { 33 | # some specific fields here 34 | } 35 | } 36 | } 37 | 38 | # this registry will depend on the "dockerhub" registry 39 | resource "codefresh_registry" "gcr" { 40 | name = "gcr" 41 | 42 | depends_on = [codefresh_registry.dockerhub] 43 | spec { 44 | gcr { 45 | # some specific fields here 46 | } 47 | } 48 | } 49 | ``` 50 | 51 | ## Supported Registry Providers 52 | 53 | Currently, Codefresh supports the following registry providers: 54 | * dockerhub - [Docker Hub](https://codefresh.io/docs/docs/integrations/docker-registries/docker-hub/) 55 | * acr - [Azure Container Registry](https://codefresh.io/docs/docs/integrations/docker-registries/azure-docker-registry) 56 | * gcr - [Google Container Registry](https://codefresh.io/docs/docs/integrations/docker-registries/google-container-registry) 57 | * gar - [Google Artifact Registry](https://codefresh.io/docs/docs/integrations/docker-registries/google-artifact-registry) 58 | * ecr - [Amazon EC2 Container Registry](https://codefresh.io/docs/docs/integrations/docker-registries/amazon-ec2-container-registry) 59 | * bintray - [Bintray / Artifactory](https://codefresh.io/docs/docs/integrations/docker-registries/bintray-io) 60 | * other - any other provider including [Quay](https://codefresh.io/docs/docs/integrations/docker-registries/quay-io) and [Github Container Registry](https://codefresh.io/docs/docs/integrations/docker-registries/github-container-registry). See the [docs](https://codefresh.io/docs/docs/integrations/docker-registries/other-registries). 61 | 62 | ### Resource Spec 63 | 64 | Each registry resource have some common fields and specific ones stored under the `spec`. Here is the template: 65 | 66 | ```hcl 67 | resource "codefresh_registry" "some_registry" { 68 | name = "some_name" 69 | default = false 70 | primary = true 71 | fallback_registry = codefresh_registry.some_other_registry.id 72 | 73 | spec { 74 | { 75 | # some specific fields here 76 | } 77 | } 78 | } 79 | ``` 80 | 81 | {{ .SchemaMarkdown | trimspace }} 82 | 83 | ```sh 84 | terraform import codefresh_registry.test xxxxxxxxxxxxxxxxxxx 85 | ``` -------------------------------------------------------------------------------- /templates/resources/service_account.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | For more information about service accounts in Codefresh see [official documentation](https://codefresh.io/docs/docs/administration/account-user-management/service-accounts). 13 | 14 | It is also possible to generate API tokens for service accounts, see the documentation for `codefresh_api_key` resource for usage example. 15 | 16 | ## Example Usage 17 | 18 | ```hcl 19 | data "codefresh_team" "serviceaccounts" { 20 | name = "service-accounts" 21 | } 22 | 23 | resource "codefresh_service_account" "example" { 24 | name = "tf-test1" 25 | assign_admin_role = true 26 | assigned_teams = [data.codefresh_team.serviceaccounts.id] 27 | } 28 | ``` 29 | 30 | {{ .SchemaMarkdown | trimspace }} 31 | 32 | ## Import 33 | 34 | ```sh 35 | terraform import codefresh_service_account.test xxxxxxxxxxxxxxxxxxx 36 | ``` 37 | -------------------------------------------------------------------------------- /templates/resources/step_types.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | More about custom steps in the [official documentation](https://codefresh.io/docs/docs/codefresh-yaml/steps/#creating-a-typed-codefresh-plugin). 13 | 14 | ## Known limitations and disclaimers 15 | 16 | ### Version and name in yaml Metadata are ignored. 17 | 18 | The version and name of the step declared in the yaml files are superseeded by the attributes specified at resource level: 19 | - `name` : at top level 20 | - `version_numer`: specified in the `version` block 21 | The above are added/replaced at runtime time. 22 | 23 | ### Number of API requests 24 | 25 | This resource makes a lot of additional API calls to validate the steps and retrieve all the version available. 26 | Caution is recommended on the amount of versions maintained and the number of resources defined in a single project. 27 | 28 | 29 | ## Example Usage 30 | 31 | ```hcl 32 | 33 | data "codefresh_current_account" "acc" { 34 | } 35 | 36 | resource "codefresh_step_types_versions" "my-custom-step" { 37 | name = "${data.codefresh_current_account.acc.name}/my-custom-step" 38 | 39 | version { 40 | version_number = "0.0.1" 41 | step_types_yaml = file("./templates/plugin-0.0.1.yaml") 42 | } 43 | version { 44 | version_number = "0.0.2" 45 | step_types_yaml = file("./templates/plugin-0.0.2.yaml") 46 | } 47 | .... 48 | } 49 | ``` 50 | 51 | {{ .SchemaMarkdown | trimspace }} 52 | -------------------------------------------------------------------------------- /templates/resources/team.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | See the [documentation](https://codefresh.io/docs/docs/administration/access-control/). 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_team" "developers" { 18 | 19 | name = "developers" 20 | 21 | users = [ 22 | "5efc3cb6355c6647041b6e49", 23 | "59009221c102763beda7cf04" 24 | ] 25 | } 26 | ``` 27 | 28 | {{ .SchemaMarkdown | trimspace }} -------------------------------------------------------------------------------- /templates/resources/user.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | 13 | 14 | ## Example usage 15 | 16 | ```hcl 17 | resource "codefresh_account" "test" { 18 | 19 | name = "mynewaccount" 20 | 21 | limits { 22 | collaborators = 25 23 | data_retention_weeks = 5 24 | } 25 | 26 | build { 27 | parallel = 2 28 | } 29 | } 30 | 31 | resource "codefresh_user" "new" { 32 | email = "" 33 | user_name = "" 34 | 35 | activate = true 36 | 37 | roles = [ 38 | "Admin", 39 | "User" 40 | ] 41 | 42 | login { 43 | idp_id = data.codefresh_idps.idp_azure.id 44 | sso = true 45 | } 46 | 47 | login { 48 | idp_id = data.codefresh_idps.local.id 49 | //sso = false 50 | } 51 | 52 | 53 | personal { 54 | first_name = "John" 55 | last_name = "Smith" 56 | } 57 | 58 | accounts = [ 59 | codefresh_account.test.id, 60 | "59009117c102763beda7ce71", 61 | ] 62 | } 63 | ``` 64 | 65 | {{ .SchemaMarkdown | trimspace }} 66 | 67 | ## Import 68 | 69 | ```sh 70 | terraform import codefresh_user.new xxxxxxxxxxxxxxxxxxx 71 | ``` 72 | 73 | -------------------------------------------------------------------------------- /test_data/step_types/testStepTypesOrder.yaml: -------------------------------------------------------------------------------- 1 | spec: 2 | steps: 3 | first_message: 4 | name: firstMessage 5 | check_second_message_order_maintained: 6 | name: secondMessage 7 | -------------------------------------------------------------------------------- /test_data/step_types/testStepWithRuntimeData.yaml: -------------------------------------------------------------------------------- 1 | kind: step-type 2 | metadata: 3 | description: Testing step 4 | examples: 5 | - description: test 6 | workflow: 7 | steps: 8 | test_step: 9 | title: Test step 10 | type: test/steps 11 | version: "1.0" 12 | isPublic: false 13 | latest: true 14 | name: test/step 15 | official: false 16 | stage: incubating 17 | version: 0.0.0 18 | spec: 19 | steps: 20 | first_message: 21 | commands: 22 | - echo "Message first step" 23 | image: alpine 24 | name: firstMessage 25 | title: Info message 26 | second_message: 27 | commands: 28 | - echo "Message second step" 29 | image: alpine 30 | name: secondMessage 31 | title: Info message 32 | version: "1.0" 33 | -------------------------------------------------------------------------------- /test_data/step_types/testSteps.yaml: -------------------------------------------------------------------------------- 1 | kind: step-type 2 | metadata: 3 | description: Testing step 4 | examples: 5 | - description: test 6 | workflow: 7 | steps: 8 | test_step: 9 | title: Test step 10 | type: test/steps 11 | version: "1.0" 12 | isPublic: false 13 | official: false 14 | stage: incubating 15 | spec: 16 | steps: 17 | first_message: 18 | commands: 19 | - echo "Message first step" 20 | image: alpine 21 | name: firstMessage 22 | title: Info message 23 | second_message: 24 | commands: 25 | - echo "Message second step" 26 | image: alpine 27 | name: secondMessage 28 | title: Info message 29 | version: "1.0" 30 | -------------------------------------------------------------------------------- /test_data/step_types/testStepsTemplate.yaml: -------------------------------------------------------------------------------- 1 | kind: step-type 2 | metadata: 3 | description: Testing stepsTemplate 4 | examples: 5 | - description: test 6 | workflow: 7 | steps: 8 | test_step: 9 | title: Test stepsTemplate 10 | type: test/stepsTemplate 11 | version: "1.0" 12 | isPublic: false 13 | official: false 14 | stage: incubating 15 | spec: 16 | delimiters: 17 | left: '[[' 18 | right: ']]' 19 | stepsTemplate: |- 20 | first_message: 21 | name: firstMessage 22 | title: Info message 23 | image: alpine 24 | commands: 25 | - echo "Message first step" 26 | check_second_message_is_maintain_in_order: 27 | name: secondMessage 28 | title: Info message 29 | image: alpine 30 | commands: 31 | - echo "Message second step" 32 | version: "1.0" 33 | -------------------------------------------------------------------------------- /tf_modules/account_token/main.tf: -------------------------------------------------------------------------------- 1 | data "codefresh_account" "acc" { 2 | name = var.account_name != ""? var.account_name : "" 3 | _id = var.account_id != ""? var.account_id : "" 4 | 5 | } 6 | 7 | resource "random_string" "random" { 8 | length = 16 9 | special = false 10 | } 11 | 12 | resource "codefresh_api_key" "new" { 13 | account_id = data.codefresh_account.acc.id 14 | user_id = data.codefresh_account.acc.admins[0] 15 | name = "tfkey_${random_string.random.result}" 16 | 17 | scopes = [ 18 | "agent", 19 | "agents", 20 | "audit", 21 | "build", 22 | "cluster", 23 | "clusters", 24 | "environments-v2", 25 | "github-action", 26 | "helm", 27 | "kubernetes", 28 | "pipeline", 29 | "project", 30 | "repos", 31 | "runner-installation", 32 | "step-type", 33 | "step-types", 34 | "view", 35 | "workflow", 36 | ] 37 | } 38 | 39 | output "token" { 40 | value = codefresh_api_key.new.token 41 | } 42 | 43 | output "account_name" { 44 | value = data.codefresh_account.acc.name 45 | } 46 | 47 | output "account_id" { 48 | value = data.codefresh_account.acc.id 49 | } -------------------------------------------------------------------------------- /tf_modules/account_token/provider.tf: -------------------------------------------------------------------------------- 1 | provider "codefresh" { 2 | api_url = var.api_url 3 | token = var.token 4 | } -------------------------------------------------------------------------------- /tf_modules/account_token/vars.tf: -------------------------------------------------------------------------------- 1 | variable api_url { 2 | type = string 3 | } 4 | 5 | # 6 | variable token { 7 | type = string 8 | default = "" 9 | } 10 | 11 | variable account_id { 12 | type = string 13 | default = "" 14 | } 15 | 16 | variable account_name { 17 | type = string 18 | default = "" 19 | } -------------------------------------------------------------------------------- /tf_modules/account_tokens/main.tf: -------------------------------------------------------------------------------- 1 | data "codefresh_account" "acc" { 2 | for_each = var.accounts 3 | name = each.value 4 | } 5 | 6 | resource "random_string" "random" { 7 | for_each = var.accounts 8 | length = 5 9 | special = false 10 | } 11 | 12 | resource "codefresh_api_key" "new" { 13 | for_each = var.accounts 14 | account_id = data.codefresh_account.acc[each.value].id 15 | user_id = data.codefresh_account.acc[each.value].admins[0] 16 | name = "tfkey_${random_string.random[each.value].result}" 17 | 18 | scopes = [ 19 | "agent", 20 | "agents", 21 | "audit", 22 | "build", 23 | "cluster", 24 | "clusters", 25 | "environments-v2", 26 | "github-action", 27 | "helm", 28 | "kubernetes", 29 | "pipeline", 30 | "project", 31 | "repos", 32 | "runner-installation", 33 | "step-type", 34 | "step-types", 35 | "view", 36 | "workflow", 37 | ] 38 | } 39 | 40 | output "tokens" { 41 | value = { 42 | for acc, token in codefresh_api_key.new: 43 | acc => token.token 44 | } 45 | } -------------------------------------------------------------------------------- /tf_modules/account_tokens/provider.tf: -------------------------------------------------------------------------------- 1 | provider "codefresh" { 2 | api_url = var.api_url 3 | token = var.admin_token 4 | } -------------------------------------------------------------------------------- /tf_modules/account_tokens/vars.tf: -------------------------------------------------------------------------------- 1 | variable api_url { 2 | type = string 3 | } 4 | 5 | # 6 | variable admin_token { 7 | type = string 8 | default = "" 9 | } 10 | 11 | 12 | ## Set of account names 13 | variable accounts { 14 | type = set(string) 15 | } -------------------------------------------------------------------------------- /tf_modules/accounts_users/main.tf: -------------------------------------------------------------------------------- 1 | data "codefresh_idps" "idps" { 2 | for_each = var.default_idps 3 | _id = lookup(each.value, "_id", "") 4 | display_name = lookup(each.value, "display_name", "") 5 | client_name = lookup(each.value, "client_name", "") 6 | client_type = lookup(each.value, "client_type", "") 7 | } 8 | 9 | resource "codefresh_account" "acc" { 10 | for_each = var.accounts 11 | name = each.key 12 | 13 | features = var.default_account_features 14 | 15 | limits { 16 | collaborators = lookup(var.default_acccount_limits, "collaborators", 10) 17 | } 18 | 19 | build { 20 | parallel = lookup(var.default_acccount_limits, "parallel_builds", 1) 21 | } 22 | 23 | } 24 | 25 | resource "codefresh_idp_accounts" "acc_idp" { 26 | for_each = var.default_idps 27 | idp_id = data.codefresh_idps.idps[each.key].id 28 | account_ids = values(codefresh_account.acc)[*].id 29 | } 30 | 31 | resource "codefresh_user" "users" { 32 | for_each = var.users 33 | user_name = each.key 34 | email = each.value.email 35 | 36 | accounts = [ 37 | for acc_name in each.value.accounts: codefresh_account.acc[acc_name].id 38 | ] 39 | 40 | activate = true 41 | 42 | roles = each.value.global_admin ? ["Admin","User"] : ["User"] 43 | 44 | dynamic "login" { 45 | for_each = var.default_idps 46 | content { 47 | idp_id = data.codefresh_idps.idps[login.key].id 48 | sso = login.value.sso 49 | } 50 | } 51 | 52 | personal { 53 | first_name = each.value.personal.first_name 54 | last_name = each.value.personal.last_name 55 | } 56 | } 57 | 58 | resource "codefresh_account_admins" "acc_admins" { 59 | for_each = toset(flatten([ 60 | for u in var.users: 61 | u.admin_of_accounts if length(u.admin_of_accounts) > 0 62 | ])) 63 | 64 | account_id = codefresh_account.acc[each.value].id 65 | users = [ 66 | for k, u in var.users: 67 | codefresh_user.users[k].id if contains(u.admin_of_accounts, each.key) 68 | ] 69 | } -------------------------------------------------------------------------------- /tf_modules/accounts_users/output.tf: -------------------------------------------------------------------------------- 1 | output "idps" { 2 | value = { 3 | for idp in data.codefresh_idps.idps: 4 | idp.id => { client_name = idp.client_name, 5 | display_name = idp.display_name 6 | } 7 | } 8 | } 9 | output "accounts" { 10 | value = { 11 | for acc in codefresh_account.acc: 12 | acc.id => acc.name 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /tf_modules/accounts_users/provider.tf: -------------------------------------------------------------------------------- 1 | provider "codefresh" { 2 | api_url = var.api_url 3 | token = var.token 4 | } -------------------------------------------------------------------------------- /tf_modules/accounts_users/vars.tf: -------------------------------------------------------------------------------- 1 | variable api_url { 2 | type = string 3 | } 4 | 5 | # 6 | variable token { 7 | type = string 8 | default = "" 9 | } 10 | 11 | variable default_account_features { 12 | type = map(any) 13 | default = { 14 | OfflineLogging = true, 15 | ssoManagement = true, 16 | teamsManagement = true, 17 | abac = true, 18 | customKubernetesCluster = true, 19 | launchDarklyManagement = false, 20 | } 21 | } 22 | 23 | variable default_acccount_limits { 24 | type = map(any) 25 | default = { 26 | collaborators = 100 27 | parallel_builds = 10 28 | } 29 | } 30 | 31 | variable default_idps { 32 | type = map(any) 33 | default = { 34 | local = { 35 | display_name = "local" 36 | sso = false 37 | } 38 | } 39 | } 40 | 41 | variable accounts { 42 | type = map(any) 43 | } 44 | 45 | variable users { 46 | //type = map(any) 47 | } 48 | 49 | -------------------------------------------------------------------------------- /tf_modules/teams/main.tf: -------------------------------------------------------------------------------- 1 | data "codefresh_current_account" "acc" { 2 | 3 | } 4 | 5 | locals { 6 | user_ids = tomap({ 7 | for u in data.codefresh_current_account.acc.users: 8 | u.name => u.id 9 | }) 10 | 11 | } 12 | 13 | resource "codefresh_team" "teams" { 14 | for_each = var.teams 15 | name = each.key 16 | 17 | users = [for u in each.value: lookup(local.user_ids, u)] 18 | } 19 | -------------------------------------------------------------------------------- /tf_modules/teams/output.tf: -------------------------------------------------------------------------------- 1 | output "users" { 2 | value = local.user_ids 3 | } 4 | output "teams" { 5 | value = codefresh_team.teams 6 | } 7 | -------------------------------------------------------------------------------- /tf_modules/teams/vars.tf: -------------------------------------------------------------------------------- 1 | # variable api_url { 2 | # type = string 3 | # } 4 | 5 | # variable token { 6 | # type = string 7 | # default = "" 8 | # } 9 | 10 | # teams map[team_name]usersList 11 | # { 12 | # developers = ["user1", "user3"] 13 | # managers = ["user3", "user2"] 14 | # } 15 | variable teams { 16 | type = map(any) 17 | } 18 | -------------------------------------------------------------------------------- /tools.go: -------------------------------------------------------------------------------- 1 | //go:build tools 2 | // +build tools 3 | 4 | package main 5 | 6 | import ( 7 | _ "github.com/bflad/tfproviderlint/cmd/tfproviderlint" 8 | _ "github.com/golangci/golangci-lint/cmd/golangci-lint" 9 | _ "github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs" 10 | ) 11 | --------------------------------------------------------------------------------