initial implementation

Author: ilia-medvedev-codefresh

codefresh/cfclient/service_user.go

@@ -0,0 +1,171 @@
+package cfclient
+
+import (
+	"fmt"
+	"golang.org/x/exp/slices"
+
+)
+
+type ServiceUser struct {
+	ID       	   string   `json:"_id,omitempty"`
+	Name 	 	   string   `json:"userName,omitempty"`
+	Teams  	       []Team   `json:"teams,omitempty"`
+	Roles 		   []string `json:"roles,omitempty"`
+}
+
+type ServiceUserCreateUpdate struct {
+	ID       	    string   `json:"_id,omitempty"`
+	Name 	 	    string   `json:"userName,omitempty"`
+	TeamIDs		    []string `json:"teamIds,omitempty"`
+	AssignAdminRole bool    `json:"assignAdminRole,omitempty"`
+}
+
+// GetID implement CodefreshObject interface
+func (serviceuser *ServiceUser) GetID() string {
+	return serviceuser.ID
+}
+
+func (serviceuser *ServiceUser) HasAdminRole() bool {
+	return slices.Contains(serviceuser.Roles, "Admin")
+}
+
+func (client *Client) GetServiceUserList() ([]ServiceUser, error) {
+	fullPath := "/service-users"
+	opts := RequestOptions{
+		Path:   fullPath,
+		Method: "GET",
+	}
+
+	resp, err := client.RequestAPI(&opts)
+
+	if err != nil {
+		return nil, err
+	}
+
+	var serviceusers []ServiceUser
+
+	err = DecodeResponseInto(resp, &serviceusers)
+	if err != nil {
+		return nil, err
+	}
+
+	return serviceusers, nil
+}
+
+func (client *Client) GetServiceUserByName(name string) (*ServiceUser, error) {
+
+	serviceusers, err := client.GetServiceUserList()
+	if err != nil {
+		return nil, err
+	}
+
+	for _, serviceuser := range serviceusers {
+		if serviceuser.Name == name {
+			return &serviceuser, nil
+		}
+	}
+
+	return nil, nil
+}
+
+func (client *Client) GetServiceUserByID(id string) (*ServiceUser, error) {
+
+	fullPath := fmt.Sprintf("/service-users/%s", id)
+	opts := RequestOptions{
+		Path:   fullPath,
+		Method: "GET",
+	}
+
+	resp, err := client.RequestAPI(&opts)
+
+	if err != nil {
+		return nil, err
+	}
+
+	var serviceuser ServiceUser
+
+	err = DecodeResponseInto(resp, &serviceuser)
+	if err != nil {
+		return nil, err
+	}
+
+	return &serviceuser, nil
+}
+
+func (client *Client) CreateServiceUser(serviceUserCreateUpdate *ServiceUserCreateUpdate) (*ServiceUser, error) {
+
+	fullPath := "/service-users"
+	body, err := EncodeToJSON(serviceUserCreateUpdate)
+
+	if err != nil {
+		return nil, err
+	}
+
+	opts := RequestOptions{
+		Path:   fullPath,
+		Method: "POST",
+		Body: body,
+	}
+
+	resp, err := client.RequestAPI(&opts)
+
+	if err != nil {
+		return nil, err
+	}
+
+	var serviceuser ServiceUser
+
+	err = DecodeResponseInto(resp, &serviceuser)
+	if err != nil {
+		return nil, err
+	}
+
+	return &serviceuser, nil
+}
+
+func (client *Client) UpdateServiceUser(serviceUserCreateUpdate *ServiceUserCreateUpdate) (*ServiceUser, error) {
+
+	fullPath := fmt.Sprintf("/service-users/%s", serviceUserCreateUpdate.ID)
+	body, err := EncodeToJSON(serviceUserCreateUpdate)
+
+	if err != nil {
+		return nil, err
+	}
+
+	opts := RequestOptions{
+		Path:   fullPath,
+		Method: "PATCH",
+		Body: body,
+	}
+
+	resp, err := client.RequestAPI(&opts)
+
+	if err != nil {
+		return nil, err
+	}
+
+	var serviceuser ServiceUser
+
+	err = DecodeResponseInto(resp, &serviceuser)
+	if err != nil {
+		return nil, err
+	}
+
+	return &serviceuser, nil
+}
+
+func (client *Client) DeleteServiceUser(id string) error {
+	fullPath := fmt.Sprintf("/service-users/%s", id)
+	opts := RequestOptions{
+		Path:   fullPath,
+		Method: "DELETE",
+	}
+
+	_, err := client.RequestAPI(&opts)
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

codefresh/provider.go

@@ -73,6 +73,7 @@ func Provider() *schema.Provider {
 			"codefresh_idp":                      resourceIdp(),
 			"codefresh_account_idp":              resourceAccountIdp(),
 			"codefresh_account_gitops_settings":  resourceAccountGitopsSettings(),
+			"codefresh_service_account":          resourceServiceAccount(),
 		},
 		ConfigureFunc: configureProvider,
 	}

codefresh/resource_service_user.go

@@ -0,0 +1,160 @@
+package codefresh
+
+import (
+	"fmt"
+
+	"github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient"
+	"github.com/codefresh-io/terraform-provider-codefresh/codefresh/internal/datautil"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func resourceServiceAccount() *schema.Resource {
+	return &schema.Resource{
+		Description: "A service account is an identity that provides automated processes, applications, and services with the necessary permissions to interact securely with the Codefresh platform",
+		Create:      resourceServiceAccountCreate,
+		Read:        resourceServiceAccountRead,
+		Update:      resourceServiceAccountUpdate,
+		Delete:      resourceServiceAccountDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Description: "Service account display name",
+				Type:        schema.TypeString,
+				Required:    true,
+			},
+			"assign_admin_role": {
+				Description: "Whether or not to assign account admin role to the service account",
+				Type: 	  schema.TypeBool,
+				Optional: true,
+				Default: false,
+			},
+			"assigned_teams": {
+				Description: "A list of team IDs the service account is be assigned to",
+				Type:        schema.TypeSet,
+				Optional:    true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+		},
+	}
+}
+
+func resourceServiceAccountCreate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*cfclient.Client)
+
+	newSerivceAccount := *mapResourceToServiceAccount(d)
+
+	resp, err := client.CreateServiceUser(&newSerivceAccount)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(resp.ID)
+
+	return nil
+}
+
+func resourceServiceAccountRead(d *schema.ResourceData, meta interface{}) error {
+
+	client := meta.(*cfclient.Client)
+
+	serviceAccountID := d.Id()
+
+	if serviceAccountID == "" {
+		d.SetId("")
+		return nil
+	}
+
+	serviceAccount, err := client.GetServiceUserByID(serviceAccountID)
+
+	if err != nil {
+		return err
+	}
+
+	err = mapServiceAccountToResource(serviceAccount, d)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func resourceServiceAccountUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*cfclient.Client)
+
+	updateServiceAccount := *mapResourceToServiceAccount(d)
+
+
+	_, err := client.UpdateServiceUser(&updateServiceAccount)
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func resourceServiceAccountDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*cfclient.Client)
+
+	err := client.DeleteServiceUser(d.Id())
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func mapServiceAccountToResource(serviceAccount *cfclient.ServiceUser, d *schema.ResourceData) error {
+
+	if serviceAccount == nil {
+		return fmt.Errorf("mapServiceAccountToResource - cannot find service account")
+	}
+	err := d.Set("name", serviceAccount.Name)
+
+	if err != nil {
+		return err
+	}
+
+	teamIds := []string{}
+
+	for _, team := range serviceAccount.Teams {
+		teamIds = append(teamIds, team.ID)
+	}
+
+	err = d.Set("assigned_teams", teamIds)
+
+	if err != nil {
+		return err
+	}
+
+	err = d.Set("assign_admin_role", serviceAccount.HasAdminRole())
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func flattenServiceAccountTeams(users []cfclient.TeamUser) []string {
+	res := []string{}
+	for _, user := range users {
+		res = append(res, user.ID)
+	}
+	return res
+}
+
+func mapResourceToServiceAccount(d *schema.ResourceData) *cfclient.ServiceUserCreateUpdate {
+
+	return &cfclient.ServiceUserCreateUpdate{
+		ID:             d.Id(),
+		Name:           d.Get("name").(string),
+		TeamIDs:        datautil.ConvertStringArr(d.Get("assigned_teams").(*schema.Set).List()),
+		AssignAdminRole: d.Get("assign_admin_role").(bool),
+	}
+}