From cc1beb8e081549d3c8f458c01ccf28417bfa3d1e Mon Sep 17 00:00:00 2001 From: Toby Brain Date: Tue, 29 Oct 2024 08:57:29 +1100 Subject: [PATCH 1/3] Support description in role data source --- .../security/role_data_source.go | 5 ++ .../security/role_data_source_test.go | 52 +++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/internal/elasticsearch/security/role_data_source.go b/internal/elasticsearch/security/role_data_source.go index fe8933a85..3b2ffc294 100644 --- a/internal/elasticsearch/security/role_data_source.go +++ b/internal/elasticsearch/security/role_data_source.go @@ -21,6 +21,11 @@ func DataSourceRole() *schema.Resource { Type: schema.TypeString, Required: true, }, + "description": { + Description: "The description of the role.", + Type: schema.TypeString, + Computed: true, + }, "applications": { Description: "A list of application privilege entries.", Type: schema.TypeSet, diff --git a/internal/elasticsearch/security/role_data_source_test.go b/internal/elasticsearch/security/role_data_source_test.go index 33778129e..1fbebe705 100644 --- a/internal/elasticsearch/security/role_data_source_test.go +++ b/internal/elasticsearch/security/role_data_source_test.go @@ -49,6 +49,23 @@ func TestAccDataSourceSecurityRole(t *testing.T) { resource.TestCheckTypeSetElemAttr("data.elasticstack_elasticsearch_security_role.test", "remote_indices.*.names.*", "sample2"), ), }, + { + Config: testAccDataSourceSecurityRoleWithDescription, + SkipFunc: versionutils.CheckIfVersionIsUnsupported(minSupportedDescriptionVersion), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("data.elasticstack_elasticsearch_security_role.test", "name", "data_source_test"), + resource.TestCheckTypeSetElemAttr("data.elasticstack_elasticsearch_security_role.test", "cluster.*", "all"), + utils.TestCheckResourceListAttr("data.elasticstack_elasticsearch_security_role.test", "indices.0.names", []string{"index1", "index2"}), + resource.TestCheckTypeSetElemAttr("data.elasticstack_elasticsearch_security_role.test", "indices.0.privileges.*", "all"), + resource.TestCheckResourceAttr("data.elasticstack_elasticsearch_security_role.test", "indices.0.allow_restricted_indices", "true"), + resource.TestCheckResourceAttr("data.elasticstack_elasticsearch_security_role.test", "applications.0.application", "myapp"), + utils.TestCheckResourceListAttr("data.elasticstack_elasticsearch_security_role.test", "applications.0.privileges", []string{"admin", "read"}), + resource.TestCheckTypeSetElemAttr("data.elasticstack_elasticsearch_security_role.test", "applications.0.resources.*", "*"), + resource.TestCheckTypeSetElemAttr("data.elasticstack_elasticsearch_security_role.test", "run_as.*", "other_user"), + resource.TestCheckResourceAttr("data.elasticstack_elasticsearch_security_role.test", "metadata", `{"version":1}`), + resource.TestCheckResourceAttr("data.elasticstack_elasticsearch_security_role.test", "description", `Test data source`), + ), + }, }, }) } @@ -86,6 +103,41 @@ data "elasticstack_elasticsearch_security_role" "test" { } ` +const testAccDataSourceSecurityRoleWithDescription = ` +provider "elasticstack" { + elasticsearch {} +} + +resource "elasticstack_elasticsearch_security_role" "test" { + name = "data_source_test" + cluster = ["all"] + + indices { + names = ["index1", "index2"] + privileges = ["all"] + allow_restricted_indices = true + } + + applications { + application = "myapp" + privileges = ["admin", "read"] + resources = ["*"] + } + + run_as = ["other_user"] + + metadata = jsonencode({ + version = 1 + }) + + description = "Test data source" +} + +data "elasticstack_elasticsearch_security_role" "test" { + name = elasticstack_elasticsearch_security_role.test.name +} +` + const testAccDataSourceSecurityRoleRemoteIndices = ` provider "elasticstack" { elasticsearch {} From 6e2df61948706475798da78283594b6b7820f053 Mon Sep 17 00:00:00 2001 From: Toby Brain Date: Tue, 29 Oct 2024 09:14:45 +1100 Subject: [PATCH 2/3] Generate docs --- docs/data-sources/elasticsearch_security_role.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/data-sources/elasticsearch_security_role.md b/docs/data-sources/elasticsearch_security_role.md index 6e917b674..9663e0d3d 100644 --- a/docs/data-sources/elasticsearch_security_role.md +++ b/docs/data-sources/elasticsearch_security_role.md @@ -42,6 +42,7 @@ output "role" { - `applications` (Set of Object) A list of application privilege entries. (see [below for nested schema](#nestedatt--applications)) - `cluster` (Set of String) A list of cluster privileges. These privileges define the cluster level actions that users with this role are able to execute. +- `description` (String) The description of the role. - `global` (String) An object defining global privileges. - `id` (String) Internal identifier of the resource - `indices` (Set of Object) A list of indices permissions entries. (see [below for nested schema](#nestedatt--indices)) From be4a4b52b406e763fd4341fada72035dbd2f38fb Mon Sep 17 00:00:00 2001 From: Toby Brain Date: Tue, 29 Oct 2024 09:16:21 +1100 Subject: [PATCH 3/3] Changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 62dc1deeb..1ccedf2f9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,7 @@ ## [Unreleased] - Use the auto-generated OAS schema from elastic/kibana for the Fleet API. ([#834](https://github.com/elastic/terraform-provider-elasticstack/issues/834)) +- Support description in `elasticstack_elasticsearch_security_role` data sources. ([#884](https://github.com/elastic/terraform-provider-elasticstack/pull/884)) ## [0.11.11] - 2024-10-25