Merge pull request #264 from ilpianista/feature/data-gitlab-group-membership

Add new data source gitlab_group_membership

Author: armsnyder

gitlab/data_source_gitlab_group_membership.go

@@ -0,0 +1,172 @@
+package gitlab
+
+import (
+	"fmt"
+	"log"
+	"strconv"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/xanzy/go-gitlab"
+)
+
+func dataSourceGitlabGroupMembership() *schema.Resource {
+	acceptedAccessLevels := make([]string, 0, len(accessLevelID))
+	for k := range accessLevelID {
+		acceptedAccessLevels = append(acceptedAccessLevels, k)
+	}
+	return &schema.Resource{
+		Read: dataSourceGitlabGroupMembershipRead,
+		Schema: map[string]*schema.Schema{
+			"group_id": {
+				Type:     schema.TypeInt,
+				Computed: true,
+				Optional: true,
+				ConflictsWith: []string{
+					"full_path",
+				},
+			},
+			"full_path": {
+				Type:     schema.TypeString,
+				Computed: true,
+				Optional: true,
+				ConflictsWith: []string{
+					"group_id",
+				},
+			},
+			"access_level": {
+				Type:         schema.TypeString,
+				Computed:     true,
+				Optional:     true,
+				ValidateFunc: validateValueFunc(acceptedAccessLevels),
+			},
+			"members": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"id": {
+							Type:     schema.TypeInt,
+							Computed: true,
+						},
+						"username": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"name": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"state": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"avatar_url": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"web_url": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"access_level": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"expires_at": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func dataSourceGitlabGroupMembershipRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*gitlab.Client)
+
+	var gm []*gitlab.GroupMember
+	var group *gitlab.Group
+	var err error
+
+	log.Printf("[INFO] Reading Gitlab group")
+
+	groupIDData, groupIDOk := d.GetOk("group_id")
+	fullPathData, fullPathOk := d.GetOk("full_path")
+
+	if groupIDOk {
+		// Get group by id
+		group, _, err = client.Groups.GetGroup(groupIDData.(int))
+		if err != nil {
+			return err
+		}
+	} else if fullPathOk {
+		// Get group by full path
+		group, _, err = client.Groups.GetGroup(fullPathData.(string))
+		if err != nil {
+			return err
+		}
+	} else {
+		return fmt.Errorf("one and only one of group_id or full_path must be set")
+	}
+
+	log.Printf("[INFO] Reading Gitlab group memberships")
+
+	// Get group memberships
+	gm, _, err = client.Groups.ListGroupMembers(group.ID, &gitlab.ListGroupMembersOptions{})
+	if err != nil {
+		return err
+	}
+
+	d.Set("group_id", group.ID)
+	d.Set("full_path", group.FullPath)
+
+	d.Set("members", flattenGitlabMembers(d, gm))
+
+	var optionsHash strings.Builder
+	optionsHash.WriteString(strconv.Itoa(group.ID))
+
+	if data, ok := d.GetOk("access_level"); ok {
+		optionsHash.WriteString(data.(string))
+	}
+
+	id := schema.HashString(optionsHash.String())
+	d.SetId(fmt.Sprintf("%d", id))
+
+	return nil
+}
+
+func flattenGitlabMembers(d *schema.ResourceData, members []*gitlab.GroupMember) []interface{} {
+	membersList := []interface{}{}
+
+	var filterAccessLevel gitlab.AccessLevelValue = gitlab.NoPermissions
+	if data, ok := d.GetOk("access_level"); ok {
+		filterAccessLevel = accessLevelID[data.(string)]
+	}
+
+	for _, member := range members {
+		if filterAccessLevel != gitlab.NoPermissions && filterAccessLevel != member.AccessLevel {
+			continue
+		}
+
+		values := map[string]interface{}{
+			"id":           member.ID,
+			"username":     member.Username,
+			"name":         member.Name,
+			"state":        member.State,
+			"avatar_url":   member.AvatarURL,
+			"web_url":      member.WebURL,
+			"access_level": accessLevel[gitlab.AccessLevelValue(member.AccessLevel)],
+		}
+
+		if member.ExpiresAt != nil {
+			values["expires_at"] = member.ExpiresAt.String()
+		}
+
+		membersList = append(membersList, values)
+	}
+
+	return membersList
+}

gitlab/data_source_gitlab_group_membership_test.go

@@ -0,0 +1,91 @@
+package gitlab
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+)
+
+func TestAccDataSourceGitlabMembership_basic(t *testing.T) {
+	rInt := acctest.RandInt()
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			// Create the group and one member
+			{
+				Config: testAccDataSourceGitlabGroupMembershipConfig(rInt),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("gitlab_group.foo", "name", fmt.Sprintf("foo%d", rInt)),
+					resource.TestCheckResourceAttr("gitlab_user.test", "name", fmt.Sprintf("foo%d", rInt)),
+					resource.TestCheckResourceAttr("gitlab_group_membership.foo", "access_level", "developer"),
+				),
+			},
+			{
+				Config: testAccDataSourceGitlabGroupMembershipConfig_basic(rInt),
+				Check: resource.ComposeTestCheckFunc(
+					// Members is 2 because the user owning the token is always added to the group
+					resource.TestCheckResourceAttr("data.gitlab_group_membership.foo", "members.#", "2"),
+					resource.TestCheckResourceAttr("data.gitlab_group_membership.foo", "members.1.username", fmt.Sprintf("listest%d", rInt)),
+				),
+			},
+
+			// Get group using its ID, but return maintainers only
+			{
+				Config: testAccDataSourceGitlabGroupMembershipConfigFilterAccessLevel(rInt),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.gitlab_group_membership.foomaintainers", "members.#", "0"),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceGitlabGroupMembershipConfig(rInt int) string {
+	return fmt.Sprintf(`
+resource "gitlab_group" "foo" {
+  name = "foo%d"
+  path = "foo%d"
+}
+
+resource "gitlab_user" "test" {
+  name     = "foo%d"
+  username = "listest%d"
+  password = "test%dtt"
+  email    = "listest%[email protected]"
+}
+
+resource "gitlab_group_membership" "foo" {
+  group_id     = "${gitlab_group.foo.id}"
+  user_id      = "${gitlab_user.test.id}"
+  access_level = "developer"
+}`, rInt, rInt, rInt, rInt, rInt, rInt)
+}
+
+func testAccDataSourceGitlabGroupMembershipConfig_basic(rInt int) string {
+	return fmt.Sprintf(`
+resource "gitlab_group" "foo" {
+  name = "foo%d"
+  path = "foo%d"
+}
+
+data "gitlab_group_membership" "foo" {
+  group_id = "${gitlab_group.foo.id}"
+}`, rInt, rInt)
+}
+
+func testAccDataSourceGitlabGroupMembershipConfigFilterAccessLevel(rInt int) string {
+	return fmt.Sprintf(`
+resource "gitlab_group" "foo" {
+  name = "foo%d"
+  path = "foo%d"
+}
+
+data "gitlab_group_membership" "foomaintainers" {
+  group_id     = "${gitlab_group.foo.id}"
+  access_level = "maintainer"
+}`, rInt, rInt)
+}

gitlab/provider.go

@@ -54,11 +54,12 @@ func Provider() terraform.ResourceProvider {
 		},
 
 		DataSourcesMap: map[string]*schema.Resource{
-			"gitlab_group":    dataSourceGitlabGroup(),
-			"gitlab_project":  dataSourceGitlabProject(),
-			"gitlab_projects": dataSourceGitlabProjects(),
-			"gitlab_user":     dataSourceGitlabUser(),
-			"gitlab_users":    dataSourceGitlabUsers(),
+			"gitlab_group":            dataSourceGitlabGroup(),
+			"gitlab_group_membership": dataSourceGitlabGroupMembership(),
+			"gitlab_project":          dataSourceGitlabProject(),
+			"gitlab_projects":         dataSourceGitlabProjects(),
+			"gitlab_user":             dataSourceGitlabUser(),
+			"gitlab_users":            dataSourceGitlabUsers(),
 		},
 
 		ResourcesMap: map[string]*schema.Resource{

website/docs/d/group_membership.html.markdown

@@ -0,0 +1,56 @@
+---
+layout: "gitlab"
+page_title: "GitLab: gitlab_group_membership"
+sidebar_current: "docs-gitlab-data-source-group-membership"
+description: |-
+  Looks up gitlab group membership
+---
+
+# gitlab\_group\_membership
+
+Provides details about a list of group members in the gitlab provider. The results include id, username, name and more about the requested members.
+
+## Example Usage
+
+**By group's ID**
+
+```hcl
+data "gitlab_group_membership" "example" {
+  group_id = 123
+}
+```
+
+**By group's full path**
+
+```hcl
+data "gitlab_group_membership" "example" {
+  full_path = "foo/bar"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `group_id` - (Optional) The ID of the group.
+
+* `full_path` - (Optional) The full path of the group.
+
+* `access_level` - (Optional) Only return members with the desidered access level. Acceptable values are: `guest`, `reporter`, `developer`, `maintainer`, `owner`.
+
+**Note**: exactly one of group_id or full_path must be provided.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `members` - The list of group members.
+  * `id` - The unique id assigned to the user by the gitlab server.
+  * `username` - The username of the user.
+  * `name` - The name of the user.
+  * `state` - Whether the user is active or blocked.
+  * `avatar_url` - The avatar URL of the user.
+  * `web_url` - User's website URL.
+  * `access_level` - One of five levels of access to the group.
+  * `expires_at` - Expiration date for the group membership.
+

website/gitlab.erb

@@ -16,6 +16,9 @@
                 <li<%= sidebar_current("docs-gitlab-data-source-group") %>>
                     <a href="/docs/providers/gitlab/d/group.html">gitlab_group</a>
                 </li>
+                <li<%= sidebar_current("docs-gitlab-data-source-group-membership") %>>
+                    <a href="/docs/providers/gitlab/d/group_membership.html">gitlab_group_membership</a>
+                </li>
                 <li<%= sidebar_current("docs-gitlab-data-source-project") %>>
                     <a href="/docs/providers/gitlab/d/project.html">gitlab_project</a>
                 </li>