Merge pull request #960 from timofurrer/feature/importer-36

Implement all missing importers

Author: timofurrer

docs/resources/deploy_token.md

@@ -59,6 +59,16 @@ resource "gitlab_deploy_token" "example" {
 
 ### Read-Only
 
-- **token** (String, Sensitive) The secret token. This is only populated when creating a new deploy token.
+- **token** (String, Sensitive) The secret token. This is only populated when creating a new deploy token. **Note**: The token is not available for imported resources.
 
+## Import
 
+Import is supported using the following syntax:
+
+```shell
+# GitLab deploy tokens can be imported using an id made up of `{type}:{type_id}:{deploy_token_id}`, where type is one of: project, group.
+terraform import gitlab_deploy_token.group_token group:1:3
+terraform import gitlab_deploy_token.project_token project:1:4
+
+# Note: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.
+```

docs/resources/project_access_token.md

@@ -50,7 +50,16 @@ resource "gitlab_project_variable" "example" {
 - **active** (Boolean) True if the token is active.
 - **created_at** (String) Time the token has been created, RFC3339 format.
 - **revoked** (Boolean) True if the token is revoked.
-- **token** (String, Sensitive) The secret token. This is only populated when creating a new project access token.
+- **token** (String, Sensitive) The secret token. **Note**: the token is not available for imported resources.
 - **user_id** (Number) The user_id associated to the token.
 
+## Import
 
+Import is supported using the following syntax:
+
+```shell
+# A GitLab Project Access Token can be imported using a key composed of `<project-id>:<token-id>`, e.g.
+terraform import gitlab_project_access_token.example "12345:1"
+
+# NOTE: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.
+```

docs/resources/project_hook.md

@@ -47,7 +47,16 @@ resource "gitlab_project_hook" "example" {
 - **push_events_branch_filter** (String) Invoke the hook for push events on matching branches only.
 - **releases_events** (Boolean) Invoke the hook for releases events.
 - **tag_push_events** (Boolean) Invoke the hook for tag push events.
-- **token** (String, Sensitive) A token to present when invoking the hook.
+- **token** (String, Sensitive) A token to present when invoking the hook. The token is not available for imported resources.
 - **wiki_page_events** (Boolean) Invoke the hook for wiki page events.
 
+## Import
 
+Import is supported using the following syntax:
+
+```shell
+# A GitLab Project Hook can be imported using a key composed of `<project-id>:<hook-id>`, e.g.
+terraform import gitlab_project_hook.example "12345:1"
+
+# NOTE: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.
+```

examples/resources/gitlab_deploy_token/import.sh

@@ -0,0 +1,5 @@
+# GitLab deploy tokens can be imported using an id made up of `{type}:{type_id}:{deploy_token_id}`, where type is one of: project, group.
+terraform import gitlab_deploy_token.group_token group:1:3
+terraform import gitlab_deploy_token.project_token project:1:4
+
+# Note: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.

examples/resources/gitlab_project_access_token/import.sh

@@ -0,0 +1,4 @@
+# A GitLab Project Access Token can be imported using a key composed of `<project-id>:<token-id>`, e.g.
+terraform import gitlab_project_access_token.example "12345:1"
+
+# NOTE: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.

examples/resources/gitlab_project_hook/import.sh

@@ -0,0 +1,4 @@
+# A GitLab Project Hook can be imported using a key composed of `<project-id>:<hook-id>`, e.g.
+terraform import gitlab_project_hook.example "12345:1"
+
+# NOTE: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.

internal/provider/resource_gitlab_deploy_token.go

@@ -6,6 +6,7 @@ import (
 	"log"
 	"net/http"
 	"strconv"
+	"strings"
 	"time"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
@@ -15,7 +16,6 @@ import (
 )
 
 var _ = registerResource("gitlab_deploy_token", func() *schema.Resource {
-	// lintignore: XR002 // TODO: Resolve this tfproviderlint issue
 	return &schema.Resource{
 		Description: `The ` + "`gitlab_deploy_token`" + ` resource allows to manage the lifecycle of group and project deploy tokens.
 
@@ -24,6 +24,9 @@ var _ = registerResource("gitlab_deploy_token", func() *schema.Resource {
 		CreateContext: resourceGitlabDeployTokenCreate,
 		ReadContext:   resourceGitlabDeployTokenRead,
 		DeleteContext: resourceGitlabDeployTokenDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: resourceGitlabDeployTokenStateImporter,
+		},
 
 		Schema: map[string]*schema.Schema{
 			"project": {
@@ -80,7 +83,7 @@ var _ = registerResource("gitlab_deploy_token", func() *schema.Resource {
 			},
 
 			"token": {
-				Description: "The secret token. This is only populated when creating a new deploy token.",
+				Description: "The secret token. This is only populated when creating a new deploy token. **Note**: The token is not available for imported resources.",
 				Type:        schema.TypeString,
 				Computed:    true,
 				Sensitive:   true,
@@ -257,3 +260,25 @@ func resourceGitlabDeployTokenDelete(ctx context.Context, d *schema.ResourceData
 
 	return nil
 }
+
+func resourceGitlabDeployTokenStateImporter(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
+	s := strings.Split(d.Id(), ":")
+	if len(s) != 3 {
+		d.SetId("")
+		return nil, fmt.Errorf("Invalid Deploy Token import format; expected '{type}:{type_id}:{deploy_token_id}' where the type can either be a group or project")
+	}
+
+	tokenType, typeID, id := s[0], s[1], s[2]
+
+	d.SetId(id)
+	switch tokenType {
+	case "project":
+		d.Set("project", typeID)
+	case "group":
+		d.Set("group", typeID)
+	default:
+		d.SetId("")
+		return nil, fmt.Errorf("Invalid Deploy Token import format; expected '{type}:{type_id}:{deploy_token_id}' where the type can either be a group or project")
+	}
+	return []*schema.ResourceData{d}, nil
+}

internal/provider/resource_gitlab_deploy_token_test.go

@@ -5,31 +5,49 @@ import (
 	"strconv"
 	"testing"
 
-	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
 	"github.com/xanzy/go-gitlab"
 )
 
 func TestAccGitlabDeployToken_basic(t *testing.T) {
-	var deployToken gitlab.DeployToken
-	rInt := acctest.RandInt()
+	testAccCheck(t)
+
+	var projectDeployToken gitlab.DeployToken
+	var groupDeployToken gitlab.DeployToken
+
+	testProject := testAccCreateProject(t)
+	testGroup := testAccCreateGroups(t, 1)[0]
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:          func() { testAccPreCheck(t) },
 		ProviderFactories: providerFactories,
 		CheckDestroy:      testAccCheckGitlabDeployTokenDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccGitlabDeployTokenConfig(rInt),
+				Config: testAccGitlabDeployTokenConfig(testProject.ID, testGroup.ID),
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckGitlabDeployTokenExists("gitlab_deploy_token.foo", &deployToken),
-					testAccCheckGitlabDeployTokenAttributes(&deployToken, &testAccCheckGitlabDeployTokenExpectedAttributes{
-						Name:     fmt.Sprintf("deployToken-%d", rInt),
-						Username: "my-username",
-					}),
+					testAccCheckGitlabDeployTokenExists("gitlab_deploy_token.project_token", &projectDeployToken),
+					resource.TestCheckResourceAttrSet("gitlab_deploy_token.project_token", "token"),
+					testAccCheckGitlabDeployTokenExists("gitlab_deploy_token.group_token", &groupDeployToken),
+					resource.TestCheckResourceAttrSet("gitlab_deploy_token.group_token", "token"),
 				),
 			},
+			// Verify import
+			{
+				ResourceName:            "gitlab_deploy_token.project_token",
+				ImportStateIdFunc:       getDeployTokenImportID("gitlab_deploy_token.project_token"),
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"token"},
+			},
+			{
+				ResourceName:            "gitlab_deploy_token.group_token",
+				ImportStateIdFunc:       getDeployTokenImportID("gitlab_deploy_token.group_token"),
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"token"},
+			},
 		},
 	})
 }
@@ -98,23 +116,27 @@ func testAccCheckGitlabDeployTokenExists(n string, deployToken *gitlab.DeployTok
 	}
 }
 
-type testAccCheckGitlabDeployTokenExpectedAttributes struct {
-	Name     string
-	Username string
-}
-
-func testAccCheckGitlabDeployTokenAttributes(deployToken *gitlab.DeployToken, want *testAccCheckGitlabDeployTokenExpectedAttributes) resource.TestCheckFunc {
-	return func(s *terraform.State) error {
-
-		if deployToken.Name != want.Name {
-			return fmt.Errorf("got name %q; want %q", deployToken.Name, want.Name)
+func getDeployTokenImportID(n string) resource.ImportStateIdFunc {
+	return func(s *terraform.State) (string, error) {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return "", fmt.Errorf("Not Found: %s", n)
 		}
 
-		if deployToken.Username != want.Username {
-			return fmt.Errorf("got username %q; want %q", deployToken.Username, want.Username)
+		deployTokenID := rs.Primary.ID
+		if deployTokenID == "" {
+			return "", fmt.Errorf("No deploy token ID is set")
+		}
+		projectID := rs.Primary.Attributes["project"]
+		if projectID != "" {
+			return fmt.Sprintf("project:%s:%s", projectID, deployTokenID), nil
+		}
+		groupID := rs.Primary.Attributes["group"]
+		if groupID != "" {
+			return fmt.Sprintf("group:%s:%s", groupID, deployTokenID), nil
 		}
 
-		return nil
+		return "", fmt.Errorf("No project or group ID is set")
 	}
 }
 
@@ -158,20 +180,27 @@ func testAccCheckGitlabDeployTokenDestroy(s *terraform.State) error {
 	return nil
 }
 
-func testAccGitlabDeployTokenConfig(rInt int) string {
+func testAccGitlabDeployTokenConfig(projectID int, groupID int) string {
 	return fmt.Sprintf(`
-resource "gitlab_project" "foo" {
-  name        = "foo-%d"
-  description = "Terraform acceptance test"
+resource "gitlab_deploy_token" "project_token" {
+  project  = "%d"
+  name     = "project-deploy-token"
+  username = "my-username"
 
-  # So that acceptance tests can be run in a gitlab organization
-  # with no billing
-  visibility_level = "public"
+  expires_at = "2021-03-14T07:20:50.000Z"
+
+  scopes = [
+	"read_registry",
+	"read_repository",
+	"read_package_registry",
+	"write_registry",
+	"write_package_registry",
+  ]
 }
 
-resource "gitlab_deploy_token" "foo" {
-  project  = "${gitlab_project.foo.id}"
-  name     = "deployToken-%d"
+resource "gitlab_deploy_token" "group_token" {
+  group  = "%d"
+  name     = "group-deploy-token"
   username = "my-username"
 
   expires_at = "2021-03-14T07:20:50.000Z"
@@ -184,7 +213,7 @@ resource "gitlab_deploy_token" "foo" {
 	"write_package_registry",
   ]
 }
-  `, rInt, rInt)
+  `, projectID, groupID)
 }
 
 func testAccGitlabDeployTokenPaginationConfig(numberOfTokens int, groupID int, projectID int) string {

internal/provider/resource_gitlab_group_ldap_link.go

@@ -13,7 +13,6 @@ import (
 )
 
 var _ = registerResource("gitlab_group_ldap_link", func() *schema.Resource {
-	// lintignore: XR002 // TODO: Resolve this tfproviderlint issue
 	return &schema.Resource{
 		Description: `The ` + "`gitlab_group_ldap_link`" + ` resource allows to manage the lifecycle of an LDAP integration with a group.
 

internal/provider/resource_gitlab_project_access_token.go

@@ -14,7 +14,6 @@ import (
 )
 
 var _ = registerResource("gitlab_project_access_token", func() *schema.Resource {
-	// lintignore: XR002 // TODO: Resolve this tfproviderlint issue
 	return &schema.Resource{
 		Description: `The ` + "`" + `gitlab_project_access_token` + "`" + ` resource allows to manage the lifecycle of a project access token.
 
@@ -23,6 +22,9 @@ var _ = registerResource("gitlab_project_access_token", func() *schema.Resource
 		CreateContext: resourceGitlabProjectAccessTokenCreate,
 		ReadContext:   resourceGitlabProjectAccessTokenRead,
 		DeleteContext: resourceGitlabProjectAccessTokenDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
 
 		Schema: map[string]*schema.Schema{
 			"project": {
@@ -63,7 +65,7 @@ var _ = registerResource("gitlab_project_access_token", func() *schema.Resource
 				ForceNew: true,
 			},
 			"token": {
-				Description: "The secret token. This is only populated when creating a new project access token.",
+				Description: "The secret token. **Note**: the token is not available for imported resources.",
 				Type:        schema.TypeString,
 				Computed:    true,
 				Sensitive:   true,