Update docs for v18.2.0 release

Author: gitlab-terraform-provider-bot

CHANGELOG.md

@@ -1,3 +1,23 @@
+## 18.2.0 (2025-07-17)
+
+### FEATURES (2 changes)
+
+- datasource/gitlab_project_access_tokens:  [Allows retrieving project access tokens](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/cb2c4c67125ed482d3ef5fda10dadb3d8827a913) by @ruben.aleman ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2575)) 
+- resource/gitlab_project_container_registry_protection:  [Allows managing container registry protections for a project](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/f5c576a7074339a4f507cde8e1d06173059c1112) by @hristiyan.ivanov ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2481)) 
+
+### IMPROVEMENTS (5 changes)
+
+- resource/gitlab_project:  [Added support for `ci_push_repository_for_job_token_allowed`](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/ff388fbb53cce1bf4fc117cab0847fa8badc5c73) by @danilobuerger ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2582)) 
+- resource/gitlab_group_hook:  [Add `emoji_events` support](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/14668982ad0ef42998ed991dc6a6eebf5f58b9de) by @lllkq546449541 ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2401)) 
+- resource/gitlab_project_protected_environment:  [Create new `deploy_access_levels_attribute` using an object list instead of nested blocks to enable easier operations with other resources. The existing `deploy_access_levels` is deprecated and will be removed in 19.0.](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/dc0a666da4563169f3022713c1c7e5cdce86c89f) by @heidi.berry ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2472))
+- resource/gitlab_group_service_account:  [Allow using custom emails with group service accounts](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/d7ded4f95405819a64ba23095e1cfb97e08182d9) by @heidi.berry ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2566))
+- resource/gitlab_branch_protection:  [Add `admin` push access level support](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/17d5d6e00e6608b423d57fb1436d86a67ad4fdae) by @netflash ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2558))
+
+### BUG FIXES (2 change)
+
+- resource/gitlab_project_label:  [Fixed a bug that caused a plan operation when a named color was used instead of a hex](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/1a3936f31ef889f3dfc373388ba785240708a748) by @heidi.berry ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2571)) 
+- access token resources:  [Fixed a bug where using an `unknown` value for `scopes` caused an error](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/5b626dc61ac5f7c60509d109f49d4146ad4b4aa4) by @PatrickRice ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2556)) 
+
 ## 18.1.1 (2025-06-20)
 
 ### BUG FIXES (1 change)

docs/data-sources/application.md

@@ -17,7 +17,7 @@ The `gitlab_application` data source retrieves information about a gitlab applic
 
 ```terraform
 data "gitlab_application" "oidc" {
-  application_id = 1
+  id = 1
 }
 ```
 

docs/data-sources/group_hook.md

@@ -40,6 +40,7 @@ data "gitlab_group_hook" "example" {
 - `confidential_note_events` (Boolean) Invoke the hook for confidential notes events.
 - `custom_webhook_template` (String) Set a custom webhook template.
 - `deployment_events` (Boolean) Invoke the hook for deployment events.
+- `emoji_events` (Boolean) Invoke the hook for emoji events.
 - `enable_ssl_verification` (Boolean) Enable ssl verification when invoking the hook.
 - `group_id` (Number) The id of the group for the hook.
 - `id` (String) The ID of this resource.

docs/data-sources/group_hooks.md

@@ -46,6 +46,7 @@ Read-Only:
 - `confidential_note_events` (Boolean)
 - `custom_webhook_template` (String)
 - `deployment_events` (Boolean)
+- `emoji_events` (Boolean)
 - `enable_ssl_verification` (Boolean)
 - `group` (String)
 - `group_id` (Number)

docs/data-sources/group_ids.md

@@ -17,7 +17,9 @@ The `gitlab_group_ids` data source identification information for a given group,
 
 ```terraform
 resource "gitlab_group" "new_group" {
-  // include required attributes
+  name        = "example-group"
+  path        = "example-path"
+  description = "This is an example group"
 }
 
 // use group IDs to get additional information, such as the GraphQL ID

docs/data-sources/project_access_tokens.md

@@ -0,0 +1,154 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "gitlab_project_access_tokens Data Source - terraform-provider-gitlab"
+subcategory: ""
+description: |-
+  The gitlab_project_access_tokens data source allows to retrieve all project access tokens for a given project.
+  Upstream API: GitLab REST API docs https://docs.gitlab.com/api/project_access_tokens/
+---
+
+# gitlab_project_access_tokens (Data Source)
+
+The `gitlab_project_access_tokens` data source allows to retrieve all project access tokens for a given project.
+
+**Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/api/project_access_tokens/)
+
+## Example Usage
+
+```terraform
+# Basic example: Retrieve all project access tokens
+data "gitlab_project_access_tokens" "all_tokens" {
+  project = "my/example/project"
+}
+
+# Example with state filtering: Only retrieve active tokens
+data "gitlab_project_access_tokens" "active_tokens" {
+  project = "my/example/project"
+  state   = "active"
+}
+
+# Example with state filtering: Only retrieve inactive tokens
+data "gitlab_project_access_tokens" "inactive_tokens" {
+  project = "my/example/project"
+  state   = "inactive"
+}
+
+# Output examples showing different ways to work with the data
+
+# Get the total count of tokens
+output "token_count" {
+  description = "Total number of project access tokens"
+  value       = length(data.gitlab_project_access_tokens.all_tokens.access_tokens)
+}
+
+# Get only the names of active tokens
+output "active_token_names" {
+  description = "Names of active project access tokens"
+  value       = [for token in data.gitlab_project_access_tokens.active_tokens.access_tokens : token.name]
+}
+
+# Get detailed information about each token
+output "token_details" {
+  description = "Detailed information about each access token"
+  value = [
+    for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : {
+      id           = token.id
+      name         = token.name
+      description  = token.description
+      scopes       = token.scopes
+      active       = token.active
+      revoked      = token.revoked
+      created_at   = token.created_at
+      expires_at   = token.expires_at
+      access_level = token.access_level
+      user_id      = token.user_id
+      last_used_at = token.last_used_at
+    }
+  ]
+}
+
+# Filter tokens programmatically to get only active and non-revoked tokens
+output "active_non_revoked_tokens" {
+  description = "Only active and non-revoked tokens"
+  value = [
+    for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token
+    if token.active && !token.revoked
+  ]
+}
+
+# Get tokens that expire within the next 30 days
+output "expiring_soon_tokens" {
+  description = "Tokens that expire within the next 30 days"
+  value = [
+    for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token
+    if token.expires_at != "" && can(parseint(split("T", token.expires_at)[0], 10)) &&
+    timeadd(timestamp(), "30d") > timeparse("2006-01-02", split("T", token.expires_at)[0])
+  ]
+}
+
+# Get tokens with specific scopes
+output "api_tokens" {
+  description = "Tokens that have API scope"
+  value = [
+    for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token
+    if contains(token.scopes, "api")
+  ]
+}
+
+# Get tokens by access level
+output "maintainer_tokens" {
+  description = "Tokens with maintainer access level"
+  value = [
+    for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token
+    if token.access_level == "maintainer"
+  ]
+}
+
+# Get a summary of token statistics
+output "token_statistics" {
+  description = "Summary statistics of project access tokens"
+  value = {
+    total_tokens   = length(data.gitlab_project_access_tokens.all_tokens.access_tokens)
+    active_tokens  = length([for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token if token.active])
+    revoked_tokens = length([for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token if token.revoked])
+    expired_tokens = length([for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token if token.expires_at != "" && can(parseint(split("T", token.expires_at)[0], 10)) && timeadd(timestamp(), "0d") > timeparse("2006-01-02", split("T", token.expires_at)[0])])
+    tokens_by_level = {
+      for level in distinct([for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token.access_level]) : level => length([for token in data.gitlab_project_access_tokens.all_tokens.access_tokens : token if token.access_level == level])
+    }
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `project` (String) The name or id of the project.
+
+### Optional
+
+- `state` (String) List all project access token that match the specified state. Valid values are `active`, `inactive`. Returns all project access token if not set.
+
+### Read-Only
+
+- `access_tokens` (List of Object) The list of access tokens returned by the search (see [below for nested schema](#nestedatt--access_tokens))
+- `id` (String) The ID of this Terraform resource.
+
+<a id="nestedatt--access_tokens"></a>
+### Nested Schema for `access_tokens`
+
+Read-Only:
+
+- `access_level` (String)
+- `active` (Boolean)
+- `created_at` (String)
+- `description` (String)
+- `expires_at` (String)
+- `id` (String)
+- `last_used_at` (String)
+- `name` (String)
+- `project` (String)
+- `revoked` (Boolean)
+- `scopes` (Set of String)
+- `user_id` (Number)

docs/data-sources/project_ids.md

@@ -17,7 +17,7 @@ The `gitlab_project_ids` data source identification information for a given proj
 
 ```terraform
 resource "gitlab_project" "new_project" {
-  // include required attributes
+  name = "project"
 }
 
 // use project IDs to get additional information, such as the GraphQL ID

docs/data-sources/project_protected_branch.md

@@ -56,7 +56,7 @@ Optional:
 
 Read-Only:
 
-- `access_level` (String) Access levels allowed to merge to protected branch. Valid values are: `no one`, `developer`, `maintainer`.
+- `access_level` (String) Access levels allowed to merge to protected branch. Valid values are: `no one`, `developer`, `maintainer`, `admin`.
 - `access_level_description` (String) Readable description of access level.
 
 
@@ -71,5 +71,5 @@ Optional:
 
 Read-Only:
 
-- `access_level` (String) Access levels allowed to push to protected branch. Valid values are: `no one`, `developer`, `maintainer`.
+- `access_level` (String) Access levels allowed to push to protected branch. Valid values are: `no one`, `developer`, `maintainer`, `admin`.
 - `access_level_description` (String) Readable description of access level.

docs/data-sources/project_protected_branches.md

@@ -65,7 +65,7 @@ Optional:
 
 Read-Only:
 
-- `access_level` (String) Access levels allowed to merge to protected branch. Valid values are: `no one`, `developer`, `maintainer`.
+- `access_level` (String) Access levels allowed to merge to protected branch. Valid values are: `no one`, `developer`, `maintainer`, `admin`.
 - `access_level_description` (String) Readable description of access level.
 
 
@@ -80,5 +80,5 @@ Optional:
 
 Read-Only:
 
-- `access_level` (String) Access levels allowed to push to protected branch. Valid values are: `no one`, `developer`, `maintainer`.
+- `access_level` (String) Access levels allowed to push to protected branch. Valid values are: `no one`, `developer`, `maintainer`, `admin`.
 - `access_level_description` (String) Readable description of access level.

docs/resources/branch_protection.md

@@ -77,6 +77,15 @@ resource "gitlab_branch_protection" "main" {
     }
   }
 }
+
+# Example with admin push access level
+resource "gitlab_branch_protection" "admin_push" {
+  project                = "12345"
+  branch                 = "admin-protected"
+  push_access_level      = "admin"
+  merge_access_level     = "maintainer"
+  unprotect_access_level = "maintainer"
+}
 ```
 
 <!-- schema generated by tfplugindocs -->
@@ -94,8 +103,8 @@ resource "gitlab_branch_protection" "main" {
 - `allowed_to_push` (Block Set) Array of access levels and user(s)/group(s) allowed to push to protected branch. (see [below for nested schema](#nestedblock--allowed_to_push))
 - `allowed_to_unprotect` (Block Set) Array of access levels and user(s)/group(s) allowed to unprotect push to protected branch. (see [below for nested schema](#nestedblock--allowed_to_unprotect))
 - `code_owner_approval_required` (Boolean) Can be set to true to require code owner approval before merging. Only available for Premium and Ultimate instances.
-- `merge_access_level` (String) Access levels allowed to merge. Valid values are: `no one`, `developer`, `maintainer`.
-- `push_access_level` (String) Access levels allowed to push. Valid values are: `no one`, `developer`, `maintainer`.
+- `merge_access_level` (String) Access levels allowed to merge. Valid values are: `no one`, `developer`, `maintainer`, `admin`.
+- `push_access_level` (String) Access levels allowed to push. Valid values are: `no one`, `developer`, `maintainer`, `admin`.
 - `unprotect_access_level` (String) Access levels allowed to unprotect. Valid values are: `developer`, `maintainer`, `admin`.
 
 ### Read-Only
@@ -113,7 +122,7 @@ Optional:
 
 Read-Only:
 
-- `access_level` (String) Access levels allowed to merge to protected branch. Valid values are: `no one`, `developer`, `maintainer`.
+- `access_level` (String) Access levels allowed to merge to protected branch. Valid values are: `no one`, `developer`, `maintainer`, `admin`.
 - `access_level_description` (String) Readable description of access level.
 
 
@@ -128,7 +137,7 @@ Optional:
 
 Read-Only:
 
-- `access_level` (String) Access levels allowed to push to protected branch. Valid values are: `no one`, `developer`, `maintainer`.
+- `access_level` (String) Access levels allowed to push to protected branch. Valid values are: `no one`, `developer`, `maintainer`, `admin`.
 - `access_level_description` (String) Readable description of access level.