resource/gitlab_project_access_token: Add importer

timofurrer · timofurrer · commit f717f4b5fdb2 · 2022-03-15T09:03:11.000+01:00
Refs: #36
diff --git a/docs/resources/project_access_token.md b/docs/resources/project_access_token.md
@@ -50,7 +50,16 @@ resource "gitlab_project_variable" "example" {
 - **active** (Boolean) True if the token is active.
 - **created_at** (String) Time the token has been created, RFC3339 format.
 - **revoked** (Boolean) True if the token is revoked.
-- **token** (String, Sensitive) The secret token. This is only populated when creating a new project access token.
+- **token** (String, Sensitive) The secret token. **Note**: the token is not available for imported resources.
 - **user_id** (Number) The user_id associated to the token.
 
+## Import
 
+Import is supported using the following syntax:
+
+```shell
+# A GitLab Project Access Token can be imported using a key composed of `<project-id>:<token-id>`, e.g.
+terraform import gitlab_project_access_token.example "12345:1"
+
+# NOTE: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.
+```
diff --git a/examples/resources/gitlab_project_access_token/import.sh b/examples/resources/gitlab_project_access_token/import.sh
@@ -0,0 +1,4 @@
+# A GitLab Project Access Token can be imported using a key composed of `<project-id>:<token-id>`, e.g.
+terraform import gitlab_project_access_token.example "12345:1"
+
+# NOTE: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.
diff --git a/internal/provider/resource_gitlab_project_access_token.go b/internal/provider/resource_gitlab_project_access_token.go
@@ -14,7 +14,6 @@ import (
 )
 
 var _ = registerResource("gitlab_project_access_token", func() *schema.Resource {
-	// lintignore: XR002 // TODO: Resolve this tfproviderlint issue
 	return &schema.Resource{
 		Description: `The ` + "`" + `gitlab_project_access_token` + "`" + ` resource allows to manage the lifecycle of a project access token.
 
@@ -23,6 +22,9 @@ var _ = registerResource("gitlab_project_access_token", func() *schema.Resource
 		CreateContext: resourceGitlabProjectAccessTokenCreate,
 		ReadContext:   resourceGitlabProjectAccessTokenRead,
 		DeleteContext: resourceGitlabProjectAccessTokenDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
 
 		Schema: map[string]*schema.Schema{
 			"project": {
@@ -63,7 +65,7 @@ var _ = registerResource("gitlab_project_access_token", func() *schema.Resource
 				ForceNew: true,
 			},
 			"token": {
-				Description: "The secret token. This is only populated when creating a new project access token.",
+				Description: "The secret token. **Note**: the token is not available for imported resources.",
 				Type:        schema.TypeString,
 				Computed:    true,
 				Sensitive:   true,
diff --git a/internal/provider/resource_gitlab_project_access_token_test.go b/internal/provider/resource_gitlab_project_access_token_test.go
@@ -73,6 +73,16 @@ func TestAccGitlabProjectAccessToken_basic(t *testing.T) {
 					}),
 				),
 			},
+			// Verify import
+			{
+				ResourceName:      "gitlab_project_access_token.bar",
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					// the token is only known during creating. We explicitly mention this limitation in the docs.
+					"token",
+				},
+			},
 			//Destroy Project Access Token
 			{
 				Config: testAccGitlabProjectAccessTokenDestroyToken(rInt),
