Merge pull request #291 from grafana/julienduchesne/data-user

Add new datasource: `grafana_user`

Author: julienduchesne

GNUmakefile

@@ -14,15 +14,15 @@ testacc-docker:
 		docker-compose \
 		-f ./docker-compose.yml \
 		run --rm grafana-provider \
-		make testacc
+		make testacc TESTARGS="$(TESTARGS)"
 
 testacc-docker-tls:
 	GRAFANA_VERSION=$(GRAFANA_VERSION) \
 		docker-compose \
 		-f ./docker-compose.yml \
 		-f ./docker-compose.tls.yml \
 		run --rm grafana-provider \
-		make testacc
+		make testacc TESTARGS="$(TESTARGS)"
 
 changelog:
 	@test $${RELEASE_VERSION?Please set environment variable RELEASE_VERSION}

docs/data-sources/user.md

@@ -0,0 +1,58 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "grafana_user Data Source - terraform-provider-grafana"
+subcategory: ""
+description: |-
+  Official documentation https://grafana.com/docs/grafana/latest/manage-users/server-admin/server-admin-manage-users/HTTP API https://grafana.com/docs/grafana/latest/http_api/user/
+  This resource uses Grafana's admin APIs for creating and updating users which
+  does not currently work with API Tokens. You must use basic auth.
+---
+
+# grafana_user (Data Source)
+
+* [Official documentation](https://grafana.com/docs/grafana/latest/manage-users/server-admin/server-admin-manage-users/)
+* [HTTP API](https://grafana.com/docs/grafana/latest/http_api/user/)
+
+This resource uses Grafana's admin APIs for creating and updating users which
+does not currently work with API Tokens. You must use basic auth.
+
+## Example Usage
+
+```terraform
+resource "grafana_user" "test" {
+  email    = "[email protected]"
+  name     = "Testing Datasource"
+  login    = "test-datasource"
+  password = "my-password"
+  is_admin = true
+}
+
+data "grafana_user" "from_id" {
+  user_id = grafana_user.test.user_id
+}
+
+data "grafana_user" "from_email" {
+  email = grafana_user.test.email
+}
+
+data "grafana_user" "from_login" {
+  login = grafana_user.test.login
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Optional
+
+- **email** (String) The email address of the Grafana user. Defaults to ``.
+- **id** (String) The ID of this resource.
+- **login** (String) The username for the Grafana user. Defaults to ``.
+- **user_id** (Number) The numerical ID of the Grafana user. Defaults to `-1`.
+
+### Read-Only
+
+- **is_admin** (Boolean) Whether the user is an admin.
+- **name** (String) The display name for the Grafana user.
+
+

docs/index.md

@@ -32,6 +32,7 @@ provider "grafana" {
 - **ca_cert** (String) Certificate CA bundle to use to verify the Grafana server's certificate. May alternatively be set via the `GRAFANA_CA_CERT` environment variable.
 - **insecure_skip_verify** (Boolean) Skip TLS certificate verification. May alternatively be set via the `GRAFANA_INSECURE_SKIP_VERIFY` environment variable.
 - **org_id** (Number) The organization id to operate on within grafana. May alternatively be set via the `GRAFANA_ORG_ID` environment variable.
+- **retries** (Number) The amount of retries to use for Grafana API calls. May alternatively be set via the `GRAFANA_RETRIES` environment variable.
 - **sm_access_token** (String, Sensitive) A Synthetic Monitoring access token. May alternatively be set via the `GRAFANA_SM_ACCESS_TOKEN` environment variable.
 - **sm_url** (String) Synthetic monitoring backend address. May alternatively be set via the `GRAFANA_SM_URL` environment variable.
 - **tls_cert** (String) Client TLS certificate file to use to authenticate to the Grafana server. May alternatively be set via the `GRAFANA_TLS_CERT` environment variable.

docs/resources/user.md

@@ -43,6 +43,10 @@ resource "grafana_user" "staff" {
 - **login** (String) The username for the Grafana user.
 - **name** (String) The display name for the Grafana user.
 
+### Read-Only
+
+- **user_id** (Number) The numerical ID of the Grafana user.
+
 ## Import
 
 Import is supported using the following syntax:

examples/data-sources/grafana_user/data-source.tf

@@ -0,0 +1,19 @@
+resource "grafana_user" "test" {
+  email    = "[email protected]"
+  name     = "Testing Datasource"
+  login    = "test-datasource"
+  password = "my-password"
+  is_admin = true
+}
+
+data "grafana_user" "from_id" {
+  user_id = grafana_user.test.user_id
+}
+
+data "grafana_user" "from_email" {
+  email = grafana_user.test.email
+}
+
+data "grafana_user" "from_login" {
+  login = grafana_user.test.login
+}

grafana/data_source_user.go

@@ -0,0 +1,81 @@
+package grafana
+
+import (
+	"context"
+	"fmt"
+
+	gapi "github.com/grafana/grafana-api-golang-client"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func DatasourceUser() *schema.Resource {
+	return &schema.Resource{
+		Description: `
+* [Official documentation](https://grafana.com/docs/grafana/latest/manage-users/server-admin/server-admin-manage-users/)
+* [HTTP API](https://grafana.com/docs/grafana/latest/http_api/user/)
+
+This resource uses Grafana's admin APIs for creating and updating users which
+does not currently work with API Tokens. You must use basic auth.
+`,
+		ReadContext: dataSourceUserRead,
+		Schema: map[string]*schema.Schema{
+			"user_id": {
+				Type:        schema.TypeInt,
+				Optional:    true,
+				Default:     -1,
+				Description: "The numerical ID of the Grafana user.",
+			},
+			"email": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "",
+				Description: "The email address of the Grafana user.",
+			},
+			"login": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "",
+				Description: "The username for the Grafana user.",
+			},
+			"name": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The display name for the Grafana user.",
+			},
+			"is_admin": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Whether the user is an admin.",
+			},
+		},
+	}
+}
+
+func dataSourceUserRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*client).gapi
+
+	var user gapi.User
+	var err error
+	if id := d.Get("user_id").(int); id >= 0 {
+		user, err = client.User(int64(id))
+	} else if email := d.Get("email").(string); email != "" {
+		user, err = client.UserByEmail(email)
+	} else if login := d.Get("login").(string); login != "" {
+		user, err = client.UserByEmail(login)
+	} else {
+		err = fmt.Errorf("must specify one of user_id, email, or login")
+	}
+
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	d.SetId(fmt.Sprintf("%d", user.ID))
+	d.Set("email", user.Email)
+	d.Set("name", user.Name)
+	d.Set("login", user.Login)
+	d.Set("is_admin", user.IsAdmin)
+
+	return nil
+}

grafana/data_source_user_test.go

@@ -0,0 +1,43 @@
+package grafana
+
+import (
+	"testing"
+
+	gapi "github.com/grafana/grafana-api-golang-client"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccDatasourceUser(t *testing.T) {
+	var user gapi.User
+	checks := []resource.TestCheckFunc{
+		testAccUserCheckExists("grafana_user.test", &user),
+	}
+	for _, rName := range []string{"from_email", "from_login", "from_id"} {
+		checks = append(checks,
+			resource.TestCheckResourceAttr(
+				"data.grafana_user."+rName, "email", "[email protected]",
+			),
+			resource.TestCheckResourceAttr(
+				"data.grafana_user."+rName, "name", "Testing Datasource",
+			),
+			resource.TestCheckResourceAttr(
+				"data.grafana_user."+rName, "login", "test-datasource",
+			),
+			resource.TestCheckResourceAttr(
+				"data.grafana_user."+rName, "is_admin", "true",
+			),
+		)
+	}
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccUserCheckDestroy(&user),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccExample(t, "data-sources/grafana_user/data-source.tf"),
+				Check:  resource.ComposeTestCheckFunc(checks...),
+			},
+		},
+	})
+}

grafana/provider.go

@@ -98,7 +98,6 @@ func Provider(version string) func() *schema.Provider {
 			},
 
 			ResourcesMap: map[string]*schema.Resource{
-
 				// Grafana
 				"grafana_alert_notification":      ResourceAlertNotification(),
 				"grafana_builtin_role_assignment": ResourceBuiltInRoleAssignment(),
@@ -120,6 +119,8 @@ func Provider(version string) func() *schema.Provider {
 			},
 
 			DataSourcesMap: map[string]*schema.Resource{
+				// Grafana
+				"grafana_user": DatasourceUser(),
 
 				// Synthetic Monitoring
 				"grafana_synthetic_monitoring_probe":  dataSourceSyntheticMonitoringProbe(),

grafana/resource_user.go

@@ -29,6 +29,11 @@ does not currently work with API Tokens. You must use basic auth.
 			StateContext: schema.ImportStatePassthroughContext,
 		},
 		Schema: map[string]*schema.Schema{
+			"user_id": {
+				Type:        schema.TypeInt,
+				Computed:    true,
+				Description: "The numerical ID of the Grafana user.",
+			},
 			"email": {
 				Type:        schema.TypeString,
 				Required:    true,
@@ -92,6 +97,7 @@ func ReadUser(ctx context.Context, d *schema.ResourceData, meta interface{}) dia
 	if err != nil {
 		return diag.FromErr(err)
 	}
+	d.Set("user_id", user.ID)
 	d.Set("email", user.Email)
 	d.Set("name", user.Name)
 	d.Set("login", user.Login)