feat: add session_cookie_domain and session_cookie_path to ory_project_config#77
Open
feat: add session_cookie_domain and session_cookie_path to ory_project_config#77
Conversation
…t_config Add support for configuring session cookie domain and path in the ory_project_config resource. This enables sharing session cookies across subdomains (e.g., '.example.com') and restricting cookie paths. Closes #76
Contributor
There was a problem hiding this comment.
Pull request overview
Adds support in the Terraform ory_project_config resource for configuring Ory Kratos session cookie domain and path, enabling cross-subdomain session sharing and path scoping, with accompanying docs and acceptance coverage.
Changes:
- Add optional
session_cookie_domainandsession_cookie_pathattributes to theory_project_configresource schema/model and map them to the corresponding Kratos config JSON patch paths. - Extend project config read/refresh logic to track these attributes for drift detection when configured.
- Add acceptance test coverage plus documentation and example updates.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
internal/resources/projectconfig/resource.go |
Adds new schema/model fields and wires them into patch building + state refresh from API config. |
internal/resources/projectconfig/resource_test.go |
Adds an acceptance test covering create + update for the new session cookie attributes. |
internal/resources/projectconfig/testdata/session_cookie.tf.tmpl |
Acceptance test config template for initial create step. |
internal/resources/projectconfig/testdata/session_cookie_updated.tf.tmpl |
Acceptance test config template for update step. |
docs/resources/project_config.md |
Updates generated resource docs with new attributes and example usage. |
templates/resources/project_config.md.tmpl |
Updates the docs template to include the new session cookie settings in the category overview. |
examples/resources/ory_project_config/resource.tf |
Updates example configuration to demonstrate the new attributes. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds two new optional attributes to the
ory_project_configresource:session_cookie_domain— Sets the domain for session cookies, enabling cookie sharing across subdomains (e.g.,.example.com)session_cookie_path— Sets the path for session cookies (e.g.,/)These map to the Ory Kratos config at
/services/identity/config/session/cookie/domainand/services/identity/config/session/cookie/path.Related Issues
Fixes #76
Type of Change
Checklist
make test)make format)Testing
Describe how you tested these changes:
TestAccProjectConfigResource_sessionCookiewith create + update stepsScreenshots/Output
N/A — all changes are backend resource attributes with no UI component.