PLT-1493: Added data source support for permissions. (#545)

* PLT-1493: Added data source support for permissions. * revieable fix * completed
spectrocloud · Nov 19, 2024 · 4264c78 · 4264c78
1 parent d6c8c37
commit 4264c78
Show file tree

Hide file tree

Showing 9 changed files with 172 additions and 3 deletions.
diff --git a/docs/data-sources/permission.md b/docs/data-sources/permission.md
@@ -0,0 +1,40 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "spectrocloud_permission Data Source - terraform-provider-spectrocloud"
+subcategory: ""
+description: |-
+  
+---
+
+# spectrocloud_permission (Data Source)
+
+
+
+## Example Usage
+
+```terraform
+data "spectrocloud_permission" "app_permission" {
+  name = "App Profile"
+
+}
+
+output "permissions" {
+  value = data.spectrocloud_permission.app_permission.permissions
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) Name of the permissions. eg: `App Deployment`.
+
+### Optional
+
+- `scope` (String) Permission scope. Allowed permission levels are `project` or `tenant` or `resource` . Defaults to `project`.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `permissions` (Set of String) List of permissions associated with the permission name.
diff --git a/examples/data-sources/spectrocloud_permission/data-source.tf b/examples/data-sources/spectrocloud_permission/data-source.tf
@@ -0,0 +1,8 @@
+data "spectrocloud_permission" "app_permission" {
+  name = "App Profile"
+
+}
+
+output "permissions" {
+  value = data.spectrocloud_permission.app_permission.permissions
+}
diff --git a/examples/data-sources/spectrocloud_permission/providers.tf b/examples/data-sources/spectrocloud_permission/providers.tf
@@ -0,0 +1,28 @@
+terraform {
+  required_providers {
+    spectrocloud = {
+      version = ">= 0.1"
+      source  = "spectrocloud/spectrocloud"
+    }
+  }
+}
+
+variable "sc_host" {
+  description = "Spectro Cloud Endpoint"
+  default     = "api.spectrocloud.com"
+}
+
+variable "sc_api_key" {
+  description = "Spectro Cloud API key"
+}
+
+variable "sc_project_name" {
+  description = "Spectro Cloud Project (e.g: Default)"
+  default     = "Default"
+}
+
+provider "spectrocloud" {
+  host         = var.sc_host
+  api_key      = var.sc_api_key
+  project_name = var.sc_project_name
+}
diff --git a/examples/data-sources/spectrocloud_permission/terraform.template.tfvars b/examples/data-sources/spectrocloud_permission/terraform.template.tfvars
@@ -0,0 +1,4 @@
+# Spectro Cloud credentials
+sc_host         = "{Enter Spectro Cloud API Host}" #e.g: api.spectrocloud.com (for SaaS)
+sc_api_key      = "{Enter Spectro Cloud API Key}"
+sc_project_name = "{Enter Spectro Cloud Project Name}" #e.g: Default
diff --git a/examples/resources/spectrocloud_role/resource.tf b/examples/resources/spectrocloud_role/resource.tf
@@ -1,3 +1,4 @@
+// set permission with data source role
 variable "roles" {
   type    = list(string)
   default = ["Cluster Admin", "Cluster Profile Editor"]
@@ -13,4 +14,22 @@ resource "spectrocloud_role" "custom_role" {
   name        = "Test Cluster Role"
   type        = "project"
   permissions = flatten([for role in data.spectrocloud_role.roles : role.permissions])
+}
+
+// set permission with data source permission
+
+variable "perms" {
+  type    = list(string)
+  default = ["App Profile", "App Deployment"]
+}
+
+data "spectrocloud_permission" "app_permissions" {
+  for_each = toset(var.perms)
+  name     = each.key
+}
+
+resource "spectrocloud_role" "custom_role_permission" {
+  name        = "Test Cluster Role"
+  type        = "project"
+  permissions = flatten([for p in data.spectrocloud_permission.app_permissions : p.permissions])
 }
diff --git a/go.mod b/go.mod
@@ -12,7 +12,7 @@ require (
 	github.com/robfig/cron v1.2.0
 	github.com/spectrocloud/gomi v1.14.1-0.20240214074114-c19394812368
 	github.com/spectrocloud/hapi v1.14.1-0.20240214071352-81f589b1d86d
-	github.com/spectrocloud/palette-sdk-go v0.0.0-20241114040951-b4855be46579
+	github.com/spectrocloud/palette-sdk-go v0.0.0-20241118165324-009eeef47438
 	github.com/stretchr/testify v1.9.0
 	gotest.tools v2.2.0+incompatible
 	k8s.io/api v0.23.5

diff --git a/go.sum b/go.sum
@@ -600,8 +600,8 @@ github.com/spectrocloud/gomi v1.14.1-0.20240214074114-c19394812368 h1:eY0BOyEbGu
 github.com/spectrocloud/gomi v1.14.1-0.20240214074114-c19394812368/go.mod h1:LlZ9We4kDaELYi7Is0SVmnySuDhwphJLS6ZT4wXxFIk=
 github.com/spectrocloud/hapi v1.14.1-0.20240214071352-81f589b1d86d h1:OMRbHxMJ1a+G1BYzvUYuMM0wLkYJPdnEOFx16faQ/UY=
 github.com/spectrocloud/hapi v1.14.1-0.20240214071352-81f589b1d86d/go.mod h1:MktpRPnSXDTHsQrFSD+daJFQ1zMLSR+1gWOL31jVvWE=
-github.com/spectrocloud/palette-sdk-go v0.0.0-20241114040951-b4855be46579 h1:C8daKBQJbK2DfoIEaHYNXTXaoSNasqMSVnKnc4Q3WyI=
-github.com/spectrocloud/palette-sdk-go v0.0.0-20241114040951-b4855be46579/go.mod h1:dSlNvDS0qwUWTbrYI6P8x981mcbbRHFrBg67v5zl81U=
+github.com/spectrocloud/palette-sdk-go v0.0.0-20241118165324-009eeef47438 h1:TboPvQjtapjSclbQ9aviF9mrnrS0Xz9xLYfKxF/gdRY=
+github.com/spectrocloud/palette-sdk-go v0.0.0-20241118165324-009eeef47438/go.mod h1:dSlNvDS0qwUWTbrYI6P8x981mcbbRHFrBg67v5zl81U=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
 github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=

diff --git a/spectrocloud/data_source_permission.go b/spectrocloud/data_source_permission.go
@@ -0,0 +1,68 @@
+package spectrocloud
+
+import (
+	"context"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+	"github.com/spectrocloud/palette-sdk-go/client"
+	"strings"
+)
+
+func dataSourcePermission() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: dataSourcePermissionRead,
+
+		Schema: map[string]*schema.Schema{
+			"id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"scope": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				Default:      "project",
+				ValidateFunc: validation.StringInSlice([]string{"project", "tenant", "resource"}, false),
+				Description: "Permission scope. Allowed permission levels are `project` or `tenant` or `resource` . " +
+					"Defaults to `project`.",
+			},
+			"name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: "Name of the permissions. eg: `App Deployment`.",
+			},
+			"permissions": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Set:      schema.HashString,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Description: "List of permissions associated with the permission name. ",
+			},
+		},
+	}
+}
+
+func dataSourcePermissionRead(_ context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
+	c := getV1ClientWithResourceContext(m, "")
+	var diags diag.Diagnostics
+
+	scope := d.Get("scope").(string)
+	if v, ok := d.GetOk("name"); ok {
+		permission, err := c.GetPermissionByName(v.(string), client.PermissionScope(scope))
+		if err != nil {
+			return diag.FromErr(err)
+		}
+		if permission != nil && len(permission.Permissions) > 0 {
+			d.SetId(strings.Trim(permission.Name, " "))
+			if err := d.Set("name", permission.Name); err != nil {
+				return diag.FromErr(err)
+			}
+			if err := d.Set("permissions", permission.Permissions); err != nil {
+				return diag.FromErr(err)
+			}
+		}
+	}
+	return diags
+}
diff --git a/spectrocloud/provider.go b/spectrocloud/provider.go
@@ -144,6 +144,8 @@ func New(_ string) func() *schema.Provider {
 				"spectrocloud_role":      resourceRole(),
 			},
 			DataSourcesMap: map[string]*schema.Resource{
+				"spectrocloud_permission": dataSourcePermission(),
+
 				"spectrocloud_team": dataSourceTeam(),
 
 				"spectrocloud_user":    dataSourceUser(),