PLT-1455: Added support for role management via terrafrom

docs/data-sources/role.md

@@ -13,11 +13,19 @@ description: |-
 ## Example Usage
 
 ```terraform
-data "spectrocloud_role" "role1" {
-  name = "Project Editor"
+data "spectrocloud_role" "role" {
+  name = "Resource Cluster Admin"
 
   # (alternatively)
-  # id =  "5fd0ca727c411c71b55a359c"
+  # id =  "66fbea622947f81fb62294ac"
+}
+
+output "role_id" {
+  value = data.spectrocloud_role.role.id
+}
+
+output "role_permissions" {
+  value = data.spectrocloud_role.role.permissions
 }
 ```
 
@@ -31,3 +39,4 @@ data "spectrocloud_role" "role1" {
 ### Read-Only
 
 - `id` (String) The ID of this resource.
+- `permissions` (Set of String) List of permissions associated with the role.

docs/resources/role.md

@@ -0,0 +1,76 @@
+---
+page_title: "spectrocloud_role Resource - terraform-provider-spectrocloud"
+subcategory: ""
+description: |-
+  The role resource allows you to manage roles in Palette.
+---
+
+# spectrocloud_role (Resource)
+
+  The role resource allows you to manage roles in Palette.
+
+You can learn more about managing roles in Palette by reviewing the [Roles](https://docs.spectrocloud.com/glossary-all/#role) guide.
+
+## Example Usage
+
+```terraform
+variable "roles" {
+  type    = list(string)
+  default = ["Cluster Admin", "Cluster Profile Editor"]
+}
+
+# Data source loop to retrieve multiple roles
+data "spectrocloud_role" "roles" {
+  for_each = toset(var.roles)
+  name     = each.key
+}
+
+resource "spectrocloud_role" "custom_role" {
+  name        = "Test Cluster Role"
+  type        = "project"
+  permissions = flatten([for role in data.spectrocloud_role.roles : role.permissions])
+}
+```
+
+```
+### Importing existing role state & config
+
+```hcl
+# import existing user example
+  import {
+    to = spectrocloud_role.test_role
+    id = "{roleUID}"
+  }
+
+# To generate TF configuration.
+  terraform plan -generate-config-out=test_role.tf
+
+# To import State file
+  terraform import spectrocloud_role.test_role {roleUID}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) The name of the role.
+- `permissions` (Set of String) The permission's assigned to the role.
+
+### Optional
+
+- `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
+- `type` (String) The role type. Allowed values are `project` or `tenant` or `project`
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+
+<a id="nestedblock--timeouts"></a>
+### Nested Schema for `timeouts`
+
+Optional:
+
+- `create` (String)
+- `delete` (String)
+- `update` (String)

examples/data-sources/spectrocloud_role/data-source.tf

@@ -1,6 +1,14 @@
-data "spectrocloud_role" "role1" {
-  name = "Project Editor"
+data "spectrocloud_role" "role" {
+  name = "Resource Cluster Admin"
 
   # (alternatively)
-  # id =  "5fd0ca727c411c71b55a359c"
+  # id =  "66fbea622947f81fb62294ac"
 }
+
+output "role_id" {
+  value = data.spectrocloud_role.role.id
+}
+
+output "role_permissions" {
+  value = data.spectrocloud_role.role.permissions
+}

examples/resources/spectrocloud_role/providers.tf

@@ -0,0 +1,28 @@
+terraform {
+  required_providers {
+    spectrocloud = {
+      version = ">= 0.1"
+      source  = "spectrocloud/spectrocloud"
+    }
+  }
+}
+
+variable "sc_host" {
+  description = "Spectro Cloud Endpoint"
+  default     = "api.spectrocloud.com"
+}
+
+variable "sc_api_key" {
+  description = "Spectro Cloud API key"
+}
+
+variable "sc_project_name" {
+  description = "Spectro Cloud Project (e.g: Default)"
+  default     = "Default"
+}
+
+provider "spectrocloud" {
+  host         = var.sc_host
+  api_key      = var.sc_api_key
+  project_name = var.sc_project_name
+}

examples/resources/spectrocloud_role/resource.tf

@@ -0,0 +1,16 @@
+variable "roles" {
+  type    = list(string)
+  default = ["Cluster Admin", "Cluster Profile Editor"]
+}
+
+# Data source loop to retrieve multiple roles
+data "spectrocloud_role" "roles" {
+  for_each = toset(var.roles)
+  name     = each.key
+}
+
+resource "spectrocloud_role" "custom_role" {
+  name        = "Test Cluster Role"
+  type        = "project"
+  permissions = flatten([for role in data.spectrocloud_role.roles : role.permissions])
+}

examples/resources/spectrocloud_role/terraform.template.tfvars

@@ -0,0 +1,4 @@
+# Spectro Cloud credentials
+sc_host         = "{Enter Spectro Cloud API Host}" #e.g: api.spectrocloud.com (for SaaS)
+sc_api_key      = "{Enter Spectro Cloud API Key}"
+sc_project_name = "{Enter Spectro Cloud Project Name}" #e.g: Default

go.mod

@@ -12,7 +12,7 @@ require (
 	github.com/robfig/cron v1.2.0
 	github.com/spectrocloud/gomi v1.14.1-0.20240214074114-c19394812368
 	github.com/spectrocloud/hapi v1.14.1-0.20240214071352-81f589b1d86d
-	github.com/spectrocloud/palette-sdk-go v0.0.0-20241022161234-3782615736bb
+	github.com/spectrocloud/palette-sdk-go v0.0.0-20241114040951-b4855be46579
 	github.com/stretchr/testify v1.9.0
 	gotest.tools v2.2.0+incompatible
 	k8s.io/api v0.23.5

go.sum

@@ -600,8 +600,8 @@ github.com/spectrocloud/gomi v1.14.1-0.20240214074114-c19394812368 h1:eY0BOyEbGu
 github.com/spectrocloud/gomi v1.14.1-0.20240214074114-c19394812368/go.mod h1:LlZ9We4kDaELYi7Is0SVmnySuDhwphJLS6ZT4wXxFIk=
 github.com/spectrocloud/hapi v1.14.1-0.20240214071352-81f589b1d86d h1:OMRbHxMJ1a+G1BYzvUYuMM0wLkYJPdnEOFx16faQ/UY=
 github.com/spectrocloud/hapi v1.14.1-0.20240214071352-81f589b1d86d/go.mod h1:MktpRPnSXDTHsQrFSD+daJFQ1zMLSR+1gWOL31jVvWE=
-github.com/spectrocloud/palette-sdk-go v0.0.0-20241022161234-3782615736bb h1:LVeVFAMVdZRhtn1VY3DnDi32ts90r8/RXP5+1RZBZEA=
-github.com/spectrocloud/palette-sdk-go v0.0.0-20241022161234-3782615736bb/go.mod h1:dSlNvDS0qwUWTbrYI6P8x981mcbbRHFrBg67v5zl81U=
+github.com/spectrocloud/palette-sdk-go v0.0.0-20241114040951-b4855be46579 h1:C8daKBQJbK2DfoIEaHYNXTXaoSNasqMSVnKnc4Q3WyI=
+github.com/spectrocloud/palette-sdk-go v0.0.0-20241114040951-b4855be46579/go.mod h1:dSlNvDS0qwUWTbrYI6P8x981mcbbRHFrBg67v5zl81U=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
 github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=

spectrocloud/data_source_role.go

@@ -2,6 +2,7 @@ package spectrocloud
 
 import (
 	"context"
+	"github.com/spectrocloud/palette-sdk-go/api/models"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
@@ -23,22 +24,44 @@ func dataSourceRole() *schema.Resource {
 				Computed: true,
 				Optional: true,
 			},
+			"permissions": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Set:      schema.HashString,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Description: "List of permissions associated with the role. ",
+			},
 		},
 	}
 }
 
 func dataSourceRoleRead(_ context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
 	c := getV1ClientWithResourceContext(m, "")
 	var diags diag.Diagnostics
+	var role *models.V1Role
+	var err error
+	if i, ok := d.GetOk("id"); ok {
+		role, err = c.GetRoleByID(i.(string))
+		if err != nil {
+			return diag.FromErr(err)
+		}
+	}
 	if v, ok := d.GetOk("name"); ok {
-		role, err := c.GetRole(v.(string))
+		role, err = c.GetRole(v.(string))
 		if err != nil {
 			return diag.FromErr(err)
 		}
+	}
+	if role != nil {
 		d.SetId(role.Metadata.UID)
 		if err := d.Set("name", role.Metadata.Name); err != nil {
 			return diag.FromErr(err)
 		}
+		if err := d.Set("permissions", role.Spec.Permissions); err != nil {
+			return diag.FromErr(err)
+		}
 	}
 	return diags
 }

spectrocloud/provider.go

@@ -140,6 +140,7 @@ func New(_ string) func() *schema.Provider {
 				"spectrocloud_workspace": resourceWorkspace(),
 				"spectrocloud_alert":     resourceAlert(),
 				"spectrocloud_ssh_key":   resourceSSHKey(),
+				"spectrocloud_role":      resourceRole(),
 			},
 			DataSourcesMap: map[string]*schema.Resource{
 				"spectrocloud_user":    dataSourceUser(),