Add doppler_secrets_sync_github_actions resource

DopplerHQ · Mar 14, 2024 · 9410016 · 9410016
1 parent 4aaa818
commit 9410016
Show file tree

Hide file tree

Showing 3 changed files with 131 additions and 8 deletions.
diff --git a/docs/resources/secrets_sync_github_actions.md b/docs/resources/secrets_sync_github_actions.md
@@ -0,0 +1,67 @@
+---
+page_title: "doppler_secrets_sync_github_actions Resource - terraform-provider-doppler"
+subcategory: ""
+description: |-
+	Manage a GitHub Actions Doppler sync.
+---
+
+# doppler_secrets_sync_github_actions (Resource)
+
+Manage a GitHub Actions Doppler sync.
+
+## Example Usage
+
+```terraform
+resource "doppler_secrets_sync_github_actions" "backend_prod" {
+  integration = "bae40485-eca7-478b-abd8-34100c82c679"
+  project     = "backend"
+  config      = "prd"
+
+  sync_target = "repo"
+  repo_name   = "backend"
+}
+```
+
+```terraform
+resource "doppler_secrets_sync_github_actions" "backend_prod" {
+  integration = "bae40485-eca7-478b-abd8-34100c82c679"
+  project     = "backend"
+  config      = "prd"
+
+  sync_target      = "repo"
+  repo_name        = "backend"
+  environment_name = "production"
+}
+```
+
+```terraform
+resource "doppler_secrets_sync_github_actions" "backend_prod" {
+  integration = "bae40485-eca7-478b-abd8-34100c82c679"
+  project     = "backend"
+  config      = "prd"
+
+  sync_target = "org"
+  org_scope   = "private"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+
+## Schema
+
+### Required
+
+- `config` (String) The name of the Doppler config
+- `integration` (String) The slug of the integration to use for this sync
+- `project` (String) The name of the Doppler project
+- `sync_target` (String) Either "repo" or "org", based on the resource type to sync to
+
+### Optional
+
+- `environment_name` (String) The GitHub repo environment name to sync to
+- `org_scope` (String) Either "all" or "private", based on the which repos you want to have access (only usable when `sync_target` is set to "repo")
+- `repo_name` (String) The GitHub repo name to sync to
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
diff --git a/doppler/provider.go b/doppler/provider.go
@@ -54,6 +54,10 @@ func Provider() *schema.Provider {
 
 			"doppler_integration_terraform_cloud":  resourceIntegrationTerraformCloud(),
 			"doppler_secrets_sync_terraform_cloud": resourceSyncTerraformCloud(),
+
+			// creating integrations is not currently supported for GitHub Actions
+			// "doppler_integration_github_actions":  resourceIntegrationGitHubActions(),
+			"doppler_secrets_sync_github_actions": resourceSyncGitHubActions(),
 		},
 		DataSourcesMap: map[string]*schema.Resource{
 			"doppler_secrets": dataSourceSecrets(),

diff --git a/doppler/resource_sync_types.go b/doppler/resource_sync_types.go
@@ -84,27 +84,79 @@ func resourceSyncAWSParameterStore() *schema.Resource {
 	return builder.Build()
 }
 
-func resourceSyncTerraformCloud() *schema.Resource {
+func resourceSyncGitHubActions() *schema.Resource {
 	builder := ResourceSyncBuilder{
 		DataSchema: map[string]*schema.Schema{
 			"sync_target": {
-				Description: "Either \"workspace\" or \"variableSet\", based on the resource type to sync to",
+				Description: "Either \"repo\" or \"org\", based on the resource type to sync to",
 				Type:        schema.TypeString,
 				Required:    true,
 				ForceNew:    true,
 			},
-			"workspace_id": {
-				Description: "The Terraform Cloud workspace ID to sync to",
+			"repo_name": {
+				Description:  "The GitHub repo name to sync to",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ForceNew:     true,
+				ExactlyOneOf: []string{"repo_name", "org_scope"},
+			},
+			"org_scope": {
+				Description:  "Either \"all\" or \"private\", based on the which repos you want to have access (only used when `sync_target` is set to \"org\")",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ForceNew:     true,
+				ExactlyOneOf: []string{"repo_name", "org_scope"},
+			},
+			"environment_name": {
+				Description: "The GitHub repo environment name to sync to",
 				Type:        schema.TypeString,
 				Optional:    true,
 				ForceNew:    true,
-				ExactlyOneOf: []string{"workspace_id", "variable_set_id"},
 			},
-			"variable_set_id": {
-				Description: "The Terraform Cloud variable set ID to sync to",
+		},
+		DataBuilder: func(d *schema.ResourceData) IntegrationData {
+			payload := map[string]interface{}{
+				"sync_target": d.Get("sync_target"),
+			}
+			repo_name := d.Get("repo_name")
+			if repo_name != "" {
+				payload["repo_name"] = repo_name
+			}
+			org_scope := d.Get("org_scope")
+			if org_scope != "" {
+				payload["org_scope"] = org_scope
+			}
+			environment_name := d.Get("environment_name")
+			if environment_name != "" {
+				payload["environment_name"] = environment_name
+			}
+			return payload
+		},
+	}
+	return builder.Build()
+}
+
+func resourceSyncTerraformCloud() *schema.Resource {
+	builder := ResourceSyncBuilder{
+		DataSchema: map[string]*schema.Schema{
+			"sync_target": {
+				Description: "Either \"workspace\" or \"variableSet\", based on the resource type to sync to",
 				Type:        schema.TypeString,
-				Optional:    true,
+				Required:    true,
 				ForceNew:    true,
+			},
+			"workspace_id": {
+				Description:  "The Terraform Cloud workspace ID to sync to",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ForceNew:     true,
+				ExactlyOneOf: []string{"workspace_id", "variable_set_id"},
+			},
+			"variable_set_id": {
+				Description:  "The Terraform Cloud variable set ID to sync to",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ForceNew:     true,
 				ExactlyOneOf: []string{"workspace_id", "variable_set_id"},
 			},
 			"variable_sync_type": {