From 9410016732f52c07d8d6cd4ff9685375bd90d307 Mon Sep 17 00:00:00 2001 From: Joel Watson Date: Thu, 14 Mar 2024 16:52:20 -0500 Subject: [PATCH] Add doppler_secrets_sync_github_actions resource --- docs/resources/secrets_sync_github_actions.md | 67 ++++++++++++++++++ doppler/provider.go | 4 ++ doppler/resource_sync_types.go | 68 ++++++++++++++++--- 3 files changed, 131 insertions(+), 8 deletions(-) create mode 100644 docs/resources/secrets_sync_github_actions.md diff --git a/docs/resources/secrets_sync_github_actions.md b/docs/resources/secrets_sync_github_actions.md new file mode 100644 index 0000000..66b0b76 --- /dev/null +++ b/docs/resources/secrets_sync_github_actions.md @@ -0,0 +1,67 @@ +--- +page_title: "doppler_secrets_sync_github_actions Resource - terraform-provider-doppler" +subcategory: "" +description: |- + Manage a GitHub Actions Doppler sync. +--- + +# doppler_secrets_sync_github_actions (Resource) + +Manage a GitHub Actions Doppler sync. + +## Example Usage + +```terraform +resource "doppler_secrets_sync_github_actions" "backend_prod" { + integration = "bae40485-eca7-478b-abd8-34100c82c679" + project = "backend" + config = "prd" + + sync_target = "repo" + repo_name = "backend" +} +``` + +```terraform +resource "doppler_secrets_sync_github_actions" "backend_prod" { + integration = "bae40485-eca7-478b-abd8-34100c82c679" + project = "backend" + config = "prd" + + sync_target = "repo" + repo_name = "backend" + environment_name = "production" +} +``` + +```terraform +resource "doppler_secrets_sync_github_actions" "backend_prod" { + integration = "bae40485-eca7-478b-abd8-34100c82c679" + project = "backend" + config = "prd" + + sync_target = "org" + org_scope = "private" +} +``` + + + +## Schema + +### Required + +- `config` (String) The name of the Doppler config +- `integration` (String) The slug of the integration to use for this sync +- `project` (String) The name of the Doppler project +- `sync_target` (String) Either "repo" or "org", based on the resource type to sync to + +### Optional + +- `environment_name` (String) The GitHub repo environment name to sync to +- `org_scope` (String) Either "all" or "private", based on the which repos you want to have access (only usable when `sync_target` is set to "repo") +- `repo_name` (String) The GitHub repo name to sync to + +### Read-Only + +- `id` (String) The ID of this resource. diff --git a/doppler/provider.go b/doppler/provider.go index 9cdfd65..6a09518 100644 --- a/doppler/provider.go +++ b/doppler/provider.go @@ -54,6 +54,10 @@ func Provider() *schema.Provider { "doppler_integration_terraform_cloud": resourceIntegrationTerraformCloud(), "doppler_secrets_sync_terraform_cloud": resourceSyncTerraformCloud(), + + // creating integrations is not currently supported for GitHub Actions + // "doppler_integration_github_actions": resourceIntegrationGitHubActions(), + "doppler_secrets_sync_github_actions": resourceSyncGitHubActions(), }, DataSourcesMap: map[string]*schema.Resource{ "doppler_secrets": dataSourceSecrets(), diff --git a/doppler/resource_sync_types.go b/doppler/resource_sync_types.go index e19a04d..a47c7c2 100644 --- a/doppler/resource_sync_types.go +++ b/doppler/resource_sync_types.go @@ -84,27 +84,79 @@ func resourceSyncAWSParameterStore() *schema.Resource { return builder.Build() } -func resourceSyncTerraformCloud() *schema.Resource { +func resourceSyncGitHubActions() *schema.Resource { builder := ResourceSyncBuilder{ DataSchema: map[string]*schema.Schema{ "sync_target": { - Description: "Either \"workspace\" or \"variableSet\", based on the resource type to sync to", + Description: "Either \"repo\" or \"org\", based on the resource type to sync to", Type: schema.TypeString, Required: true, ForceNew: true, }, - "workspace_id": { - Description: "The Terraform Cloud workspace ID to sync to", + "repo_name": { + Description: "The GitHub repo name to sync to", + Type: schema.TypeString, + Optional: true, + ForceNew: true, + ExactlyOneOf: []string{"repo_name", "org_scope"}, + }, + "org_scope": { + Description: "Either \"all\" or \"private\", based on the which repos you want to have access (only used when `sync_target` is set to \"org\")", + Type: schema.TypeString, + Optional: true, + ForceNew: true, + ExactlyOneOf: []string{"repo_name", "org_scope"}, + }, + "environment_name": { + Description: "The GitHub repo environment name to sync to", Type: schema.TypeString, Optional: true, ForceNew: true, - ExactlyOneOf: []string{"workspace_id", "variable_set_id"}, }, - "variable_set_id": { - Description: "The Terraform Cloud variable set ID to sync to", + }, + DataBuilder: func(d *schema.ResourceData) IntegrationData { + payload := map[string]interface{}{ + "sync_target": d.Get("sync_target"), + } + repo_name := d.Get("repo_name") + if repo_name != "" { + payload["repo_name"] = repo_name + } + org_scope := d.Get("org_scope") + if org_scope != "" { + payload["org_scope"] = org_scope + } + environment_name := d.Get("environment_name") + if environment_name != "" { + payload["environment_name"] = environment_name + } + return payload + }, + } + return builder.Build() +} + +func resourceSyncTerraformCloud() *schema.Resource { + builder := ResourceSyncBuilder{ + DataSchema: map[string]*schema.Schema{ + "sync_target": { + Description: "Either \"workspace\" or \"variableSet\", based on the resource type to sync to", Type: schema.TypeString, - Optional: true, + Required: true, ForceNew: true, + }, + "workspace_id": { + Description: "The Terraform Cloud workspace ID to sync to", + Type: schema.TypeString, + Optional: true, + ForceNew: true, + ExactlyOneOf: []string{"workspace_id", "variable_set_id"}, + }, + "variable_set_id": { + Description: "The Terraform Cloud variable set ID to sync to", + Type: schema.TypeString, + Optional: true, + ForceNew: true, ExactlyOneOf: []string{"workspace_id", "variable_set_id"}, }, "variable_sync_type": {