diff --git a/docs/index.md b/docs/index.md index c54c095c..b952e385 100644 --- a/docs/index.md +++ b/docs/index.md @@ -163,6 +163,7 @@ Optional: Optional: +- `hostkey_algos` (List of String) The list of hostkey algorithms to use for ssh connections, arranged from most preferred to the least. - `password` (String, Sensitive) Password of the SSH private key. - `private_key` (String, Sensitive) Private key used for authenticating to the Git SSH server. - `username` (String) Username for Git SSH server. diff --git a/internal/provider/provider.go b/internal/provider/provider.go index d1c0631b..f6ecda8d 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -22,6 +22,7 @@ import ( "os" "path/filepath" + "github.com/fluxcd/pkg/git" "github.com/hashicorp/terraform-plugin-framework/attr" "github.com/hashicorp/terraform-plugin-framework/datasource" "github.com/hashicorp/terraform-plugin-framework/path" @@ -43,9 +44,10 @@ const ( var EmbeddedManifests string type Ssh struct { - Username types.String `tfsdk:"username"` - Password types.String `tfsdk:"password"` - PrivateKey types.String `tfsdk:"private_key"` + Username types.String `tfsdk:"username"` + Password types.String `tfsdk:"password"` + PrivateKey types.String `tfsdk:"private_key"` + HostKeyAlgos types.List `tfsdk:"hostkey_algos"` } type Http struct { @@ -264,6 +266,11 @@ func (p *fluxProvider) Schema(ctx context.Context, req provider.SchemaRequest, r Optional: true, Sensitive: true, }, + "hostkey_algos": schema.ListAttribute{ + ElementType: types.StringType, + Description: "The list of hostkey algorithms to use for ssh connections, arranged from most preferred to the least.", + Optional: true, + }, }, Optional: true, }, @@ -374,6 +381,14 @@ func (p *fluxProvider) Configure(ctx context.Context, req provider.ConfigureRequ } } + if data.Git.Ssh != nil && !data.Git.Ssh.HostKeyAlgos.IsNull() && len(data.Git.Ssh.HostKeyAlgos.Elements()) > 0 { + elements := make([]types.String, 0, len(data.Git.Ssh.HostKeyAlgos.Elements())) + data.Git.Ssh.HostKeyAlgos.ElementsAs(ctx, &elements, false) + for _, algo := range elements { + git.HostKeyAlgos = append(git.HostKeyAlgos, algo.ValueString()) + } + } + prd, err := NewProviderResourceData(ctx, data) if err != nil { resp.Diagnostics.AddError("Could not create provider resource data", err.Error()) diff --git a/internal/provider/resource_bootstrap_git_test.go b/internal/provider/resource_bootstrap_git_test.go index eac95d8e..37045702 100644 --- a/internal/provider/resource_bootstrap_git_test.go +++ b/internal/provider/resource_bootstrap_git_test.go @@ -543,6 +543,7 @@ func bootstrapGitSSH(env environment) string { url = "%s" ssh = { username = "git" + hostkey_algos = ["rsa-sha2-512", "rsa-sha2-256"] private_key = <