Merge pull request #8 from jfrog/add-access-federation

Add access federation

.github/workflows/acceptance-tests.yml

@@ -31,7 +31,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: 1.21
+          go-version: 1.22
       - name: Install Helm
         uses: azure/[email protected]
       - name: Install Terraform CLI

.github/workflows/release.yml

@@ -27,7 +27,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: 1.21
+          go-version: 1.22
       - name: Import GPG key
         id: import_gpg
         uses: crazy-max/ghaction-import-gpg@v6

CHANGELOG.md

@@ -1,6 +1,7 @@
-## 1.0.0 (July 9, 2024). Tested on Artifactory 7.84.17 with Terraform 1.9.1 and OpenTofu 1.7.3
+## 1.0.0 (July 16, 2024). Tested on Artifactory 7.84.17 with Terraform 1.9.2 and OpenTofu 1.7.3
 
 FEATURES:
 
 * **New Resource:** `missioncontrol_license_bucket` PR: [#2](https://github.com/jfrog/terraform-provider-mission-control/pull/2)
-* **New Resource:** `missioncontrol_jpd` PR: [#3](https://github.com/jfrog/terraform-provider-mission-control/pull/3)
+* **New Resource:** `missioncontrol_jpd` PR: [#3](https://github.com/jfrog/terraform-provider-mission-control/pull/3)
+* **New Resource:** `missioncontrol_access_federation_star` and `missioncontrol_access_federation_mesh` PR: [#8](https://github.com/jfrog/terraform-provider-mission-control/pull/8)

docs/resources/access_federation_mesh.md

@@ -0,0 +1,44 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "missioncontrol_access_federation_mesh Resource - missioncontrol"
+subcategory: ""
+description: |-
+  Provides a JFrog Access Federation https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-federation resource to setup Mesh Topology.
+  ~>The source and targets must have been configured properly for Access Federation https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-federation.
+  ~>Deletion is currently not supported via REST API. This must be done using JFrog UI.
+---
+
+# missioncontrol_access_federation_mesh (Resource)
+
+Provides a [JFrog Access Federation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-federation) resource to setup Mesh Topology.
+~>The source and targets must have been configured properly for [Access Federation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-federation).
+~>**Deletion** is currently not supported via REST API. This must be done using JFrog UI.
+
+## Example Usage
+
+```terraform
+resource "missioncontrol_access_federation_mesh" "my-mesh" {
+  ids = ["JPD-1", "JPD-2"]
+  entities = ["USERS", "GROUPS", "PERMISSIONS"]
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `entities` (Set of String) Entity types to sync. Allow values: `USERS`, `GROUPS`, `PERMISSIONS`, `TOKENS`
+- `ids` (Set of String) IDs for the source Platform Deployment. Use [Get Access Federation Candidate API](https://jfrog.com/help/r/jfrog-rest-apis/get-access-federation-candidates) to get a list of ID. Must have at least 2 items.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import missioncontrol_access_federation_mesh.my-mesh JPD-1:JPD-2
+```

docs/resources/access_federation_star.md

@@ -0,0 +1,70 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "missioncontrol_access_federation_star Resource - missioncontrol"
+subcategory: ""
+description: |-
+  Provides a JFrog Access Federation https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-federation resource to setup Star Topology.
+  ~>The source and targets must have been configured properly for Access Federation https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-federation.
+  ~>Deletion is currently not supported via REST API. This must be done using JFrog UI.
+---
+
+# missioncontrol_access_federation_star (Resource)
+
+Provides a [JFrog Access Federation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-federation) resource to setup Star Topology.
+~>The source and targets must have been configured properly for [Access Federation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-federation).
+~>**Deletion** is currently not supported via REST API. This must be done using JFrog UI.
+
+## Example Usage
+
+```terraform
+resource "missioncontrol_access_federation_star" "my-star" {
+  id = "JPD-1"
+  entities = ["USERS", "GROUPS", "PERMISSIONS"]
+  targets = [
+    {
+      id = "JPD-2"
+      url = "http://myartifactory-2.jfrog.io/access"
+      permission_filters = {
+        include_patterns = ["some-regex"]
+      }
+    },
+  ]
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `entities` (Set of String) Entity types to sync. Allow values: `USERS`, `GROUPS`, `PERMISSIONS`, `TOKENS`
+- `id` (String) ID for the source Platform Deployment. Use [Get Access Federation Candidate API](https://jfrog.com/help/r/jfrog-rest-apis/get-access-federation-candidates) to get a list of ID.
+- `targets` (Attributes Set) Target JPD (see [below for nested schema](#nestedatt--targets))
+
+<a id="nestedatt--targets"></a>
+### Nested Schema for `targets`
+
+Required:
+
+- `id` (String) ID of the targeted Platform Deployment
+- `url` (String) Target Platform deployment URL: http://<hostname>:<port>/access; for example: http://myplatformserver:8082/access.
+
+Optional:
+
+- `permission_filters` (Attributes) When assigning entity types to targets, you can assign specific permissions to be synchronized using the `include_patterns`/`exclude_patterns` regular expressions. (see [below for nested schema](#nestedatt--targets--permission_filters))
+
+<a id="nestedatt--targets--permission_filters"></a>
+### Nested Schema for `targets.permission_filters`
+
+Optional:
+
+- `exclude_patterns` (Set of String)
+- `include_patterns` (Set of String)
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import missioncontrol_access_federation_star.my-star JPD-1
+```

docs/resources/jpd.md

@@ -0,0 +1,91 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "missioncontrol_jpd Resource - missioncontrol"
+subcategory: ""
+description: |-
+  Provides a JFrog Platform Deployment https://jfrog.com/help/r/jfrog-platform-administration-documentation/manage-platform-deployments resource to manage JPD.
+  ~>Supported on the Self-Hosted platform, with an Enterprise X or Enterprise+ license.
+---
+
+# missioncontrol_jpd (Resource)
+
+Provides a [JFrog Platform Deployment](https://jfrog.com/help/r/jfrog-platform-administration-documentation/manage-platform-deployments) resource to manage JPD.
+~>Supported on the Self-Hosted platform, with an Enterprise X or Enterprise+ license.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `location` (Attributes) The geographical location of the Platform Deployment to be displayed on a global Platform Deployment view (see [below for nested schema](#nestedatt--location))
+- `name` (String) A unique logical name for this Platform Deployment
+- `url` (String) The Platform deployment URL: http://<hostname>:<port>/; for example: http://myplatformserver:8082/. Note: For legacy instances, version 6.x and lower, the URL should contain the instance root context: http://<hostname>:<port>/<context>/; for example http://myv6server:8081/artifactory/. URL must ends with trailing slash.
+
+### Optional
+
+- `password` (String, Sensitive) Admin password for legacy JPD (Artifactory 6.x).
+- `tags` (Set of String) Add labels to be applied for filtering Platform Deployments according to categories for example, location, dedicated centers - dev, testing, production
+- `token` (String, Sensitive) JPD join key
+- `username` (String) Admin username for legacy JPD (Artifactory 6.x).
+
+### Read-Only
+
+- `base_url` (String)
+- `cold_storage_jpd` (String)
+- `id` (String) The ID of this resource.
+- `is_cold_storage` (Boolean)
+- `licenses` (Attributes Set) (see [below for nested schema](#nestedatt--licenses))
+- `local` (Boolean)
+- `services` (Attributes Set) (see [below for nested schema](#nestedatt--services))
+- `status` (Attributes) (see [below for nested schema](#nestedatt--status))
+
+<a id="nestedatt--location"></a>
+### Nested Schema for `location`
+
+Required:
+
+- `city_name` (String)
+- `country_code` (String) 2 letters ISO-3166-2 country code
+- `latitude` (Number)
+- `longitude` (Number)
+
+
+<a id="nestedatt--licenses"></a>
+### Nested Schema for `licenses`
+
+Read-Only:
+
+- `expired` (Boolean)
+- `license_hash` (String)
+- `licensed_to` (String)
+- `type` (String)
+- `valid_through` (String)
+
+
+<a id="nestedatt--services"></a>
+### Nested Schema for `services`
+
+Read-Only:
+
+- `status` (Attributes) (see [below for nested schema](#nestedatt--services--status))
+- `type` (String)
+
+<a id="nestedatt--services--status"></a>
+### Nested Schema for `services.status`
+
+Read-Only:
+
+- `code` (String)
+
+
+
+<a id="nestedatt--status"></a>
+### Nested Schema for `status`
+
+Read-Only:
+
+- `code` (String)
+- `message` (String)
+- `warnings` (Set of String)

examples/resources/missioncontrol_access_federation_mesh/import.sh

@@ -0,0 +1 @@
+terraform import missioncontrol_access_federation_mesh.my-mesh JPD-1:JPD-2

examples/resources/missioncontrol_access_federation_mesh/resource.tf

@@ -0,0 +1,4 @@
+resource "missioncontrol_access_federation_mesh" "my-mesh" {
+  ids = ["JPD-1", "JPD-2"]
+  entities = ["USERS", "GROUPS", "PERMISSIONS"]
+}

examples/resources/missioncontrol_access_federation_star/import.sh

@@ -0,0 +1 @@
+terraform import missioncontrol_access_federation_star.my-star JPD-1

examples/resources/missioncontrol_access_federation_star/resource.tf

@@ -0,0 +1,13 @@
+resource "missioncontrol_access_federation_star" "my-star" {
+  id = "JPD-1"
+  entities = ["USERS", "GROUPS", "PERMISSIONS"]
+  targets = [
+    {
+      id = "JPD-2"
+      url = "http://myartifactory-2.jfrog.io/access"
+      permission_filters = {
+        include_patterns = ["some-regex"]
+      }
+    },
+  ]
+}

go.mod

@@ -1,13 +1,14 @@
 module github.com/jfrog/terraform-provider-mission-control
 
-go 1.21.5
+go 1.22.5
 
 require (
 	github.com/go-resty/resty/v2 v2.13.1
 	github.com/hashicorp/terraform-plugin-docs v0.19.4
 	github.com/hashicorp/terraform-plugin-framework v1.10.0
 	github.com/hashicorp/terraform-plugin-framework-validators v0.13.0
 	github.com/hashicorp/terraform-plugin-go v0.23.0
+	github.com/hashicorp/terraform-plugin-log v0.9.0
 	github.com/hashicorp/terraform-plugin-testing v1.9.0
 	github.com/jfrog/terraform-provider-shared v1.25.5
 	github.com/samber/lo v1.45.0

pkg/missioncontrol/provider.go

@@ -148,6 +148,8 @@ func (p *MissionControlProvider) Resources(ctx context.Context) []func() resourc
 	return []func() resource.Resource{
 		NewLicenseBucketResource,
 		NewJPDResource,
+		NewAccessFederationStarResource,
+		NewAccessFederationMeshResource,
 	}
 }