diff --git a/docs/data-sources/policy.md b/docs/data-sources/policy.md new file mode 100644 index 00000000..f1c3e945 --- /dev/null +++ b/docs/data-sources/policy.md @@ -0,0 +1,33 @@ +--- +page_title: "authentik_policy Data Source - terraform-provider-authentik" +subcategory: "Customization" +description: |- + Get policy by name +--- + +# authentik_policy (Data Source) + +Get policy by name + +## Example Usage + +```terraform +# To get the ID of a policy by name + +data "authentik_policy" "default-authentication-flow-password-stage" { + name = "default-authentication-flow-password-stage" +} + +# Then use `data.authentik_policy.default-authentication-flow-password-stage.id` +``` + + +## Schema + +### Optional + +- `name` (String) Generated. + +### Read-Only + +- `id` (String) The ID of this resource. diff --git a/examples/data-sources/authentik_policy/data-source.tf b/examples/data-sources/authentik_policy/data-source.tf new file mode 100644 index 00000000..2f78bea4 --- /dev/null +++ b/examples/data-sources/authentik_policy/data-source.tf @@ -0,0 +1,7 @@ +# To get the ID of a policy by name + +data "authentik_policy" "default-authentication-flow-password-stage" { + name = "default-authentication-flow-password-stage" +} + +# Then use `data.authentik_policy.default-authentication-flow-password-stage.id` diff --git a/internal/provider/data_source_policy.go b/internal/provider/data_source_policy.go new file mode 100644 index 00000000..b2caa1c5 --- /dev/null +++ b/internal/provider/data_source_policy.go @@ -0,0 +1,45 @@ +package provider + +import ( + "context" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourcePolicy() *schema.Resource { + return &schema.Resource{ + ReadContext: dataSourcePolicyRead, + Description: "Customization --- Get policy by name", + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + }, + } +} + +func dataSourcePolicyRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics { + var diags diag.Diagnostics + c := m.(*APIClient) + + req := c.client.PoliciesApi.PoliciesAllList(ctx) + if s, ok := d.GetOk("name"); ok { + req = req.Search(s.(string)) + } + + res, hr, err := req.Execute() + if err != nil { + return httpToDiag(d, hr, err) + } + + if len(res.Results) < 1 { + return diag.Errorf("No matching policy found") + } + f := res.Results[0] + d.SetId(f.Pk) + setWrapper(d, "name", f.Name) + return diags +} diff --git a/internal/provider/data_source_policy_test.go b/internal/provider/data_source_policy_test.go new file mode 100644 index 00000000..062dff21 --- /dev/null +++ b/internal/provider/data_source_policy_test.go @@ -0,0 +1,39 @@ +package provider + +import ( + "regexp" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccDataSourcePolicy(t *testing.T) { + resource.UnitTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProviderFactories: providerFactories, + Steps: []resource.TestStep{ + { + Config: testAccDataSourcePolicySimple, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("data.authentik_policy.default-authentication-flow-password-stage", "name", "default-authentication-flow-password-stage"), + ), + }, + { + Config: testAccDataSourcePolicyNotExisting, + ExpectError: regexp.MustCompile(`No matching policy found`), + }, + }, + }) +} + +const testAccDataSourcePolicySimple = ` +data "authentik_policy" "default-authentication-flow-password-stage" { + name = "default-authentication-flow-password-stage" +} +` + +const testAccDataSourcePolicyNotExisting = ` +data "authentik_policy" "not-exiting-policy" { + name = "not-exiting-policy" +} +` diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 70e57332..26956d15 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -151,6 +151,7 @@ func Provider(version string, testing bool) *schema.Provider { "authentik_flow": td(dataSourceFlow), "authentik_group": td(dataSourceGroup), "authentik_groups": td(dataSourceGroups), + "authentik_policy": td(dataSourcePolicy), "authentik_property_mapping_provider_rac": td(dataSourcePropertyMappingProviderRAC), "authentik_property_mapping_provider_radius": td(dataSourcePropertyMappingProviderRadius), "authentik_property_mapping_provider_saml": td(dataSourcePropertyMappingProviderSAML),