Skip to content

feat: add role_assignment, user, sso_group resources and data sources #164

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ChrisMcKenzie merged 8 commits into from
Jan 8, 2026
Merged

feat: add role_assignment, user, sso_group resources and data sources #164

ChrisMcKenzie merged 8 commits into from
Jan 8, 2026

Conversation

@ChrisMcKenzie
Copy link
Contributor

@ChrisMcKenzie ChrisMcKenzie commented Dec 15, 2025
edited
Loading

ENG-5987

what

Adds role_assignment, user, sso_group resource types to terraform provider
Adds user, sso_group data sources to terraform provider.

why

These data sources enable users to:

  • Get User, and group data via the graphql api
  • Assign Users, groups to Roles using role_assignment resource

This is part of the RBAC support feature set, specifically focusing on resources and the data sources necessary to creating role assignments

testing

  • Acceptance Tests
  • Unit Tests
  • Terraform validation passes (just lint-tf)
  • Code builds successfully
  • API integration tested with filter-based GraphQL queries

docs

  • Example Terraform configurations added in examples/data-sources/stacklet_user and examples/data-sources/stacklet_sso_group/ as well as the resources examples/resources/stacklet_role_assigment
  • Schema documentation included in resource definitions

@ChrisMcKenzie ChrisMcKenzie changed the title add: role_assignment resource. add: role_assignment, user, sso_group resources and data sources Dec 23, 2025
@ChrisMcKenzie ChrisMcKenzie changed the title add: role_assignment, user, sso_group resources and data sources feat: role_assignment, user, sso_group resources and data sources Dec 23, 2025
@ChrisMcKenzie ChrisMcKenzie force-pushed the feature/RBAC-support-resources branch from e807d72 to 7a1c00e Compare December 23, 2025 16:28
@ChrisMcKenzie ChrisMcKenzie marked this pull request as ready for review December 23, 2025 16:28
@ChrisMcKenzie ChrisMcKenzie requested a review from a team as a code owner December 23, 2025 16:28
albertodonato
albertodonato approved these changes Jan 7, 2026
View reviewed changes
Copy link
Contributor

@albertodonato albertodonato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks.

A couple of minor comments inline, but nothing really blocking

internal/resources/role_assignment.go
func (r *roleAssignmentResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
// Role assignments must be imported using the composite key: "role_name,principal,target"
// Example: "viewer,user:1,account-group:abc-123"
parts := strings.Split(req.ID, ",")
Copy link
Contributor

@albertodonato albertodonato Jan 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

too bad we can't use importState here due to the : in ids...

@ChrisMcKenzie ChrisMcKenzie force-pushed the feature/RBAC-support-resources branch from 7a1c00e to 5d551fa Compare January 7, 2026 22:05
@ChrisMcKenzie
chore: remove unused fields from user struct in api
cd8529a 
update: docs for user api and role_assignment
@ChrisMcKenzie ChrisMcKenzie force-pushed the feature/RBAC-support-resources branch from 5d551fa to cd8529a Compare January 7, 2026 22:13
@ChrisMcKenzie ChrisMcKenzie changed the title feat: role_assignment, user, sso_group resources and data sources feat: add role_assignment, user, sso_group resources and data sources Jan 7, 2026
wgrant
wgrant reviewed Jan 8, 2026
View reviewed changes
internal/models/user.go Outdated

roles, d := types.ListValueFrom(ctx, types.StringType, user.Roles)
diags.Append(d...)
m.Roles = roles
Copy link

@wgrant wgrant Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All four of these fields are deprecated.

albertodonato
albertodonato approved these changes Jan 8, 2026
View reviewed changes
Copy link
Contributor

@albertodonato albertodonato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks

@ChrisMcKenzie ChrisMcKenzie merged commit b2b7600 into main Jan 8, 2026
6 checks passed
@ChrisMcKenzie ChrisMcKenzie deleted the feature/RBAC-support-resources branch January 8, 2026 14:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wgrant wgrant wgrant left review comments

@albertodonato albertodonato albertodonato approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ChrisMcKenzie @wgrant @albertodonato