这是indexloc提供的服务,不要输入任何密码
Skip to content

Add oidc_token_config.issuer_mode property to projects #221

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Oct 24, 2024
Merged

Add oidc_token_config.issuer_mode property to projects #221

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
e568f2f
add `oidc_token_config.issuer_mode` property to projects
marcgreenstock Oct 23, 2024
744e240
Generate docs
dglsparsons Oct 23, 2024
a2367bb
Merge branch 'main' into add_issuer_mode_to_project_oidc_token_config
dglsparsons Oct 23, 2024
cba095a
set issuer_mode default to global
marcgreenstock Oct 24, 2024
2139c7b
Regenerate docs
dglsparsons Oct 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion client/project.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ type GitRepository struct {
}

type OIDCTokenConfig struct {
Enabled bool `json:"enabled"`
Enabled bool `json:"enabled"`
IssuerMode string `json:"issuerMode,omitempty"`
}

// EnvironmentVariable defines the information Vercel requires and surfaces about an environment variable
Expand Down
4 changes: 4 additions & 0 deletions docs/data-sources/project.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,10 @@ Read-Only:
<a id="nestedatt--oidc_token_config"></a>
### Nested Schema for `oidc_token_config`

Optional:

- `issuer_mode` (String) Configures the URL of the `iss` claim. `team` = `https://oidc.vercel.com/[team_slug]` `global` = `https://oidc.vercel.com`

Read-Only:

- `enabled` (Boolean) When true, Vercel issued OpenID Connect (OIDC) tokens will be available on the compute environments. See https://vercel.com/docs/security/secure-backend-access/oidc for more information.
Expand Down
4 changes: 4 additions & 0 deletions docs/resources/project.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,10 @@ Required:

- `enabled` (Boolean) When true, Vercel issued OpenID Connect (OIDC) tokens will be available on the compute environments. See https://vercel.com/docs/security/secure-backend-access/oidc for more information.

Optional:

- `issuer_mode` (String) Configures the URL of the `iss` claim. `team` = `https://oidc.vercel.com/[team_slug]` `global` = `https://oidc.vercel.com`


<a id="nestedatt--options_allowlist"></a>
### Nested Schema for `options_allowlist`
Expand Down
8 changes: 8 additions & 0 deletions vercel/data_source_project.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,14 @@ For more detailed information, please see the [Vercel documentation](https://ver
Description: "When true, Vercel issued OpenID Connect (OIDC) tokens will be available on the compute environments. See https://vercel.com/docs/security/secure-backend-access/oidc for more information.",
Computed: true,
},
"issuer_mode": schema.StringAttribute{
Description: "Configures the URL of the `iss` claim. `team` = `https://oidc.vercel.com/[team_slug]` `global` = `https://oidc.vercel.com`",
Computed: true,
Optional: true,
Validators: []validator.String{
stringOneOf("team", "global"),
},
},
},
},
"options_allowlist": schema.SingleNestedAttribute{
Expand Down
8 changes: 7 additions & 1 deletion vercel/data_source_project_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,8 @@ func TestAcc_ProjectDataSource(t *testing.T) {
resource.TestCheckResourceAttr("data.vercel_project.test", "skew_protection", "7 days"),
resource.TestCheckResourceAttr("data.vercel_project.test", "resource_config.function_default_cpu_type", "standard_legacy"),
resource.TestCheckResourceAttr("data.vercel_project.test", "resource_config.function_default_timeout", "30"),
resource.TestCheckResourceAttr("data.vercel_project.test", "oidc_token_config.enabled", "true"),
resource.TestCheckResourceAttr("data.vercel_project.test", "oidc_token_config.issuer_mode", "team"),
),
},
},
Expand Down Expand Up @@ -129,7 +131,11 @@ resource "vercel_project" "test" {
}
resource_config = {
function_default_cpu_type = "standard_legacy"
function_default_timeout = 30
function_default_timeout = 30
}
oidc_token_config = {
enabled = true
issuer_mode = "team"
}
}

Expand Down
32 changes: 25 additions & 7 deletions vercel/resource_project.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -318,13 +318,25 @@ At this time you cannot use a Vercel Project resource with in-line ` + "`environ
Description: "When true, Vercel issued OpenID Connect (OIDC) tokens will be available on the compute environments. See https://vercel.com/docs/security/secure-backend-access/oidc for more information.",
Required: true,
},
"issuer_mode": schema.StringAttribute{
Optional: true,
Computed: true,
Default: stringdefault.StaticString("team"),
Description: "Configures the URL of the `iss` claim. `team` = `https://oidc.vercel.com/[team_slug]` `global` = `https://oidc.vercel.com`",
PlanModifiers: []planmodifier.String{stringplanmodifier.UseStateForUnknown()},
Validators: []validator.String{
stringOneOf("team", "global"),
},
},
},
Default: objectdefault.StaticValue(types.ObjectValueMust(
map[string]attr.Type{
"enabled": types.BoolType,
"enabled": types.BoolType,
"issuer_mode": types.StringType,
},
map[string]attr.Value{
"enabled": types.BoolValue(false),
"enabled": types.BoolValue(false),
"issuer_mode": types.StringValue("global"),
},
)),
},
Expand Down Expand Up @@ -889,7 +901,8 @@ func (t *TrustedIps) toUpdateProjectRequest() *client.TrustedIps {
}

type OIDCTokenConfig struct {
Enabled types.Bool `tfsdk:"enabled"`
Enabled types.Bool `tfsdk:"enabled"`
IssuerMode types.String `tfsdk:"issuer_mode"`
}

func (o *OIDCTokenConfig) toCreateProjectRequest() *client.OIDCTokenConfig {
Expand All @@ -898,19 +911,22 @@ func (o *OIDCTokenConfig) toCreateProjectRequest() *client.OIDCTokenConfig {
}

return &client.OIDCTokenConfig{
Enabled: o.Enabled.ValueBool(),
Enabled: o.Enabled.ValueBool(),
IssuerMode: o.IssuerMode.ValueString(),
}
}

func (o *OIDCTokenConfig) toUpdateProjectRequest() *client.OIDCTokenConfig {
if o == nil {
return &client.OIDCTokenConfig{
Enabled: types.BoolValue(false).ValueBool(),
Enabled: types.BoolValue(false).ValueBool(),
IssuerMode: types.StringValue("global").ValueString(),
}
}

return &client.OIDCTokenConfig{
Enabled: o.Enabled.ValueBool(),
Enabled: o.Enabled.ValueBool(),
IssuerMode: o.IssuerMode.ValueString(),
}
}

Expand Down Expand Up @@ -1136,10 +1152,12 @@ func convertResponseToProject(ctx context.Context, response client.ProjectRespon
}

var oidcTokenConfig = &OIDCTokenConfig{
Enabled: types.BoolValue(false),
Enabled: types.BoolValue(false),
IssuerMode: types.StringValue("global"),
}
if response.OIDCTokenConfig != nil {
oidcTokenConfig.Enabled = types.BoolValue(response.OIDCTokenConfig.Enabled)
oidcTokenConfig.IssuerMode = types.StringValue(response.OIDCTokenConfig.IssuerMode)
}

resourceConfig := &ResourceConfig{}
Expand Down
2 changes: 2 additions & 0 deletions vercel/resource_project_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ func TestAcc_Project(t *testing.T) {
resource.TestCheckResourceAttr("vercel_project.test", "directory_listing", "true"),
resource.TestCheckResourceAttr("vercel_project.test", "skew_protection", "7 days"),
resource.TestCheckResourceAttr("vercel_project.test", "oidc_token_config.enabled", "true"),
resource.TestCheckResourceAttr("vercel_project.test", "oidc_token_config.issuer_mode", "team"),
),
},
// Update testing
Expand Down Expand Up @@ -751,6 +752,7 @@ resource "vercel_project" "test" {
skew_protection = "7 days"
oidc_token_config = {
enabled = true
issuer_mode = "team"
}
environment = [
{
Expand Down