add tls skip to provider

fix provider data
Merge branch 'main' of github.com:ysoftdevs/terraform-provider-bitbucket
2026-01-15 08:14:13 +01:00 · 2025-11-12 09:47:08 +01:00 · 2025-11-11 13:55:16 +01:00 · 2025-11-11 13:53:36 +01:00 · 2025-11-11 13:53:29 +01:00 · 2025-11-10 17:44:37 +01:00
2 changed files with 36 additions and 20 deletions
--- a/provider.go
+++ b/provider.go
@@ -17,8 +17,9 @@ func NewProvider() provider.Provider {
 type bitbucketTokenProvider struct{}

 type bitbucketTokenProviderModel struct {
-	AuthHeader types.String `tfsdk:"auth_header"`
-	ServerURL  types.String `tfsdk:"server_url"`
+	AuthHeader    types.String `tfsdk:"auth_header"`
+	ServerURL     types.String `tfsdk:"server_url"`
+	TLSSkipVerify types.Bool   `tfsdk:"tls_skip_verify"`
 }

 func (p *bitbucketTokenProvider) Metadata(_ context.Context, _ provider.MetadataRequest, resp *provider.MetadataResponse) {
@@ -38,6 +39,10 @@ func (p *bitbucketTokenProvider) Schema(_ context.Context, _ provider.SchemaRequ
 				Description: "Base URL of the Bitbucket server (e.g. https://stash.example.com). Must not end with a slash.",
 				Required:    true,
 			},
+			"tls_skip_verify": schema.BoolAttribute{
+				Description: "If true, disables TLS certificate verification. Use only for testing or internal servers.",
+				Optional:    true,
+			},
 		},
 	}
 }
@@ -65,12 +70,10 @@ func (p *bitbucketTokenProvider) Configure(ctx context.Context, req provider.Con
 		return
 	}

-	serverURL := config.ServerURL.ValueString()
-	authHeader := config.AuthHeader.ValueString()
-
-	providerData := ProviderData{
-		AuthHeader: authHeader,
-		ServerURL:  serverURL,
+	providerData := &ProviderData{
+		AuthHeader:    config.AuthHeader.ValueString(),
+		ServerURL:     config.ServerURL.ValueString(),
+		TLSSkipVerify: config.TLSSkipVerify.ValueBool(), // <-- passes TLS flag through
 	}

 	resp.DataSourceData = providerData
--- a/resource_token.go
+++ b/resource_token.go
@@ -3,6 +3,7 @@ package main
 import (
 	"bytes"
 	"context"
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -15,13 +16,15 @@ import (
 )

 type ProviderData struct {
-	AuthHeader string
-	ServerURL  string
+	AuthHeader    string
+	ServerURL     string
+	TLSSkipVerify bool
 }

 type BitbucketTokenResource struct {
-	authHeader string
-	serverURL  string
+	authHeader    string
+	serverURL     string
+	tlsSkipVerify bool
 }

 func NewBitbucketTokenResource() resource.Resource {
@@ -70,14 +73,10 @@ func (r *BitbucketTokenResource) Schema(_ context.Context, req resource.SchemaRe

 func (r *BitbucketTokenResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) {
 	if req.ProviderData == nil {
-		resp.Diagnostics.AddError(
-			"Missing provider configuration",
-			"The Bitbucket provider was not configured before using this resource.",
-		)
 		return
 	}

-	providerData, ok := req.ProviderData.(ProviderData)
+	providerData, ok := req.ProviderData.(*ProviderData)
 	if !ok {
 		resp.Diagnostics.AddError(
 			"Unexpected Provider Data Type",
@@ -96,11 +95,23 @@ func (r *BitbucketTokenResource) Configure(ctx context.Context, req resource.Con

 	r.authHeader = providerData.AuthHeader
 	r.serverURL = providerData.ServerURL
+	r.tlsSkipVerify = providerData.TLSSkipVerify
+}
+
+func (r *BitbucketTokenResource) httpClient() *http.Client {
+	tr := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: r.tlsSkipVerify},
+	}
+	return &http.Client{
+		Timeout:   15 * time.Second,
+		Transport: tr,
+	}
 }

 func (r *BitbucketTokenResource) getExistingToken(auth, baseURL, project, repo, name string) (string, error) {
 	apiURL := fmt.Sprintf("%s/rest/access-tokens/latest/projects/%s/repos/%s?limit=10000", baseURL, project, repo)
-	client := &http.Client{Timeout: 15 * time.Second}
+
+	client := r.httpClient()

 	reqGet, _ := http.NewRequest("GET", apiURL, nil)
 	reqGet.Header.Add("Authorization", "Basic "+auth)
@@ -149,7 +160,9 @@ func (r *BitbucketTokenResource) createToken(auth, baseURL, project, repo, name
 	}

 	payloadBytes, _ := json.Marshal(payload)
-	client := &http.Client{Timeout: 15 * time.Second}
+
+	client := r.httpClient()
+
 	reqPut, _ := http.NewRequest("PUT", putURL, bytes.NewReader(payloadBytes))
 	reqPut.Header.Add("Authorization", "Basic "+auth)
 	reqPut.Header.Add("Content-Type", "application/json")
@@ -297,7 +310,7 @@ func (r *BitbucketTokenResource) Delete(ctx context.Context, req resource.Delete
 	name := data.TokenName.ValueString()
 	baseURL := r.serverURL

-	client := &http.Client{Timeout: 15 * time.Second}
+	client := r.httpClient()

 	tokenID, err := r.getExistingToken(auth, baseURL, project, repo, name)
 	if err != nil {
Author	SHA1	Message	Date
Jan Husak	cffc2656b0	add tls skip to provider	2025-11-12 09:47:08 +01:00
Jan Husak	5e00156fc9	fix provider data	2025-11-11 13:55:16 +01:00
Jan Husak	f186ebf370	Merge branch 'main' of github.com:ysoftdevs/terraform-provider-bitbucket	2025-11-11 13:53:36 +01:00
Jan Husak	be79b657d2	fix provider context	2025-11-11 13:53:29 +01:00
kardinal	12dd1f50a1	Fix provider	2025-11-10 17:44:37 +01:00