diff --git a/README.md b/README.md index 6f24dcb..dd313c6 100644 --- a/README.md +++ b/README.md @@ -143,6 +143,34 @@ $ terraform import bitbucketserver_repository.test TEST/test-01 ``` +### Create a Bitbucket User + +```hcl +resource "bitbucketserver_user" "admin" { + name = "mreynolds" + display_name = "Malcolm Reynolds" + email_address = "browncoat@example.com" +} +``` + +* `name` - Required. Username of the user. +* `display_name` - Required. User's name to display. +* `email_address` - Required. Email address of user. +* `password_length` - Optional. The length of the generated password on resource creation. Only applies on resource creation. Default `20`. + +#### Attributes + +Additional to the above, the following attributes are emitted: + +* `initial_password` - The generated user password. Only available if password was handled on Terraform resource creation, not import. + +#### Import User + +```bash +$ terraform import bitbucketserver_user.test mreynolds +``` + + ### Set Server License ```hcl diff --git a/bitbucket/client.go b/bitbucket/client.go index 61f6fa1..0e38742 100644 --- a/bitbucket/client.go +++ b/bitbucket/client.go @@ -58,6 +58,7 @@ func (c *BitbucketClient) Do(method, endpoint string, payload *bytes.Buffer) (*h } req.SetBasicAuth(c.Username, c.Password) + req.Header.Add("X-Atlassian-Token", "no-check") if payload != nil { // Can cause bad request when putting default reviews if set. diff --git a/bitbucket/data_project_permissions_users.go b/bitbucket/data_project_permissions_users.go index ff3aca8..b85ab2c 100644 --- a/bitbucket/data_project_permissions_users.go +++ b/bitbucket/data_project_permissions_users.go @@ -18,9 +18,9 @@ type PaginatedProjectPermissionsUsersValue struct { type ProjectPermissionsUser struct { Name string - EmailAddress string `json:"emailAddress,omitempty"` - DisplayName string `json:"displayName,omitempty"` - Active bool `json:"active,omitempty"` + EmailAddress string + DisplayName string + Active bool Permission string } diff --git a/bitbucket/data_project_permissions_users_test.go b/bitbucket/data_project_permissions_users_test.go index 7e4238c..dfc36b2 100644 --- a/bitbucket/data_project_permissions_users_test.go +++ b/bitbucket/data_project_permissions_users_test.go @@ -47,9 +47,15 @@ func TestAccBitbucketDataProjectPermissionsUsers_additional(t *testing.T) { name = "test-repo-for-repository-test" } + resource "bitbucketserver_user" "mreynolds" { + name = "mreynolds" + display_name = "Malcolm Reynolds" + email_address = "browncoat@example.com" + } + resource "bitbucketserver_project_permissions_user" "test" { project = bitbucketserver_project.test.key - user = "admin2" + user = bitbucketserver_user.mreynolds.name permission = "PROJECT_WRITE" } @@ -71,9 +77,9 @@ func TestAccBitbucketDataProjectPermissionsUsers_additional(t *testing.T) { resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.0.email_address", "admin@example.com"), resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.0.active", "true"), resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.0.permission", "PROJECT_ADMIN"), - resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.name", "admin2"), - resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.display_name", "Admin 2"), - resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.email_address", "admin2@example.com"), + resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.name", "mreynolds"), + resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.display_name", "Malcolm Reynolds"), + resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.email_address", "browncoat@example.com"), resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.active", "true"), resource.TestCheckResourceAttr("data.bitbucketserver_project_permissions_users.test", "users.1.permission", "PROJECT_WRITE"), ), diff --git a/bitbucket/provider.go b/bitbucket/provider.go index a0e6175..0916bab 100644 --- a/bitbucket/provider.go +++ b/bitbucket/provider.go @@ -40,6 +40,7 @@ func Provider() terraform.ResourceProvider { "bitbucketserver_project_permissions_group": resourceProjectPermissionsGroup(), "bitbucketserver_project_permissions_user": resourceProjectPermissionsUser(), "bitbucketserver_repository": resourceRepository(), + "bitbucketserver_user": resourceUser(), }, } } diff --git a/bitbucket/resource_project.go b/bitbucket/resource_project.go index db05fcc..9046af3 100644 --- a/bitbucket/resource_project.go +++ b/bitbucket/resource_project.go @@ -35,6 +35,7 @@ func resourceProject() *schema.Resource { "key": { Type: schema.TypeString, Required: true, + ForceNew: true, }, "description": { Type: schema.TypeString, diff --git a/bitbucket/resource_project_permissions_user_test.go b/bitbucket/resource_project_permissions_user_test.go index e71bb43..caa88ab 100644 --- a/bitbucket/resource_project_permissions_user_test.go +++ b/bitbucket/resource_project_permissions_user_test.go @@ -17,9 +17,15 @@ func TestAccBitbucketResourceProjectPermissionsUser(t *testing.T) { name = "test-repo-for-repository-test" } + resource "bitbucketserver_user" "mreynolds" { + name = "mreynolds" + display_name = "Malcolm Reynolds" + email_address = "browncoat@example.com" + } + resource "bitbucketserver_project_permissions_user" "test" { project = bitbucketserver_project.test.key - user = "admin2" + user = bitbucketserver_user.mreynolds.name permission = "PROJECT_READ" } `, projectKey) @@ -31,9 +37,9 @@ func TestAccBitbucketResourceProjectPermissionsUser(t *testing.T) { { Config: config, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "id", projectKey+"/admin2"), + resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "id", projectKey+"/mreynolds"), resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "project", projectKey), - resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "user", "admin2"), + resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "user", "mreynolds"), resource.TestCheckResourceAttr("bitbucketserver_project_permissions_user.test", "permission", "PROJECT_READ"), ), }, diff --git a/bitbucket/resource_repository.go b/bitbucket/resource_repository.go index 314a0b9..8de5e19 100644 --- a/bitbucket/resource_repository.go +++ b/bitbucket/resource_repository.go @@ -41,6 +41,7 @@ func resourceRepository() *schema.Resource { "name": { Type: schema.TypeString, Required: true, + ForceNew: true, }, "slug": { Type: schema.TypeString, @@ -50,6 +51,7 @@ func resourceRepository() *schema.Resource { "project": { Type: schema.TypeString, Required: true, + ForceNew: true, }, "description": { Type: schema.TypeString, diff --git a/bitbucket/resource_user.go b/bitbucket/resource_user.go new file mode 100644 index 0000000..a34e0de --- /dev/null +++ b/bitbucket/resource_user.go @@ -0,0 +1,203 @@ +package bitbucket + +import ( + "bytes" + "encoding/json" + "fmt" + "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/helper/validation" + "io/ioutil" + "math/rand" + "net/url" + "time" +) + +type User struct { + Name string `json:"name,omitempty"` + EmailAddress string `json:"emailAddress,omitempty"` + DisplayName string `json:"displayName,omitempty"` +} + +func resourceUser() *schema.Resource { + return &schema.Resource{ + Create: resourceUserCreate, + Update: resourceUserUpdate, + Read: resourceUserRead, + Exists: resourceUserExists, + Delete: resourceUserDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "email_address": { + Type: schema.TypeString, + Required: true, + }, + "display_name": { + Type: schema.TypeString, + Required: true, + }, + "password_length": { + Type: schema.TypeInt, + Optional: true, + Default: 20, + ForceNew: true, + ValidateFunc: validation.IntBetween(5, 128), + }, + "initial_password": { + Type: schema.TypeString, + Sensitive: true, + Computed: true, + }, + }, + } +} + +const passwordCharset = "abcdefghijklmnopqrstuvwxyz" + + "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" + + "0123456789" + + "@^*_-[]" + +func generateUserPassword(length int) string { + var seededRand *rand.Rand = rand.New(rand.NewSource(time.Now().UnixNano())) + b := make([]byte, length) + for i := range b { + b[i] = passwordCharset[seededRand.Intn(len(passwordCharset))] + } + return string(b) +} + +func newUserFromResource(d *schema.ResourceData) *User { + user := &User{ + Name: d.Get("name").(string), + EmailAddress: d.Get("email_address").(string), + DisplayName: d.Get("display_name").(string), + } + + return user +} + +func resourceUserUpdate(d *schema.ResourceData, m interface{}) error { + client := m.(*BitbucketClient) + user := newUserFromResource(d) + + bytedata, err := json.Marshal(user) + + if err != nil { + return err + } + + _, err = client.Put(fmt.Sprintf("/rest/api/1.0/admin/users/%s", + user.Name, + ), bytes.NewBuffer(bytedata)) + + if err != nil { + return err + } + + return resourceUserRead(d, m) +} + +func resourceUserCreate(d *schema.ResourceData, m interface{}) error { + client := m.(*BitbucketClient) + user := newUserFromResource(d) + + passwordLength := d.Get("password_length").(int) + initialPassword := generateUserPassword(passwordLength) + d.Set("initial_password", initialPassword) + + _, err := client.Post(fmt.Sprintf("/rest/api/1.0/admin/users?name=%s&password=%s&displayName=%s&emailAddress=%s", + url.QueryEscape(user.Name), + url.QueryEscape(initialPassword), + url.QueryEscape(user.DisplayName), + url.QueryEscape(user.EmailAddress), + ), nil) + + if err != nil { + return err + } + + d.SetId(user.Name) + + return resourceUserRead(d, m) +} + +func resourceUserRead(d *schema.ResourceData, m interface{}) error { + id := d.Id() + if id != "" { + d.Set("name", id) + } + + name := d.Get("name").(string) + + client := m.(*BitbucketClient) + req, err := client.Get(fmt.Sprintf("/rest/api/1.0/users/%s", + url.QueryEscape(name), + )) + + if err != nil { + return err + } + + if req.StatusCode == 200 { + + var user User + + body, readerr := ioutil.ReadAll(req.Body) + if readerr != nil { + return readerr + } + + decodeerr := json.Unmarshal(body, &user) + if decodeerr != nil { + return decodeerr + } + + d.Set("name", user.Name) + d.Set("email_address", user.EmailAddress) + d.Set("display_name", user.DisplayName) + } + + return nil +} + +func resourceUserExists(d *schema.ResourceData, m interface{}) (bool, error) { + var name = "" + id := d.Id() + if id != "" { + name = id + } else { + name = d.Get("name").(string) + } + + client := m.(*BitbucketClient) + req, err := client.Get(fmt.Sprintf("/rest/api/1.0/users/%s", + url.QueryEscape(name), + )) + + if err != nil { + return false, fmt.Errorf("failed to get user %s from bitbucket: %+v", name, err) + } + + if req.StatusCode == 200 { + return true, nil + } else { + return false, nil + } +} + +func resourceUserDelete(d *schema.ResourceData, m interface{}) error { + name := d.Get("name").(string) + client := m.(*BitbucketClient) + _, err := client.Delete(fmt.Sprintf("/rest/api/1.0/admin/users?name=%s", + url.QueryEscape(name), + )) + + return err +} diff --git a/bitbucket/resource_user_test.go b/bitbucket/resource_user_test.go new file mode 100644 index 0000000..f667821 --- /dev/null +++ b/bitbucket/resource_user_test.go @@ -0,0 +1,55 @@ +package bitbucket + +import ( + "fmt" + "math/rand" + "testing" + "time" + + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccBitbucketUser(t *testing.T) { + userRand := fmt.Sprintf("%v", rand.New(rand.NewSource(time.Now().UnixNano())).Int()) + testAccBitbucketUserConfig := fmt.Sprintf(` + resource "bitbucketserver_user" "test" { + name = "admin%v" + display_name = "Admin %v" + email_address = "admin%v@example.com" + } + `, userRand, userRand, userRand) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckBitbucketUserDestroy, + Steps: []resource.TestStep{ + { + Config: testAccBitbucketUserConfig, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("bitbucketserver_user.test", "name", "admin"+userRand), + resource.TestCheckResourceAttr("bitbucketserver_user.test", "display_name", "Admin "+userRand), + resource.TestCheckResourceAttr("bitbucketserver_user.test", "email_address", "admin"+userRand+"@example.com"), + resource.TestCheckResourceAttrSet("bitbucketserver_user.test", "initial_password"), + ), + }, + }, + }) +} + +func testAccCheckBitbucketUserDestroy(s *terraform.State) error { + client := testAccProvider.Meta().(*BitbucketClient) + rs, ok := s.RootModule().Resources["bitbucketserver_user.test"] + if !ok { + return fmt.Errorf("not found %s", "bitbucketserver_user.test") + } + + response, _ := client.Get(fmt.Sprintf("/rest/api/1.0/users/%s", rs.Primary.Attributes["name"])) + + if response.StatusCode != 404 { + return fmt.Errorf("user still exists") + } + + return nil +}