provider/datadog: Add datadog_user resource (#12268)
* provider/datadog: Add datadog_user resource * provider/datadog: Fix datadog_user import test, simplify datadog_user ACC tests, more consise documentation
This commit is contained in:
parent
5a514f22f7
commit
4372592f0c
|
@ -0,0 +1,35 @@
|
|||
package datadog
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
)
|
||||
|
||||
func TestDatadogUser_import(t *testing.T) {
|
||||
resourceName := "datadog_user.foo"
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckDatadogUserDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: testAccCheckDatadogUserConfigImported,
|
||||
},
|
||||
resource.TestStep{
|
||||
ResourceName: resourceName,
|
||||
ImportState: true,
|
||||
ImportStateVerify: true,
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
const testAccCheckDatadogUserConfigImported = `
|
||||
resource "datadog_user" "foo" {
|
||||
email = "test@example.com"
|
||||
handle = "test@example.com"
|
||||
name = "Test User"
|
||||
}
|
||||
`
|
|
@ -4,6 +4,7 @@ import (
|
|||
"log"
|
||||
|
||||
"errors"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
)
|
||||
|
@ -26,6 +27,7 @@ func Provider() terraform.ResourceProvider {
|
|||
ResourcesMap: map[string]*schema.Resource{
|
||||
"datadog_monitor": resourceDatadogMonitor(),
|
||||
"datadog_timeboard": resourceDatadogTimeboard(),
|
||||
"datadog_user": resourceDatadogUser(),
|
||||
},
|
||||
|
||||
ConfigureFunc: providerConfigure,
|
||||
|
|
|
@ -0,0 +1,160 @@
|
|||
package datadog
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"strings"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
"gopkg.in/zorkian/go-datadog-api.v2"
|
||||
)
|
||||
|
||||
func resourceDatadogUser() *schema.Resource {
|
||||
return &schema.Resource{
|
||||
Create: resourceDatadogUserCreate,
|
||||
Read: resourceDatadogUserRead,
|
||||
Update: resourceDatadogUserUpdate,
|
||||
Delete: resourceDatadogUserDelete,
|
||||
Exists: resourceDatadogUserExists,
|
||||
Importer: &schema.ResourceImporter{
|
||||
State: resourceDatadogUserImport,
|
||||
},
|
||||
|
||||
Schema: map[string]*schema.Schema{
|
||||
"disabled": {
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
Default: false,
|
||||
},
|
||||
"email": {
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
},
|
||||
"handle": {
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
},
|
||||
"is_admin": {
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
Default: false,
|
||||
},
|
||||
"name": {
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
},
|
||||
"role": {
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
},
|
||||
"verified": {
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func resourceDatadogUserExists(d *schema.ResourceData, meta interface{}) (b bool, e error) {
|
||||
// Exists - This is called to verify a resource still exists. It is called prior to Read,
|
||||
// and lowers the burden of Read to be able to assume the resource exists.
|
||||
client := meta.(*datadog.Client)
|
||||
|
||||
if _, err := client.GetUser(d.Id()); err != nil {
|
||||
if strings.Contains(err.Error(), "404 Not Found") {
|
||||
return false, nil
|
||||
}
|
||||
return false, err
|
||||
}
|
||||
|
||||
return true, nil
|
||||
}
|
||||
|
||||
func resourceDatadogUserCreate(d *schema.ResourceData, meta interface{}) error {
|
||||
client := meta.(*datadog.Client)
|
||||
|
||||
var u datadog.User
|
||||
u.SetDisabled(d.Get("disabled").(bool))
|
||||
u.SetEmail(d.Get("email").(string))
|
||||
u.SetHandle(d.Get("handle").(string))
|
||||
u.SetIsAdmin(d.Get("is_admin").(bool))
|
||||
u.SetName(d.Get("name").(string))
|
||||
u.SetRole(d.Get("role").(string))
|
||||
|
||||
// Datadog does not actually delete users, so CreateUser might return a 409.
|
||||
// We ignore that case and proceed, likely re-enabling the user.
|
||||
if _, err := client.CreateUser(u.Handle, u.Name); err != nil {
|
||||
if !strings.Contains(err.Error(), "API error 409 Conflict") {
|
||||
return fmt.Errorf("error creating user: %s", err.Error())
|
||||
}
|
||||
log.Printf("[INFO] Updating existing Datadog user %q", u.Handle)
|
||||
}
|
||||
|
||||
if err := client.UpdateUser(u); err != nil {
|
||||
return fmt.Errorf("error creating user: %s", err.Error())
|
||||
}
|
||||
|
||||
d.SetId(u.GetHandle())
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceDatadogUserRead(d *schema.ResourceData, meta interface{}) error {
|
||||
client := meta.(*datadog.Client)
|
||||
|
||||
u, err := client.GetUser(d.Id())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
log.Printf("[DEBUG] user: %v", u)
|
||||
d.Set("disabled", u.GetDisabled())
|
||||
d.Set("email", u.GetEmail())
|
||||
d.Set("handle", u.GetHandle())
|
||||
d.Set("is_admin", u.GetIsAdmin())
|
||||
d.Set("name", u.GetName())
|
||||
d.Set("role", u.GetRole())
|
||||
d.Set("verified", u.GetVerified())
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceDatadogUserUpdate(d *schema.ResourceData, meta interface{}) error {
|
||||
client := meta.(*datadog.Client)
|
||||
var u datadog.User
|
||||
u.SetDisabled(d.Get("disabled").(bool))
|
||||
u.SetEmail(d.Get("email").(string))
|
||||
u.SetHandle(d.Id())
|
||||
u.SetIsAdmin(d.Get("is_admin").(bool))
|
||||
u.SetName(d.Get("name").(string))
|
||||
u.SetRole(d.Get("role").(string))
|
||||
|
||||
if err := client.UpdateUser(u); err != nil {
|
||||
return fmt.Errorf("error updating user: %s", err.Error())
|
||||
}
|
||||
|
||||
return resourceDatadogUserRead(d, meta)
|
||||
}
|
||||
|
||||
func resourceDatadogUserDelete(d *schema.ResourceData, meta interface{}) error {
|
||||
client := meta.(*datadog.Client)
|
||||
|
||||
// Datadog does not actually delete users, but instead marks them as disabled.
|
||||
// Bypass DeleteUser if GetUser returns User.Disabled == true, otherwise it will 400.
|
||||
if u, err := client.GetUser(d.Id()); err == nil && u.GetDisabled() {
|
||||
return nil
|
||||
}
|
||||
|
||||
if err := client.DeleteUser(d.Id()); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceDatadogUserImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
|
||||
if err := resourceDatadogUserRead(d, meta); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return []*schema.ResourceData{d}, nil
|
||||
}
|
|
@ -0,0 +1,117 @@
|
|||
package datadog
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
"gopkg.in/zorkian/go-datadog-api.v2"
|
||||
)
|
||||
|
||||
func TestAccDatadogUser_Updated(t *testing.T) {
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckDatadogUserDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: testAccCheckDatadogUserConfigRequired,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckDatadogUserExists("datadog_user.foo"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"datadog_user.foo", "email", "test@example.com"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"datadog_user.foo", "handle", "test@example.com"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"datadog_user.foo", "name", "Test User"),
|
||||
),
|
||||
},
|
||||
resource.TestStep{
|
||||
Config: testAccCheckDatadogUserConfigUpdated,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckDatadogUserExists("datadog_user.foo"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"datadog_user.foo", "disabled", "true"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"datadog_user.foo", "email", "updated@example.com"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"datadog_user.foo", "handle", "test@example.com"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"datadog_user.foo", "is_admin", "true"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"datadog_user.foo", "name", "Updated User"),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckDatadogUserDestroy(s *terraform.State) error {
|
||||
client := testAccProvider.Meta().(*datadog.Client)
|
||||
|
||||
if err := datadogUserDestroyHelper(s, client); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func testAccCheckDatadogUserExists(n string) resource.TestCheckFunc {
|
||||
return func(s *terraform.State) error {
|
||||
client := testAccProvider.Meta().(*datadog.Client)
|
||||
if err := datadogUserExistsHelper(s, client); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
const testAccCheckDatadogUserConfigRequired = `
|
||||
resource "datadog_user" "foo" {
|
||||
email = "test@example.com"
|
||||
handle = "test@example.com"
|
||||
name = "Test User"
|
||||
}
|
||||
`
|
||||
|
||||
const testAccCheckDatadogUserConfigUpdated = `
|
||||
resource "datadog_user" "foo" {
|
||||
disabled = true
|
||||
email = "updated@example.com"
|
||||
handle = "test@example.com"
|
||||
is_admin = true
|
||||
name = "Updated User"
|
||||
}
|
||||
`
|
||||
|
||||
func datadogUserDestroyHelper(s *terraform.State, client *datadog.Client) error {
|
||||
for _, r := range s.RootModule().Resources {
|
||||
id := r.Primary.ID
|
||||
u, err := client.GetUser(id)
|
||||
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), "404 Not Found") {
|
||||
continue
|
||||
}
|
||||
return fmt.Errorf("Received an error retrieving user %s", err)
|
||||
}
|
||||
|
||||
// Datadog only disables user on DELETE
|
||||
if u.GetDisabled() {
|
||||
continue
|
||||
}
|
||||
return fmt.Errorf("User still exists")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func datadogUserExistsHelper(s *terraform.State, client *datadog.Client) error {
|
||||
for _, r := range s.RootModule().Resources {
|
||||
id := r.Primary.ID
|
||||
if _, err := client.GetUser(id); err != nil {
|
||||
return fmt.Errorf("Received an error retrieving user %s", err)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
|
@ -0,0 +1,49 @@
|
|||
---
|
||||
layout: "datadog"
|
||||
page_title: "Datadog: datadog_user"
|
||||
sidebar_current: "docs-datadog-resource-user"
|
||||
description: |-
|
||||
Provides a Datadog user resource. This can be used to create and manage users.
|
||||
---
|
||||
|
||||
# datadog\_user
|
||||
|
||||
Provides a Datadog user resource. This can be used to create and manage Datadog users.
|
||||
|
||||
## Example Usage
|
||||
|
||||
```
|
||||
# Create a new Datadog user
|
||||
resource "datadog_user" "foo" {
|
||||
email = "new@example.com"
|
||||
handle = "new@example.com"
|
||||
name = "New User"
|
||||
}
|
||||
```
|
||||
|
||||
## Argument Reference
|
||||
|
||||
The following arguments are supported:
|
||||
|
||||
* `disabled` - (Optional) Whether the user is disabled
|
||||
* `email` - (Required) Email address for user
|
||||
* `handle` - (Required) The user handle, must be a valid email.
|
||||
* `is_admin` - (Optional) Whether the user is an administrator
|
||||
* `name` - (Required) Name for user
|
||||
* `role` - (Optional) Role description for user (NOTE: can only be applied on user creation)
|
||||
|
||||
## Attributes Reference
|
||||
|
||||
The following attributes are exported:
|
||||
|
||||
* `disabled` - Returns true if Datadog user is disabled (NOTE: Datadog does not actually delete users so this will be true for those as well)
|
||||
* `id` - ID of the Datadog user
|
||||
* `verified` - Returns true if Datadog user is verified
|
||||
|
||||
## Import
|
||||
|
||||
users can be imported using their handle, e.g.
|
||||
|
||||
```
|
||||
$ terraform import datadog_user.example_user existing@example.com
|
||||
```
|
|
@ -19,6 +19,9 @@
|
|||
<li<%= sidebar_current("docs-datadog-resource-timeboard") %>>
|
||||
<a href="/docs/providers/datadog/r/timeboard.html">datadog_timeboard</a>
|
||||
</li>
|
||||
<li<%= sidebar_current("docs-datadog-resource-user") %>>
|
||||
<a href="/docs/providers/datadog/r/user.html">datadog_user</a>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
|
|
Loading…
Reference in New Issue