Merge pull request #771 from hanks/fix/add-import-to-ldap-link

timofurrer · web-flow · commit 9114485cee8d · 2022-02-22T09:24:26.000+01:00
fix(group_ldap_link): add missing terraform import feature for group LDAP link
diff --git a/docs/resources/group_ldap_link.md b/docs/resources/group_ldap_link.md
@@ -37,4 +37,11 @@ resource "gitlab_group_ldap_link" "test" {
 - **group_access** (String) Minimum access level for members of the LDAP group. Valid values are: `no one`, `minimal`, `guest`, `reporter`, `developer`, `maintainer`, `owner`, `master`
 - **id** (String) The ID of this resource.
 
+## Import
 
+Import is supported using the following syntax:
+
+```shell
+# GitLab group ldap links can be imported using an id made up of `group_id:ldap_provider:cn`, e.g.
+terraform import gitlab_group_ldap_link.test "12345:ldapmain:testuser"
+```
diff --git a/examples/resources/gitlab_group_ldap_link/import.sh b/examples/resources/gitlab_group_ldap_link/import.sh
@@ -0,0 +1,2 @@
+# GitLab group ldap links can be imported using an id made up of `group_id:ldap_provider:cn`, e.g.
+terraform import gitlab_group_ldap_link.test "12345:ldapmain:testuser"
diff --git a/internal/provider/resource_gitlab_group_ldap_link.go b/internal/provider/resource_gitlab_group_ldap_link.go
@@ -20,6 +20,9 @@ var _ = registerResource("gitlab_group_ldap_link", func() *schema.Resource {
 		CreateContext: resourceGitlabGroupLdapLinkCreate,
 		ReadContext:   resourceGitlabGroupLdapLinkRead,
 		DeleteContext: resourceGitlabGroupLdapLinkDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: resourceGitlabGroupLdapLinkImporter,
+		},
 
 		Schema: map[string]*schema.Schema{
 			"group_id": {
@@ -180,3 +183,21 @@ func resourceGitlabGroupLdapLinkDelete(ctx context.Context, d *schema.ResourceDa
 
 	return nil
 }
+
+func resourceGitlabGroupLdapLinkImporter(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
+	parts := strings.SplitN(d.Id(), ":", 3)
+	if len(parts) != 3 {
+		return nil, fmt.Errorf("invalid ldap link import id (should be <group id>:<ldap provider>:<ladp cn>): %s", d.Id())
+	}
+
+	groupId, ldapProvider, ldapCN := parts[0], parts[1], parts[2]
+	d.SetId(buildTwoPartID(&ldapProvider, &ldapCN))
+	d.Set("group_id", groupId)
+	d.Set("force", false)
+
+	diag := resourceGitlabGroupLdapLinkRead(ctx, d, meta)
+	if diag.HasError() {
+		return nil, fmt.Errorf("%s", diag[0].Summary)
+	}
+	return []*schema.ResourceData{d}, nil
+}
diff --git a/internal/provider/resource_gitlab_group_ldap_link_test.go b/internal/provider/resource_gitlab_group_ldap_link_test.go
@@ -13,6 +13,7 @@ import (
 
 func TestAccGitlabGroupLdapLink_basic(t *testing.T) {
 	rInt := acctest.RandInt()
+	resourceName := "gitlab_group_ldap_link.foo"
 
 	// PreCheck runs after Config so load test data here
 	var ldapLink gitlab.LDAPGroupLink
@@ -31,18 +32,27 @@ func TestAccGitlabGroupLdapLink_basic(t *testing.T) {
 				SkipFunc: isRunningInCE,
 				Config:   testAccGitlabGroupLdapLinkCreateConfig(rInt, &testLdapLink),
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckGitlabGroupLdapLinkExists("gitlab_group_ldap_link.foo", &ldapLink),
+					testAccCheckGitlabGroupLdapLinkExists(resourceName, &ldapLink),
 					testAccCheckGitlabGroupLdapLinkAttributes(&ldapLink, &testAccGitlabGroupLdapLinkExpectedAttributes{
 						accessLevel: fmt.Sprintf("developer"), // nolint // TODO: Resolve this golangci-lint issue: S1039: unnecessary use of fmt.Sprintf (gosimple)
 					})),
 			},
 
+			// Import the group LDAP link (re-uses testAccGitlabGroupLdapLinkCreateConfig for Config)
+			{
+				SkipFunc:          isRunningInCE,
+				ResourceName:      resourceName,
+				ImportStateIdFunc: getGitlabGroupLdapLinkImportID(resourceName),
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+
 			// Update the group LDAP link to change the access level (uses testAccGitlabGroupLdapLinkUpdateConfig for Config)
 			{
 				SkipFunc: isRunningInCE,
 				Config:   testAccGitlabGroupLdapLinkUpdateConfig(rInt, &testLdapLink),
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckGitlabGroupLdapLinkExists("gitlab_group_ldap_link.foo", &ldapLink),
+					testAccCheckGitlabGroupLdapLinkExists(resourceName, &ldapLink),
 					testAccCheckGitlabGroupLdapLinkAttributes(&ldapLink, &testAccGitlabGroupLdapLinkExpectedAttributes{
 						accessLevel: fmt.Sprintf("maintainer"), // nolint // TODO: Resolve this golangci-lint issue: S1039: unnecessary use of fmt.Sprintf (gosimple)
 					})),
@@ -51,6 +61,30 @@ func TestAccGitlabGroupLdapLink_basic(t *testing.T) {
 	})
 }
 
+func getGitlabGroupLdapLinkImportID(resourceName string) resource.ImportStateIdFunc {
+	return func(s *terraform.State) (string, error) {
+		rs, ok := s.RootModule().Resources[resourceName]
+		if !ok {
+			return "", fmt.Errorf("Not Found: %s", resourceName)
+		}
+
+		groupID := rs.Primary.Attributes["group_id"]
+		if groupID == "" {
+			return "", fmt.Errorf("No group ID is set")
+		}
+		ldapProvider := rs.Primary.Attributes["ldap_provider"]
+		if ldapProvider == "" {
+			return "", fmt.Errorf("No LDAP provider is set")
+		}
+		ldapCN := rs.Primary.Attributes["cn"]
+		if ldapCN == "" {
+			return "", fmt.Errorf("No LDAP CN is set")
+		}
+
+		return fmt.Sprintf("%s:%s:%s", groupID, ldapProvider, ldapCN), nil
+	}
+}
+
 func testAccCheckGitlabGroupLdapLinkExists(resourceName string, ldapLink *gitlab.LDAPGroupLink) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		// Clear the "found" LDAP link before checking for existence

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	+# GitLab group ldap links can be imported using an id made up of `group_id:ldap_provider:cn`, e.g.
	`2`	`+terraform import gitlab_group_ldap_link.test "12345:ldapmain:testuser"`