Feature/issue 300 - Http Resource

[Prajwal-Shah]

Related Issue

Fixes #300

Description

This pull request introduces a new http resource to the provider. The http resource allows users to perform HTTP requests as part of their Terraform apply or destroy operations, capturing response data such as headers, body, and status code in the Terraform state.

Key design decisions and features:

• The resource supports methods defined in RFC7231 namely GET, HEAD, and POST methods, with optional request headers and body.
• Read operations do not send any HTTP requests, hence no updates to state.
• Updates to resource are made only when there are changes in input attributes.
• Introduced a new when argument that allows users to control whether the request is sent during apply (create/update) or destroy.
  • Introduced new modelV1 for resource/http to support when attribute without affecting the existing data-source module.
  • Accepted values for when are "apply" and "destroy"
  • When when = "apply" (default):
    The provider sends the request during create and update operations. Computed response values are saved to the state file.
  • When when = "destroy":
    The provider sends the request only during resource deletion. During terraform apply, computed response attributes will be empty or zero, while input attributes are stored as provided.
• Response data is available as computed attributes, including support for non-UTF-8 responses (with warnings).
• Retries can be configured using a retry block, leveraging go-retryablehttp.
• Documentation and examples have been added to the docs/ and examples/ directories.
• Full test coverage is provided in internal/provider/resource_http_test.go.

This design provides flexibility for users needing to trigger HTTP endpoints as part of their infrastructure workflows, while maintaining a clear separation from the existing data source.

Files added/modified (main...feature/issue-300)

Rollback Plan

• If a change needs to be reverted, we will roll out an update to the code within 7 days.

Changes to Security Controls

Changes to Security Controls

• The new resource/http implementation reuses the request-handling logic from data-source/http, ensuring consistency in behavior.
• No additional security changes have been introduced beyond those already documented for data-source/http.

Sample Plan

# http.get will be created
  + resource "http" "get" {
      + body                 = (known after apply)
      + id                   = (known after apply)
      + method               = "GET"
      + response_body        = (known after apply)
      + response_body_base64 = (known after apply)
      + response_headers     = (known after apply)
      + status_code          = (known after apply)
      + url                  = "http://127.0.0.1:8000/terraform/http_resource"
      + when                 = "apply"
    }

  # http.post will be created
  + resource "http" "post" {
      + body                 = (known after apply)
      + id                   = (known after apply)
      + method               = "POST"
      + request_body         = jsonencode(
            {
              + message = "Hello, World!"
            }
        )
      + response_body        = (known after apply)
      + response_body_base64 = (known after apply)
      + response_headers     = (known after apply)
      + status_code          = (known after apply)
      + url                  = "http://127.0.0.1:8000/terraform/http_resource"
      + when                 = "destroy"

      + retry {
          + attempts     = 2
          + max_delay_ms = 5000
          + min_delay_ms = 1000
        }
    }

[hashicorp-cla-app]

All committers have signed the CLA.