ENG-5835: Add resource to manage sso groups to roles (#106)

README.md

@@ -8,7 +8,7 @@ Our provider uses the same naming conventions and organization as stated in Terr
 
 ## Documentation
 
-Full and comprehensive documentation for this provider is available on the [provider documentation index](./docs/index.md).
+Full and comprehensive documentation for this provider is available on the [provider documentation index](https://registry.terraform.io/providers/cyralinc/cyral/latest/docs).
 
 ### Change Log
 

cyral/provider.go

@@ -117,6 +117,8 @@ func Provider() *schema.Provider {
 			"cyral_repository_conf_auth":        resourceRepositoryConfAuth(),
 			"cyral_repository_identity_map":     resourceRepositoryIdentityMap(false),
 			"cyral_repository_local_account":    resourceRepositoryLocalAccount(),
+			"cyral_role":                        resourceRole(),
+			"cyral_role_sso_groups":             resourceRoleSSOGroups(),
 			"cyral_sidecar":                     resourceSidecar(),
 			"cyral_sidecar_credentials":         resourceSidecarCredentials(),
 		},

cyral/resource.go

@@ -115,9 +115,13 @@ func DeleteResource(config ResourceOperationConfig) schema.DeleteContextFunc {
 		log.Printf("[DEBUG] Init %s", config.Name)
 		c := m.(*client.Client)
 
+		if config.ResourceData != nil {
+			config.ResourceData.ReadFromSchema(d)
+		}
+
 		url := config.CreateURL(d, c)
 
-		if _, err := c.DoRequest(url, config.HttpMethod, nil); err != nil {
+		if _, err := c.DoRequest(url, config.HttpMethod, config.ResourceData); err != nil {
 			return createError("Unable to delete integration", fmt.Sprintf("%v", err))
 		}
 

cyral/resource_cyral_integration_idp_test.go

@@ -9,7 +9,7 @@ import (
 )
 
 const (
-	TestSingleSignOnURL = "https://some-test-sso-url.com"
+	testSingleSignOnURL = "https://some-test-sso-url.com"
 )
 
 func TestAccIdPIntegrationResource(t *testing.T) {
@@ -102,15 +102,15 @@ func testAccIdPIntegrationConfig_ADFS_DefaultValues() string {
 			}
 		}
 	}
-	`, TestSingleSignOnURL)
+	`, testSingleSignOnURL)
 }
 
 func testAccIdPIntegrationCheck_ADFS_DefaultValues() resource.TestCheckFunc {
 	return resource.ComposeTestCheckFunc(
 		resource.TestMatchResourceAttr("cyral_integration_idp_adfs.test_idp_integration",
 			"id", regexp.MustCompile(`adfs.`)),
 		resource.TestCheckResourceAttr("cyral_integration_idp_adfs.test_idp_integration",
-			"samlp.0.config.0.single_sign_on_service_url", TestSingleSignOnURL),
+			"samlp.0.config.0.single_sign_on_service_url", testSingleSignOnURL),
 	)
 }
 
@@ -123,15 +123,15 @@ func testAccIdPIntegrationConfig_AAD_DefaultValues() string {
 			}
 		}
 	}
-	`, TestSingleSignOnURL)
+	`, testSingleSignOnURL)
 }
 
 func testAccIdPIntegrationCheck_AAD_DefaultValues() resource.TestCheckFunc {
 	return resource.ComposeTestCheckFunc(
 		resource.TestMatchResourceAttr("cyral_integration_idp_aad.test_idp_integration",
 			"id", regexp.MustCompile(`aad.`)),
 		resource.TestCheckResourceAttr("cyral_integration_idp_aad.test_idp_integration",
-			"samlp.0.config.0.single_sign_on_service_url", TestSingleSignOnURL),
+			"samlp.0.config.0.single_sign_on_service_url", testSingleSignOnURL),
 	)
 }
 
@@ -144,15 +144,15 @@ func testAccIdPIntegrationConfig_Forgerock_DefaultValues() string {
 			}
 		}
 	}
-	`, TestSingleSignOnURL)
+	`, testSingleSignOnURL)
 }
 
 func testAccIdPIntegrationCheck_Forgerock_DefaultValues() resource.TestCheckFunc {
 	return resource.ComposeTestCheckFunc(
 		resource.TestMatchResourceAttr("cyral_integration_idp_forgerock.test_idp_integration",
 			"id", regexp.MustCompile(`forgerock.`)),
 		resource.TestCheckResourceAttr("cyral_integration_idp_forgerock.test_idp_integration",
-			"samlp.0.config.0.single_sign_on_service_url", TestSingleSignOnURL),
+			"samlp.0.config.0.single_sign_on_service_url", testSingleSignOnURL),
 	)
 }
 
@@ -165,15 +165,15 @@ func testAccIdPIntegrationConfig_GSuite_DefaultValues() string {
 			}
 		}
 	}
-	`, TestSingleSignOnURL)
+	`, testSingleSignOnURL)
 }
 
 func testAccIdPIntegrationCheck_GSuite_DefaultValues() resource.TestCheckFunc {
 	return resource.ComposeTestCheckFunc(
 		resource.TestMatchResourceAttr("cyral_integration_idp_gsuite.test_idp_integration",
 			"id", regexp.MustCompile(`gsuite.`)),
 		resource.TestCheckResourceAttr("cyral_integration_idp_gsuite.test_idp_integration",
-			"samlp.0.config.0.single_sign_on_service_url", TestSingleSignOnURL),
+			"samlp.0.config.0.single_sign_on_service_url", testSingleSignOnURL),
 	)
 }
 
@@ -186,15 +186,15 @@ func testAccIdPIntegrationConfig_PingOne_DefaultValues() string {
 			}
 		}
 	}
-	`, TestSingleSignOnURL)
+	`, testSingleSignOnURL)
 }
 
 func testAccIdPIntegrationCheck_PingOne_DefaultValues() resource.TestCheckFunc {
 	return resource.ComposeTestCheckFunc(
 		resource.TestMatchResourceAttr("cyral_integration_idp_ping_one.test_idp_integration",
 			"id", regexp.MustCompile(`pingone.`)),
 		resource.TestCheckResourceAttr("cyral_integration_idp_ping_one.test_idp_integration",
-			"samlp.0.config.0.single_sign_on_service_url", TestSingleSignOnURL),
+			"samlp.0.config.0.single_sign_on_service_url", testSingleSignOnURL),
 	)
 }
 
@@ -207,15 +207,15 @@ func testAccIdPIntegrationConfig_Okta_DefaultValues() string {
 			}
 		}
 	}
-	`, TestSingleSignOnURL)
+	`, testSingleSignOnURL)
 }
 
 func testAccIdPIntegrationCheck_Okta_DefaultValues() resource.TestCheckFunc {
 	return resource.ComposeTestCheckFunc(
 		resource.TestMatchResourceAttr("cyral_integration_idp_okta.test_idp_integration",
 			"id", regexp.MustCompile(`okta.`)),
 		resource.TestCheckResourceAttr("cyral_integration_idp_okta.test_idp_integration",
-			"samlp.0.config.0.single_sign_on_service_url", TestSingleSignOnURL),
+			"samlp.0.config.0.single_sign_on_service_url", testSingleSignOnURL),
 	)
 }
 
@@ -231,7 +231,7 @@ func testAccIdPIntegrationConfig_Updated(idpDisplayName string) string {
 			}
 		}
 	}
-	`, idpDisplayName, TestSingleSignOnURL)
+	`, idpDisplayName, testSingleSignOnURL)
 }
 
 func testAccIdPIntegrationCheck_Updated(idpDisplayName string) resource.TestCheckFunc {
@@ -243,7 +243,7 @@ func testAccIdPIntegrationCheck_Updated(idpDisplayName string) resource.TestChec
 		resource.TestCheckResourceAttr("cyral_integration_idp_okta.test_idp_integration",
 			"samlp.0.disabled", "true"),
 		resource.TestCheckResourceAttr("cyral_integration_idp_okta.test_idp_integration",
-			"samlp.0.config.0.single_sign_on_service_url", TestSingleSignOnURL),
+			"samlp.0.config.0.single_sign_on_service_url", testSingleSignOnURL),
 		resource.TestCheckResourceAttr("cyral_integration_idp_okta.test_idp_integration",
 			"samlp.0.config.0.back_channel_supported", "true"),
 	)
@@ -259,7 +259,7 @@ func testAccIdPIntegrationConfig_NotEmptyAlias() string {
 			}
 		}
 	}
-	`, TestSingleSignOnURL)
+	`, testSingleSignOnURL)
 }
 
 func testAccIdPIntegrationCheck_NotEmptyAlias() resource.TestCheckFunc {
@@ -270,6 +270,6 @@ func testAccIdPIntegrationCheck_NotEmptyAlias() resource.TestCheckFunc {
 			"cyral_integration_idp_okta.test_idp_integration", "id",
 			"cyral_integration_idp_okta.test_idp_integration", "draft_alias"),
 		resource.TestCheckResourceAttr("cyral_integration_idp_okta.test_idp_integration",
-			"samlp.0.config.0.single_sign_on_service_url", TestSingleSignOnURL),
+			"samlp.0.config.0.single_sign_on_service_url", testSingleSignOnURL),
 	)
 }