teams modules + examples

sandrogattuso · Jul 28, 2020 · f3b89ad · f3b89ad
1 parent df0aeef
commit f3b89ad
Show file tree

Hide file tree

Showing 13 changed files with 125 additions and 51 deletions.
diff --git a/docs/index.md → docs/README.md b/docs/index.md → docs/README.md
@@ -15,55 +15,16 @@ The Codefresh Provider can be used to configure [Codefresh](https://codefresh.io
 The Codefresh API requires the [authentication key](https://codefresh.io/docs/docs/integrations/codefresh-api/#authentication-instructions) to authenticate.
 The key can be passed either as provider's attribute or as environment variable - `CODEFRESH_API_KEY`.
 
-## Example Usage
-
-```hcl
-provider "codefresh" {
-    token = "xxxxxxxxx.xxxxxxxxxx"
-}
-
-resource "codefresh_project" "project" {
-    name = "myproject"
-
-    tags = [
-      "production",
-      "docker",
-    ]
-
-    variables = {
-      myProjectVar = "value"
-   }
-}
-
-resource "codefresh_pipeline" "pipeline" {
-    lifecycle {
-        ignore_changes = [
-            revision
-        ]
-    }
-
-    name  = "${codefresh_project.project.name}/mypipeline"
-
-    spec {
-
-        spec_template {
-            repo        = "my-github-account/my-repository"
-            path        = "./codefresh.yml"
-            revision    = "master"
-            context     = "github"
-        }
-
-        variables = {
-            goVersion = "1.13"
-            release = "true"
-        }
-    }
-}
-```
-
 ## Argument Reference
 
 The following arguments are supported:
 
 - `token` - (Optional) The client API token. This can also be sourced from the `CODEFRESH_API_KEY` environment variable.
-- `api_url` -(Optional) Default value - https://g.codefresh.io/api.
+- `api_url` -(Optional) Default value - https://g.codefresh.io/api.
+
+## Recommendation for creation Accounts, Users, Teams, Permissions
+* create users and accounts using [accounts_users module](modules/accounts_users.md) and Codefresh Admin token 
+* Create and save in tf state api_keys using [accounts_token module](modules/accounts_token.md)
+* Create teams using [teams module](modules/teams.md)
+* Create permissions - (see example)[../examplea/permisssions)
+
diff --git a/docs/modules/account_token.md b/docs/modules/account_token.md
@@ -41,4 +41,11 @@ resource "codefresh_permission" "permission" {
 
 ```
 
-### [Example account-tokens](../../examples/account_tokens)
+### [Example account-tokens](../../examples/account_tokens)
+Output example:  
+```
+    "account_tokens": {
+        "acc1": "1xxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx1",
+        "acc2": "2xxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx2"
+      }
+```
diff --git a/docs/modules/permissions.md b/docs/modules/permissions.md
diff --git a/docs/modules/teams.md b/docs/modules/teams.md
@@ -1 +1,4 @@
-# module teams
+# module teams
+
+[teams source](../../tf_modules/teams)
+[teams example](../../examples/teams)
diff --git a/examples/permissions/main.tf b/examples/permissions/main.tf
@@ -0,0 +1,23 @@
+data "codefresh_team" "admins" {
+  name = "admins"
+}
+
+data "codefresh_team" "developers" {
+  name = "developers"
+}
+
+resource "codefresh_permission" "dev_pipeline" {
+  for_each = toset(["run", "create", "update", "delete", "read"])
+  team = data.codefresh_team.developers.id
+  action = each.value
+  resource = "pipeline"
+  tags = [ "dev", "untagged"]
+}
+
+resource "codefresh_permission" "admin_pipeline" {
+  for_each = toset(["run", "create", "update", "delete", "read", "approve"])
+  team = data.codefresh_team.admins.id
+  action = each.value
+  resource = "pipeline"
+  tags = [ "production", "*"]
+}
diff --git a/examples/permissions/provider.tf b/examples/permissions/provider.tf
@@ -0,0 +1,4 @@
+provider "codefresh" {
+  api_url =  var.api_url 
+  token = var.token # If token isn't set the provider expects the $CODEFRESH_API_KEY env variable
+}
diff --git a/examples/permissions/terraform.tfvars b/examples/permissions/terraform.tfvars
@@ -0,0 +1 @@
+api_url = "https://my-codefresh.example.com/api"
diff --git a/examples/permissions/vars.tf b/examples/permissions/vars.tf
@@ -0,0 +1,8 @@
+variable api_url {
+  type = string
+}
+
+variable token {
+  type = string
+  default = ""
+}
diff --git a/examples/teams/main.tf b/examples/teams/main.tf
@@ -0,0 +1,21 @@
+variable api_url {
+  type = string
+}
+
+variable token {
+  type = string
+  default = ""
+}
+provider "codefresh" {
+  api_url = var.api_url
+  token = var.token
+}
+
+variable teams {
+  type = map(any)
+}
+
+module "teams" {
+    source = "../../tf_modules/teams"
+    teams = var.teams
+}
diff --git a/examples/teams/terraform.tfvars b/examples/teams/terraform.tfvars
@@ -0,0 +1,7 @@
+api_url = "https://my-codefresh.example.com/api"
+token = ""
+
+teams = {
+  developers = ["user1", "user3"]
+  managers = ["user3", "user2"]
+}
diff --git a/tf_modules/teams/main.tf b/tf_modules/teams/main.tf
@@ -0,0 +1,18 @@
+data "codefresh_current_account" "acc" {
+
+}
+
+locals {
+  user_ids = tomap({
+    for u in data.codefresh_current_account.acc.users:
+      u.name => u.id
+  })
+
+}
+
+resource "codefresh_team" "teams" {
+  for_each = var.teams
+  name = each.key
+
+  users = [for u in each.value: lookup(local.user_ids, u)]
+}
diff --git a/tf_modules/teams/output.tf b/tf_modules/teams/output.tf
@@ -0,0 +1,6 @@
+output "users" {
+  value = local.user_ids 
+}
+output "teams" {
+  value = codefresh_team.teams
+}
diff --git a/tf_modules/teams/vars.tf b/tf_modules/teams/vars.tf
@@ -0,0 +1,17 @@
+# variable api_url {
+#   type = string
+# }
+
+# variable token {
+#   type = string
+#   default = ""
+# }
+
+# teams map[team_name]usersList
+# {
+#   developers = ["user1", "user3"]
+#   managers = ["user3", "user2"]
+# }
+variable teams {
+  type = map(any)
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		api_url = "https://my-codefresh.example.com/api"