diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1c42b07f..6f693866 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -36,7 +36,7 @@ terraform { required_providers { onepassword = { source = "1Password/onepassword" - version = "~> 1.3.0" + version = "~> 2.0.0" } } } diff --git a/README.md b/README.md index 20c19a5c..e09858d6 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ terraform { required_providers { onepassword = { source = "1Password/onepassword" - version = "~> 1.3.0" + version = "~> 2.0.0" } } } diff --git a/docs/data-sources/item.md b/docs/data-sources/item.md index 16012719..7877629e 100644 --- a/docs/data-sources/item.md +++ b/docs/data-sources/item.md @@ -14,8 +14,8 @@ Use this data source to get details of an item by its vault uuid and either the ```terraform data "onepassword_item" "example" { - vault = data.onepassword_vault.example.uuid - uuid = onepassword_item.demo_sections.uuid + vault = "your-vault-id" + title = "your-item-title" } ``` @@ -34,9 +34,10 @@ data "onepassword_item" "example" { ### Read-Only -- `category` (String) The category of the item. One of ["login" "password" "database" "secure_note"] +- `category` (String) The category of the item. One of ["login" "password" "database" "secure_note" "document"] - `credential` (String, Sensitive) API credential for this item. - `database` (String) (Only applies to the database category) The name of the database. +- `file` (Block List) A list of files attached to the item. (see [below for nested schema](#nestedblock--file)) - `hostname` (String) (Only applies to the database category) The address where the database can be found - `id` (String) The Terraform resource identifier for this item in the format `vaults//items/`. - `password` (String, Sensitive) Password for this item. @@ -47,12 +48,24 @@ data "onepassword_item" "example" { - `url` (String) The primary URL for the item. - `username` (String) Username for this item. + +### Nested Schema for `file` + +Read-Only: + +- `content` (String, Sensitive) The content of the file. +- `content_base64` (String, Sensitive) The content of the file in base64 encoding. (Use this for binary files.) +- `id` (String) The UUID of the file. +- `name` (String) The name of the file. + + ### Nested Schema for `section` Read-Only: - `field` (Block List) (see [below for nested schema](#nestedblock--section--field)) +- `file` (Block List) A list of files attached to the section. (see [below for nested schema](#nestedblock--section--file)) - `id` (String) A unique identifier for the section. - `label` (String) The label for the section. @@ -63,6 +76,17 @@ Read-Only: - `id` (String) A unique identifier for the field. - `label` (String) The label for the field. -- `purpose` (String) Purpose indicates this is a special field: a username, password, or notes field. -- `type` (String) The type of value stored in the field. +- `purpose` (String) Purpose indicates this is a special field: a username, password, or notes field. One of ["USERNAME" "PASSWORD" "NOTES"] +- `type` (String) The type of value stored in the field. One of ["STRING" "CONCEALED" "EMAIL" "URL" "OTP" "DATE" "MONTH_YEAR" "MENU"] - `value` (String, Sensitive) The value of the field. + + + +### Nested Schema for `section.file` + +Read-Only: + +- `content` (String, Sensitive) The content of the file. +- `content_base64` (String, Sensitive) The content of the file in base64 encoding. (Use this for binary files.) +- `id` (String) The UUID of the file. +- `name` (String) The name of the file. diff --git a/docs/data-sources/vault.md b/docs/data-sources/vault.md index 6a0d590c..028cd6a9 100644 --- a/docs/data-sources/vault.md +++ b/docs/data-sources/vault.md @@ -14,7 +14,7 @@ Use this data source to get details of a vault by either its name or uuid. ```terraform data "onepassword_vault" "example" { - name = var.demo_vault + name = "your-vault-name" } ``` diff --git a/docs/resources/item.md b/docs/resources/item.md index f1bc440e..5f812934 100644 --- a/docs/resources/item.md +++ b/docs/resources/item.md @@ -13,11 +13,11 @@ A 1Password Item. ## Example Usage ```terraform -resource "onepassword_item" "demo_password" { - vault = var.demo_vault +resource "onepassword_item" "example" { + vault = "your-vault-id" - title = "Demo Password Recipe" - category = "password" + title = "Example Item Title" + category = "login" password_recipe { length = 40 @@ -25,36 +25,15 @@ resource "onepassword_item" "demo_password" { } section { - label = "Credential metadata" + label = "Example section" field { - label = "Expiration" + label = "Example field" type = "DATE" value = "2024-01-31" } } } - -resource "onepassword_item" "demo_login" { - vault = var.demo_vault - - title = "Demo Terraform Login" - category = "login" - username = "test@example.com" -} - -resource "onepassword_item" "demo_db" { - vault = var.demo_vault - category = "database" - type = "mysql" - - title = "Demo TF Database" - username = "root" - - database = "Example MySQL Instance" - hostname = "localhost" - port = 3306 -} ``` diff --git a/examples/data-sources/onepassword_item/data-source.tf b/examples/data-sources/onepassword_item/data-source.tf index 37c3a317..7322cd91 100644 --- a/examples/data-sources/onepassword_item/data-source.tf +++ b/examples/data-sources/onepassword_item/data-source.tf @@ -1,4 +1,4 @@ data "onepassword_item" "example" { - vault = data.onepassword_vault.example.uuid - uuid = onepassword_item.demo_sections.uuid + vault = "your-vault-id" + title = "your-item-title" } diff --git a/examples/data-sources/onepassword_vault/data-source.tf b/examples/data-sources/onepassword_vault/data-source.tf index 275697cc..16c62c1c 100644 --- a/examples/data-sources/onepassword_vault/data-source.tf +++ b/examples/data-sources/onepassword_vault/data-source.tf @@ -1,3 +1,3 @@ data "onepassword_vault" "example" { - name = var.demo_vault + name = "your-vault-name" } \ No newline at end of file diff --git a/examples/main.tf b/examples/item/main.tf similarity index 63% rename from examples/main.tf rename to examples/item/main.tf index 97dd05f5..b1a7dcb1 100644 --- a/examples/main.tf +++ b/examples/item/main.tf @@ -2,19 +2,37 @@ terraform { required_providers { onepassword = { source = "1Password/onepassword" - version = "~> 1.3.0" + version = "~> 2.0.0" } } } -provider "onepassword" { - url = "http://localhost:8080" +data "onepassword_vault" "demo_vault" { + name = var.demo_vault +} + +resource "onepassword_item" "demo_login" { + vault = data.onepassword_vault.demo_vault.uuid + + title = "Demo Terraform Login Item" + category = "login" + username = "test@example.com" + + tags = ["Terraform", "Automation"] + + password_recipe { + length = 32 + digits = false + symbols = false + } + + note_value = "An item created with the 1Password Terraform provider" } resource "onepassword_item" "demo_password" { - vault = var.demo_vault + vault = data.onepassword_vault.demo_vault.uuid - title = "Demo Password Recipe" + title = "Demo Terraform Password Item" category = "password" password_recipe { @@ -33,20 +51,12 @@ resource "onepassword_item" "demo_password" { } } -resource "onepassword_item" "demo_login" { - vault = var.demo_vault - - title = "Demo Terraform Login" - category = "login" - username = "test@example.com" -} - resource "onepassword_item" "demo_db" { - vault = var.demo_vault + vault = data.onepassword_vault.demo_vault.uuid category = "database" type = "mysql" - title = "Demo TF Database" + title = "Demo Terraform Database Item" username = "root" database = "Example MySQL Instance" @@ -54,8 +64,20 @@ resource "onepassword_item" "demo_db" { port = 3306 } +resource "onepassword_item" "demo_secure_note" { + vault = data.onepassword_vault.demo_vault.uuid + + title = "Demo Terraform Secure Note Item" + category = "secure_note" + + note_value = <= 1.3.0 + i := slices.IndexFunc(files, func(f *onepassword.File) bool { + return f.ID == strings.Split(r.URL.Path, "/")[7] + }) + if i == -1 { + t.Errorf("file not found") + } + _, err := w.Write(fileBytes[i]) + if err != nil { + t.Errorf("error writing body: %s", err) + } } else { t.Errorf("Unexpected request: %s Consider adding this endpoint to the test server", r.URL.String()) } } else if r.Method == http.MethodPost { if r.URL.String() == fmt.Sprintf("/v1/vaults/%s/items", expectedItem.Vault.ID) { itemToReturn := convertBodyToItem(r, t) - itemField := onepassword.ItemField{ - Label: "password", - Value: "somepassword", + if itemToReturn.Category != onepassword.SecureNote { + itemField := onepassword.ItemField{ + Label: "password", + Value: "somepassword", + } + itemToReturn.Fields = append(itemToReturn.Fields, &itemField) } - itemToReturn.Fields = append(itemToReturn.Fields, &itemField) itemToReturn.ID = expectedItem.ID itemBytes, err := json.Marshal(itemToReturn) diff --git a/internal/provider/test_utils.go b/internal/provider/test_utils.go index ed721a1f..22446c75 100644 --- a/internal/provider/test_utils.go +++ b/internal/provider/test_utils.go @@ -1,6 +1,10 @@ package provider -import "github.com/1Password/connect-sdk-go/onepassword" +import ( + "fmt" + + "github.com/1Password/connect-sdk-go/onepassword" +) func generateBaseItem() onepassword.Item { item := onepassword.Item{} @@ -80,6 +84,51 @@ notes return &item } +func generateDocumentItem() *onepassword.Item { + item := generateBaseItem() + item.Category = onepassword.Document + item.Files = []*onepassword.File{ + { + ID: "ascii", + Name: "ascii", + ContentPath: fmt.Sprintf("/v1/vaults/%s/items/%s/files/%s/content", item.Vault.ID, item.ID, "ascii"), + }, + { + ID: "binary", + Name: "binary", + ContentPath: fmt.Sprintf("/v1/vaults/%s/items/%s/files/%s/content", item.Vault.ID, item.ID, "binary"), + }, + } + item.Files[0].SetContent([]byte("ascii")) + item.Files[1].SetContent([]byte{0xDE, 0xAD, 0xBE, 0xEF}) + + return &item +} + +func generateLoginItemWithFiles() *onepassword.Item { + item := generateItemWithSections() + item.Category = onepassword.Login + section := item.Sections[0] + item.Files = []*onepassword.File{ + { + ID: "ascii", + Name: "ascii", + Section: section, + ContentPath: fmt.Sprintf("/v1/vaults/%s/items/%s/files/%s/content", item.Vault.ID, item.ID, "ascii"), + }, + { + ID: "binary", + Name: "binary", + Section: section, + ContentPath: fmt.Sprintf("/v1/vaults/%s/items/%s/files/%s/content", item.Vault.ID, item.ID, "binary"), + }, + } + item.Files[0].SetContent([]byte("ascii")) + item.Files[1].SetContent([]byte{0xDE, 0xAD, 0xBE, 0xEF}) + + return item +} + func generateDatabaseFields() []*onepassword.ItemField { fields := []*onepassword.ItemField{ {