Merge pull request #111 from kestra-io/feat/api-token-support

feat(client): add API token variable for Kestra EE

docs/data-sources/namespace_file.md

@@ -25,14 +25,11 @@ data "kestra_namespace_file" "example" {
 
 ### Required
 
-- `content` (String) Content to store in the file, expected to be a UTF-8 encoded string.
 - `filename` (String) The filename to the namespace file.
 - `namespace` (String) The namespace of the namespace file resource.
 
-### Optional
-
-- `tenant_id` (String) The tenant id.
-
 ### Read-Only
 
+- `content` (String) Content to store in the file, expected to be a UTF-8 encoded string.
 - `id` (String) The ID of this resource.
+- `tenant_id` (String) The tenant id.

docs/index.md

@@ -3,11 +3,13 @@
 page_title: "kestra Provider"
 subcategory: ""
 description: |-
-
+  
 ---
 
 # kestra Provider
 
+
+
 ## Example Usage
 
 ```terraform
@@ -25,11 +27,11 @@ provider "kestra" {
   jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Iktlc3RyYS5pbyIsImlhdCI6MTUxNjIzOTAyMn0.hm2VKztDJP7CUsI69Th6Y5NLEQrXx7OErLXay55GD5U"
 
   # optional tenant id (EE)
-  tenant_id = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Iktlc3RyYS5pbyIsImlhdCI6MTUxNjIzOTAyMn0.hm2VKztDJP7CUsI69Th6Y5NLEQrXx7OErLXay55GD5U"
+  tenant_id = "the-tenant-id"
 
   # optional extra headers
   extra_headers = {
-    x-pipeline    = "*****"
+    x-pipeline = "*****"
     authorization = "Bearer *****"
   }
 }
@@ -40,7 +42,11 @@ provider "kestra" {
 
 ### Optional
 
-- `jwt` (String, Sensitive) Kestra JWT token
-- `password` (String, Sensitive) Kestra BasicAuth password
-- `url` (String) Kestra webserver/standalone full endpoint URL (without trailing slash)
-- `username` (String) Kestra BasicAuth username
+- `api_token` (String, Sensitive) The API token (EE)
+- `extra_headers` (Map of String) Extra headers to add to every request
+- `jwt` (String, Sensitive) The JWT token (EE)
+- `keep_original_source` (Boolean) Keep original source code, keeping comment and indentation.
+- `password` (String, Sensitive) The BasicAuth password
+- `tenant_id` (String) The tenant id (EE)
+- `url` (String) The endpoint url without trailing slash
+- `username` (String) The BasicAuth username

docs/resources/namespace_file.md

@@ -42,11 +42,11 @@ If the file already exists, it will be overridden with the given content.
 ### Optional
 
 - `content` (String) Content to store in the file, expected to be a UTF-8 encoded string.
-- `tenant_id` (String) The tenant id.
 
 ### Read-Only
 
 - `id` (String) The ID of this resource.
+- `tenant_id` (String) The tenant id.
 
 ## Import
 

internal/provider/client.go

@@ -4,13 +4,12 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
+	"github.com/json-iterator/go"
 	"io"
 	"io/ioutil"
 	"log"
 	"net/http"
 	"time"
-
-	"github.com/json-iterator/go"
 )
 
 const DefaultURL string = "http://localhost:8080"
@@ -21,6 +20,7 @@ type Client struct {
 	Username           *string
 	Password           *string
 	Jwt                *string
+	ApiToken           *string
 	ExtraHeader        *map[string]string
 	TenantId           *string
 	KeepOriginalSource *bool
@@ -31,7 +31,7 @@ type RequestError struct {
 	Err        error
 }
 
-func NewClient(url string, username *string, password *string, jwt *string, extraHeaders *interface{}, tenantId *string, keepOriginalSource *bool) (*Client, error) {
+func NewClient(url string, username *string, password *string, jwt *string, apiToken *string, extraHeaders *interface{}, tenantId *string, keepOriginalSource *bool) (*Client, error) {
 	c := Client{
 		HTTPClient: &http.Client{Timeout: 10 * time.Second},
 		Url:        DefaultURL,
@@ -49,6 +49,10 @@ func NewClient(url string, username *string, password *string, jwt *string, extr
 		c.Jwt = jwt
 	}
 
+	if apiToken != nil {
+		c.ApiToken = apiToken
+	}
+
 	if extraHeaders != nil {
 		m, ok := (*extraHeaders).(map[string]string)
 		if ok {
@@ -151,6 +155,11 @@ func (c *Client) rawResponseRequest(method string, req *http.Request) (int, []by
 		req.AddCookie(&http.Cookie{Name: "JWT", Value: *c.Jwt})
 	}
 
+	if c.ApiToken != nil {
+		bearer := "Bearer " + *c.ApiToken
+		req.Header.Set("Authorization", bearer)
+	}
+
 	if c.ExtraHeader != nil {
 		for key, value := range *c.ExtraHeader {
 			req.Header.Set(key, value)

internal/provider/provider.go

@@ -61,6 +61,13 @@ func New(version string, tenant *string) func() *schema.Provider {
 					Description: "The JWT token (EE)",
 					DefaultFunc: schema.EnvDefaultFunc("KESTRA_JWT", ""),
 				},
+				"api_token": &schema.Schema{
+					Type:        schema.TypeString,
+					Optional:    true,
+					Sensitive:   true,
+					Description: "The API token (EE)",
+					DefaultFunc: schema.EnvDefaultFunc("KESTRA_API_TOKEN", ""),
+				},
 				"extra_headers": &schema.Schema{
 					Type:        schema.TypeMap,
 					Optional:    true,
@@ -104,6 +111,7 @@ func New(version string, tenant *string) func() *schema.Provider {
 			username := d.Get("username").(string)
 			password := d.Get("password").(string)
 			jwt := d.Get("jwt").(string)
+			apiToken := d.Get("api_token").(string)
 			extraHeaders := d.Get("extra_headers")
 			keepOriginalSource := d.Get("keep_original_source").(bool)
 
@@ -116,7 +124,7 @@ func New(version string, tenant *string) func() *schema.Provider {
 
 			var diags diag.Diagnostics
 
-			c, err := NewClient(url, &username, &password, &jwt, &extraHeaders, &tenantId, &keepOriginalSource)
+			c, err := NewClient(url, &username, &password, &jwt, &apiToken, &extraHeaders, &tenantId, &keepOriginalSource)
 			if err != nil {
 				return nil, diag.FromErr(err)
 			}