From b5b096c52f26a589d46e73d02fc0b040c2954be2 Mon Sep 17 00:00:00 2001 From: pulumi-bot Date: Fri, 19 Jul 2024 03:45:21 +0000 Subject: [PATCH 1/2] make tfgen --- patches/0001-fork.patch | 2 +- .../bridge-metadata.json | 7 +- .../cmd/pulumi-resource-gitlab/schema.json | 107 ++++++++++++++---- provider/go.mod | 6 +- provider/go.sum | 8 +- upstream | 2 +- 6 files changed, 97 insertions(+), 35 deletions(-) diff --git a/patches/0001-fork.patch b/patches/0001-fork.patch index 07815597..af6d81bc 100644 --- a/patches/0001-fork.patch +++ b/patches/0001-fork.patch @@ -5,7 +5,7 @@ Subject: [PATCH] fork diff --git a/internal/provider/sdk/resource_gitlab_project.go b/internal/provider/sdk/resource_gitlab_project.go -index 79e7be15..84cbdcc6 100644 +index 54a23f4b..480bcd1e 100644 --- a/internal/provider/sdk/resource_gitlab_project.go +++ b/internal/provider/sdk/resource_gitlab_project.go @@ -398,33 +398,34 @@ var resourceGitLabProjectSchema = map[string]*schema.Schema{ diff --git a/provider/cmd/pulumi-resource-gitlab/bridge-metadata.json b/provider/cmd/pulumi-resource-gitlab/bridge-metadata.json index 0f13f79e..c9fea643 100644 --- a/provider/cmd/pulumi-resource-gitlab/bridge-metadata.json +++ b/provider/cmd/pulumi-resource-gitlab/bridge-metadata.json @@ -454,6 +454,10 @@ "current": "gitlab:index/projectRunnerEnablement:ProjectRunnerEnablement", "majorVersion": 8 }, + "gitlab_project_security_policy_attachment": { + "current": "gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment", + "majorVersion": 8 + }, "gitlab_project_share_group": { "current": "gitlab:index/projectShareGroup:ProjectShareGroup", "majorVersion": 8 @@ -1095,7 +1099,7 @@ "gitlab:index/integrationTelegram:IntegrationTelegram": 1, "gitlab:index/label:Label": 0, "gitlab:index/pagesDomain:PagesDomain": 1, - "gitlab:index/personalAccessToken:PersonalAccessToken": 0, + "gitlab:index/personalAccessToken:PersonalAccessToken": 1, "gitlab:index/pipelineSchedule:PipelineSchedule": 1, "gitlab:index/pipelineScheduleVariable:PipelineScheduleVariable": 0, "gitlab:index/pipelineTrigger:PipelineTrigger": 0, @@ -1122,6 +1126,7 @@ "gitlab:index/projectProtectedEnvironment:ProjectProtectedEnvironment": 1, "gitlab:index/projectPushRules:ProjectPushRules": 1, "gitlab:index/projectRunnerEnablement:ProjectRunnerEnablement": 0, + "gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment": 1, "gitlab:index/projectShareGroup:ProjectShareGroup": 0, "gitlab:index/projectTag:ProjectTag": 0, "gitlab:index/projectVariable:ProjectVariable": 0, diff --git a/provider/cmd/pulumi-resource-gitlab/schema.json b/provider/cmd/pulumi-resource-gitlab/schema.json index 05d9160b..c530c260 100644 --- a/provider/cmd/pulumi-resource-gitlab/schema.json +++ b/provider/cmd/pulumi-resource-gitlab/schema.json @@ -7916,7 +7916,8 @@ }, "token": { "type": "string", - "description": "The secret token for the agent. The `token` is not available in imported resources.\n" + "description": "The secret token for the agent. The `token` is not available in imported resources.\n", + "secret": true }, "tokenId": { "type": "integer", @@ -8001,7 +8002,8 @@ }, "token": { "type": "string", - "description": "The secret token for the agent. The `token` is not available in imported resources.\n" + "description": "The secret token for the agent. The `token` is not available in imported resources.\n", + "secret": true }, "tokenId": { "type": "integer", @@ -8118,7 +8120,7 @@ } }, "gitlab:index/deployKey:DeployKey": { - "description": "The `gitlab.DeployKey` resource allows to manage the lifecycle of a deploy key.\n\n\u003e To enable an already existing deploy key for another project use the `gitlab_project_deploy_key` resource.\n\n**Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/deploy_keys.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gitlab from \"@pulumi/gitlab\";\n\nconst example = new gitlab.DeployKey(\"example\", {\n project: \"example/deploying\",\n title: \"Example deploy key\",\n key: \"ssh-ed25519 AAAA...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gitlab as gitlab\n\nexample = gitlab.DeployKey(\"example\",\n project=\"example/deploying\",\n title=\"Example deploy key\",\n key=\"ssh-ed25519 AAAA...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing GitLab = Pulumi.GitLab;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new GitLab.DeployKey(\"example\", new()\n {\n Project = \"example/deploying\",\n Title = \"Example deploy key\",\n Key = \"ssh-ed25519 AAAA...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gitlab.NewDeployKey(ctx, \"example\", \u0026gitlab.DeployKeyArgs{\n\t\t\tProject: pulumi.String(\"example/deploying\"),\n\t\t\tTitle: pulumi.String(\"Example deploy key\"),\n\t\t\tKey: pulumi.String(\"ssh-ed25519 AAAA...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gitlab.DeployKey;\nimport com.pulumi.gitlab.DeployKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DeployKey(\"example\", DeployKeyArgs.builder()\n .project(\"example/deploying\")\n .title(\"Example deploy key\")\n .key(\"ssh-ed25519 AAAA...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gitlab:DeployKey\n properties:\n project: example/deploying\n title: Example deploy key\n key: ssh-ed25519 AAAA...\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nGitLab deploy keys can be imported using an id made up of `{project_id}:{deploy_key_id}`, e.g.\n\n`project_id` can be whatever the [get single project api][get_single_project] takes for\n\nits `:id` value, so for example:\n\n```sh\n$ pulumi import gitlab:index/deployKey:DeployKey test 1:3\n```\n\n```sh\n$ pulumi import gitlab:index/deployKey:DeployKey test richardc/example:3\n```\n\n", + "description": "The `gitlab.DeployKey` resource allows to manage the lifecycle of a deploy key.\n\n\u003e To enable an already existing deploy key for another project use the `gitlab.DeployKeyEnable` resource.\n\n**Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/deploy_keys.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gitlab from \"@pulumi/gitlab\";\n\nconst example = new gitlab.DeployKey(\"example\", {\n project: \"example/deploying\",\n title: \"Example deploy key\",\n key: \"ssh-ed25519 AAAA...\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gitlab as gitlab\n\nexample = gitlab.DeployKey(\"example\",\n project=\"example/deploying\",\n title=\"Example deploy key\",\n key=\"ssh-ed25519 AAAA...\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing GitLab = Pulumi.GitLab;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new GitLab.DeployKey(\"example\", new()\n {\n Project = \"example/deploying\",\n Title = \"Example deploy key\",\n Key = \"ssh-ed25519 AAAA...\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gitlab.NewDeployKey(ctx, \"example\", \u0026gitlab.DeployKeyArgs{\n\t\t\tProject: pulumi.String(\"example/deploying\"),\n\t\t\tTitle: pulumi.String(\"Example deploy key\"),\n\t\t\tKey: pulumi.String(\"ssh-ed25519 AAAA...\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gitlab.DeployKey;\nimport com.pulumi.gitlab.DeployKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DeployKey(\"example\", DeployKeyArgs.builder()\n .project(\"example/deploying\")\n .title(\"Example deploy key\")\n .key(\"ssh-ed25519 AAAA...\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gitlab:DeployKey\n properties:\n project: example/deploying\n title: Example deploy key\n key: ssh-ed25519 AAAA...\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nGitLab deploy keys can be imported using an id made up of `{project_id}:{deploy_key_id}`, e.g.\n\n`project_id` can be whatever the [get single project api][get_single_project] takes for\n\nits `:id` value, so for example:\n\n```sh\n$ pulumi import gitlab:index/deployKey:DeployKey test 1:3\n```\n\n```sh\n$ pulumi import gitlab:index/deployKey:DeployKey test richardc/example:3\n```\n\n", "properties": { "canPush": { "type": "boolean", @@ -13292,7 +13294,7 @@ } }, "gitlab:index/personalAccessToken:PersonalAccessToken": { - "description": "The `gitlab.PersonalAccessToken` resource allows to manage the lifecycle of a personal access token for a specified user.\n\n\u003e This resource requires administration privileges.\n\n**Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gitlab from \"@pulumi/gitlab\";\n\nconst example = new gitlab.PersonalAccessToken(\"example\", {\n userId: 25,\n name: \"Example personal access token\",\n expiresAt: \"2020-03-14\",\n scopes: [\"api\"],\n});\nconst exampleProjectVariable = new gitlab.ProjectVariable(\"example\", {\n project: exampleGitlabProject.id,\n key: \"pat\",\n value: example.token,\n});\n```\n```python\nimport pulumi\nimport pulumi_gitlab as gitlab\n\nexample = gitlab.PersonalAccessToken(\"example\",\n user_id=25,\n name=\"Example personal access token\",\n expires_at=\"2020-03-14\",\n scopes=[\"api\"])\nexample_project_variable = gitlab.ProjectVariable(\"example\",\n project=example_gitlab_project[\"id\"],\n key=\"pat\",\n value=example.token)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing GitLab = Pulumi.GitLab;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new GitLab.PersonalAccessToken(\"example\", new()\n {\n UserId = 25,\n Name = \"Example personal access token\",\n ExpiresAt = \"2020-03-14\",\n Scopes = new[]\n {\n \"api\",\n },\n });\n\n var exampleProjectVariable = new GitLab.ProjectVariable(\"example\", new()\n {\n Project = exampleGitlabProject.Id,\n Key = \"pat\",\n Value = example.Token,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := gitlab.NewPersonalAccessToken(ctx, \"example\", \u0026gitlab.PersonalAccessTokenArgs{\n\t\t\tUserId: pulumi.Int(25),\n\t\t\tName: pulumi.String(\"Example personal access token\"),\n\t\t\tExpiresAt: pulumi.String(\"2020-03-14\"),\n\t\t\tScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gitlab.NewProjectVariable(ctx, \"example\", \u0026gitlab.ProjectVariableArgs{\n\t\t\tProject: pulumi.Any(exampleGitlabProject.Id),\n\t\t\tKey: pulumi.String(\"pat\"),\n\t\t\tValue: example.Token,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gitlab.PersonalAccessToken;\nimport com.pulumi.gitlab.PersonalAccessTokenArgs;\nimport com.pulumi.gitlab.ProjectVariable;\nimport com.pulumi.gitlab.ProjectVariableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PersonalAccessToken(\"example\", PersonalAccessTokenArgs.builder()\n .userId(\"25\")\n .name(\"Example personal access token\")\n .expiresAt(\"2020-03-14\")\n .scopes(\"api\")\n .build());\n\n var exampleProjectVariable = new ProjectVariable(\"exampleProjectVariable\", ProjectVariableArgs.builder()\n .project(exampleGitlabProject.id())\n .key(\"pat\")\n .value(example.token())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gitlab:PersonalAccessToken\n properties:\n userId: '25'\n name: Example personal access token\n expiresAt: 2020-03-14\n scopes:\n - api\n exampleProjectVariable:\n type: gitlab:ProjectVariable\n name: example\n properties:\n project: ${exampleGitlabProject.id}\n key: pat\n value: ${example.token}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nA GitLab Personal Access Token can be imported using a key composed of `\u003cuser-id\u003e:\u003ctoken-id\u003e`, e.g.\n\n```sh\n$ pulumi import gitlab:index/personalAccessToken:PersonalAccessToken example \"12345:1\"\n```\n\nNOTE: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.\n\n", + "description": "The `gitlab.PersonalAccessToken` resource allows to manage the lifecycle of a personal access token.\n\n\u003e This resource requires administration privileges.\n\n\u003e Use of the `timestamp()` function with expires_at will cause the resource to be re-created with every apply, it's recommended to use `plantimestamp()` or a static value instead.\n\n\u003e Observability scopes are in beta and may not work on all instances. See more details in [the documentation](https://docs.gitlab.com/ee/operations/tracing.html)\n\n\u003e Due to [Automatic reuse detection](https://docs.gitlab.com/ee/api/personal_access_tokens.html#automatic-reuse-detection) it's possible that a new Personal Access Token will immediately be revoked. Check if an old process using the old token is running if this happens.\n\n**Upstream API**: [GitLab API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gitlab from \"@pulumi/gitlab\";\n\nconst example = new gitlab.PersonalAccessToken(\"example\", {\n userId: 25,\n name: \"Example personal access token\",\n expiresAt: \"2020-03-14\",\n scopes: [\"api\"],\n});\nconst exampleProjectVariable = new gitlab.ProjectVariable(\"example\", {\n project: exampleGitlabProject.id,\n key: \"pat\",\n value: example.token,\n});\n```\n```python\nimport pulumi\nimport pulumi_gitlab as gitlab\n\nexample = gitlab.PersonalAccessToken(\"example\",\n user_id=25,\n name=\"Example personal access token\",\n expires_at=\"2020-03-14\",\n scopes=[\"api\"])\nexample_project_variable = gitlab.ProjectVariable(\"example\",\n project=example_gitlab_project[\"id\"],\n key=\"pat\",\n value=example.token)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing GitLab = Pulumi.GitLab;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new GitLab.PersonalAccessToken(\"example\", new()\n {\n UserId = 25,\n Name = \"Example personal access token\",\n ExpiresAt = \"2020-03-14\",\n Scopes = new[]\n {\n \"api\",\n },\n });\n\n var exampleProjectVariable = new GitLab.ProjectVariable(\"example\", new()\n {\n Project = exampleGitlabProject.Id,\n Key = \"pat\",\n Value = example.Token,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := gitlab.NewPersonalAccessToken(ctx, \"example\", \u0026gitlab.PersonalAccessTokenArgs{\n\t\t\tUserId: pulumi.Int(25),\n\t\t\tName: pulumi.String(\"Example personal access token\"),\n\t\t\tExpiresAt: pulumi.String(\"2020-03-14\"),\n\t\t\tScopes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gitlab.NewProjectVariable(ctx, \"example\", \u0026gitlab.ProjectVariableArgs{\n\t\t\tProject: pulumi.Any(exampleGitlabProject.Id),\n\t\t\tKey: pulumi.String(\"pat\"),\n\t\t\tValue: example.Token,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gitlab.PersonalAccessToken;\nimport com.pulumi.gitlab.PersonalAccessTokenArgs;\nimport com.pulumi.gitlab.ProjectVariable;\nimport com.pulumi.gitlab.ProjectVariableArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PersonalAccessToken(\"example\", PersonalAccessTokenArgs.builder()\n .userId(\"25\")\n .name(\"Example personal access token\")\n .expiresAt(\"2020-03-14\")\n .scopes(\"api\")\n .build());\n\n var exampleProjectVariable = new ProjectVariable(\"exampleProjectVariable\", ProjectVariableArgs.builder()\n .project(exampleGitlabProject.id())\n .key(\"pat\")\n .value(example.token())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gitlab:PersonalAccessToken\n properties:\n userId: '25'\n name: Example personal access token\n expiresAt: 2020-03-14\n scopes:\n - api\n exampleProjectVariable:\n type: gitlab:ProjectVariable\n name: example\n properties:\n project: ${exampleGitlabProject.id}\n key: pat\n value: ${example.token}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nA GitLab Personal Access Token can be imported using a key composed of `\u003cuser-id\u003e:\u003ctoken-id\u003e`, e.g.\n\n```sh\n$ pulumi import gitlab:index/personalAccessToken:PersonalAccessToken example \"12345:1\"\n```\n\nNOTE: the `token` resource attribute is not available for imported resources as this information cannot be read from the GitLab API.\n\n", "properties": { "active": { "type": "boolean", @@ -13304,7 +13306,7 @@ }, "expiresAt": { "type": "string", - "description": "The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD.\n" + "description": "When the token will expire, YYYY-MM-DD format.\n" }, "name": { "type": "string", @@ -13319,16 +13321,16 @@ "items": { "type": "string" }, - "description": "The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`.\n" + "description": "The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping`\n" }, "token": { "type": "string", - "description": "The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources.\n", + "description": "The token of the personal access token. **Note**: the token is not available for imported resources.\n", "secret": true }, "userId": { "type": "integer", - "description": "The id of the user.\n" + "description": "The ID of the user.\n" } }, "required": [ @@ -13344,26 +13346,22 @@ "inputProperties": { "expiresAt": { "type": "string", - "description": "The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD.\n", - "willReplaceOnChanges": true + "description": "When the token will expire, YYYY-MM-DD format.\n" }, "name": { "type": "string", - "description": "The name of the personal access token.\n", - "willReplaceOnChanges": true + "description": "The name of the personal access token.\n" }, "scopes": { "type": "array", "items": { "type": "string" }, - "description": "The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`.\n", - "willReplaceOnChanges": true + "description": "The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping`\n" }, "userId": { "type": "integer", - "description": "The id of the user.\n", - "willReplaceOnChanges": true + "description": "The ID of the user.\n" } }, "requiredInputs": [ @@ -13383,13 +13381,11 @@ }, "expiresAt": { "type": "string", - "description": "The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD.\n", - "willReplaceOnChanges": true + "description": "When the token will expire, YYYY-MM-DD format.\n" }, "name": { "type": "string", - "description": "The name of the personal access token.\n", - "willReplaceOnChanges": true + "description": "The name of the personal access token.\n" }, "revoked": { "type": "boolean", @@ -13400,18 +13396,16 @@ "items": { "type": "string" }, - "description": "The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`.\n", - "willReplaceOnChanges": true + "description": "The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping`\n" }, "token": { "type": "string", - "description": "The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources.\n", + "description": "The token of the personal access token. **Note**: the token is not available for imported resources.\n", "secret": true }, "userId": { "type": "integer", - "description": "The id of the user.\n", - "willReplaceOnChanges": true + "description": "The ID of the user.\n" } }, "type": "object" @@ -17971,6 +17965,69 @@ "type": "object" } }, + "gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment": { + "description": "The `gitlab.ProjectSecurityPolicyAttachment` resource allows to attach a security policy project to a project.\n\n**Upstream API**: [GitLab GraphQL API docs](https://docs.gitlab.com/ee/api/graphql/reference/index.html#mutationsecuritypolicyprojectassign)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gitlab from \"@pulumi/gitlab\";\n\n// This resource can be used to attach a security policy to a pre-existing project\nconst foo = new gitlab.ProjectSecurityPolicyAttachment(\"foo\", {\n project: \"1234\",\n policyProject: \"4567\",\n});\n// Or you can use Terraform to create a new project, add a policy to that project,\n// then attach that policy project to other projects.\nconst my_policy_project = new gitlab.Project(\"my-policy-project\", {name: \"security-policy-project\"});\nconst policy_yml = new gitlab.RepositoryFile(\"policy-yml\", {\n project: my_policy_project.id,\n filePath: \".gitlab/security-policies/my-policy.yml\",\n branch: \"master\",\n encoding: \"text\",\n content: `---\napproval_policy:\n- name: test\ndescription: test\nenabled: true\nrules:\n- type: any_merge_request\n branch_type: protected\n commits: any\napproval_settings:\n block_branch_modification: true\n prevent_pushing_and_force_pushing: true\n prevent_approval_by_author: true\n prevent_approval_by_commit_author: true\n remove_approvals_with_new_commit: true\n require_password_to_approve: false\nfallback_behavior:\n fail: closed\nactions:\n- type: send_bot_message\n enabled: true\n`,\n});\nconst my_policy = new gitlab.index.ProjectSecurityPolicy(\"my-policy\", {\n project: 1234,\n policyProject: my_policy_project.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_gitlab as gitlab\n\n# This resource can be used to attach a security policy to a pre-existing project\nfoo = gitlab.ProjectSecurityPolicyAttachment(\"foo\",\n project=\"1234\",\n policy_project=\"4567\")\n# Or you can use Terraform to create a new project, add a policy to that project,\n# then attach that policy project to other projects.\nmy_policy_project = gitlab.Project(\"my-policy-project\", name=\"security-policy-project\")\npolicy_yml = gitlab.RepositoryFile(\"policy-yml\",\n project=my_policy_project.id,\n file_path=\".gitlab/security-policies/my-policy.yml\",\n branch=\"master\",\n encoding=\"text\",\n content=\"\"\"---\napproval_policy:\n- name: test\ndescription: test\nenabled: true\nrules:\n- type: any_merge_request\n branch_type: protected\n commits: any\napproval_settings:\n block_branch_modification: true\n prevent_pushing_and_force_pushing: true\n prevent_approval_by_author: true\n prevent_approval_by_commit_author: true\n remove_approvals_with_new_commit: true\n require_password_to_approve: false\nfallback_behavior:\n fail: closed\nactions:\n- type: send_bot_message\n enabled: true\n\"\"\")\nmy_policy = gitlab.index.ProjectSecurityPolicy(\"my-policy\",\n project=1234,\n policy_project=my_policy_project.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing GitLab = Pulumi.GitLab;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // This resource can be used to attach a security policy to a pre-existing project\n var foo = new GitLab.ProjectSecurityPolicyAttachment(\"foo\", new()\n {\n Project = \"1234\",\n PolicyProject = \"4567\",\n });\n\n // Or you can use Terraform to create a new project, add a policy to that project,\n // then attach that policy project to other projects.\n var my_policy_project = new GitLab.Project(\"my-policy-project\", new()\n {\n Name = \"security-policy-project\",\n });\n\n var policy_yml = new GitLab.RepositoryFile(\"policy-yml\", new()\n {\n Project = my_policy_project.Id,\n FilePath = \".gitlab/security-policies/my-policy.yml\",\n Branch = \"master\",\n Encoding = \"text\",\n Content = @\"---\napproval_policy:\n- name: test\ndescription: test\nenabled: true\nrules:\n- type: any_merge_request\n branch_type: protected\n commits: any\napproval_settings:\n block_branch_modification: true\n prevent_pushing_and_force_pushing: true\n prevent_approval_by_author: true\n prevent_approval_by_commit_author: true\n remove_approvals_with_new_commit: true\n require_password_to_approve: false\nfallback_behavior:\n fail: closed\nactions:\n- type: send_bot_message\n enabled: true\n\",\n });\n\n var my_policy = new GitLab.Index.ProjectSecurityPolicy(\"my-policy\", new()\n {\n Project = 1234,\n PolicyProject = my_policy_project.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// This resource can be used to attach a security policy to a pre-existing project\n\t\t_, err := gitlab.NewProjectSecurityPolicyAttachment(ctx, \"foo\", \u0026gitlab.ProjectSecurityPolicyAttachmentArgs{\n\t\t\tProject: pulumi.String(\"1234\"),\n\t\t\tPolicyProject: pulumi.String(\"4567\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Or you can use Terraform to create a new project, add a policy to that project,\n\t\t// then attach that policy project to other projects.\n\t\t_, err = gitlab.NewProject(ctx, \"my-policy-project\", \u0026gitlab.ProjectArgs{\n\t\t\tName: pulumi.String(\"security-policy-project\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gitlab.NewRepositoryFile(ctx, \"policy-yml\", \u0026gitlab.RepositoryFileArgs{\n\t\t\tProject: my_policy_project.ID(),\n\t\t\tFilePath: pulumi.String(\".gitlab/security-policies/my-policy.yml\"),\n\t\t\tBranch: pulumi.String(\"master\"),\n\t\t\tEncoding: pulumi.String(\"text\"),\n\t\t\tContent: pulumi.String(`---\napproval_policy:\n- name: test\ndescription: test\nenabled: true\nrules:\n- type: any_merge_request\n branch_type: protected\n commits: any\napproval_settings:\n block_branch_modification: true\n prevent_pushing_and_force_pushing: true\n prevent_approval_by_author: true\n prevent_approval_by_commit_author: true\n remove_approvals_with_new_commit: true\n require_password_to_approve: false\nfallback_behavior:\n fail: closed\nactions:\n- type: send_bot_message\n enabled: true\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = gitlab.NewProjectSecurityPolicy(ctx, \"my-policy\", \u0026gitlab.ProjectSecurityPolicyArgs{\n\t\t\tProject: 1234,\n\t\t\tPolicyProject: my_policy_project.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gitlab.ProjectSecurityPolicyAttachment;\nimport com.pulumi.gitlab.ProjectSecurityPolicyAttachmentArgs;\nimport com.pulumi.gitlab.Project;\nimport com.pulumi.gitlab.ProjectArgs;\nimport com.pulumi.gitlab.RepositoryFile;\nimport com.pulumi.gitlab.RepositoryFileArgs;\nimport com.pulumi.gitlab.projectSecurityPolicy;\nimport com.pulumi.gitlab.ProjectSecurityPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // This resource can be used to attach a security policy to a pre-existing project\n var foo = new ProjectSecurityPolicyAttachment(\"foo\", ProjectSecurityPolicyAttachmentArgs.builder()\n .project(1234)\n .policyProject(4567)\n .build());\n\n // Or you can use Terraform to create a new project, add a policy to that project,\n // then attach that policy project to other projects.\n var my_policy_project = new Project(\"my-policy-project\", ProjectArgs.builder()\n .name(\"security-policy-project\")\n .build());\n\n var policy_yml = new RepositoryFile(\"policy-yml\", RepositoryFileArgs.builder()\n .project(my_policy_project.id())\n .filePath(\".gitlab/security-policies/my-policy.yml\")\n .branch(\"master\")\n .encoding(\"text\")\n .content(\"\"\"\n---\napproval_policy:\n- name: test\ndescription: test\nenabled: true\nrules:\n- type: any_merge_request\n branch_type: protected\n commits: any\napproval_settings:\n block_branch_modification: true\n prevent_pushing_and_force_pushing: true\n prevent_approval_by_author: true\n prevent_approval_by_commit_author: true\n remove_approvals_with_new_commit: true\n require_password_to_approve: false\nfallback_behavior:\n fail: closed\nactions:\n- type: send_bot_message\n enabled: true\n \"\"\")\n .build());\n\n var my_policy = new ProjectSecurityPolicy(\"my-policy\", ProjectSecurityPolicyArgs.builder()\n .project(1234)\n .policyProject(my_policy_project.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # This resource can be used to attach a security policy to a pre-existing project\n foo:\n type: gitlab:ProjectSecurityPolicyAttachment\n properties:\n project: 1234\n policyProject: 4567\n # Or you can use Terraform to create a new project, add a policy to that project,\n # then attach that policy project to other projects.\n my-policy-project:\n type: gitlab:Project\n properties:\n name: security-policy-project\n policy-yml:\n type: gitlab:RepositoryFile\n properties:\n project: ${[\"my-policy-project\"].id}\n filePath: .gitlab/security-policies/my-policy.yml\n branch: master\n encoding: text\n content: |\n ---\n approval_policy:\n - name: test\n description: test\n enabled: true\n rules:\n - type: any_merge_request\n branch_type: protected\n commits: any\n approval_settings:\n block_branch_modification: true\n prevent_pushing_and_force_pushing: true\n prevent_approval_by_author: true\n prevent_approval_by_commit_author: true\n remove_approvals_with_new_commit: true\n require_password_to_approve: false\n fallback_behavior:\n fail: closed\n actions:\n - type: send_bot_message\n enabled: true\n my-policy:\n type: gitlab:projectSecurityPolicy\n properties:\n project: 1234\n policyProject: ${[\"my-policy-project\"].id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nGitLab project security policy attachments can be imported using an id made up of `project:policy_project_id` where the policy project ID is the project ID of the policy project, e.g.\n\n```sh\n$ pulumi import gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment foo 1:2\n```\n\n", + "properties": { + "policyProject": { + "type": "string", + "description": "The ID or Full Path of the security policy project.\n" + }, + "policyProjectGraphqlId": { + "type": "string", + "description": "The GraphQL ID of the security policy project.\n" + }, + "project": { + "type": "string", + "description": "The ID or Full Path of the project which will have the security policy project assigned to it.\n" + }, + "projectGraphqlId": { + "type": "string", + "description": "The GraphQL ID of the project to which the security policty project will be attached.\n" + } + }, + "required": [ + "policyProject", + "policyProjectGraphqlId", + "project", + "projectGraphqlId" + ], + "inputProperties": { + "policyProject": { + "type": "string", + "description": "The ID or Full Path of the security policy project.\n" + }, + "project": { + "type": "string", + "description": "The ID or Full Path of the project which will have the security policy project assigned to it.\n" + } + }, + "requiredInputs": [ + "policyProject", + "project" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering ProjectSecurityPolicyAttachment resources.\n", + "properties": { + "policyProject": { + "type": "string", + "description": "The ID or Full Path of the security policy project.\n" + }, + "policyProjectGraphqlId": { + "type": "string", + "description": "The GraphQL ID of the security policy project.\n" + }, + "project": { + "type": "string", + "description": "The ID or Full Path of the project which will have the security policy project assigned to it.\n" + }, + "projectGraphqlId": { + "type": "string", + "description": "The GraphQL ID of the project to which the security policty project will be attached.\n" + } + }, + "type": "object" + } + }, "gitlab:index/projectShareGroup:ProjectShareGroup": { "description": "The `gitlab.ProjectShareGroup` resource allows to manage the lifecycle of project shared with a group.\n\n**Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/projects.html#share-project-with-group)\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gitlab from \"@pulumi/gitlab\";\n\nconst test = new gitlab.ProjectShareGroup(\"test\", {\n project: \"12345\",\n groupId: 1337,\n groupAccess: \"guest\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gitlab as gitlab\n\ntest = gitlab.ProjectShareGroup(\"test\",\n project=\"12345\",\n group_id=1337,\n group_access=\"guest\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing GitLab = Pulumi.GitLab;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new GitLab.ProjectShareGroup(\"test\", new()\n {\n Project = \"12345\",\n GroupId = 1337,\n GroupAccess = \"guest\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gitlab.NewProjectShareGroup(ctx, \"test\", \u0026gitlab.ProjectShareGroupArgs{\n\t\t\tProject: pulumi.String(\"12345\"),\n\t\t\tGroupId: pulumi.Int(1337),\n\t\t\tGroupAccess: pulumi.String(\"guest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gitlab.ProjectShareGroup;\nimport com.pulumi.gitlab.ProjectShareGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ProjectShareGroup(\"test\", ProjectShareGroupArgs.builder()\n .project(\"12345\")\n .groupId(1337)\n .groupAccess(\"guest\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: gitlab:ProjectShareGroup\n properties:\n project: '12345'\n groupId: 1337\n groupAccess: guest\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nGitLab project group shares can be imported using an id made up of `projectid:groupid`, e.g.\n\n```sh\n$ pulumi import gitlab:index/projectShareGroup:ProjectShareGroup test 12345:1337\n```\n\n", "properties": { diff --git a/provider/go.mod b/provider/go.mod index 48484e95..67c02d59 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -1,6 +1,6 @@ module github.com/pulumi/pulumi-gitlab/provider/v8 -go 1.22.4 +go 1.22.5 require ( github.com/pulumi/providertest v0.0.13 @@ -128,7 +128,7 @@ require ( github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 // indirect github.com/hashicorp/logutils v1.0.0 // indirect github.com/hashicorp/terraform-plugin-framework v1.10.0 // indirect - github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 // indirect + github.com/hashicorp/terraform-plugin-framework-validators v0.13.0 // indirect github.com/hashicorp/terraform-plugin-go v0.23.0 // indirect github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect github.com/hashicorp/terraform-plugin-mux v0.16.0 // indirect @@ -213,7 +213,7 @@ require ( github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect - github.com/xanzy/go-gitlab v0.105.0 // indirect + github.com/xanzy/go-gitlab v0.106.0 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect diff --git a/provider/go.sum b/provider/go.sum index f240835b..3211c29b 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -1680,8 +1680,8 @@ github.com/hashicorp/terraform-json v0.22.1 h1:xft84GZR0QzjPVWs4lRUwvTcPnegqlyS7 github.com/hashicorp/terraform-json v0.22.1/go.mod h1:JbWSQCLFSXFFhg42T7l9iJwdGXBYV8fmmD6o/ML4p3A= github.com/hashicorp/terraform-plugin-framework v1.10.0 h1:xXhICE2Fns1RYZxEQebwkB2+kXouLC932Li9qelozrc= github.com/hashicorp/terraform-plugin-framework v1.10.0/go.mod h1:qBXLDn69kM97NNVi/MQ9qgd1uWWsVftGSnygYG1tImM= -github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 h1:HOjBuMbOEzl7snOdOoUfE2Jgeto6JOjLVQ39Ls2nksc= -github.com/hashicorp/terraform-plugin-framework-validators v0.12.0/go.mod h1:jfHGE/gzjxYz6XoUwi/aYiiKrJDeutQNUtGQXkaHklg= +github.com/hashicorp/terraform-plugin-framework-validators v0.13.0 h1:bxZfGo9DIUoLLtHMElsu+zwqI4IsMZQBRRy4iLzZJ8E= +github.com/hashicorp/terraform-plugin-framework-validators v0.13.0/go.mod h1:wGeI02gEhj9nPANU62F2jCaHjXulejm/X+af4PdZaNo= github.com/hashicorp/terraform-plugin-go v0.22.0/go.mod h1:mPULV91VKss7sik6KFEcEu7HuTogMLLO/EvWCuFkRVE= github.com/hashicorp/terraform-plugin-go v0.23.0 h1:AALVuU1gD1kPb48aPQUjug9Ir/125t+AAurhqphJ2Co= github.com/hashicorp/terraform-plugin-go v0.23.0/go.mod h1:1E3Cr9h2vMlahWMbsSEcNrOCxovCZhOOIXjFHbjc/lQ= @@ -2080,8 +2080,8 @@ github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21 github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= -github.com/xanzy/go-gitlab v0.105.0 h1:3nyLq0ESez0crcaM19o5S//SvezOQguuIHZ3wgX64hM= -github.com/xanzy/go-gitlab v0.105.0/go.mod h1:ETg8tcj4OhrB84UEgeE8dSuV/0h4BBL1uOV/qK0vlyI= +github.com/xanzy/go-gitlab v0.106.0 h1:EDfD03K74cIlQo2EducfiupVrip+Oj02bq9ofw5F8sA= +github.com/xanzy/go-gitlab v0.106.0/go.mod h1:ETg8tcj4OhrB84UEgeE8dSuV/0h4BBL1uOV/qK0vlyI= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= diff --git a/upstream b/upstream index 0f730e77..f3026b0a 160000 --- a/upstream +++ b/upstream @@ -1 +1 @@ -Subproject commit 0f730e77a14f3955dff58cadd36b513dca1c2d78 +Subproject commit f3026b0a5a0f7f6fb88a27e82da26840247fe22e From 4fc47172aa72852222fd0e5d50b109d53222323a Mon Sep 17 00:00:00 2001 From: pulumi-bot Date: Fri, 19 Jul 2024 03:47:39 +0000 Subject: [PATCH 2/2] make build_sdks --- sdk/dotnet/ClusterAgentToken.cs | 18 +- sdk/dotnet/DeployKey.cs | 2 +- sdk/dotnet/PersonalAccessToken.cs | 32 +- sdk/dotnet/ProjectSecurityPolicyAttachment.cs | 210 ++++++++++ sdk/go/gitlab/clusterAgentToken.go | 4 + sdk/go/gitlab/deployKey.go | 2 +- sdk/go/gitlab/init.go | 7 + sdk/go/gitlab/personalAccessToken.go | 54 +-- .../gitlab/projectSecurityPolicyAttachment.go | 351 +++++++++++++++++ .../com/pulumi/gitlab/ClusterAgentToken.java | 4 + .../java/com/pulumi/gitlab/DeployKey.java | 2 +- .../pulumi/gitlab/PersonalAccessToken.java | 26 +- .../gitlab/PersonalAccessTokenArgs.java | 26 +- .../ProjectSecurityPolicyAttachment.java | 221 +++++++++++ .../ProjectSecurityPolicyAttachmentArgs.java | 125 ++++++ .../inputs/PersonalAccessTokenState.java | 34 +- .../ProjectSecurityPolicyAttachmentState.java | 194 ++++++++++ sdk/nodejs/clusterAgentToken.ts | 2 + sdk/nodejs/deployKey.ts | 2 +- sdk/nodejs/index.ts | 8 + sdk/nodejs/personalAccessToken.ts | 32 +- sdk/nodejs/projectSecurityPolicyAttachment.ts | 182 +++++++++ sdk/nodejs/tsconfig.json | 1 + sdk/python/pulumi_gitlab/__init__.py | 9 + .../pulumi_gitlab/cluster_agent_token.py | 2 + sdk/python/pulumi_gitlab/deploy_key.py | 4 +- .../pulumi_gitlab/personal_access_token.py | 70 ++-- .../project_security_policy_attachment.py | 360 ++++++++++++++++++ 28 files changed, 1857 insertions(+), 127 deletions(-) create mode 100644 sdk/dotnet/ProjectSecurityPolicyAttachment.cs create mode 100644 sdk/go/gitlab/projectSecurityPolicyAttachment.go create mode 100644 sdk/java/src/main/java/com/pulumi/gitlab/ProjectSecurityPolicyAttachment.java create mode 100644 sdk/java/src/main/java/com/pulumi/gitlab/ProjectSecurityPolicyAttachmentArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gitlab/inputs/ProjectSecurityPolicyAttachmentState.java create mode 100644 sdk/nodejs/projectSecurityPolicyAttachment.ts create mode 100644 sdk/python/pulumi_gitlab/project_security_policy_attachment.py diff --git a/sdk/dotnet/ClusterAgentToken.cs b/sdk/dotnet/ClusterAgentToken.cs index 29a2ff15..94a57315 100644 --- a/sdk/dotnet/ClusterAgentToken.cs +++ b/sdk/dotnet/ClusterAgentToken.cs @@ -177,6 +177,10 @@ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? var defaultOptions = new CustomResourceOptions { Version = Utilities.Version, + AdditionalSecretOutputs = + { + "token", + }, }; var merged = CustomResourceOptions.Merge(defaultOptions, options); // Override the ID if one was specified for consistency with other language SDKs. @@ -280,11 +284,21 @@ public sealed class ClusterAgentTokenState : global::Pulumi.ResourceArgs [Input("status")] public Input? Status { get; set; } + [Input("token")] + private Input? _token; + /// /// The secret token for the agent. The `token` is not available in imported resources. /// - [Input("token")] - public Input? Token { get; set; } + public Input? Token + { + get => _token; + set + { + var emptySecret = Output.CreateSecret(0); + _token = Output.Tuple?, int>(value, emptySecret).Apply(t => t.Item1); + } + } /// /// The ID of the token. diff --git a/sdk/dotnet/DeployKey.cs b/sdk/dotnet/DeployKey.cs index f7ca8c59..d4861d37 100644 --- a/sdk/dotnet/DeployKey.cs +++ b/sdk/dotnet/DeployKey.cs @@ -12,7 +12,7 @@ namespace Pulumi.GitLab /// /// The `gitlab.DeployKey` resource allows to manage the lifecycle of a deploy key. /// - /// > To enable an already existing deploy key for another project use the `gitlab_project_deploy_key` resource. + /// > To enable an already existing deploy key for another project use the `gitlab.DeployKeyEnable` resource. /// /// **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/deploy_keys.html) /// diff --git a/sdk/dotnet/PersonalAccessToken.cs b/sdk/dotnet/PersonalAccessToken.cs index f2d19405..ac9ab3d4 100644 --- a/sdk/dotnet/PersonalAccessToken.cs +++ b/sdk/dotnet/PersonalAccessToken.cs @@ -10,11 +10,17 @@ namespace Pulumi.GitLab { /// - /// The `gitlab.PersonalAccessToken` resource allows to manage the lifecycle of a personal access token for a specified user. + /// The `gitlab.PersonalAccessToken` resource allows to manage the lifecycle of a personal access token. /// /// > This resource requires administration privileges. /// - /// **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) + /// > Use of the `timestamp()` function with expires_at will cause the resource to be re-created with every apply, it's recommended to use `plantimestamp()` or a static value instead. + /// + /// > Observability scopes are in beta and may not work on all instances. See more details in [the documentation](https://docs.gitlab.com/ee/operations/tracing.html) + /// + /// > Due to [Automatic reuse detection](https://docs.gitlab.com/ee/api/personal_access_tokens.html#automatic-reuse-detection) it's possible that a new Personal Access Token will immediately be revoked. Check if an old process using the old token is running if this happens. + /// + /// **Upstream API**: [GitLab API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) /// /// ## Example Usage /// @@ -73,7 +79,7 @@ public partial class PersonalAccessToken : global::Pulumi.CustomResource public Output CreatedAt { get; private set; } = null!; /// - /// The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + /// When the token will expire, YYYY-MM-DD format. /// [Output("expiresAt")] public Output ExpiresAt { get; private set; } = null!; @@ -91,19 +97,19 @@ public partial class PersonalAccessToken : global::Pulumi.CustomResource public Output Revoked { get; private set; } = null!; /// - /// The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + /// The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` /// [Output("scopes")] public Output> Scopes { get; private set; } = null!; /// - /// The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + /// The token of the personal access token. **Note**: the token is not available for imported resources. /// [Output("token")] public Output Token { get; private set; } = null!; /// - /// The id of the user. + /// The ID of the user. /// [Output("userId")] public Output UserId { get; private set; } = null!; @@ -159,7 +165,7 @@ public static PersonalAccessToken Get(string name, Input id, PersonalAcc public sealed class PersonalAccessTokenArgs : global::Pulumi.ResourceArgs { /// - /// The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + /// When the token will expire, YYYY-MM-DD format. /// [Input("expiresAt")] public Input? ExpiresAt { get; set; } @@ -174,7 +180,7 @@ public sealed class PersonalAccessTokenArgs : global::Pulumi.ResourceArgs private InputList? _scopes; /// - /// The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + /// The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` /// public InputList Scopes { @@ -183,7 +189,7 @@ public InputList Scopes } /// - /// The id of the user. + /// The ID of the user. /// [Input("userId", required: true)] public Input UserId { get; set; } = null!; @@ -209,7 +215,7 @@ public sealed class PersonalAccessTokenState : global::Pulumi.ResourceArgs public Input? CreatedAt { get; set; } /// - /// The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + /// When the token will expire, YYYY-MM-DD format. /// [Input("expiresAt")] public Input? ExpiresAt { get; set; } @@ -230,7 +236,7 @@ public sealed class PersonalAccessTokenState : global::Pulumi.ResourceArgs private InputList? _scopes; /// - /// The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + /// The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` /// public InputList Scopes { @@ -242,7 +248,7 @@ public InputList Scopes private Input? _token; /// - /// The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + /// The token of the personal access token. **Note**: the token is not available for imported resources. /// public Input? Token { @@ -255,7 +261,7 @@ public Input? Token } /// - /// The id of the user. + /// The ID of the user. /// [Input("userId")] public Input? UserId { get; set; } diff --git a/sdk/dotnet/ProjectSecurityPolicyAttachment.cs b/sdk/dotnet/ProjectSecurityPolicyAttachment.cs new file mode 100644 index 00000000..dc95e913 --- /dev/null +++ b/sdk/dotnet/ProjectSecurityPolicyAttachment.cs @@ -0,0 +1,210 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.GitLab +{ + /// + /// The `gitlab.ProjectSecurityPolicyAttachment` resource allows to attach a security policy project to a project. + /// + /// **Upstream API**: [GitLab GraphQL API docs](https://docs.gitlab.com/ee/api/graphql/reference/index.html#mutationsecuritypolicyprojectassign) + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using GitLab = Pulumi.GitLab; + /// + /// return await Deployment.RunAsync(() => + /// { + /// // This resource can be used to attach a security policy to a pre-existing project + /// var foo = new GitLab.ProjectSecurityPolicyAttachment("foo", new() + /// { + /// Project = "1234", + /// PolicyProject = "4567", + /// }); + /// + /// // Or you can use Terraform to create a new project, add a policy to that project, + /// // then attach that policy project to other projects. + /// var my_policy_project = new GitLab.Project("my-policy-project", new() + /// { + /// Name = "security-policy-project", + /// }); + /// + /// var policy_yml = new GitLab.RepositoryFile("policy-yml", new() + /// { + /// Project = my_policy_project.Id, + /// FilePath = ".gitlab/security-policies/my-policy.yml", + /// Branch = "master", + /// Encoding = "text", + /// Content = @"--- + /// approval_policy: + /// - name: test + /// description: test + /// enabled: true + /// rules: + /// - type: any_merge_request + /// branch_type: protected + /// commits: any + /// approval_settings: + /// block_branch_modification: true + /// prevent_pushing_and_force_pushing: true + /// prevent_approval_by_author: true + /// prevent_approval_by_commit_author: true + /// remove_approvals_with_new_commit: true + /// require_password_to_approve: false + /// fallback_behavior: + /// fail: closed + /// actions: + /// - type: send_bot_message + /// enabled: true + /// ", + /// }); + /// + /// var my_policy = new GitLab.Index.ProjectSecurityPolicy("my-policy", new() + /// { + /// Project = 1234, + /// PolicyProject = my_policy_project.Id, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// GitLab project security policy attachments can be imported using an id made up of `project:policy_project_id` where the policy project ID is the project ID of the policy project, e.g. + /// + /// ```sh + /// $ pulumi import gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment foo 1:2 + /// ``` + /// + [GitLabResourceType("gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment")] + public partial class ProjectSecurityPolicyAttachment : global::Pulumi.CustomResource + { + /// + /// The ID or Full Path of the security policy project. + /// + [Output("policyProject")] + public Output PolicyProject { get; private set; } = null!; + + /// + /// The GraphQL ID of the security policy project. + /// + [Output("policyProjectGraphqlId")] + public Output PolicyProjectGraphqlId { get; private set; } = null!; + + /// + /// The ID or Full Path of the project which will have the security policy project assigned to it. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The GraphQL ID of the project to which the security policty project will be attached. + /// + [Output("projectGraphqlId")] + public Output ProjectGraphqlId { get; private set; } = null!; + + + /// + /// Create a ProjectSecurityPolicyAttachment resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public ProjectSecurityPolicyAttachment(string name, ProjectSecurityPolicyAttachmentArgs args, CustomResourceOptions? options = null) + : base("gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment", name, args ?? new ProjectSecurityPolicyAttachmentArgs(), MakeResourceOptions(options, "")) + { + } + + private ProjectSecurityPolicyAttachment(string name, Input id, ProjectSecurityPolicyAttachmentState? state = null, CustomResourceOptions? options = null) + : base("gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing ProjectSecurityPolicyAttachment resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static ProjectSecurityPolicyAttachment Get(string name, Input id, ProjectSecurityPolicyAttachmentState? state = null, CustomResourceOptions? options = null) + { + return new ProjectSecurityPolicyAttachment(name, id, state, options); + } + } + + public sealed class ProjectSecurityPolicyAttachmentArgs : global::Pulumi.ResourceArgs + { + /// + /// The ID or Full Path of the security policy project. + /// + [Input("policyProject", required: true)] + public Input PolicyProject { get; set; } = null!; + + /// + /// The ID or Full Path of the project which will have the security policy project assigned to it. + /// + [Input("project", required: true)] + public Input Project { get; set; } = null!; + + public ProjectSecurityPolicyAttachmentArgs() + { + } + public static new ProjectSecurityPolicyAttachmentArgs Empty => new ProjectSecurityPolicyAttachmentArgs(); + } + + public sealed class ProjectSecurityPolicyAttachmentState : global::Pulumi.ResourceArgs + { + /// + /// The ID or Full Path of the security policy project. + /// + [Input("policyProject")] + public Input? PolicyProject { get; set; } + + /// + /// The GraphQL ID of the security policy project. + /// + [Input("policyProjectGraphqlId")] + public Input? PolicyProjectGraphqlId { get; set; } + + /// + /// The ID or Full Path of the project which will have the security policy project assigned to it. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The GraphQL ID of the project to which the security policty project will be attached. + /// + [Input("projectGraphqlId")] + public Input? ProjectGraphqlId { get; set; } + + public ProjectSecurityPolicyAttachmentState() + { + } + public static new ProjectSecurityPolicyAttachmentState Empty => new ProjectSecurityPolicyAttachmentState(); + } +} diff --git a/sdk/go/gitlab/clusterAgentToken.go b/sdk/go/gitlab/clusterAgentToken.go index 98805f5b..e49afae6 100644 --- a/sdk/go/gitlab/clusterAgentToken.go +++ b/sdk/go/gitlab/clusterAgentToken.go @@ -140,6 +140,10 @@ func NewClusterAgentToken(ctx *pulumi.Context, if args.Project == nil { return nil, errors.New("invalid value for required argument 'Project'") } + secrets := pulumi.AdditionalSecretOutputs([]string{ + "token", + }) + opts = append(opts, secrets) opts = internal.PkgResourceDefaultOpts(opts) var resource ClusterAgentToken err := ctx.RegisterResource("gitlab:index/clusterAgentToken:ClusterAgentToken", name, args, &resource, opts...) diff --git a/sdk/go/gitlab/deployKey.go b/sdk/go/gitlab/deployKey.go index 9e13a330..50a59dbb 100644 --- a/sdk/go/gitlab/deployKey.go +++ b/sdk/go/gitlab/deployKey.go @@ -14,7 +14,7 @@ import ( // The `DeployKey` resource allows to manage the lifecycle of a deploy key. // -// > To enable an already existing deploy key for another project use the `gitlabProjectDeployKey` resource. +// > To enable an already existing deploy key for another project use the `DeployKeyEnable` resource. // // **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/deploy_keys.html) // diff --git a/sdk/go/gitlab/init.go b/sdk/go/gitlab/init.go index 42d85de3..a9a5c4b5 100644 --- a/sdk/go/gitlab/init.go +++ b/sdk/go/gitlab/init.go @@ -159,6 +159,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &ProjectPushRules{} case "gitlab:index/projectRunnerEnablement:ProjectRunnerEnablement": r = &ProjectRunnerEnablement{} + case "gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment": + r = &ProjectSecurityPolicyAttachment{} case "gitlab:index/projectShareGroup:ProjectShareGroup": r = &ProjectShareGroup{} case "gitlab:index/projectTag:ProjectTag": @@ -579,6 +581,11 @@ func init() { "index/projectRunnerEnablement", &module{version}, ) + pulumi.RegisterResourceModule( + "gitlab", + "index/projectSecurityPolicyAttachment", + &module{version}, + ) pulumi.RegisterResourceModule( "gitlab", "index/projectShareGroup", diff --git a/sdk/go/gitlab/personalAccessToken.go b/sdk/go/gitlab/personalAccessToken.go index 9df76b25..6e1689cb 100644 --- a/sdk/go/gitlab/personalAccessToken.go +++ b/sdk/go/gitlab/personalAccessToken.go @@ -12,11 +12,17 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) -// The `PersonalAccessToken` resource allows to manage the lifecycle of a personal access token for a specified user. +// The `PersonalAccessToken` resource allows to manage the lifecycle of a personal access token. // // > This resource requires administration privileges. // -// **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) +// > Use of the `timestamp()` function with expiresAt will cause the resource to be re-created with every apply, it's recommended to use `plantimestamp()` or a static value instead. +// +// > Observability scopes are in beta and may not work on all instances. See more details in [the documentation](https://docs.gitlab.com/ee/operations/tracing.html) +// +// > Due to [Automatic reuse detection](https://docs.gitlab.com/ee/api/personal_access_tokens.html#automatic-reuse-detection) it's possible that a new Personal Access Token will immediately be revoked. Check if an old process using the old token is running if this happens. +// +// **Upstream API**: [GitLab API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) // // ## Example Usage // @@ -73,17 +79,17 @@ type PersonalAccessToken struct { Active pulumi.BoolOutput `pulumi:"active"` // Time the token has been created, RFC3339 format. CreatedAt pulumi.StringOutput `pulumi:"createdAt"` - // The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + // When the token will expire, YYYY-MM-DD format. ExpiresAt pulumi.StringOutput `pulumi:"expiresAt"` // The name of the personal access token. Name pulumi.StringOutput `pulumi:"name"` // True if the token is revoked. Revoked pulumi.BoolOutput `pulumi:"revoked"` - // The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. + // The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` Scopes pulumi.StringArrayOutput `pulumi:"scopes"` - // The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + // The token of the personal access token. **Note**: the token is not available for imported resources. Token pulumi.StringOutput `pulumi:"token"` - // The id of the user. + // The ID of the user. UserId pulumi.IntOutput `pulumi:"userId"` } @@ -131,17 +137,17 @@ type personalAccessTokenState struct { Active *bool `pulumi:"active"` // Time the token has been created, RFC3339 format. CreatedAt *string `pulumi:"createdAt"` - // The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + // When the token will expire, YYYY-MM-DD format. ExpiresAt *string `pulumi:"expiresAt"` // The name of the personal access token. Name *string `pulumi:"name"` // True if the token is revoked. Revoked *bool `pulumi:"revoked"` - // The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. + // The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` Scopes []string `pulumi:"scopes"` - // The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + // The token of the personal access token. **Note**: the token is not available for imported resources. Token *string `pulumi:"token"` - // The id of the user. + // The ID of the user. UserId *int `pulumi:"userId"` } @@ -150,17 +156,17 @@ type PersonalAccessTokenState struct { Active pulumi.BoolPtrInput // Time the token has been created, RFC3339 format. CreatedAt pulumi.StringPtrInput - // The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + // When the token will expire, YYYY-MM-DD format. ExpiresAt pulumi.StringPtrInput // The name of the personal access token. Name pulumi.StringPtrInput // True if the token is revoked. Revoked pulumi.BoolPtrInput - // The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. + // The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` Scopes pulumi.StringArrayInput - // The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + // The token of the personal access token. **Note**: the token is not available for imported resources. Token pulumi.StringPtrInput - // The id of the user. + // The ID of the user. UserId pulumi.IntPtrInput } @@ -169,25 +175,25 @@ func (PersonalAccessTokenState) ElementType() reflect.Type { } type personalAccessTokenArgs struct { - // The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + // When the token will expire, YYYY-MM-DD format. ExpiresAt *string `pulumi:"expiresAt"` // The name of the personal access token. Name *string `pulumi:"name"` - // The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. + // The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` Scopes []string `pulumi:"scopes"` - // The id of the user. + // The ID of the user. UserId int `pulumi:"userId"` } // The set of arguments for constructing a PersonalAccessToken resource. type PersonalAccessTokenArgs struct { - // The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + // When the token will expire, YYYY-MM-DD format. ExpiresAt pulumi.StringPtrInput // The name of the personal access token. Name pulumi.StringPtrInput - // The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. + // The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` Scopes pulumi.StringArrayInput - // The id of the user. + // The ID of the user. UserId pulumi.IntInput } @@ -288,7 +294,7 @@ func (o PersonalAccessTokenOutput) CreatedAt() pulumi.StringOutput { return o.ApplyT(func(v *PersonalAccessToken) pulumi.StringOutput { return v.CreatedAt }).(pulumi.StringOutput) } -// The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. +// When the token will expire, YYYY-MM-DD format. func (o PersonalAccessTokenOutput) ExpiresAt() pulumi.StringOutput { return o.ApplyT(func(v *PersonalAccessToken) pulumi.StringOutput { return v.ExpiresAt }).(pulumi.StringOutput) } @@ -303,17 +309,17 @@ func (o PersonalAccessTokenOutput) Revoked() pulumi.BoolOutput { return o.ApplyT(func(v *PersonalAccessToken) pulumi.BoolOutput { return v.Revoked }).(pulumi.BoolOutput) } -// The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. +// The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` func (o PersonalAccessTokenOutput) Scopes() pulumi.StringArrayOutput { return o.ApplyT(func(v *PersonalAccessToken) pulumi.StringArrayOutput { return v.Scopes }).(pulumi.StringArrayOutput) } -// The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. +// The token of the personal access token. **Note**: the token is not available for imported resources. func (o PersonalAccessTokenOutput) Token() pulumi.StringOutput { return o.ApplyT(func(v *PersonalAccessToken) pulumi.StringOutput { return v.Token }).(pulumi.StringOutput) } -// The id of the user. +// The ID of the user. func (o PersonalAccessTokenOutput) UserId() pulumi.IntOutput { return o.ApplyT(func(v *PersonalAccessToken) pulumi.IntOutput { return v.UserId }).(pulumi.IntOutput) } diff --git a/sdk/go/gitlab/projectSecurityPolicyAttachment.go b/sdk/go/gitlab/projectSecurityPolicyAttachment.go new file mode 100644 index 00000000..2206c978 --- /dev/null +++ b/sdk/go/gitlab/projectSecurityPolicyAttachment.go @@ -0,0 +1,351 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package gitlab + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// The `ProjectSecurityPolicyAttachment` resource allows to attach a security policy project to a project. +// +// **Upstream API**: [GitLab GraphQL API docs](https://docs.gitlab.com/ee/api/graphql/reference/index.html#mutationsecuritypolicyprojectassign) +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gitlab/sdk/v8/go/gitlab" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// // This resource can be used to attach a security policy to a pre-existing project +// _, err := gitlab.NewProjectSecurityPolicyAttachment(ctx, "foo", &gitlab.ProjectSecurityPolicyAttachmentArgs{ +// Project: pulumi.String("1234"), +// PolicyProject: pulumi.String("4567"), +// }) +// if err != nil { +// return err +// } +// // Or you can use Terraform to create a new project, add a policy to that project, +// // then attach that policy project to other projects. +// _, err = gitlab.NewProject(ctx, "my-policy-project", &gitlab.ProjectArgs{ +// Name: pulumi.String("security-policy-project"), +// }) +// if err != nil { +// return err +// } +// _, err = gitlab.NewRepositoryFile(ctx, "policy-yml", &gitlab.RepositoryFileArgs{ +// Project: my_policy_project.ID(), +// FilePath: pulumi.String(".gitlab/security-policies/my-policy.yml"), +// Branch: pulumi.String("master"), +// Encoding: pulumi.String("text"), +// Content: pulumi.String(`--- +// +// approval_policy: +// - name: test +// description: test +// enabled: true +// rules: +// - type: any_merge_request +// branch_type: protected +// commits: any +// +// approval_settings: +// +// block_branch_modification: true +// prevent_pushing_and_force_pushing: true +// prevent_approval_by_author: true +// prevent_approval_by_commit_author: true +// remove_approvals_with_new_commit: true +// require_password_to_approve: false +// +// fallback_behavior: +// +// fail: closed +// +// actions: +// - type: send_bot_message +// enabled: true +// +// `), +// +// }) +// if err != nil { +// return err +// } +// _, err = gitlab.NewProjectSecurityPolicy(ctx, "my-policy", &gitlab.ProjectSecurityPolicyArgs{ +// Project: 1234, +// PolicyProject: my_policy_project.ID(), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// GitLab project security policy attachments can be imported using an id made up of `project:policy_project_id` where the policy project ID is the project ID of the policy project, e.g. +// +// ```sh +// $ pulumi import gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment foo 1:2 +// ``` +type ProjectSecurityPolicyAttachment struct { + pulumi.CustomResourceState + + // The ID or Full Path of the security policy project. + PolicyProject pulumi.StringOutput `pulumi:"policyProject"` + // The GraphQL ID of the security policy project. + PolicyProjectGraphqlId pulumi.StringOutput `pulumi:"policyProjectGraphqlId"` + // The ID or Full Path of the project which will have the security policy project assigned to it. + Project pulumi.StringOutput `pulumi:"project"` + // The GraphQL ID of the project to which the security policty project will be attached. + ProjectGraphqlId pulumi.StringOutput `pulumi:"projectGraphqlId"` +} + +// NewProjectSecurityPolicyAttachment registers a new resource with the given unique name, arguments, and options. +func NewProjectSecurityPolicyAttachment(ctx *pulumi.Context, + name string, args *ProjectSecurityPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*ProjectSecurityPolicyAttachment, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.PolicyProject == nil { + return nil, errors.New("invalid value for required argument 'PolicyProject'") + } + if args.Project == nil { + return nil, errors.New("invalid value for required argument 'Project'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource ProjectSecurityPolicyAttachment + err := ctx.RegisterResource("gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetProjectSecurityPolicyAttachment gets an existing ProjectSecurityPolicyAttachment resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetProjectSecurityPolicyAttachment(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *ProjectSecurityPolicyAttachmentState, opts ...pulumi.ResourceOption) (*ProjectSecurityPolicyAttachment, error) { + var resource ProjectSecurityPolicyAttachment + err := ctx.ReadResource("gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering ProjectSecurityPolicyAttachment resources. +type projectSecurityPolicyAttachmentState struct { + // The ID or Full Path of the security policy project. + PolicyProject *string `pulumi:"policyProject"` + // The GraphQL ID of the security policy project. + PolicyProjectGraphqlId *string `pulumi:"policyProjectGraphqlId"` + // The ID or Full Path of the project which will have the security policy project assigned to it. + Project *string `pulumi:"project"` + // The GraphQL ID of the project to which the security policty project will be attached. + ProjectGraphqlId *string `pulumi:"projectGraphqlId"` +} + +type ProjectSecurityPolicyAttachmentState struct { + // The ID or Full Path of the security policy project. + PolicyProject pulumi.StringPtrInput + // The GraphQL ID of the security policy project. + PolicyProjectGraphqlId pulumi.StringPtrInput + // The ID or Full Path of the project which will have the security policy project assigned to it. + Project pulumi.StringPtrInput + // The GraphQL ID of the project to which the security policty project will be attached. + ProjectGraphqlId pulumi.StringPtrInput +} + +func (ProjectSecurityPolicyAttachmentState) ElementType() reflect.Type { + return reflect.TypeOf((*projectSecurityPolicyAttachmentState)(nil)).Elem() +} + +type projectSecurityPolicyAttachmentArgs struct { + // The ID or Full Path of the security policy project. + PolicyProject string `pulumi:"policyProject"` + // The ID or Full Path of the project which will have the security policy project assigned to it. + Project string `pulumi:"project"` +} + +// The set of arguments for constructing a ProjectSecurityPolicyAttachment resource. +type ProjectSecurityPolicyAttachmentArgs struct { + // The ID or Full Path of the security policy project. + PolicyProject pulumi.StringInput + // The ID or Full Path of the project which will have the security policy project assigned to it. + Project pulumi.StringInput +} + +func (ProjectSecurityPolicyAttachmentArgs) ElementType() reflect.Type { + return reflect.TypeOf((*projectSecurityPolicyAttachmentArgs)(nil)).Elem() +} + +type ProjectSecurityPolicyAttachmentInput interface { + pulumi.Input + + ToProjectSecurityPolicyAttachmentOutput() ProjectSecurityPolicyAttachmentOutput + ToProjectSecurityPolicyAttachmentOutputWithContext(ctx context.Context) ProjectSecurityPolicyAttachmentOutput +} + +func (*ProjectSecurityPolicyAttachment) ElementType() reflect.Type { + return reflect.TypeOf((**ProjectSecurityPolicyAttachment)(nil)).Elem() +} + +func (i *ProjectSecurityPolicyAttachment) ToProjectSecurityPolicyAttachmentOutput() ProjectSecurityPolicyAttachmentOutput { + return i.ToProjectSecurityPolicyAttachmentOutputWithContext(context.Background()) +} + +func (i *ProjectSecurityPolicyAttachment) ToProjectSecurityPolicyAttachmentOutputWithContext(ctx context.Context) ProjectSecurityPolicyAttachmentOutput { + return pulumi.ToOutputWithContext(ctx, i).(ProjectSecurityPolicyAttachmentOutput) +} + +// ProjectSecurityPolicyAttachmentArrayInput is an input type that accepts ProjectSecurityPolicyAttachmentArray and ProjectSecurityPolicyAttachmentArrayOutput values. +// You can construct a concrete instance of `ProjectSecurityPolicyAttachmentArrayInput` via: +// +// ProjectSecurityPolicyAttachmentArray{ ProjectSecurityPolicyAttachmentArgs{...} } +type ProjectSecurityPolicyAttachmentArrayInput interface { + pulumi.Input + + ToProjectSecurityPolicyAttachmentArrayOutput() ProjectSecurityPolicyAttachmentArrayOutput + ToProjectSecurityPolicyAttachmentArrayOutputWithContext(context.Context) ProjectSecurityPolicyAttachmentArrayOutput +} + +type ProjectSecurityPolicyAttachmentArray []ProjectSecurityPolicyAttachmentInput + +func (ProjectSecurityPolicyAttachmentArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ProjectSecurityPolicyAttachment)(nil)).Elem() +} + +func (i ProjectSecurityPolicyAttachmentArray) ToProjectSecurityPolicyAttachmentArrayOutput() ProjectSecurityPolicyAttachmentArrayOutput { + return i.ToProjectSecurityPolicyAttachmentArrayOutputWithContext(context.Background()) +} + +func (i ProjectSecurityPolicyAttachmentArray) ToProjectSecurityPolicyAttachmentArrayOutputWithContext(ctx context.Context) ProjectSecurityPolicyAttachmentArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ProjectSecurityPolicyAttachmentArrayOutput) +} + +// ProjectSecurityPolicyAttachmentMapInput is an input type that accepts ProjectSecurityPolicyAttachmentMap and ProjectSecurityPolicyAttachmentMapOutput values. +// You can construct a concrete instance of `ProjectSecurityPolicyAttachmentMapInput` via: +// +// ProjectSecurityPolicyAttachmentMap{ "key": ProjectSecurityPolicyAttachmentArgs{...} } +type ProjectSecurityPolicyAttachmentMapInput interface { + pulumi.Input + + ToProjectSecurityPolicyAttachmentMapOutput() ProjectSecurityPolicyAttachmentMapOutput + ToProjectSecurityPolicyAttachmentMapOutputWithContext(context.Context) ProjectSecurityPolicyAttachmentMapOutput +} + +type ProjectSecurityPolicyAttachmentMap map[string]ProjectSecurityPolicyAttachmentInput + +func (ProjectSecurityPolicyAttachmentMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ProjectSecurityPolicyAttachment)(nil)).Elem() +} + +func (i ProjectSecurityPolicyAttachmentMap) ToProjectSecurityPolicyAttachmentMapOutput() ProjectSecurityPolicyAttachmentMapOutput { + return i.ToProjectSecurityPolicyAttachmentMapOutputWithContext(context.Background()) +} + +func (i ProjectSecurityPolicyAttachmentMap) ToProjectSecurityPolicyAttachmentMapOutputWithContext(ctx context.Context) ProjectSecurityPolicyAttachmentMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(ProjectSecurityPolicyAttachmentMapOutput) +} + +type ProjectSecurityPolicyAttachmentOutput struct{ *pulumi.OutputState } + +func (ProjectSecurityPolicyAttachmentOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ProjectSecurityPolicyAttachment)(nil)).Elem() +} + +func (o ProjectSecurityPolicyAttachmentOutput) ToProjectSecurityPolicyAttachmentOutput() ProjectSecurityPolicyAttachmentOutput { + return o +} + +func (o ProjectSecurityPolicyAttachmentOutput) ToProjectSecurityPolicyAttachmentOutputWithContext(ctx context.Context) ProjectSecurityPolicyAttachmentOutput { + return o +} + +// The ID or Full Path of the security policy project. +func (o ProjectSecurityPolicyAttachmentOutput) PolicyProject() pulumi.StringOutput { + return o.ApplyT(func(v *ProjectSecurityPolicyAttachment) pulumi.StringOutput { return v.PolicyProject }).(pulumi.StringOutput) +} + +// The GraphQL ID of the security policy project. +func (o ProjectSecurityPolicyAttachmentOutput) PolicyProjectGraphqlId() pulumi.StringOutput { + return o.ApplyT(func(v *ProjectSecurityPolicyAttachment) pulumi.StringOutput { return v.PolicyProjectGraphqlId }).(pulumi.StringOutput) +} + +// The ID or Full Path of the project which will have the security policy project assigned to it. +func (o ProjectSecurityPolicyAttachmentOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *ProjectSecurityPolicyAttachment) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The GraphQL ID of the project to which the security policty project will be attached. +func (o ProjectSecurityPolicyAttachmentOutput) ProjectGraphqlId() pulumi.StringOutput { + return o.ApplyT(func(v *ProjectSecurityPolicyAttachment) pulumi.StringOutput { return v.ProjectGraphqlId }).(pulumi.StringOutput) +} + +type ProjectSecurityPolicyAttachmentArrayOutput struct{ *pulumi.OutputState } + +func (ProjectSecurityPolicyAttachmentArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*ProjectSecurityPolicyAttachment)(nil)).Elem() +} + +func (o ProjectSecurityPolicyAttachmentArrayOutput) ToProjectSecurityPolicyAttachmentArrayOutput() ProjectSecurityPolicyAttachmentArrayOutput { + return o +} + +func (o ProjectSecurityPolicyAttachmentArrayOutput) ToProjectSecurityPolicyAttachmentArrayOutputWithContext(ctx context.Context) ProjectSecurityPolicyAttachmentArrayOutput { + return o +} + +func (o ProjectSecurityPolicyAttachmentArrayOutput) Index(i pulumi.IntInput) ProjectSecurityPolicyAttachmentOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *ProjectSecurityPolicyAttachment { + return vs[0].([]*ProjectSecurityPolicyAttachment)[vs[1].(int)] + }).(ProjectSecurityPolicyAttachmentOutput) +} + +type ProjectSecurityPolicyAttachmentMapOutput struct{ *pulumi.OutputState } + +func (ProjectSecurityPolicyAttachmentMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*ProjectSecurityPolicyAttachment)(nil)).Elem() +} + +func (o ProjectSecurityPolicyAttachmentMapOutput) ToProjectSecurityPolicyAttachmentMapOutput() ProjectSecurityPolicyAttachmentMapOutput { + return o +} + +func (o ProjectSecurityPolicyAttachmentMapOutput) ToProjectSecurityPolicyAttachmentMapOutputWithContext(ctx context.Context) ProjectSecurityPolicyAttachmentMapOutput { + return o +} + +func (o ProjectSecurityPolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) ProjectSecurityPolicyAttachmentOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *ProjectSecurityPolicyAttachment { + return vs[0].(map[string]*ProjectSecurityPolicyAttachment)[vs[1].(string)] + }).(ProjectSecurityPolicyAttachmentOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ProjectSecurityPolicyAttachmentInput)(nil)).Elem(), &ProjectSecurityPolicyAttachment{}) + pulumi.RegisterInputType(reflect.TypeOf((*ProjectSecurityPolicyAttachmentArrayInput)(nil)).Elem(), ProjectSecurityPolicyAttachmentArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ProjectSecurityPolicyAttachmentMapInput)(nil)).Elem(), ProjectSecurityPolicyAttachmentMap{}) + pulumi.RegisterOutputType(ProjectSecurityPolicyAttachmentOutput{}) + pulumi.RegisterOutputType(ProjectSecurityPolicyAttachmentArrayOutput{}) + pulumi.RegisterOutputType(ProjectSecurityPolicyAttachmentMapOutput{}) +} diff --git a/sdk/java/src/main/java/com/pulumi/gitlab/ClusterAgentToken.java b/sdk/java/src/main/java/com/pulumi/gitlab/ClusterAgentToken.java index 979722b3..bf3ff40c 100644 --- a/sdk/java/src/main/java/com/pulumi/gitlab/ClusterAgentToken.java +++ b/sdk/java/src/main/java/com/pulumi/gitlab/ClusterAgentToken.java @@ -12,6 +12,7 @@ import com.pulumi.gitlab.inputs.ClusterAgentTokenState; import java.lang.Integer; import java.lang.String; +import java.util.List; import java.util.Optional; import javax.annotation.Nullable; @@ -284,6 +285,9 @@ private ClusterAgentToken(String name, Output id, @Nullable ClusterAgent private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() .version(Utilities.getVersion()) + .additionalSecretOutputs(List.of( + "token" + )) .build(); return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); } diff --git a/sdk/java/src/main/java/com/pulumi/gitlab/DeployKey.java b/sdk/java/src/main/java/com/pulumi/gitlab/DeployKey.java index f459bcef..c36773d9 100644 --- a/sdk/java/src/main/java/com/pulumi/gitlab/DeployKey.java +++ b/sdk/java/src/main/java/com/pulumi/gitlab/DeployKey.java @@ -19,7 +19,7 @@ /** * The `gitlab.DeployKey` resource allows to manage the lifecycle of a deploy key. * - * > To enable an already existing deploy key for another project use the `gitlab_project_deploy_key` resource. + * > To enable an already existing deploy key for another project use the `gitlab.DeployKeyEnable` resource. * * **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/deploy_keys.html) * diff --git a/sdk/java/src/main/java/com/pulumi/gitlab/PersonalAccessToken.java b/sdk/java/src/main/java/com/pulumi/gitlab/PersonalAccessToken.java index ed6e8e69..5b517246 100644 --- a/sdk/java/src/main/java/com/pulumi/gitlab/PersonalAccessToken.java +++ b/sdk/java/src/main/java/com/pulumi/gitlab/PersonalAccessToken.java @@ -17,11 +17,17 @@ import javax.annotation.Nullable; /** - * The `gitlab.PersonalAccessToken` resource allows to manage the lifecycle of a personal access token for a specified user. + * The `gitlab.PersonalAccessToken` resource allows to manage the lifecycle of a personal access token. * * > This resource requires administration privileges. * - * **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) + * > Use of the `timestamp()` function with expires_at will cause the resource to be re-created with every apply, it's recommended to use `plantimestamp()` or a static value instead. + * + * > Observability scopes are in beta and may not work on all instances. See more details in [the documentation](https://docs.gitlab.com/ee/operations/tracing.html) + * + * > Due to [Automatic reuse detection](https://docs.gitlab.com/ee/api/personal_access_tokens.html#automatic-reuse-detection) it's possible that a new Personal Access Token will immediately be revoked. Check if an old process using the old token is running if this happens. + * + * **Upstream API**: [GitLab API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) * * ## Example Usage * @@ -111,14 +117,14 @@ public Output createdAt() { return this.createdAt; } /** - * The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * When the token will expire, YYYY-MM-DD format. * */ @Export(name="expiresAt", refs={String.class}, tree="[0]") private Output expiresAt; /** - * @return The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * @return When the token will expire, YYYY-MM-DD format. * */ public Output expiresAt() { @@ -153,42 +159,42 @@ public Output revoked() { return this.revoked; } /** - * The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * */ @Export(name="scopes", refs={List.class,String.class}, tree="[0,1]") private Output> scopes; /** - * @return The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @return The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * */ public Output> scopes() { return this.scopes; } /** - * The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + * The token of the personal access token. **Note**: the token is not available for imported resources. * */ @Export(name="token", refs={String.class}, tree="[0]") private Output token; /** - * @return The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + * @return The token of the personal access token. **Note**: the token is not available for imported resources. * */ public Output token() { return this.token; } /** - * The id of the user. + * The ID of the user. * */ @Export(name="userId", refs={Integer.class}, tree="[0]") private Output userId; /** - * @return The id of the user. + * @return The ID of the user. * */ public Output userId() { diff --git a/sdk/java/src/main/java/com/pulumi/gitlab/PersonalAccessTokenArgs.java b/sdk/java/src/main/java/com/pulumi/gitlab/PersonalAccessTokenArgs.java index b791acd5..939cbeef 100644 --- a/sdk/java/src/main/java/com/pulumi/gitlab/PersonalAccessTokenArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gitlab/PersonalAccessTokenArgs.java @@ -19,14 +19,14 @@ public final class PersonalAccessTokenArgs extends com.pulumi.resources.Resource public static final PersonalAccessTokenArgs Empty = new PersonalAccessTokenArgs(); /** - * The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * When the token will expire, YYYY-MM-DD format. * */ @Import(name="expiresAt") private @Nullable Output expiresAt; /** - * @return The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * @return When the token will expire, YYYY-MM-DD format. * */ public Optional> expiresAt() { @@ -49,14 +49,14 @@ public Optional> name() { } /** - * The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * */ @Import(name="scopes", required=true) private Output> scopes; /** - * @return The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @return The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * */ public Output> scopes() { @@ -64,14 +64,14 @@ public Output> scopes() { } /** - * The id of the user. + * The ID of the user. * */ @Import(name="userId", required=true) private Output userId; /** - * @return The id of the user. + * @return The ID of the user. * */ public Output userId() { @@ -106,7 +106,7 @@ public Builder(PersonalAccessTokenArgs defaults) { } /** - * @param expiresAt The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * @param expiresAt When the token will expire, YYYY-MM-DD format. * * @return builder * @@ -117,7 +117,7 @@ public Builder expiresAt(@Nullable Output expiresAt) { } /** - * @param expiresAt The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * @param expiresAt When the token will expire, YYYY-MM-DD format. * * @return builder * @@ -148,7 +148,7 @@ public Builder name(String name) { } /** - * @param scopes The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @param scopes The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * * @return builder * @@ -159,7 +159,7 @@ public Builder scopes(Output> scopes) { } /** - * @param scopes The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @param scopes The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * * @return builder * @@ -169,7 +169,7 @@ public Builder scopes(List scopes) { } /** - * @param scopes The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @param scopes The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * * @return builder * @@ -179,7 +179,7 @@ public Builder scopes(String... scopes) { } /** - * @param userId The id of the user. + * @param userId The ID of the user. * * @return builder * @@ -190,7 +190,7 @@ public Builder userId(Output userId) { } /** - * @param userId The id of the user. + * @param userId The ID of the user. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gitlab/ProjectSecurityPolicyAttachment.java b/sdk/java/src/main/java/com/pulumi/gitlab/ProjectSecurityPolicyAttachment.java new file mode 100644 index 00000000..978a1422 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gitlab/ProjectSecurityPolicyAttachment.java @@ -0,0 +1,221 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gitlab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gitlab.ProjectSecurityPolicyAttachmentArgs; +import com.pulumi.gitlab.Utilities; +import com.pulumi.gitlab.inputs.ProjectSecurityPolicyAttachmentState; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * The `gitlab.ProjectSecurityPolicyAttachment` resource allows to attach a security policy project to a project. + * + * **Upstream API**: [GitLab GraphQL API docs](https://docs.gitlab.com/ee/api/graphql/reference/index.html#mutationsecuritypolicyprojectassign) + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + *
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gitlab.ProjectSecurityPolicyAttachment;
+ * import com.pulumi.gitlab.ProjectSecurityPolicyAttachmentArgs;
+ * import com.pulumi.gitlab.Project;
+ * import com.pulumi.gitlab.ProjectArgs;
+ * import com.pulumi.gitlab.RepositoryFile;
+ * import com.pulumi.gitlab.RepositoryFileArgs;
+ * import com.pulumi.gitlab.projectSecurityPolicy;
+ * import com.pulumi.gitlab.ProjectSecurityPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         // This resource can be used to attach a security policy to a pre-existing project
+ *         var foo = new ProjectSecurityPolicyAttachment("foo", ProjectSecurityPolicyAttachmentArgs.builder()
+ *             .project(1234)
+ *             .policyProject(4567)
+ *             .build());
+ * 
+ *         // Or you can use Terraform to create a new project, add a policy to that project,
+ *         // then attach that policy project to other projects.
+ *         var my_policy_project = new Project("my-policy-project", ProjectArgs.builder()
+ *             .name("security-policy-project")
+ *             .build());
+ * 
+ *         var policy_yml = new RepositoryFile("policy-yml", RepositoryFileArgs.builder()
+ *             .project(my_policy_project.id())
+ *             .filePath(".gitlab/security-policies/my-policy.yml")
+ *             .branch("master")
+ *             .encoding("text")
+ *             .content("""
+ * ---
+ * approval_policy:
+ * - name: test
+ * description: test
+ * enabled: true
+ * rules:
+ * - type: any_merge_request
+ *     branch_type: protected
+ *     commits: any
+ * approval_settings:
+ *     block_branch_modification: true
+ *     prevent_pushing_and_force_pushing: true
+ *     prevent_approval_by_author: true
+ *     prevent_approval_by_commit_author: true
+ *     remove_approvals_with_new_commit: true
+ *     require_password_to_approve: false
+ * fallback_behavior:
+ *     fail: closed
+ * actions:
+ * - type: send_bot_message
+ *     enabled: true
+ *             """)
+ *             .build());
+ * 
+ *         var my_policy = new ProjectSecurityPolicy("my-policy", ProjectSecurityPolicyArgs.builder()
+ *             .project(1234)
+ *             .policyProject(my_policy_project.id())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ * 
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * GitLab project security policy attachments can be imported using an id made up of `project:policy_project_id` where the policy project ID is the project ID of the policy project, e.g. + * + * ```sh + * $ pulumi import gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment foo 1:2 + * ``` + * + */ +@ResourceType(type="gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment") +public class ProjectSecurityPolicyAttachment extends com.pulumi.resources.CustomResource { + /** + * The ID or Full Path of the security policy project. + * + */ + @Export(name="policyProject", refs={String.class}, tree="[0]") + private Output policyProject; + + /** + * @return The ID or Full Path of the security policy project. + * + */ + public Output policyProject() { + return this.policyProject; + } + /** + * The GraphQL ID of the security policy project. + * + */ + @Export(name="policyProjectGraphqlId", refs={String.class}, tree="[0]") + private Output policyProjectGraphqlId; + + /** + * @return The GraphQL ID of the security policy project. + * + */ + public Output policyProjectGraphqlId() { + return this.policyProjectGraphqlId; + } + /** + * The ID or Full Path of the project which will have the security policy project assigned to it. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID or Full Path of the project which will have the security policy project assigned to it. + * + */ + public Output project() { + return this.project; + } + /** + * The GraphQL ID of the project to which the security policty project will be attached. + * + */ + @Export(name="projectGraphqlId", refs={String.class}, tree="[0]") + private Output projectGraphqlId; + + /** + * @return The GraphQL ID of the project to which the security policty project will be attached. + * + */ + public Output projectGraphqlId() { + return this.projectGraphqlId; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public ProjectSecurityPolicyAttachment(String name) { + this(name, ProjectSecurityPolicyAttachmentArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public ProjectSecurityPolicyAttachment(String name, ProjectSecurityPolicyAttachmentArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public ProjectSecurityPolicyAttachment(String name, ProjectSecurityPolicyAttachmentArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment", name, args == null ? ProjectSecurityPolicyAttachmentArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private ProjectSecurityPolicyAttachment(String name, Output id, @Nullable ProjectSecurityPolicyAttachmentState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static ProjectSecurityPolicyAttachment get(String name, Output id, @Nullable ProjectSecurityPolicyAttachmentState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new ProjectSecurityPolicyAttachment(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gitlab/ProjectSecurityPolicyAttachmentArgs.java b/sdk/java/src/main/java/com/pulumi/gitlab/ProjectSecurityPolicyAttachmentArgs.java new file mode 100644 index 00000000..f1162593 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gitlab/ProjectSecurityPolicyAttachmentArgs.java @@ -0,0 +1,125 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gitlab; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class ProjectSecurityPolicyAttachmentArgs extends com.pulumi.resources.ResourceArgs { + + public static final ProjectSecurityPolicyAttachmentArgs Empty = new ProjectSecurityPolicyAttachmentArgs(); + + /** + * The ID or Full Path of the security policy project. + * + */ + @Import(name="policyProject", required=true) + private Output policyProject; + + /** + * @return The ID or Full Path of the security policy project. + * + */ + public Output policyProject() { + return this.policyProject; + } + + /** + * The ID or Full Path of the project which will have the security policy project assigned to it. + * + */ + @Import(name="project", required=true) + private Output project; + + /** + * @return The ID or Full Path of the project which will have the security policy project assigned to it. + * + */ + public Output project() { + return this.project; + } + + private ProjectSecurityPolicyAttachmentArgs() {} + + private ProjectSecurityPolicyAttachmentArgs(ProjectSecurityPolicyAttachmentArgs $) { + this.policyProject = $.policyProject; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ProjectSecurityPolicyAttachmentArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ProjectSecurityPolicyAttachmentArgs $; + + public Builder() { + $ = new ProjectSecurityPolicyAttachmentArgs(); + } + + public Builder(ProjectSecurityPolicyAttachmentArgs defaults) { + $ = new ProjectSecurityPolicyAttachmentArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param policyProject The ID or Full Path of the security policy project. + * + * @return builder + * + */ + public Builder policyProject(Output policyProject) { + $.policyProject = policyProject; + return this; + } + + /** + * @param policyProject The ID or Full Path of the security policy project. + * + * @return builder + * + */ + public Builder policyProject(String policyProject) { + return policyProject(Output.of(policyProject)); + } + + /** + * @param project The ID or Full Path of the project which will have the security policy project assigned to it. + * + * @return builder + * + */ + public Builder project(Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID or Full Path of the project which will have the security policy project assigned to it. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public ProjectSecurityPolicyAttachmentArgs build() { + if ($.policyProject == null) { + throw new MissingRequiredPropertyException("ProjectSecurityPolicyAttachmentArgs", "policyProject"); + } + if ($.project == null) { + throw new MissingRequiredPropertyException("ProjectSecurityPolicyAttachmentArgs", "project"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gitlab/inputs/PersonalAccessTokenState.java b/sdk/java/src/main/java/com/pulumi/gitlab/inputs/PersonalAccessTokenState.java index 488ea1bf..d0343dda 100644 --- a/sdk/java/src/main/java/com/pulumi/gitlab/inputs/PersonalAccessTokenState.java +++ b/sdk/java/src/main/java/com/pulumi/gitlab/inputs/PersonalAccessTokenState.java @@ -49,14 +49,14 @@ public Optional> createdAt() { } /** - * The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * When the token will expire, YYYY-MM-DD format. * */ @Import(name="expiresAt") private @Nullable Output expiresAt; /** - * @return The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * @return When the token will expire, YYYY-MM-DD format. * */ public Optional> expiresAt() { @@ -94,14 +94,14 @@ public Optional> revoked() { } /** - * The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * */ @Import(name="scopes") private @Nullable Output> scopes; /** - * @return The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @return The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * */ public Optional>> scopes() { @@ -109,14 +109,14 @@ public Optional>> scopes() { } /** - * The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + * The token of the personal access token. **Note**: the token is not available for imported resources. * */ @Import(name="token") private @Nullable Output token; /** - * @return The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + * @return The token of the personal access token. **Note**: the token is not available for imported resources. * */ public Optional> token() { @@ -124,14 +124,14 @@ public Optional> token() { } /** - * The id of the user. + * The ID of the user. * */ @Import(name="userId") private @Nullable Output userId; /** - * @return The id of the user. + * @return The ID of the user. * */ public Optional> userId() { @@ -212,7 +212,7 @@ public Builder createdAt(String createdAt) { } /** - * @param expiresAt The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * @param expiresAt When the token will expire, YYYY-MM-DD format. * * @return builder * @@ -223,7 +223,7 @@ public Builder expiresAt(@Nullable Output expiresAt) { } /** - * @param expiresAt The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * @param expiresAt When the token will expire, YYYY-MM-DD format. * * @return builder * @@ -275,7 +275,7 @@ public Builder revoked(Boolean revoked) { } /** - * @param scopes The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @param scopes The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * * @return builder * @@ -286,7 +286,7 @@ public Builder scopes(@Nullable Output> scopes) { } /** - * @param scopes The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @param scopes The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * * @return builder * @@ -296,7 +296,7 @@ public Builder scopes(List scopes) { } /** - * @param scopes The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + * @param scopes The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` * * @return builder * @@ -306,7 +306,7 @@ public Builder scopes(String... scopes) { } /** - * @param token The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + * @param token The token of the personal access token. **Note**: the token is not available for imported resources. * * @return builder * @@ -317,7 +317,7 @@ public Builder token(@Nullable Output token) { } /** - * @param token The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + * @param token The token of the personal access token. **Note**: the token is not available for imported resources. * * @return builder * @@ -327,7 +327,7 @@ public Builder token(String token) { } /** - * @param userId The id of the user. + * @param userId The ID of the user. * * @return builder * @@ -338,7 +338,7 @@ public Builder userId(@Nullable Output userId) { } /** - * @param userId The id of the user. + * @param userId The ID of the user. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gitlab/inputs/ProjectSecurityPolicyAttachmentState.java b/sdk/java/src/main/java/com/pulumi/gitlab/inputs/ProjectSecurityPolicyAttachmentState.java new file mode 100644 index 00000000..d015f2d5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gitlab/inputs/ProjectSecurityPolicyAttachmentState.java @@ -0,0 +1,194 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gitlab.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ProjectSecurityPolicyAttachmentState extends com.pulumi.resources.ResourceArgs { + + public static final ProjectSecurityPolicyAttachmentState Empty = new ProjectSecurityPolicyAttachmentState(); + + /** + * The ID or Full Path of the security policy project. + * + */ + @Import(name="policyProject") + private @Nullable Output policyProject; + + /** + * @return The ID or Full Path of the security policy project. + * + */ + public Optional> policyProject() { + return Optional.ofNullable(this.policyProject); + } + + /** + * The GraphQL ID of the security policy project. + * + */ + @Import(name="policyProjectGraphqlId") + private @Nullable Output policyProjectGraphqlId; + + /** + * @return The GraphQL ID of the security policy project. + * + */ + public Optional> policyProjectGraphqlId() { + return Optional.ofNullable(this.policyProjectGraphqlId); + } + + /** + * The ID or Full Path of the project which will have the security policy project assigned to it. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID or Full Path of the project which will have the security policy project assigned to it. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The GraphQL ID of the project to which the security policty project will be attached. + * + */ + @Import(name="projectGraphqlId") + private @Nullable Output projectGraphqlId; + + /** + * @return The GraphQL ID of the project to which the security policty project will be attached. + * + */ + public Optional> projectGraphqlId() { + return Optional.ofNullable(this.projectGraphqlId); + } + + private ProjectSecurityPolicyAttachmentState() {} + + private ProjectSecurityPolicyAttachmentState(ProjectSecurityPolicyAttachmentState $) { + this.policyProject = $.policyProject; + this.policyProjectGraphqlId = $.policyProjectGraphqlId; + this.project = $.project; + this.projectGraphqlId = $.projectGraphqlId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ProjectSecurityPolicyAttachmentState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ProjectSecurityPolicyAttachmentState $; + + public Builder() { + $ = new ProjectSecurityPolicyAttachmentState(); + } + + public Builder(ProjectSecurityPolicyAttachmentState defaults) { + $ = new ProjectSecurityPolicyAttachmentState(Objects.requireNonNull(defaults)); + } + + /** + * @param policyProject The ID or Full Path of the security policy project. + * + * @return builder + * + */ + public Builder policyProject(@Nullable Output policyProject) { + $.policyProject = policyProject; + return this; + } + + /** + * @param policyProject The ID or Full Path of the security policy project. + * + * @return builder + * + */ + public Builder policyProject(String policyProject) { + return policyProject(Output.of(policyProject)); + } + + /** + * @param policyProjectGraphqlId The GraphQL ID of the security policy project. + * + * @return builder + * + */ + public Builder policyProjectGraphqlId(@Nullable Output policyProjectGraphqlId) { + $.policyProjectGraphqlId = policyProjectGraphqlId; + return this; + } + + /** + * @param policyProjectGraphqlId The GraphQL ID of the security policy project. + * + * @return builder + * + */ + public Builder policyProjectGraphqlId(String policyProjectGraphqlId) { + return policyProjectGraphqlId(Output.of(policyProjectGraphqlId)); + } + + /** + * @param project The ID or Full Path of the project which will have the security policy project assigned to it. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID or Full Path of the project which will have the security policy project assigned to it. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param projectGraphqlId The GraphQL ID of the project to which the security policty project will be attached. + * + * @return builder + * + */ + public Builder projectGraphqlId(@Nullable Output projectGraphqlId) { + $.projectGraphqlId = projectGraphqlId; + return this; + } + + /** + * @param projectGraphqlId The GraphQL ID of the project to which the security policty project will be attached. + * + * @return builder + * + */ + public Builder projectGraphqlId(String projectGraphqlId) { + return projectGraphqlId(Output.of(projectGraphqlId)); + } + + public ProjectSecurityPolicyAttachmentState build() { + return $; + } + } + +} diff --git a/sdk/nodejs/clusterAgentToken.ts b/sdk/nodejs/clusterAgentToken.ts index 3cff6ddf..ae92ffd8 100644 --- a/sdk/nodejs/clusterAgentToken.ts +++ b/sdk/nodejs/clusterAgentToken.ts @@ -179,6 +179,8 @@ export class ClusterAgentToken extends pulumi.CustomResource { resourceInputs["tokenId"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const secretOpts = { additionalSecretOutputs: ["token"] }; + opts = pulumi.mergeOptions(opts, secretOpts); super(ClusterAgentToken.__pulumiType, name, resourceInputs, opts); } } diff --git a/sdk/nodejs/deployKey.ts b/sdk/nodejs/deployKey.ts index e5d814dd..3db3fe5e 100644 --- a/sdk/nodejs/deployKey.ts +++ b/sdk/nodejs/deployKey.ts @@ -7,7 +7,7 @@ import * as utilities from "./utilities"; /** * The `gitlab.DeployKey` resource allows to manage the lifecycle of a deploy key. * - * > To enable an already existing deploy key for another project use the `gitlabProjectDeployKey` resource. + * > To enable an already existing deploy key for another project use the `gitlab.DeployKeyEnable` resource. * * **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/deploy_keys.html) * diff --git a/sdk/nodejs/index.ts b/sdk/nodejs/index.ts index 8cd630d1..a2a3c774 100644 --- a/sdk/nodejs/index.ts +++ b/sdk/nodejs/index.ts @@ -560,6 +560,11 @@ export type ProjectRunnerEnablement = import("./projectRunnerEnablement").Projec export const ProjectRunnerEnablement: typeof import("./projectRunnerEnablement").ProjectRunnerEnablement = null as any; utilities.lazyLoad(exports, ["ProjectRunnerEnablement"], () => require("./projectRunnerEnablement")); +export { ProjectSecurityPolicyAttachmentArgs, ProjectSecurityPolicyAttachmentState } from "./projectSecurityPolicyAttachment"; +export type ProjectSecurityPolicyAttachment = import("./projectSecurityPolicyAttachment").ProjectSecurityPolicyAttachment; +export const ProjectSecurityPolicyAttachment: typeof import("./projectSecurityPolicyAttachment").ProjectSecurityPolicyAttachment = null as any; +utilities.lazyLoad(exports, ["ProjectSecurityPolicyAttachment"], () => require("./projectSecurityPolicyAttachment")); + export { ProjectShareGroupArgs, ProjectShareGroupState } from "./projectShareGroup"; export type ProjectShareGroup = import("./projectShareGroup").ProjectShareGroup; export const ProjectShareGroup: typeof import("./projectShareGroup").ProjectShareGroup = null as any; @@ -827,6 +832,8 @@ const _module = { return new ProjectPushRules(name, undefined, { urn }) case "gitlab:index/projectRunnerEnablement:ProjectRunnerEnablement": return new ProjectRunnerEnablement(name, undefined, { urn }) + case "gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment": + return new ProjectSecurityPolicyAttachment(name, undefined, { urn }) case "gitlab:index/projectShareGroup:ProjectShareGroup": return new ProjectShareGroup(name, undefined, { urn }) case "gitlab:index/projectTag:ProjectTag": @@ -945,6 +952,7 @@ pulumi.runtime.registerResourceModule("gitlab", "index/projectMirror", _module) pulumi.runtime.registerResourceModule("gitlab", "index/projectProtectedEnvironment", _module) pulumi.runtime.registerResourceModule("gitlab", "index/projectPushRules", _module) pulumi.runtime.registerResourceModule("gitlab", "index/projectRunnerEnablement", _module) +pulumi.runtime.registerResourceModule("gitlab", "index/projectSecurityPolicyAttachment", _module) pulumi.runtime.registerResourceModule("gitlab", "index/projectShareGroup", _module) pulumi.runtime.registerResourceModule("gitlab", "index/projectTag", _module) pulumi.runtime.registerResourceModule("gitlab", "index/projectVariable", _module) diff --git a/sdk/nodejs/personalAccessToken.ts b/sdk/nodejs/personalAccessToken.ts index 3d4ef58b..f21cbb85 100644 --- a/sdk/nodejs/personalAccessToken.ts +++ b/sdk/nodejs/personalAccessToken.ts @@ -5,11 +5,17 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "./utilities"; /** - * The `gitlab.PersonalAccessToken` resource allows to manage the lifecycle of a personal access token for a specified user. + * The `gitlab.PersonalAccessToken` resource allows to manage the lifecycle of a personal access token. * * > This resource requires administration privileges. * - * **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) + * > Use of the `timestamp()` function with expiresAt will cause the resource to be re-created with every apply, it's recommended to use `plantimestamp()` or a static value instead. + * + * > Observability scopes are in beta and may not work on all instances. See more details in [the documentation](https://docs.gitlab.com/ee/operations/tracing.html) + * + * > Due to [Automatic reuse detection](https://docs.gitlab.com/ee/api/personal_access_tokens.html#automatic-reuse-detection) it's possible that a new Personal Access Token will immediately be revoked. Check if an old process using the old token is running if this happens. + * + * **Upstream API**: [GitLab API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) * * ## Example Usage * @@ -77,7 +83,7 @@ export class PersonalAccessToken extends pulumi.CustomResource { */ public /*out*/ readonly createdAt!: pulumi.Output; /** - * The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * When the token will expire, YYYY-MM-DD format. */ public readonly expiresAt!: pulumi.Output; /** @@ -89,15 +95,15 @@ export class PersonalAccessToken extends pulumi.CustomResource { */ public /*out*/ readonly revoked!: pulumi.Output; /** - * The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. + * The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` */ public readonly scopes!: pulumi.Output; /** - * The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + * The token of the personal access token. **Note**: the token is not available for imported resources. */ public /*out*/ readonly token!: pulumi.Output; /** - * The id of the user. + * The ID of the user. */ public readonly userId!: pulumi.Output; @@ -159,7 +165,7 @@ export interface PersonalAccessTokenState { */ createdAt?: pulumi.Input; /** - * The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * When the token will expire, YYYY-MM-DD format. */ expiresAt?: pulumi.Input; /** @@ -171,15 +177,15 @@ export interface PersonalAccessTokenState { */ revoked?: pulumi.Input; /** - * The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. + * The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` */ scopes?: pulumi.Input[]>; /** - * The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + * The token of the personal access token. **Note**: the token is not available for imported resources. */ token?: pulumi.Input; /** - * The id of the user. + * The ID of the user. */ userId?: pulumi.Input; } @@ -189,7 +195,7 @@ export interface PersonalAccessTokenState { */ export interface PersonalAccessTokenArgs { /** - * The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + * When the token will expire, YYYY-MM-DD format. */ expiresAt?: pulumi.Input; /** @@ -197,11 +203,11 @@ export interface PersonalAccessTokenArgs { */ name?: pulumi.Input; /** - * The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`. + * The scopes of the personal access token. valid values are: `api`, `readUser`, `readApi`, `readRepository`, `writeRepository`, `readRegistry`, `writeRegistry`, `sudo`, `adminMode`, `createRunner`, `manageRunner`, `aiFeatures`, `k8sProxy`, `readServicePing` */ scopes: pulumi.Input[]>; /** - * The id of the user. + * The ID of the user. */ userId: pulumi.Input; } diff --git a/sdk/nodejs/projectSecurityPolicyAttachment.ts b/sdk/nodejs/projectSecurityPolicyAttachment.ts new file mode 100644 index 00000000..ec5be92e --- /dev/null +++ b/sdk/nodejs/projectSecurityPolicyAttachment.ts @@ -0,0 +1,182 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "./utilities"; + +/** + * The `gitlab.ProjectSecurityPolicyAttachment` resource allows to attach a security policy project to a project. + * + * **Upstream API**: [GitLab GraphQL API docs](https://docs.gitlab.com/ee/api/graphql/reference/index.html#mutationsecuritypolicyprojectassign) + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gitlab from "@pulumi/gitlab"; + * + * // This resource can be used to attach a security policy to a pre-existing project + * const foo = new gitlab.ProjectSecurityPolicyAttachment("foo", { + * project: "1234", + * policyProject: "4567", + * }); + * // Or you can use Terraform to create a new project, add a policy to that project, + * // then attach that policy project to other projects. + * const my_policy_project = new gitlab.Project("my-policy-project", {name: "security-policy-project"}); + * const policy_yml = new gitlab.RepositoryFile("policy-yml", { + * project: my_policy_project.id, + * filePath: ".gitlab/security-policies/my-policy.yml", + * branch: "master", + * encoding: "text", + * content: `--- + * approval_policy: + * - name: test + * description: test + * enabled: true + * rules: + * - type: any_merge_request + * branch_type: protected + * commits: any + * approval_settings: + * block_branch_modification: true + * prevent_pushing_and_force_pushing: true + * prevent_approval_by_author: true + * prevent_approval_by_commit_author: true + * remove_approvals_with_new_commit: true + * require_password_to_approve: false + * fallback_behavior: + * fail: closed + * actions: + * - type: send_bot_message + * enabled: true + * `, + * }); + * const my_policy = new gitlab.index.ProjectSecurityPolicy("my-policy", { + * project: 1234, + * policyProject: my_policy_project.id, + * }); + * ``` + * + * ## Import + * + * GitLab project security policy attachments can be imported using an id made up of `project:policy_project_id` where the policy project ID is the project ID of the policy project, e.g. + * + * ```sh + * $ pulumi import gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment foo 1:2 + * ``` + */ +export class ProjectSecurityPolicyAttachment extends pulumi.CustomResource { + /** + * Get an existing ProjectSecurityPolicyAttachment resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: ProjectSecurityPolicyAttachmentState, opts?: pulumi.CustomResourceOptions): ProjectSecurityPolicyAttachment { + return new ProjectSecurityPolicyAttachment(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment'; + + /** + * Returns true if the given object is an instance of ProjectSecurityPolicyAttachment. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is ProjectSecurityPolicyAttachment { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === ProjectSecurityPolicyAttachment.__pulumiType; + } + + /** + * The ID or Full Path of the security policy project. + */ + public readonly policyProject!: pulumi.Output; + /** + * The GraphQL ID of the security policy project. + */ + public /*out*/ readonly policyProjectGraphqlId!: pulumi.Output; + /** + * The ID or Full Path of the project which will have the security policy project assigned to it. + */ + public readonly project!: pulumi.Output; + /** + * The GraphQL ID of the project to which the security policty project will be attached. + */ + public /*out*/ readonly projectGraphqlId!: pulumi.Output; + + /** + * Create a ProjectSecurityPolicyAttachment resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: ProjectSecurityPolicyAttachmentArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: ProjectSecurityPolicyAttachmentArgs | ProjectSecurityPolicyAttachmentState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as ProjectSecurityPolicyAttachmentState | undefined; + resourceInputs["policyProject"] = state ? state.policyProject : undefined; + resourceInputs["policyProjectGraphqlId"] = state ? state.policyProjectGraphqlId : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["projectGraphqlId"] = state ? state.projectGraphqlId : undefined; + } else { + const args = argsOrState as ProjectSecurityPolicyAttachmentArgs | undefined; + if ((!args || args.policyProject === undefined) && !opts.urn) { + throw new Error("Missing required property 'policyProject'"); + } + if ((!args || args.project === undefined) && !opts.urn) { + throw new Error("Missing required property 'project'"); + } + resourceInputs["policyProject"] = args ? args.policyProject : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["policyProjectGraphqlId"] = undefined /*out*/; + resourceInputs["projectGraphqlId"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(ProjectSecurityPolicyAttachment.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering ProjectSecurityPolicyAttachment resources. + */ +export interface ProjectSecurityPolicyAttachmentState { + /** + * The ID or Full Path of the security policy project. + */ + policyProject?: pulumi.Input; + /** + * The GraphQL ID of the security policy project. + */ + policyProjectGraphqlId?: pulumi.Input; + /** + * The ID or Full Path of the project which will have the security policy project assigned to it. + */ + project?: pulumi.Input; + /** + * The GraphQL ID of the project to which the security policty project will be attached. + */ + projectGraphqlId?: pulumi.Input; +} + +/** + * The set of arguments for constructing a ProjectSecurityPolicyAttachment resource. + */ +export interface ProjectSecurityPolicyAttachmentArgs { + /** + * The ID or Full Path of the security policy project. + */ + policyProject: pulumi.Input; + /** + * The ID or Full Path of the project which will have the security policy project assigned to it. + */ + project: pulumi.Input; +} diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index 8dee47fb..fbdaaeac 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -127,6 +127,7 @@ "projectProtectedEnvironment.ts", "projectPushRules.ts", "projectRunnerEnablement.ts", + "projectSecurityPolicyAttachment.ts", "projectShareGroup.ts", "projectTag.ts", "projectVariable.ts", diff --git a/sdk/python/pulumi_gitlab/__init__.py b/sdk/python/pulumi_gitlab/__init__.py index d4ecd6e8..7114fc47 100644 --- a/sdk/python/pulumi_gitlab/__init__.py +++ b/sdk/python/pulumi_gitlab/__init__.py @@ -116,6 +116,7 @@ from .project_protected_environment import * from .project_push_rules import * from .project_runner_enablement import * +from .project_security_policy_attachment import * from .project_share_group import * from .project_tag import * from .project_variable import * @@ -704,6 +705,14 @@ "gitlab:index/projectRunnerEnablement:ProjectRunnerEnablement": "ProjectRunnerEnablement" } }, + { + "pkg": "gitlab", + "mod": "index/projectSecurityPolicyAttachment", + "fqn": "pulumi_gitlab", + "classes": { + "gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment": "ProjectSecurityPolicyAttachment" + } + }, { "pkg": "gitlab", "mod": "index/projectShareGroup", diff --git a/sdk/python/pulumi_gitlab/cluster_agent_token.py b/sdk/python/pulumi_gitlab/cluster_agent_token.py index 6fbbbae2..7c17ad86 100644 --- a/sdk/python/pulumi_gitlab/cluster_agent_token.py +++ b/sdk/python/pulumi_gitlab/cluster_agent_token.py @@ -428,6 +428,8 @@ def _internal_init(__self__, __props__.__dict__["status"] = None __props__.__dict__["token"] = None __props__.__dict__["token_id"] = None + secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["token"]) + opts = pulumi.ResourceOptions.merge(opts, secret_opts) super(ClusterAgentToken, __self__).__init__( 'gitlab:index/clusterAgentToken:ClusterAgentToken', resource_name, diff --git a/sdk/python/pulumi_gitlab/deploy_key.py b/sdk/python/pulumi_gitlab/deploy_key.py index 2e2dd6f8..5f824f55 100644 --- a/sdk/python/pulumi_gitlab/deploy_key.py +++ b/sdk/python/pulumi_gitlab/deploy_key.py @@ -181,7 +181,7 @@ def __init__(__self__, """ The `DeployKey` resource allows to manage the lifecycle of a deploy key. - > To enable an already existing deploy key for another project use the `gitlab_project_deploy_key` resource. + > To enable an already existing deploy key for another project use the `DeployKeyEnable` resource. **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/deploy_keys.html) @@ -229,7 +229,7 @@ def __init__(__self__, """ The `DeployKey` resource allows to manage the lifecycle of a deploy key. - > To enable an already existing deploy key for another project use the `gitlab_project_deploy_key` resource. + > To enable an already existing deploy key for another project use the `DeployKeyEnable` resource. **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/deploy_keys.html) diff --git a/sdk/python/pulumi_gitlab/personal_access_token.py b/sdk/python/pulumi_gitlab/personal_access_token.py index c79869cd..4b797583 100644 --- a/sdk/python/pulumi_gitlab/personal_access_token.py +++ b/sdk/python/pulumi_gitlab/personal_access_token.py @@ -20,9 +20,9 @@ def __init__(__self__, *, name: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a PersonalAccessToken resource. - :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. - :param pulumi.Input[int] user_id: The id of the user. - :param pulumi.Input[str] expires_at: The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` + :param pulumi.Input[int] user_id: The ID of the user. + :param pulumi.Input[str] expires_at: When the token will expire, YYYY-MM-DD format. :param pulumi.Input[str] name: The name of the personal access token. """ pulumi.set(__self__, "scopes", scopes) @@ -36,7 +36,7 @@ def __init__(__self__, *, @pulumi.getter def scopes(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: """ - The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` """ return pulumi.get(self, "scopes") @@ -48,7 +48,7 @@ def scopes(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): @pulumi.getter(name="userId") def user_id(self) -> pulumi.Input[int]: """ - The id of the user. + The ID of the user. """ return pulumi.get(self, "user_id") @@ -60,7 +60,7 @@ def user_id(self, value: pulumi.Input[int]): @pulumi.getter(name="expiresAt") def expires_at(self) -> Optional[pulumi.Input[str]]: """ - The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + When the token will expire, YYYY-MM-DD format. """ return pulumi.get(self, "expires_at") @@ -96,12 +96,12 @@ def __init__(__self__, *, Input properties used for looking up and filtering PersonalAccessToken resources. :param pulumi.Input[bool] active: True if the token is active. :param pulumi.Input[str] created_at: Time the token has been created, RFC3339 format. - :param pulumi.Input[str] expires_at: The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + :param pulumi.Input[str] expires_at: When the token will expire, YYYY-MM-DD format. :param pulumi.Input[str] name: The name of the personal access token. :param pulumi.Input[bool] revoked: True if the token is revoked. - :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. - :param pulumi.Input[str] token: The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. - :param pulumi.Input[int] user_id: The id of the user. + :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` + :param pulumi.Input[str] token: The token of the personal access token. **Note**: the token is not available for imported resources. + :param pulumi.Input[int] user_id: The ID of the user. """ if active is not None: pulumi.set(__self__, "active", active) @@ -148,7 +148,7 @@ def created_at(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="expiresAt") def expires_at(self) -> Optional[pulumi.Input[str]]: """ - The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + When the token will expire, YYYY-MM-DD format. """ return pulumi.get(self, "expires_at") @@ -184,7 +184,7 @@ def revoked(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter def scopes(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: """ - The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` """ return pulumi.get(self, "scopes") @@ -196,7 +196,7 @@ def scopes(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): @pulumi.getter def token(self) -> Optional[pulumi.Input[str]]: """ - The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + The token of the personal access token. **Note**: the token is not available for imported resources. """ return pulumi.get(self, "token") @@ -208,7 +208,7 @@ def token(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="userId") def user_id(self) -> Optional[pulumi.Input[int]]: """ - The id of the user. + The ID of the user. """ return pulumi.get(self, "user_id") @@ -228,11 +228,17 @@ def __init__(__self__, user_id: Optional[pulumi.Input[int]] = None, __props__=None): """ - The `PersonalAccessToken` resource allows to manage the lifecycle of a personal access token for a specified user. + The `PersonalAccessToken` resource allows to manage the lifecycle of a personal access token. > This resource requires administration privileges. - **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) + > Use of the `timestamp()` function with expires_at will cause the resource to be re-created with every apply, it's recommended to use `plantimestamp()` or a static value instead. + + > Observability scopes are in beta and may not work on all instances. See more details in [the documentation](https://docs.gitlab.com/ee/operations/tracing.html) + + > Due to [Automatic reuse detection](https://docs.gitlab.com/ee/api/personal_access_tokens.html#automatic-reuse-detection) it's possible that a new Personal Access Token will immediately be revoked. Check if an old process using the old token is running if this happens. + + **Upstream API**: [GitLab API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) ## Example Usage @@ -263,10 +269,10 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[str] expires_at: The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + :param pulumi.Input[str] expires_at: When the token will expire, YYYY-MM-DD format. :param pulumi.Input[str] name: The name of the personal access token. - :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. - :param pulumi.Input[int] user_id: The id of the user. + :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` + :param pulumi.Input[int] user_id: The ID of the user. """ ... @overload @@ -275,11 +281,17 @@ def __init__(__self__, args: PersonalAccessTokenArgs, opts: Optional[pulumi.ResourceOptions] = None): """ - The `PersonalAccessToken` resource allows to manage the lifecycle of a personal access token for a specified user. + The `PersonalAccessToken` resource allows to manage the lifecycle of a personal access token. > This resource requires administration privileges. - **Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) + > Use of the `timestamp()` function with expires_at will cause the resource to be re-created with every apply, it's recommended to use `plantimestamp()` or a static value instead. + + > Observability scopes are in beta and may not work on all instances. See more details in [the documentation](https://docs.gitlab.com/ee/operations/tracing.html) + + > Due to [Automatic reuse detection](https://docs.gitlab.com/ee/api/personal_access_tokens.html#automatic-reuse-detection) it's possible that a new Personal Access Token will immediately be revoked. Check if an old process using the old token is running if this happens. + + **Upstream API**: [GitLab API docs](https://docs.gitlab.com/ee/api/personal_access_tokens.html) ## Example Usage @@ -377,12 +389,12 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] active: True if the token is active. :param pulumi.Input[str] created_at: Time the token has been created, RFC3339 format. - :param pulumi.Input[str] expires_at: The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + :param pulumi.Input[str] expires_at: When the token will expire, YYYY-MM-DD format. :param pulumi.Input[str] name: The name of the personal access token. :param pulumi.Input[bool] revoked: True if the token is revoked. - :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. - :param pulumi.Input[str] token: The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. - :param pulumi.Input[int] user_id: The id of the user. + :param pulumi.Input[Sequence[pulumi.Input[str]]] scopes: The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` + :param pulumi.Input[str] token: The token of the personal access token. **Note**: the token is not available for imported resources. + :param pulumi.Input[int] user_id: The ID of the user. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -418,7 +430,7 @@ def created_at(self) -> pulumi.Output[str]: @pulumi.getter(name="expiresAt") def expires_at(self) -> pulumi.Output[str]: """ - The token expires at midnight UTC on that date. The date must be in the format YYYY-MM-DD. + When the token will expire, YYYY-MM-DD format. """ return pulumi.get(self, "expires_at") @@ -442,7 +454,7 @@ def revoked(self) -> pulumi.Output[bool]: @pulumi.getter def scopes(self) -> pulumi.Output[Sequence[str]]: """ - The scope for the personal access token. It determines the actions which can be performed when authenticating with this token. Valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`. + The scopes of the personal access token. valid values are: `api`, `read_user`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, `sudo`, `admin_mode`, `create_runner`, `manage_runner`, `ai_features`, `k8s_proxy`, `read_service_ping` """ return pulumi.get(self, "scopes") @@ -450,7 +462,7 @@ def scopes(self) -> pulumi.Output[Sequence[str]]: @pulumi.getter def token(self) -> pulumi.Output[str]: """ - The personal access token. This is only populated when creating a new personal access token. This attribute is not available for imported resources. + The token of the personal access token. **Note**: the token is not available for imported resources. """ return pulumi.get(self, "token") @@ -458,7 +470,7 @@ def token(self) -> pulumi.Output[str]: @pulumi.getter(name="userId") def user_id(self) -> pulumi.Output[int]: """ - The id of the user. + The ID of the user. """ return pulumi.get(self, "user_id") diff --git a/sdk/python/pulumi_gitlab/project_security_policy_attachment.py b/sdk/python/pulumi_gitlab/project_security_policy_attachment.py new file mode 100644 index 00000000..0cbfecfa --- /dev/null +++ b/sdk/python/pulumi_gitlab/project_security_policy_attachment.py @@ -0,0 +1,360 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from . import _utilities + +__all__ = ['ProjectSecurityPolicyAttachmentArgs', 'ProjectSecurityPolicyAttachment'] + +@pulumi.input_type +class ProjectSecurityPolicyAttachmentArgs: + def __init__(__self__, *, + policy_project: pulumi.Input[str], + project: pulumi.Input[str]): + """ + The set of arguments for constructing a ProjectSecurityPolicyAttachment resource. + :param pulumi.Input[str] policy_project: The ID or Full Path of the security policy project. + :param pulumi.Input[str] project: The ID or Full Path of the project which will have the security policy project assigned to it. + """ + pulumi.set(__self__, "policy_project", policy_project) + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="policyProject") + def policy_project(self) -> pulumi.Input[str]: + """ + The ID or Full Path of the security policy project. + """ + return pulumi.get(self, "policy_project") + + @policy_project.setter + def policy_project(self, value: pulumi.Input[str]): + pulumi.set(self, "policy_project", value) + + @property + @pulumi.getter + def project(self) -> pulumi.Input[str]: + """ + The ID or Full Path of the project which will have the security policy project assigned to it. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: pulumi.Input[str]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _ProjectSecurityPolicyAttachmentState: + def __init__(__self__, *, + policy_project: Optional[pulumi.Input[str]] = None, + policy_project_graphql_id: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + project_graphql_id: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering ProjectSecurityPolicyAttachment resources. + :param pulumi.Input[str] policy_project: The ID or Full Path of the security policy project. + :param pulumi.Input[str] policy_project_graphql_id: The GraphQL ID of the security policy project. + :param pulumi.Input[str] project: The ID or Full Path of the project which will have the security policy project assigned to it. + :param pulumi.Input[str] project_graphql_id: The GraphQL ID of the project to which the security policty project will be attached. + """ + if policy_project is not None: + pulumi.set(__self__, "policy_project", policy_project) + if policy_project_graphql_id is not None: + pulumi.set(__self__, "policy_project_graphql_id", policy_project_graphql_id) + if project is not None: + pulumi.set(__self__, "project", project) + if project_graphql_id is not None: + pulumi.set(__self__, "project_graphql_id", project_graphql_id) + + @property + @pulumi.getter(name="policyProject") + def policy_project(self) -> Optional[pulumi.Input[str]]: + """ + The ID or Full Path of the security policy project. + """ + return pulumi.get(self, "policy_project") + + @policy_project.setter + def policy_project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "policy_project", value) + + @property + @pulumi.getter(name="policyProjectGraphqlId") + def policy_project_graphql_id(self) -> Optional[pulumi.Input[str]]: + """ + The GraphQL ID of the security policy project. + """ + return pulumi.get(self, "policy_project_graphql_id") + + @policy_project_graphql_id.setter + def policy_project_graphql_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "policy_project_graphql_id", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID or Full Path of the project which will have the security policy project assigned to it. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter(name="projectGraphqlId") + def project_graphql_id(self) -> Optional[pulumi.Input[str]]: + """ + The GraphQL ID of the project to which the security policty project will be attached. + """ + return pulumi.get(self, "project_graphql_id") + + @project_graphql_id.setter + def project_graphql_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project_graphql_id", value) + + +class ProjectSecurityPolicyAttachment(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + policy_project: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + The `ProjectSecurityPolicyAttachment` resource allows to attach a security policy project to a project. + + **Upstream API**: [GitLab GraphQL API docs](https://docs.gitlab.com/ee/api/graphql/reference/index.html#mutationsecuritypolicyprojectassign) + + ## Example Usage + + ```python + import pulumi + import pulumi_gitlab as gitlab + + # This resource can be used to attach a security policy to a pre-existing project + foo = gitlab.ProjectSecurityPolicyAttachment("foo", + project="1234", + policy_project="4567") + # Or you can use Terraform to create a new project, add a policy to that project, + # then attach that policy project to other projects. + my_policy_project = gitlab.Project("my-policy-project", name="security-policy-project") + policy_yml = gitlab.RepositoryFile("policy-yml", + project=my_policy_project.id, + file_path=".gitlab/security-policies/my-policy.yml", + branch="master", + encoding="text", + content=\"\"\"--- + approval_policy: + - name: test + description: test + enabled: true + rules: + - type: any_merge_request + branch_type: protected + commits: any + approval_settings: + block_branch_modification: true + prevent_pushing_and_force_pushing: true + prevent_approval_by_author: true + prevent_approval_by_commit_author: true + remove_approvals_with_new_commit: true + require_password_to_approve: false + fallback_behavior: + fail: closed + actions: + - type: send_bot_message + enabled: true + \"\"\") + my_policy = gitlab.index.ProjectSecurityPolicy("my-policy", + project=1234, + policy_project=my_policy_project.id) + ``` + + ## Import + + GitLab project security policy attachments can be imported using an id made up of `project:policy_project_id` where the policy project ID is the project ID of the policy project, e.g. + + ```sh + $ pulumi import gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment foo 1:2 + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] policy_project: The ID or Full Path of the security policy project. + :param pulumi.Input[str] project: The ID or Full Path of the project which will have the security policy project assigned to it. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: ProjectSecurityPolicyAttachmentArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + The `ProjectSecurityPolicyAttachment` resource allows to attach a security policy project to a project. + + **Upstream API**: [GitLab GraphQL API docs](https://docs.gitlab.com/ee/api/graphql/reference/index.html#mutationsecuritypolicyprojectassign) + + ## Example Usage + + ```python + import pulumi + import pulumi_gitlab as gitlab + + # This resource can be used to attach a security policy to a pre-existing project + foo = gitlab.ProjectSecurityPolicyAttachment("foo", + project="1234", + policy_project="4567") + # Or you can use Terraform to create a new project, add a policy to that project, + # then attach that policy project to other projects. + my_policy_project = gitlab.Project("my-policy-project", name="security-policy-project") + policy_yml = gitlab.RepositoryFile("policy-yml", + project=my_policy_project.id, + file_path=".gitlab/security-policies/my-policy.yml", + branch="master", + encoding="text", + content=\"\"\"--- + approval_policy: + - name: test + description: test + enabled: true + rules: + - type: any_merge_request + branch_type: protected + commits: any + approval_settings: + block_branch_modification: true + prevent_pushing_and_force_pushing: true + prevent_approval_by_author: true + prevent_approval_by_commit_author: true + remove_approvals_with_new_commit: true + require_password_to_approve: false + fallback_behavior: + fail: closed + actions: + - type: send_bot_message + enabled: true + \"\"\") + my_policy = gitlab.index.ProjectSecurityPolicy("my-policy", + project=1234, + policy_project=my_policy_project.id) + ``` + + ## Import + + GitLab project security policy attachments can be imported using an id made up of `project:policy_project_id` where the policy project ID is the project ID of the policy project, e.g. + + ```sh + $ pulumi import gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment foo 1:2 + ``` + + :param str resource_name: The name of the resource. + :param ProjectSecurityPolicyAttachmentArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(ProjectSecurityPolicyAttachmentArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + policy_project: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = ProjectSecurityPolicyAttachmentArgs.__new__(ProjectSecurityPolicyAttachmentArgs) + + if policy_project is None and not opts.urn: + raise TypeError("Missing required property 'policy_project'") + __props__.__dict__["policy_project"] = policy_project + if project is None and not opts.urn: + raise TypeError("Missing required property 'project'") + __props__.__dict__["project"] = project + __props__.__dict__["policy_project_graphql_id"] = None + __props__.__dict__["project_graphql_id"] = None + super(ProjectSecurityPolicyAttachment, __self__).__init__( + 'gitlab:index/projectSecurityPolicyAttachment:ProjectSecurityPolicyAttachment', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + policy_project: Optional[pulumi.Input[str]] = None, + policy_project_graphql_id: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + project_graphql_id: Optional[pulumi.Input[str]] = None) -> 'ProjectSecurityPolicyAttachment': + """ + Get an existing ProjectSecurityPolicyAttachment resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] policy_project: The ID or Full Path of the security policy project. + :param pulumi.Input[str] policy_project_graphql_id: The GraphQL ID of the security policy project. + :param pulumi.Input[str] project: The ID or Full Path of the project which will have the security policy project assigned to it. + :param pulumi.Input[str] project_graphql_id: The GraphQL ID of the project to which the security policty project will be attached. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _ProjectSecurityPolicyAttachmentState.__new__(_ProjectSecurityPolicyAttachmentState) + + __props__.__dict__["policy_project"] = policy_project + __props__.__dict__["policy_project_graphql_id"] = policy_project_graphql_id + __props__.__dict__["project"] = project + __props__.__dict__["project_graphql_id"] = project_graphql_id + return ProjectSecurityPolicyAttachment(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="policyProject") + def policy_project(self) -> pulumi.Output[str]: + """ + The ID or Full Path of the security policy project. + """ + return pulumi.get(self, "policy_project") + + @property + @pulumi.getter(name="policyProjectGraphqlId") + def policy_project_graphql_id(self) -> pulumi.Output[str]: + """ + The GraphQL ID of the security policy project. + """ + return pulumi.get(self, "policy_project_graphql_id") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID or Full Path of the project which will have the security policy project assigned to it. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="projectGraphqlId") + def project_graphql_id(self) -> pulumi.Output[str]: + """ + The GraphQL ID of the project to which the security policty project will be attached. + """ + return pulumi.get(self, "project_graphql_id") +