Add Organization-level public key data sources (#1608)

Add the following new data sources: * github_actions_organization_public_key * github_dependabot_organization_public_key Co-authored-by: Keegan Campbell <me@kfcampbell.com>
integrations · Apr 3, 2023 · 0546397 · 0546397
1 parent d9a763e
commit 0546397
Show file tree

Hide file tree

Showing 8 changed files with 244 additions and 0 deletions.
diff --git a/github/data_source_github_actions_organization_public_key.go b/github/data_source_github_actions_organization_public_key.go
@@ -0,0 +1,47 @@
+package github
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+)
+
+func dataSourceGithubActionsOrganizationPublicKey() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceGithubActionsOrganizationPublicKeyRead,
+
+		Schema: map[string]*schema.Schema{
+			"key_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"key": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceGithubActionsOrganizationPublicKeyRead(d *schema.ResourceData, meta interface{}) error {
+	err := checkOrganization(meta)
+	if err != nil {
+		return err
+	}
+
+	client := meta.(*Owner).v3client
+	owner := meta.(*Owner).name
+
+	ctx := context.Background()
+
+	publicKey, _, err := client.Actions.GetOrgPublicKey(ctx, owner)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(publicKey.GetKeyID())
+	d.Set("key_id", publicKey.GetKeyID())
+	d.Set("key", publicKey.GetKey())
+
+	return nil
+}
diff --git a/github/data_source_github_actions_organization_public_key_test.go b/github/data_source_github_actions_organization_public_key_test.go
@@ -0,0 +1,49 @@
+package github
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+)
+
+func TestAccGithubActionsOrganizationPublicKeyDataSource(t *testing.T) {
+
+	t.Run("queries an organization public key without error", func(t *testing.T) {
+
+		config := `
+			data "github_actions_organization_public_key" "test" {}
+		`
+
+		check := resource.ComposeTestCheckFunc(
+			resource.TestCheckResourceAttrSet(
+				"data.github_actions_organization_public_key.test", "key",
+			),
+		)
+
+		testCase := func(t *testing.T, mode string) {
+			resource.Test(t, resource.TestCase{
+				PreCheck:  func() { skipUnlessMode(t, mode) },
+				Providers: testAccProviders,
+				Steps: []resource.TestStep{
+					{
+						Config: config,
+						Check:  check,
+					},
+				},
+			})
+		}
+
+		t.Run("with an anonymous account", func(t *testing.T) {
+			t.Skip("anonymous account not supported for this operation")
+		})
+
+		t.Run("with an individual account", func(t *testing.T) {
+			t.Skip("individual account not supported for this operation")
+		})
+
+		t.Run("with an organization account", func(t *testing.T) {
+			testCase(t, organization)
+		})
+
+	})
+}
diff --git a/github/data_source_github_dependabot_organization_public_key.go b/github/data_source_github_dependabot_organization_public_key.go
@@ -0,0 +1,47 @@
+package github
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+)
+
+func dataSourceGithubDependabotOrganizationPublicKey() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceGithubDependabotOrganizationPublicKeyRead,
+
+		Schema: map[string]*schema.Schema{
+			"key_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"key": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceGithubDependabotOrganizationPublicKeyRead(d *schema.ResourceData, meta interface{}) error {
+	err := checkOrganization(meta)
+	if err != nil {
+		return err
+	}
+
+	client := meta.(*Owner).v3client
+	owner := meta.(*Owner).name
+
+	ctx := context.Background()
+
+	publicKey, _, err := client.Dependabot.GetOrgPublicKey(ctx, owner)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(publicKey.GetKeyID())
+	d.Set("key_id", publicKey.GetKeyID())
+	d.Set("key", publicKey.GetKey())
+
+	return nil
+}
diff --git a/github/data_source_github_dependabot_organization_public_key_test.go b/github/data_source_github_dependabot_organization_public_key_test.go
@@ -0,0 +1,49 @@
+package github
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+)
+
+func TestAccGithubDependabotOrganizationPublicKeyDataSource(t *testing.T) {
+
+	t.Run("queries an organization public key without error", func(t *testing.T) {
+
+		config := `
+			data "github_dependabot_organization_public_key" "test" {}
+		`
+
+		check := resource.ComposeTestCheckFunc(
+			resource.TestCheckResourceAttrSet(
+				"data.github_dependabot_organization_public_key.test", "key",
+			),
+		)
+
+		testCase := func(t *testing.T, mode string) {
+			resource.Test(t, resource.TestCase{
+				PreCheck:  func() { skipUnlessMode(t, mode) },
+				Providers: testAccProviders,
+				Steps: []resource.TestStep{
+					{
+						Config: config,
+						Check:  check,
+					},
+				},
+			})
+		}
+
+		t.Run("with an anonymous account", func(t *testing.T) {
+			t.Skip("anonymous account not supported for this operation")
+		})
+
+		t.Run("with an individual account", func(t *testing.T) {
+			t.Skip("individual account not supported for this operation")
+		})
+
+		t.Run("with an organization account", func(t *testing.T) {
+			testCase(t, organization)
+		})
+
+	})
+}
diff --git a/github/provider.go b/github/provider.go
@@ -149,6 +149,7 @@ func Provider() terraform.ResourceProvider {
 			"github_actions_environment_secrets":                                    dataSourceGithubActionsEnvironmentSecrets(),
 			"github_actions_environment_variables":                                  dataSourceGithubActionsEnvironmentVariables(),
 			"github_actions_organization_oidc_subject_claim_customization_template": dataSourceGithubActionsOrganizationOIDCSubjectClaimCustomizationTemplate(),
+			"github_actions_organization_public_key":                                dataSourceGithubActionsOrganizationPublicKey(),
 			"github_actions_organization_registration_token":                        dataSourceGithubActionsOrganizationRegistrationToken(),
 			"github_actions_organization_secrets":                                   dataSourceGithubActionsOrganizationSecrets(),
 			"github_actions_organization_variables":                                 dataSourceGithubActionsOrganizationVariables(),
@@ -160,6 +161,7 @@ func Provider() terraform.ResourceProvider {
 			"github_app":                                                            dataSourceGithubApp(),
 			"github_branch":                                                         dataSourceGithubBranch(),
 			"github_collaborators":                                                  dataSourceGithubCollaborators(),
+			"github_dependabot_organization_public_key":                             dataSourceGithubDependabotOrganizationPublicKey(),
 			"github_dependabot_organization_secrets":                                dataSourceGithubDependabotOrganizationSecrets(),
 			"github_dependabot_public_key":                                          dataSourceGithubDependabotPublicKey(),
 			"github_dependabot_secrets":                                             dataSourceGithubDependabotSecrets(),

diff --git a/website/docs/d/actions_organization_public_key.html.markdown b/website/docs/d/actions_organization_public_key.html.markdown
@@ -0,0 +1,22 @@
+---
+layout: "github"
+page_title: "GitHub: github_actions_organization_public_key"
+description: |-
+  Get information on a GitHub Actions Organization Public Key.
+---
+
+# github_actions_organization_public_key
+
+Use this data source to retrieve information about a GitHub Actions Organization public key. This data source is required to be used with other GitHub secrets interactions.
+Note that the provider `token` must have admin rights to an organization to retrieve it's action public key.
+
+## Example Usage
+
+```hcl
+data "github_actions_organization_public_key" "example" {}
+```
+
+## Attributes Reference
+
+ * `key_id` - ID of the key that has been retrieved.
+ * `key`    - Actual key retrieved.
diff --git a/website/docs/d/dependabot_organization_public_key.html.markdown b/website/docs/d/dependabot_organization_public_key.html.markdown
@@ -0,0 +1,22 @@
+---
+layout: "github"
+page_title: "GitHub: github_dependabot_organization_public_key"
+description: |-
+  Get information on a GitHub Dependabot Organization Public Key.
+---
+
+# github_dependabot_organization_public_key
+
+Use this data source to retrieve information about a GitHub Dependabot Organization public key. This data source is required to be used with other GitHub secrets interactions.
+Note that the provider `token` must have admin rights to an organization to retrieve it's Dependabot public key.
+
+## Example Usage
+
+```hcl
+data "github_dependabot_organization_public_key" "example" {}
+```
+
+## Attributes Reference
+
+* `key_id` - ID of the key that has been retrieved.
+* `key`    - Actual key retrieved.
diff --git a/website/github.erb b/website/github.erb
@@ -22,6 +22,9 @@
             <li>
               <a href="/docs/providers/github/d/actions_organization_oidc_subject_claim_customization_template.html">actions_organization_oidc_subject_claim_customization_template</a>
             </li>
+            <li>
+              <a href="/docs/providers/github/d/actions_organization_public_key.html">actions_organization_public_key</a>
+            </li>
             <li>
               <a href="/docs/providers/github/d/actions_organization_registration_token.html">actions_organization_registration_token</a>
             </li>
@@ -55,6 +58,9 @@
             <li>
               <a href="/docs/providers/github/d/collaborators.html">github_collaborators</a>
             </li>
+            <li>
+              <a href="/docs/providers/github/d/dependabot_organization_public_key.html">dependabot_organization_public_key</a>
+            </li>
             <li>
               <a href="/docs/providers/github/d/dependabot_organization_secrets.html">dependabot_organization_secrets</a>
             </li>