feat: add coder_user datasource

Author: johnstcn

docs/data-sources/user.md

@@ -0,0 +1,42 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "coder_user Data Source - terraform-provider-coder"
+subcategory: ""
+description: |-
+  Use this data source to fetch information about a user.
+---
+
+# coder_user (Data Source)
+
+Use this data source to fetch information about a user.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Read-Only
+
+- `avatar_url` (String) The URL of the user's avatar.
+- `created_at` (String) The time the user was created in RFC3339 format.
+- `email` (String) The email address of the user.
+- `groups` (List of String) The groups of which the user is a member.
+- `id` (String) The UUID of the user.
+- `last_seen_at` (String) The time the user was last active in RFC3339 format.
+- `login_type` (String) The user's login type.
+- `name` (String) The full name of the user.
+- `organization_ids` (List of String) The organization IDs of which the user is a member.
+- `roles` (List of Object) The roles assigned to the user. (see [below for nested schema](#nestedatt--roles))
+- `ssh_private_key` (String, Sensitive) The user's generated SSH private key.
+- `ssh_public_key` (String) The user's generated SSH public key.
+- `status` (String) The status of the user.
+- `theme_preference` (String) The user's theme preference.
+- `username` (String) The username of the user.
+
+<a id="nestedatt--roles"></a>
+### Nested Schema for `roles`
+
+Read-Only:
+
+- `display_name` (String)
+- `name` (String)

provider/provider.go

@@ -74,6 +74,7 @@ func New() *schema.Provider {
 			"coder_parameter":      parameterDataSource(),
 			"coder_git_auth":       gitAuthDataSource(),
 			"coder_external_auth":  externalAuthDataSource(),
+			"coder_user":           userDataSource(),
 		},
 		ResourcesMap: map[string]*schema.Resource{
 			"coder_agent":          agentResource(),

provider/user.go

@@ -0,0 +1,227 @@
+package provider
+
+import (
+	"context"
+	"encoding/json"
+	"os"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+type Role struct {
+	Name        string `json:"name"`
+	DisplayName string `json:"display-name"`
+}
+
+func userDataSource() *schema.Resource {
+	return &schema.Resource{
+		Description: "Use this data source to fetch information about a user.",
+		ReadContext: func(ctx context.Context, rd *schema.ResourceData, i interface{}) diag.Diagnostics {
+			if idStr, ok := os.LookupEnv("CODER_USER_ID"); !ok {
+				return diag.Errorf("missing user id")
+			} else {
+				rd.SetId(idStr)
+			}
+
+			if username, ok := os.LookupEnv("CODER_USER_USERNAME"); !ok {
+				return diag.Errorf("missing user username")
+			} else {
+				_ = rd.Set("username", username)
+			}
+
+			if avatarURL, ok := os.LookupEnv("CODER_USER_AVATAR_URL"); !ok {
+				return diag.Errorf("missing user avatar_url")
+			} else {
+				_ = rd.Set("avatar_url", avatarURL)
+			}
+
+			if fullname, ok := os.LookupEnv("CODER_USER_NAME"); !ok {
+				_ = rd.Set("name", "default") // compat
+			} else {
+				_ = rd.Set("name", fullname)
+			}
+
+			if email, ok := os.LookupEnv("CODER_USER_EMAIL"); !ok {
+				return diag.Errorf("missing user email")
+			} else {
+				_ = rd.Set("email", email)
+			}
+
+			if createdAt, ok := os.LookupEnv("CODER_USER_CREATED_AT"); !ok {
+				return diag.Errorf("missing user created_at")
+			} else {
+				_ = rd.Set("created_at", createdAt)
+			}
+
+			if lastSeenAt, ok := os.LookupEnv("CODER_USER_LAST_SEEN_AT"); !ok {
+				return diag.Errorf("missing user last_seen_at")
+			} else {
+				_ = rd.Set("last_seen_at", lastSeenAt)
+			}
+
+			if status, ok := os.LookupEnv("CODER_USER_STATUS"); !ok {
+				return diag.Errorf("missing user status")
+			} else {
+				_ = rd.Set("status", status)
+			}
+
+			if loginType, ok := os.LookupEnv("CODER_USER_LOGIN_TYPE"); !ok {
+				return diag.Errorf("missing user login_type")
+			} else {
+				_ = rd.Set("login_type", loginType)
+			}
+
+			if themePref, ok := os.LookupEnv("CODER_USER_THEME_PREFERENCE"); !ok {
+				return diag.Errorf("missing user theme_preference")
+			} else {
+				_ = rd.Set("theme_preference", themePref)
+			}
+
+			orgIDsRaw, ok := os.LookupEnv("CODER_USER_ORGANIZATION_IDS")
+			if !ok {
+				return diag.Errorf("missing user organization_ids")
+			}
+			var orgIDs []string
+			if err := json.NewDecoder(strings.NewReader(orgIDsRaw)).Decode(&orgIDs); err != nil {
+				return diag.Errorf("invalid user organization_ids: %s", err.Error())
+			}
+			_ = rd.Set("organization_ids", orgIDs)
+
+			if sshPubKey, ok := os.LookupEnv("CODER_USER_SSH_PUBLIC_KEY"); !ok {
+				return diag.Errorf("missing user ssh_public_key")
+			} else {
+				_ = rd.Set("ssh_public_key", sshPubKey)
+			}
+
+			if sshPrivKey, ok := os.LookupEnv("CODER_USER_SSH_PRIVATE_KEY"); !ok {
+				return diag.Errorf("missing user ssh_private_key")
+			} else {
+				_ = rd.Set("ssh_private_key", sshPrivKey)
+			}
+
+			groupsRaw, ok := os.LookupEnv("CODER_USER_GROUPS")
+			if !ok {
+				return diag.Errorf("missing user groups")
+			}
+			var groups []string
+			if err := json.NewDecoder(strings.NewReader(groupsRaw)).Decode(&groups); err != nil {
+				return diag.Errorf("invalid user groups: %s", err.Error())
+			} else {
+				_ = rd.Set("groups", groups)
+			}
+
+			rolesRaw, ok := os.LookupEnv("CODER_USER_ROLES")
+			if !ok {
+				return diag.Errorf("missing user roles")
+			}
+			var roles []Role
+			if err := json.NewDecoder(strings.NewReader(rolesRaw)).Decode(&roles); err != nil {
+				return diag.Errorf("invalid user roles: %s", err.Error())
+			} else {
+				_ = rd.Set("roles", roles)
+			}
+
+			return nil
+		},
+		Schema: map[string]*schema.Schema{
+			"id": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The UUID of the user.",
+			},
+			"username": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The username of the user.",
+			},
+			"avatar_url": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The URL of the user's avatar.",
+			},
+			"name": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The full name of the user.",
+			},
+			"email": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The email address of the user.",
+			},
+			"created_at": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The time the user was created in RFC3339 format.",
+			},
+			"last_seen_at": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The time the user was last active in RFC3339 format.",
+			},
+			"status": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The status of the user.",
+			},
+			"login_type": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The user's login type.",
+			},
+			"theme_preference": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The user's theme preference.",
+			},
+			"organization_ids": {
+				Type: schema.TypeList,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Computed:    true,
+				Description: "The organization IDs of which the user is a member.",
+			},
+			"ssh_public_key": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The user's generated SSH public key.",
+			},
+			"ssh_private_key": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "The user's generated SSH private key.",
+				Sensitive:   true,
+			},
+			"groups": {
+				Type: schema.TypeList,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Computed:    true,
+				Description: "The groups of which the user is a member.",
+			},
+			"roles": {
+				Type: schema.TypeList,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"name": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The internal name of the role.",
+						},
+						"display_name": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The display name of the role in the UI.",
+						},
+					},
+				},
+				Computed:    true,
+				Description: "The roles assigned to the user.",
+			},
+		},
+	}
+}

provider/user_test.go

@@ -0,0 +1,82 @@
+package provider_test
+
+import (
+	"testing"
+
+	"github.com/coder/terraform-provider-coder/provider"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+const (
+	testSSHEd25519PublicKey = `ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJeNcdBMtd4Jo9f2W8RZef0ld7Ypye5zTQEf0vUXa/Eq owner123@host456`
+	// nolint:gosec  // This key was generated specifically for this purpose.
+	testSSHEd25519PrivateKey = `-----BEGIN OPENSSH PRIVATE KEY-----
+	b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+	QyNTUxOQAAACCXjXHQTLXeCaPX9lvEWXn9JXe2Kcnuc00BH9L1F2vxKgAAAJgp3mfQKd5n
+	0AAAAAtzc2gtZWQyNTUxOQAAACCXjXHQTLXeCaPX9lvEWXn9JXe2Kcnuc00BH9L1F2vxKg
+	AAAEBia7mAQFoLBILlvTJroTkOUomzfcPY9ckpViQOjYFkAZeNcdBMtd4Jo9f2W8RZef0l
+	d7Ypye5zTQEf0vUXa/EqAAAAE3ZzY29kZUAzY2Y4MWY5YmM3MmQBAg==
+	-----END OPENSSH PRIVATE KEY-----`
+)
+
+func TestUserDatasource(t *testing.T) {
+	t.Setenv("CODER_USER_ID", "11111111-1111-1111-1111-111111111111")
+	t.Setenv("CODER_USER_USERNAME", "owner123")
+	t.Setenv("CODER_USER_AVATAR_URL", "https://example.com/avatar.png")
+	t.Setenv("CODER_USER_NAME", "Mr Owner")
+	t.Setenv("CODER_USER_EMAIL", "owner123@example.com")
+	t.Setenv("CODER_USER_CREATED_AT", "2022-08-15T08:30:10.343828Z")
+	t.Setenv("CODER_USER_LAST_SEEN_AT", "2024-05-23T13:37:49.193203Z")
+	t.Setenv("CODER_USER_STATUS", "active")
+	t.Setenv("CODER_USER_LOGIN_TYPE", "oidc")
+	t.Setenv("CODER_USER_THEME_PREFERENCE", "hackerGreen")
+	t.Setenv("CODER_USER_ORGANIZATION_IDS", `["22222222-2222-2222-2222-222222222222","33333333-3333-3333-3333-333333333333"]`)
+	t.Setenv("CODER_USER_SSH_PUBLIC_KEY", testSSHEd25519PublicKey)
+	t.Setenv("CODER_USER_SSH_PRIVATE_KEY", testSSHEd25519PrivateKey)
+	t.Setenv("CODER_USER_GROUPS", `["group1", "group2"]`)
+	t.Setenv("CODER_USER_ROLES", `[{"name": "template-admin", "display_name": "Template Admin"}]`)
+
+	resource.Test(t, resource.TestCase{
+		Providers: map[string]*schema.Provider{
+			"coder": provider.New(),
+		},
+		IsUnitTest: true,
+		Steps: []resource.TestStep{{
+			Config: `
+			provider "coder" {}
+			data "coder_user" "me" {}
+			`,
+			Check: func(s *terraform.State) error {
+				require.Len(t, s.Modules, 1)
+				require.Len(t, s.Modules[0].Resources, 1)
+				resource := s.Modules[0].Resources["data.coder_user.me"]
+				require.NotNil(t, resource)
+
+				attrs := resource.Primary.Attributes
+				assert.Equal(t, "11111111-1111-1111-1111-111111111111", attrs["id"])
+				assert.Equal(t, "owner123", attrs["username"])
+				assert.Equal(t, "https://example.com/avatar.png", attrs["avatar_url"])
+				assert.Equal(t, "Mr Owner", attrs["name"])
+				assert.Equal(t, "owner123@example.com", attrs["email"])
+				assert.Equal(t, "2022-08-15T08:30:10.343828Z", attrs["created_at"])
+				assert.Equal(t, "2024-05-23T13:37:49.193203Z", attrs["last_seen_at"])
+				assert.Equal(t, "active", attrs["status"])
+				assert.Equal(t, "oidc", attrs["login_type"])
+				assert.Equal(t, "hackerGreen", attrs["theme_preference"])
+				assert.Equal(t, "22222222-2222-2222-2222-222222222222", attrs["organization_ids.0"])
+				assert.Equal(t, "33333333-3333-3333-3333-333333333333", attrs["organization_ids.1"])
+				assert.Equal(t, testSSHEd25519PublicKey, attrs["ssh_public_key"])
+				assert.Equal(t, testSSHEd25519PrivateKey, attrs["ssh_private_key"])
+				assert.Equal(t, `group1`, attrs["groups.0"])
+				assert.Equal(t, `group2`, attrs["groups.1"])
+				assert.Equal(t, `template-admin`, attrs["roles.0.name"])
+				assert.Equal(t, `Template Admin`, attrs["roles.0.display_name"])
+				return nil
+			},
+		}},
+	})
+}