feat: Add rbac_roles to coder_workspace_owner data source

Author: nxf5025

docs/data-sources/workspace_owner.md

@@ -49,6 +49,7 @@ resource "coder_env" "git_author_email" {
 - `email` (String) The email address of the user.
 - `full_name` (String) The full name of the user.
 - `groups` (List of String) The groups of which the user is a member.
+- `rbac_roles` (List of String) The rbac roles of which the user is assigned.
 - `id` (String) The UUID of the workspace owner.
 - `login_type` (String) The type of login the user has.
 - `name` (String) The username of the user.

integration/integration_test.go

@@ -113,6 +113,7 @@ func TestIntegration(t *testing.T) {
 				"workspace_owner.ssh_private_key":   `(?s)^.+?BEGIN OPENSSH PRIVATE KEY.+?END OPENSSH PRIVATE KEY.+?$`,
 				"workspace_owner.ssh_public_key":    `(?s)^ssh-ed25519.+$`,
 				"workspace_owner.login_type":        ``,
+				"workspace_owner.rbac_roles":        `\[(\"member\")?\]`,
 			},
 		},
 		{

integration/workspace-owner/main.tf

@@ -40,6 +40,7 @@ locals {
     "workspace_owner.ssh_private_key" : data.coder_workspace_owner.me.ssh_private_key,
     "workspace_owner.ssh_public_key" : data.coder_workspace_owner.me.ssh_public_key,
     "workspace_owner.login_type" : data.coder_workspace_owner.me.login_type,
+    "workspace_owner.rbac_roles" : data.coder_workspace_owner.me.rbac_roles,
   }
 }
 

provider/workspace_owner.go

@@ -59,6 +59,14 @@ func workspaceOwnerDataSource() *schema.Resource {
 				_ = rd.Set("login_type", loginType)
 			}
 
+			var rbacRoles []string
+			if rolesRaw, ok := os.LookupEnv("CODER_WORKSPACE_OWNER_RBAC_ROLES"); ok {
+				if err := json.NewDecoder(strings.NewReader(rolesRaw)).Decode(&rbacRoles); err != nil {
+					return diag.Errorf("invalid user rbac roles: %s", err.Error())
+				}
+			}
+			_ = rd.Set("rbac_roles", rbacRoles)
+
 			return diags
 		},
 		Schema: map[string]*schema.Schema{
@@ -118,6 +126,14 @@ func workspaceOwnerDataSource() *schema.Resource {
 				Computed:    true,
 				Description: "The type of login the user has.",
 			},
+			"rbac_roles": {
+				Type: schema.TypeList,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Computed:    true,
+				Description: "The RBAC roles of which the user is assigned.",
+			},
 		},
 	}
 }

provider/workspace_owner_test.go

@@ -34,6 +34,7 @@ func TestWorkspaceOwnerDatasource(t *testing.T) {
 		t.Setenv("CODER_WORKSPACE_OWNER_SESSION_TOKEN", `supersecret`)
 		t.Setenv("CODER_WORKSPACE_OWNER_OIDC_ACCESS_TOKEN", `alsosupersecret`)
 		t.Setenv("CODER_WORKSPACE_OWNER_LOGIN_TYPE", `github`)
+		t.Setenv("CODER_WORKSPACE_OWNER_RBAC_ROLES", `["member", "auditor"]`)
 
 		resource.Test(t, resource.TestCase{
 			ProviderFactories: coderFactory(),
@@ -61,6 +62,8 @@ func TestWorkspaceOwnerDatasource(t *testing.T) {
 					assert.Equal(t, `supersecret`, attrs["session_token"])
 					assert.Equal(t, `alsosupersecret`, attrs["oidc_access_token"])
 					assert.Equal(t, `github`, attrs["login_type"])
+					assert.Equal(t, `member`, attrs["rbac_roles.0"])
+					assert.Equal(t, `auditor`, attrs["rbac_roles.1"])
 
 					return nil
 				},
@@ -80,6 +83,7 @@ func TestWorkspaceOwnerDatasource(t *testing.T) {
 			"CODER_WORKSPACE_OWNER_SSH_PUBLIC_KEY",
 			"CODER_WORKSPACE_OWNER_SSH_PRIVATE_KEY",
 			"CODER_WORKSPACE_OWNER_LOGIN_TYPE",
+			"CODER_WORKSPACE_OWNER_RBAC_ROLES",
 		} { // https://github.com/golang/go/issues/52817
 			t.Setenv(v, "")
 			os.Unsetenv(v)
@@ -110,6 +114,7 @@ func TestWorkspaceOwnerDatasource(t *testing.T) {
 					assert.Empty(t, attrs["session_token"])
 					assert.Empty(t, attrs["oidc_access_token"])
 					assert.Empty(t, attrs["login_type"])
+					assert.Empty(t, attrs["rbac_roles.0"])
 					return nil
 				},
 			}},