Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add tfe_organization_token ephemeral resource #1616

Merged
merged 7 commits into from
Mar 10, 2025
Merged

feat: add tfe_organization_token ephemeral resource #1616

merged 7 commits into from
Mar 10, 2025

Conversation

ctrombley
Copy link
Contributor

@ctrombley ctrombley commented Feb 20, 2025
edited
Loading

Description

Allow users to create an ephemeral resource for tfe_organization_token, so that the org token is not stored in the Terraform state file and can be handled securely and temporarily during Terraform operations.

Remember to:

Testing plan

  1. Create a terraform configuration that has child module
  2. In that module, try out a config similar to this:
ephemeral "tfe_organization_token" "example" {
  name   = "my-org-name"
}

output "my-org-token" {
  value       = ephemeral.tfe_organization_token.this.token
  ephemeral   = true
}

Then init and apply the configuration.
The state file should not include the ephemeral resource.

Output from acceptance tests

Please run applicable acceptance tests locally and include the output here. See testing.md to learn how to run acceptance tests.

If you are an external contributor, your contribution(s) will first be reviewed before running them against the project's CI pipeline.

$ TESTARGS="-run TestAccOrganizationTokenEphemeralResource" make testacc

...

@ctrombley ctrombley force-pushed the TF-23091-implement-ephemeral-resource-for-tfe-organization-token branch from 56f658d to 0dd4231 Compare February 21, 2025 23:08
@ctrombley ctrombley self-assigned this Feb 21, 2025
@ctrombley ctrombley force-pushed the TF-23091-implement-ephemeral-resource-for-tfe-organization-token branch 2 times, most recently from f514efb to bad59a3 Compare February 27, 2025 19:57
@ctrombley ctrombley force-pushed the TF-23091-implement-ephemeral-resource-for-tfe-organization-token branch 2 times, most recently from 089e31b to 8518b38 Compare March 5, 2025 19:12
@ctrombley ctrombley marked this pull request as ready for review March 5, 2025 19:16
@ctrombley ctrombley requested a review from a team as a code owner March 5, 2025 19:16
uturunku1
uturunku1 requested changes Mar 6, 2025
View reviewed changes
Copy link
Contributor

@uturunku1 uturunku1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add a release note about this new ephemeral resource? I had forgotten to do that for the agent token. But I plan to include it in my upcoming PR.

@ctrombley
Copy link
Contributor Author

Should we add a release note about this new ephemeral resource? I had forgotten to do that for the agent token. But I plan to include it in my upcoming PR.

Addressed in 38b2374.

@ctrombley ctrombley requested a review from uturunku1 March 6, 2025 17:33
@uturunku1
Copy link
Contributor

The changes look good! Do the tests need to be updated?

@ctrombley ctrombley force-pushed the TF-23091-implement-ephemeral-resource-for-tfe-organization-token branch from 9288eb6 to 690f991 Compare March 7, 2025 01:44
brandonc
brandonc reviewed Mar 7, 2025
View reviewed changes
website/docs/ephemeral-resources/organization_token.html.markdown Outdated

Terraform ephemeral resource for managing a TFE organization token. This
resource is used to generate a new organization token that is guaranteed not to
be written to state. Since organization tokens are singleton resources, using this ephemeral resource will replace any existing organization token.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
be written to state. Since organization tokens are singleton resources, using this ephemeral resource will replace any existing organization token.
be written to state. Since organization tokens are singleton resources, using this ephemeral resource will replace any existing organization token, including those managed by `tfe_organization_token`.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Addressed in 93f913b.

website/docs/ephemeral-resources/organization_token.html.markdown Outdated

The following arguments are required:

* `organization` - (Required) Name of the organization. If omitted, organization must be defined in the provider config.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is optional because it probably can use provider config.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, addressed in 93f913b.

@ctrombley ctrombley force-pushed the TF-23091-implement-ephemeral-resource-for-tfe-organization-token branch from ebe9b29 to 6f670d6 Compare March 7, 2025 19:36
@ctrombley ctrombley requested a review from brandonc March 7, 2025 23:48
@ctrombley ctrombley merged commit c89ba01 into main Mar 10, 2025
5 checks passed
@ctrombley ctrombley deleted the TF-23091-implement-ephemeral-resource-for-tfe-organization-token branch March 10, 2025 17:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@uturunku1 uturunku1 uturunku1 approved these changes

@shwetamurali shwetamurali shwetamurali approved these changes

@brandonc brandonc Awaiting requested review from brandonc

Assignees

@ctrombley ctrombley

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ctrombley @uturunku1 @brandonc @shwetamurali