sso_exempt support (#52)

* adding sso_exempt to schema and filling out converters_test * adding sso_exempt to test plan * updating CHANGELOG
zerotier · Aug 16, 2024 · 7e2f411 · 7e2f411
1 parent a3221b4
commit 7e2f411
Show file tree

Hide file tree

Showing 6 changed files with 54 additions and 17 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # terraform-provider-zerotier CHANGELOG
 
+## v1.6.0
+- Adding support for sso_exempt to zerotier_member
+
 ## v1.5.3
 - Updating go deps
 

diff --git a/pkg/zerotier/converters_test.go b/pkg/zerotier/converters_test.go
@@ -13,36 +13,59 @@ import (
 func TestZeroTier_ToMember(t *testing.T) {
 
 	d := schema.TestResourceDataRaw(t, resourceMember().Schema, map[string]interface{}{
-		"network_id":     "11122334455aabbccdd",
-		"ip_assignments": []interface{}{"10.10.10.10", "1.2.3.4"},
-		"capabilities":   []interface{}{1, 2, 3},
-		"tags":           []interface{}{[]interface{}{1, 2}, []interface{}{3, 4}},
-		"member_id":      "2468012345",
-		// "hidden": false,
-		// "name": "a name",
-		// "description": "a description",
-		// "authorized": true,
-		// "allow_ethernet_bridging": false,
-		// "no_auto_assign_ips": false,
+		"network_id":              "11122334455aabbccdd",
+		"ip_assignments":          []interface{}{"10.10.10.10", "1.2.3.4"},
+		"capabilities":            []interface{}{1, 2, 3},
+		"tags":                    []interface{}{[]interface{}{1, 2}, []interface{}{3, 4}},
+		"member_id":               "2468012345",
+		"authorized":              true,
+		"sso_exempt":              true,
+		"hidden":                  false,
+		"name":                    "baub",
+		"description":             "praise baub",
+		"allow_ethernet_bridging": true,
+		"no_auto_assign_ips":      false,
 	})
 
 	expectedNetworkId := "11122334455aabbccdd"
-	expectedTags := [][]int{{1, 2}, {3, 4}}
+	expectedName := "baub"
+	expectedDescription := "praise baub"
+	expectedTags := [][]interface{}{{1, 2}, {3, 4}}
 	expectedCaps := []int{1, 2, 3}
 	expectedIps := []string{"10.10.10.10", "1.2.3.4"}
+	expectedAuthorized := true
+	expectedSsoExempt := true
+	expectedHidden := false
+	expectedAllowEthernetBridging := true
+	expectedNoAutoAssignIps := false
+
 	expected := &spec.Member{
-		NetworkId: &expectedNetworkId,
+		NetworkId:   &expectedNetworkId,
+		Hidden:      &expectedHidden,
+		Name:        &expectedName,
+		Description: &expectedDescription,
 		Config: &spec.MemberConfig{
-			Tags:          &expectedTags,
-			Capabilities:  &expectedCaps,
-			IpAssignments: &expectedIps,
+			Authorized:      &expectedAuthorized,
+			Tags:            &expectedTags,
+			Capabilities:    &expectedCaps,
+			IpAssignments:   &expectedIps,
+			SsoExempt:       &expectedSsoExempt,
+			ActiveBridge:    &expectedAllowEthernetBridging,
+			NoAutoAssignIps: &expectedNoAutoAssignIps,
 		},
 	}
 	out := toMember(d)
 
 	assert.Equal(t, *expected.NetworkId, *out.NetworkId)
+	assert.Equal(t, *expected.Hidden, *out.Hidden)
+	assert.Equal(t, *expected.Name, *out.Name)
+	assert.Equal(t, *expected.Description, *out.Description)
 	assert.Equal(t, "2468012345", *out.NodeId)
 	assert.ElementsMatch(t, *expected.Config.IpAssignments, *out.Config.IpAssignments)
 	assert.ElementsMatch(t, *expected.Config.Tags, *out.Config.Tags)
 	assert.ElementsMatch(t, *expected.Config.Capabilities, *out.Config.Capabilities)
+	assert.Equal(t, *expected.Config.Authorized, *out.Config.Authorized)
+	assert.Equal(t, *expected.Config.SsoExempt, *out.Config.SsoExempt)
+	assert.Equal(t, *expected.Config.ActiveBridge, *out.Config.ActiveBridge)
+	assert.Equal(t, *expected.Config.NoAutoAssignIps, *out.Config.NoAutoAssignIps)
 }
diff --git a/pkg/zerotier/data_source_members.go b/pkg/zerotier/data_source_members.go
@@ -53,6 +53,7 @@ func datasourceMemberRead(ctx context.Context, d *schema.ResourceData, m interfa
 			"network_id":              *member.NetworkId,
 			"hidden":                  *member.Hidden,
 			"authorized":              *member.Config.Authorized,
+			"sso_exempt":              *member.Config.SsoExempt,
 			"allow_ethernet_bridging": *member.Config.ActiveBridge,
 			"no_auto_assign_ips":      *member.Config.NoAutoAssignIps,
 			"ip_assignments":          *member.Config.IpAssignments,

diff --git a/pkg/zerotier/member.go b/pkg/zerotier/member.go
@@ -120,6 +120,12 @@ func buildMemberSchema(asResource bool) map[string]*schema.Schema {
 			Computed:    true,
 			Description: "Computed RFC4193 address. assign_ipv6.rfc4193 must be enabled on the network resource.",
 		},
+		"sso_exempt": {
+			Type:        schema.TypeBool,
+			Optional:    true,
+			Default:     false,
+			Description: "Is the member exempt from SSO?",
+		},
 	}
 	if asResource {
 		start["network_id"] = &schema.Schema{
@@ -153,7 +159,6 @@ func toMember(d *schema.ResourceData) *spec.Member {
 		NetworkId: stringPtr(d.Get("network_id").(string)),
 		NodeId:    stringPtr(d.Get("member_id").(string)),
 		Hidden:    boolPtr(d.Get("hidden").(bool)),
-		//OfflineNotifyDelay: toInt(d, "offline_notify_delay"),
 		Name:        stringPtr(d.Get("name").(string)),
 		Description: stringPtr(d.Get("description").(string)),
 		Config: &spec.MemberConfig{
@@ -163,6 +168,7 @@ func toMember(d *schema.ResourceData) *spec.Member {
 			Capabilities:    fetchIntSet(d, "capabilities"),
 			IpAssignments:   fetchStringSet(d, "ip_assignments"),
 			Tags:            fetchTags(d.Get("tags").(*schema.Set).List()),
+			SsoExempt:       boolPtr(d.Get("sso_exempt").(bool)),
 		},
 	}
 }
@@ -181,6 +187,7 @@ func memberToTerraform(d *schema.ResourceData, m *spec.Member) diag.Diagnostics
 	d.Set("ip_assignments", *m.Config.IpAssignments)
 	d.Set("capabilities", *m.Config.Capabilities)
 	d.Set("tags", *m.Config.Tags)
+	d.Set("sso_exempt", *m.Config.SsoExempt)
 
 	ipv4Assignments, ipv6Assignments := assignedIpsGrouping(*m.Config.IpAssignments)
 	d.Set("ipv4_assignments", ipv4Assignments)

diff --git a/provision_test.go b/provision_test.go
@@ -140,6 +140,7 @@ func TestBasicMembers(t *testing.T) {
 				}
 
 				isBool(t, attrs["hidden"], true, "hidden")
+				isBool(t, attrs["sso_exempt"], true, "sso_exempt")
 				isBool(t, attrs["allow_ethernet_bridging"], true, "allow_ethernet_bridging")
 				isBool(t, attrs["no_auto_assign_ips"], true, "no_auto_assign_ips")
 

diff --git a/testdata/plans/basic-member.tf b/testdata/plans/basic-member.tf
@@ -1,6 +1,7 @@
 provider "zerotier" {}
 
 resource "zerotier_identity" "alice" {}
+
 resource "zerotier_network" "alicenet" {
   name = "alicenet"
   assignment_pool {
@@ -21,4 +22,5 @@ resource "zerotier_member" "alice" {
   ip_assignments          = ["10.0.0.1"]
   capabilities            = [1, 2, 3]
   tags                    = [[1000, 100]]
+  sso_exempt              = true
 }