addition of team sync support

github/data_source_github_organization_team_sync_groups.go

@@ -0,0 +1,90 @@
+package github
+
+import (
+	"context"
+	"fmt"
+	"log"
+
+	"github.com/google/go-github/v29/github"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+)
+
+func dataSourceGithubOrganizationTeamSyncGroups() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceGithubOrganizationTeamSyncGroupsRead,
+
+		Schema: map[string]*schema.Schema{
+			"groups": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"group_id": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"group_name": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"group_description": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func dataSourceGithubOrganizationTeamSyncGroupsRead(d *schema.ResourceData, meta interface{}) error {
+	log.Print("[INFO] Refreshing GitHub Organization Team-Sync Groups")
+
+	client := meta.(*Organization).client
+	ctx := context.Background()
+
+	orgName := meta.(*Organization).name
+	options := &github.ListCursorOptions{PerPage: maxPerPage}
+
+	groups := make([]interface{}, 0)
+	for {
+		idpGroupList, resp, err := client.Teams.ListIDPGroupsInOrganization(ctx, orgName, options)
+		if err != nil {
+			return err
+		}
+
+		result, err := flattenGithubIDPGroupList(idpGroupList)
+		if err != nil {
+			return fmt.Errorf("unable to flatten IdP Groups in Github Organization(Org: %q) : %+v", orgName, err)
+		}
+
+		groups = append(groups, result...)
+
+		if resp.NextPage == 0 {
+			break
+		}
+		options.Page = string(resp.NextPage)
+	}
+
+	d.SetId("github-org-team-sync-groups")
+	d.Set("groups", groups)
+
+	return nil
+}
+
+func flattenGithubIDPGroupList(idpGroupList *github.IDPGroupList) ([]interface{}, error) {
+	if idpGroupList == nil {
+		return make([]interface{}, 0), nil
+	}
+	results := make([]interface{}, 0)
+	for _, group := range idpGroupList.Groups {
+		result := make(map[string]interface{})
+		result["group_id"] = group.GetGroupID()
+		result["group_name"] = group.GetGroupName()
+		result["group_description"] = group.GetGroupDescription()
+		results = append(results, result)
+	}
+
+	return results, nil
+}

github/data_source_github_organization_team_sync_groups_test.go

@@ -0,0 +1,52 @@
+package github
+
+import (
+	"regexp"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+)
+
+func TestAccGithubOrganizationTeamSyncGroupsDataSource_noMatchReturnsError(t *testing.T) {
+	if isEnterprise != "true" {
+		t.Skip("Skipping because `ENTERPRISE_ACCOUNT` is not set or set to false")
+	}
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config:      testAccCheckGithubOrganizationTeamSyncGroupsDataSourceConfig(),
+				ExpectError: regexp.MustCompile(`This team is not externally managed.`),
+			},
+		},
+	})
+}
+
+func TestAccGithubOrganizationTeamSyncGroupsDataSource_existing(t *testing.T) {
+	if isEnterprise != "true" {
+		t.Skip("Skipping because `ENTERPRISE_ACCOUNT` is not set or set to false")
+	}
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCheckGithubOrganizationTeamSyncGroupsDataSourceConfig(),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("data.github_organization_team_sync_groups.test", "groups.#"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckGithubOrganizationTeamSyncGroupsDataSourceConfig() string {
+	return `data "github_organization_team_sync_groups" "test" {}`
+}

github/provider.go

@@ -62,22 +62,24 @@ func Provider() terraform.ResourceProvider {
 			"github_repository":               resourceGithubRepository(),
 			"github_team_membership":          resourceGithubTeamMembership(),
 			"github_team_repository":          resourceGithubTeamRepository(),
+			"github_team_sync_group_mapping":  resourceGithubTeamSyncGroupMapping(),
 			"github_team":                     resourceGithubTeam(),
 			"github_user_gpg_key":             resourceGithubUserGpgKey(),
 			"github_user_invitation_accepter": resourceGithubUserInvitationAccepter(),
 			"github_user_ssh_key":             resourceGithubUserSshKey(),
 		},
 
 		DataSourcesMap: map[string]*schema.Resource{
-			"github_collaborators":      dataSourceGithubCollaborators(),
-			"github_ip_ranges":          dataSourceGithubIpRanges(),
-			"github_membership":         dataSourceGithubMembership(),
-			"github_release":            dataSourceGithubRelease(),
-			"github_repositories":       dataSourceGithubRepositories(),
-			"github_repository":         dataSourceGithubRepository(),
-			"github_team":               dataSourceGithubTeam(),
-			"github_user":               dataSourceGithubUser(),
-			"github_actions_public_key": dataSourceGithubActionsPublicKey(),
+			"github_collaborators":                 dataSourceGithubCollaborators(),
+			"github_ip_ranges":                     dataSourceGithubIpRanges(),
+			"github_membership":                    dataSourceGithubMembership(),
+			"github_release":                       dataSourceGithubRelease(),
+			"github_repositories":                  dataSourceGithubRepositories(),
+			"github_repository":                    dataSourceGithubRepository(),
+			"github_organization_team_sync_groups": dataSourceGithubOrganizationTeamSyncGroups(),
+			"github_team":                          dataSourceGithubTeam(),
+			"github_user":                          dataSourceGithubUser(),
+			"github_actions_public_key":            dataSourceGithubActionsPublicKey(),
 		},
 	}
 

github/provider_test.go

@@ -18,6 +18,7 @@ import (
 var testUser string = os.Getenv("GITHUB_TEST_USER")
 var testCollaborator string = os.Getenv("GITHUB_TEST_COLLABORATOR")
 var testOrganization string = os.Getenv("GITHUB_ORGANIZATION")
+var isEnterprise string = os.Getenv("ENTERPRISE_ACCOUNT")
 
 var testAccProviders map[string]terraform.ResourceProvider
 var testAccProviderFactories func(providers *[]*schema.Provider) map[string]terraform.ResourceProviderFactory

github/resource_github_team_sync_group_mapping.go

@@ -0,0 +1,194 @@
+package github
+
+import (
+	"context"
+	"log"
+
+	"github.com/google/go-github/v29/github"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+)
+
+func resourceGithubTeamSyncGroupMapping() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceGithubTeamSyncGroupMappingCreate,
+		Read:   resourceGithubTeamSyncGroupMappingRead,
+		Update: resourceGithubTeamSyncGroupMappingUpdate,
+		Delete: resourceGithubTeamSyncGroupMappingDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"team_slug": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"group": {
+				Type:     schema.TypeList,
+				Required: true,
+				ForceNew: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"group_id": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+						"group_name": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+						"group_description": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+					},
+				},
+			},
+			"etag": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func resourceGithubTeamSyncGroupMappingCreate(d *schema.ResourceData, meta interface{}) error {
+	err := checkOrganization(meta)
+	if err != nil {
+		return err
+	}
+
+	client := meta.(*Organization).client
+	ctx := context.Background()
+	orgName := meta.(*Organization).name
+	slug := d.Get("team_slug").(string)
+
+	team, err := getGithubTeamBySlug(ctx, client, orgName, slug)
+	if err != nil {
+		return err
+	}
+
+	idpGroupList, err := expandTeamSyncGroups(d)
+	if err != nil {
+		return err
+	}
+	log.Printf("[DEBUG] Creating team-sync group mapping (Team: %s)", team.GetName())
+	_, resp, err := client.Teams.CreateOrUpdateIDPGroupConnections(ctx, string(team.GetID()), *idpGroupList)
+	if err != nil {
+		return err
+	}
+
+	d.Set("etag", resp.Header.Get("ETag"))
+	d.SetId("github-team-sync-group-mappings")
+
+	return resourceGithubTeamRead(d, meta)
+}
+
+func resourceGithubTeamSyncGroupMappingRead(d *schema.ResourceData, meta interface{}) error {
+	err := checkOrganization(meta)
+	if err != nil {
+		return err
+	}
+
+	client := meta.(*Organization).client
+	orgName := meta.(*Organization).name
+	slug := d.Get("team_slug").(string)
+
+	ctx := context.WithValue(context.Background(), ctxId, d.Id())
+	if !d.IsNewResource() {
+		ctx = context.WithValue(ctx, ctxEtag, d.Get("etag").(string))
+	}
+
+	team, err := getGithubTeamBySlug(ctx, client, orgName, slug)
+	if err != nil {
+		return err
+	}
+
+	log.Printf("[DEBUG] Reading team-sync group mapping (Team: %s)", team.GetName())
+	idpGroupList, _, err := client.Teams.ListIDPGroupsForTeam(ctx, string(team.GetID()))
+	if err != nil {
+		return err
+	}
+
+	groups, err := flattenGithubIDPGroupList(idpGroupList)
+	if err != nil {
+		return err
+	}
+
+	d.Set("group", groups)
+
+	return nil
+}
+
+func resourceGithubTeamSyncGroupMappingUpdate(d *schema.ResourceData, meta interface{}) error {
+	err := checkOrganization(meta)
+	if err != nil {
+		return err
+	}
+
+	client := meta.(*Organization).client
+	orgName := meta.(*Organization).name
+	ctx := context.WithValue(context.Background(), ctxId, d.Id())
+	slug := d.Get("team_slug").(string)
+
+	team, err := getGithubTeamBySlug(ctx, client, orgName, slug)
+	if err != nil {
+		return err
+	}
+
+	idpGroupList, err := expandTeamSyncGroups(d)
+	if err != nil {
+		return err
+	}
+	log.Printf("[DEBUG] Updating team-sync group mapping (Team: %s)", team.GetName())
+	_, _, err = client.Teams.CreateOrUpdateIDPGroupConnections(ctx, string(team.GetID()), *idpGroupList)
+	if err != nil {
+		return err
+	}
+
+	return resourceGithubTeamRead(d, meta)
+}
+
+func resourceGithubTeamSyncGroupMappingDelete(d *schema.ResourceData, meta interface{}) error {
+	err := checkOrganization(meta)
+	if err != nil {
+		return err
+	}
+
+	client := meta.(*Organization).client
+	orgName := meta.(*Organization).name
+	ctx := context.WithValue(context.Background(), ctxId, d.Id())
+	slug := d.Get("team_slug").(string)
+
+	team, err := getGithubTeamBySlug(ctx, client, orgName, slug)
+	if err != nil {
+		return err
+	}
+
+	groups := make([]*github.IDPGroup, 0)
+	emptyGroupList := github.IDPGroupList{Groups: groups}
+
+	log.Printf("[DEBUG] Deleting team-sync group mapping (Team: %s)", team.GetName())
+	_, _, err = client.Teams.CreateOrUpdateIDPGroupConnections(ctx, string(team.GetID()), emptyGroupList)
+
+	return err
+}
+
+func expandTeamSyncGroups(d *schema.ResourceData) (*github.IDPGroupList, error) {
+	if v, ok := d.GetOk("group"); ok {
+		vL := v.([]interface{})
+		idpGroupList := new(github.IDPGroupList)
+		groups := make([]*github.IDPGroup, 0)
+		for _, v := range vL {
+			m := v.(map[string]interface{})
+			group := new(github.IDPGroup)
+			group.GroupID = m["group_id"].(*string)
+			group.GroupName = m["group_name"].(*string)
+			group.GroupDescription = m["group_description"].(*string)
+			groups = append(groups, group)
+		}
+		idpGroupList.Groups = groups
+		return idpGroupList, nil
+	}
+	return nil, nil
+}