add verify_ssl to authentik_service_connection_kubernetes resource

closes #473
goauthentik · Feb 21, 2024 · cee19f5 · cee19f5
1 parent e5fbda6
commit cee19f5
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 14 deletions.
diff --git a/docs/data-sources/brand.md b/docs/data-sources/brand.md
@@ -9,7 +9,18 @@ description: |-
 
 Get brands by domain
 
+## Example Usage
 
+```terraform
+# To get the details of a brand by domain
+
+data "authentik_brand" "authentik-default" {
+  domain = "authentik-default"
+}
+
+# Then use `data.authentik_brand.authentik-default.domain`, `data.authentik_brand.authentik-default.branding_title`,
+# `data.authentik_brand.authentik-default.branding_logo`, ...
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

diff --git a/docs/resources/brand.md b/docs/resources/brand.md
@@ -9,7 +9,17 @@ description: |-
 
 
 
+## Example Usage
 
+```terraform
+# Create/manage a default brand
+
+resource "authentik_brand" "default" {
+  domain         = "."
+  default        = true
+  branding_title = "test"
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

diff --git a/docs/resources/policy_event_matcher.md b/docs/resources/policy_event_matcher.md
@@ -37,7 +37,6 @@ resource "authentik_policy_event_matcher" "name" {
   - `authentik.admin`
   - `authentik.api`
   - `authentik.crypto`
-  - `authentik.events`
   - `authentik.flows`
   - `authentik.outposts`
   - `authentik.policies.dummy`
@@ -85,16 +84,12 @@ resource "authentik_policy_event_matcher" "name" {
   - `authentik.enterprise`
   - `authentik.enterprise.audit`
   - `authentik.enterprise.providers.rac`
+  - `authentik.events`
 - `client_ip` (String)
 - `execution_logging` (Boolean) Defaults to `false`.
 - `model` (String) Allowed values:
   - `authentik_tenants.domain`
   - `authentik_crypto.certificatekeypair`
-  - `authentik_events.event`
-  - `authentik_events.notificationtransport`
-  - `authentik_events.notification`
-  - `authentik_events.notificationrule`
-  - `authentik_events.notificationwebhookmapping`
   - `authentik_flows.flow`
   - `authentik_flows.flowstagebinding`
   - `authentik_outposts.dockerserviceconnection`
@@ -106,14 +101,10 @@ resource "authentik_policy_event_matcher" "name" {
   - `authentik_policies_expression.expressionpolicy`
   - `authentik_policies_password.passwordpolicy`
   - `authentik_policies_reputation.reputationpolicy`
-  - `authentik_policies_reputation.reputation`
   - `authentik_policies.policybinding`
   - `authentik_providers_ldap.ldapprovider`
   - `authentik_providers_oauth2.scopemapping`
   - `authentik_providers_oauth2.oauth2provider`
-  - `authentik_providers_oauth2.authorizationcode`
-  - `authentik_providers_oauth2.accesstoken`
-  - `authentik_providers_oauth2.refreshtoken`
   - `authentik_providers_proxy.proxyprovider`
   - `authentik_providers_radius.radiusprovider`
   - `authentik_providers_saml.samlprovider`
@@ -166,6 +157,11 @@ resource "authentik_policy_event_matcher" "name" {
   - `authentik_providers_rac.racprovider`
   - `authentik_providers_rac.endpoint`
   - `authentik_providers_rac.racpropertymapping`
+  - `authentik_events.event`
+  - `authentik_events.notificationtransport`
+  - `authentik_events.notification`
+  - `authentik_events.notificationrule`
+  - `authentik_events.notificationwebhookmapping`
 
 ### Read-Only
 

diff --git a/docs/resources/service_connection_kubernetes.md b/docs/resources/service_connection_kubernetes.md
@@ -41,6 +41,7 @@ EOF
 
 - `kubeconfig` (String, Sensitive) JSON format expected. Use jsonencode() to pass objects. Defaults to `{}`.
 - `local` (Boolean) Defaults to `false`.
+- `verify_ssl` (Boolean) Defaults to `true`.
 
 ### Read-Only
 

diff --git a/internal/provider/resource_outpost_sc_kubernetes.go b/internal/provider/resource_outpost_sc_kubernetes.go
@@ -38,18 +38,22 @@ func resourceServiceConnectionKubernetes() *schema.Resource {
 				Description:      "JSON format expected. Use jsonencode() to pass objects.",
 				DiffSuppressFunc: diffSuppressJSON,
 			},
+			"verify_ssl": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  true,
+			},
 		},
 	}
 }
 
 func resourceServiceConnectionKubernetesSchemaToModel(d *schema.ResourceData) (*api.KubernetesServiceConnectionRequest, diag.Diagnostics) {
 	m := api.KubernetesServiceConnectionRequest{
-		Name: d.Get("name").(string),
+		Name:      d.Get("name").(string),
+		VerifySsl: api.PtrBool(d.Get("verify_ssl").(bool)),
+		Local:     api.PtrBool(d.Get("local").(bool)),
 	}
 
-	local := d.Get("local").(bool)
-	m.Local = &local
-
 	if l, ok := d.Get("kubeconfig").(string); ok {
 		var c map[string]interface{}
 		err := json.NewDecoder(strings.NewReader(l)).Decode(&c)
@@ -90,6 +94,7 @@ func resourceServiceConnectionKubernetesRead(ctx context.Context, d *schema.Reso
 
 	setWrapper(d, "name", res.Name)
 	setWrapper(d, "local", res.Local)
+	setWrapper(d, "verify_ssl", res.VerifySsl)
 	b, err := json.Marshal(res.Kubeconfig)
 	if err != nil {
 		return diag.FromErr(err)