diff --git a/terraform/Makefile b/terraform/Makefile index 43e19a15a..883f5f2b0 100644 --- a/terraform/Makefile +++ b/terraform/Makefile @@ -43,13 +43,13 @@ $(BUILDDIR)/terraform-provider-teleport_%: terraform-provider-teleport-v$(VERSIO mv $(BUILDDIR)/terraform-provider-teleport $@ CUSTOM_IMPORTS_TMP_DIR ?= /tmp/protoc-gen-terraform/custom-imports -PROTOC_GEN_TERRAFORM_VERSION ?= v1.4.1 +PROTOC_GEN_TERRAFORM_VERSION ?= v1.4.2 PROTOC_GEN_TERRAFORM_EXISTS := $(shell protoc-gen-terraform version 2>&1 >/dev/null | grep 'protoc-gen-terraform $(PROTOC_GEN_TERRAFORM_VERSION)') .PHONY: gen-tfschema gen-tfschema: ifndef PROTOC_GEN_TERRAFORM_EXISTS - @echo "protoc-gen-terraform v1.4.1 is not installed. Please, refer to README.md for installation instructions." + @echo "protoc-gen-terraform $(PROTOC_GEN_TERRAFORM_VERSION) is not installed. Please, refer to README.md for installation instructions." @exit -1 endif diff --git a/terraform/example/okta_import_rule.tf.example b/terraform/example/okta_import_rule.tf.example new file mode 100644 index 000000000..15858e0cf --- /dev/null +++ b/terraform/example/okta_import_rule.tf.example @@ -0,0 +1,38 @@ +# Teleport Okta Import Rule resource + +resource "teleport_okta_import_rule" "example" { + metadata = { + description = "Example Okta Import Rule" + labels = { + "example" = "yes" + } + } + + version = "v1" + + spec = { + priority = 100 + mappings = [ + { + add_labels = { + "label1": "value1" + } + matches = [ + { + app_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label2": "value2" + } + matches = [ + { + group_ids = ["1", "2", "3"] + }, + ], + }, + ] + } +} diff --git a/terraform/example/terraform.yaml b/terraform/example/terraform.yaml index bfe3fe3f0..19238fa63 100644 --- a/terraform/example/terraform.yaml +++ b/terraform/example/terraform.yaml @@ -25,6 +25,7 @@ spec: - app - db - login_rule + - okta_import_rule verbs: ['list','create','read','update','delete'] version: v6 --- diff --git a/terraform/gen/main.go b/terraform/gen/main.go index bb5f1517b..5592c5021 100644 --- a/terraform/gen/main.go +++ b/terraform/gen/main.go @@ -322,6 +322,22 @@ var ( IsPlainStruct: true, TerraformResourceType: "teleport_login_rule", } + + oktaImportRule = payload{ + Name: "OktaImportRule", + TypeName: "OktaImportRuleV1", + VarName: "oktaImportRule", + IfaceName: "OktaImportRule", + GetMethod: "OktaClient().GetOktaImportRule", + CreateMethod: "OktaClient().CreateOktaImportRule", + UpdateMethod: "OktaClient().UpdateOktaImportRule", + DeleteMethod: "OktaClient().DeleteOktaImportRule", + UpsertMethodArity: 2, + ID: "oktaImportRule.Metadata.Name", + Kind: "okta_import_rule", + HasStaticID: false, + TerraformResourceType: "teleport_okta_import_rule", + } ) func main() { @@ -359,6 +375,8 @@ func genTFSchema() { generateDataSource(user, pluralDataSource) generateResource(loginRule, pluralResource) generateDataSource(loginRule, pluralDataSource) + generateResource(oktaImportRule, pluralResource) + generateDataSource(oktaImportRule, pluralDataSource) } func generateResource(p payload, tpl string) { @@ -402,6 +420,7 @@ var ( "database": tfschema.GenSchemaDatabaseV3, "github_connector": tfschema.GenSchemaGithubConnectorV3, "login_rule": loginruleSchema.GenSchemaLoginRule, + "okta_import_rule": tfschema.GenSchemaOktaImportRuleV1, "oidc_connector": tfschema.GenSchemaOIDCConnectorV3, "provision_token": tfschema.GenSchemaProvisionTokenV2, "role": tfschema.GenSchemaRoleV6, diff --git a/terraform/protoc-gen-terraform-teleport.yaml b/terraform/protoc-gen-terraform-teleport.yaml index 2baaa2546..6f7d5b305 100644 --- a/terraform/protoc-gen-terraform-teleport.yaml +++ b/terraform/protoc-gen-terraform-teleport.yaml @@ -12,6 +12,7 @@ types: - "DatabaseV3" - "GithubConnectorV3" - "OIDCConnectorV3" + - "OktaImportRuleV1" - "ProvisionTokenV2" - "RoleV6" - "SAMLConnectorV2" @@ -64,6 +65,13 @@ injected_fields: computed: true plan_modifiers: - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + OktaImportRuleV1: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" ProvisionTokenV2: - name: id @@ -113,10 +121,10 @@ exclude_fields: - "Metadata.ID" # AuthPreference - - "AuthPreferenceV2.Metadata.Name" # It's a signleton resource + - "AuthPreferenceV2.Metadata.Name" # It's a singleton resource # NetworkingConfig - - "ClusterNetworkingConfigV2.Metadata.Name" # It's a signleton resource + - "ClusterNetworkingConfigV2.Metadata.Name" # It's a singleton resource # Status - "DatabaseV3.Status" @@ -126,7 +134,7 @@ exclude_fields: - "RoleV6.Spec.Deny.Namespaces" # SessionRecordingConfig - - "SessionRecordingConfigV2.Metadata.Name" # It's a signleton resource + - "SessionRecordingConfigV2.Metadata.Name" # It's a singleton resource # User - "UserSpecV2.LocalAuth" # We do not need to set user auth data @@ -179,6 +187,10 @@ computed_fields: - "OIDCConnectorV3.Kind" - "OIDCConnectorV3.Version" + # Okta import rule + - "OktaImportRuleV1.Kind" + - "OktaImportRuleV1.Version" + # Role - "RoleV6.Spec.Options.MaxSessionTTL" - "RoleV6.Spec.Options.CertificateFormat" @@ -260,6 +272,10 @@ required_fields: - "OIDCConnectorV3.Spec" - "OIDCConnectorV3.Metadata.Name" + # Okta import rule + - "OktaImportRuleV1.Spec" + - "OktaImportRuleV1.Metadata.Name" + # Provision token - "ProvisionTokenV2.Spec" - "ProvisionTokenV2.Spec.Options" @@ -332,6 +348,8 @@ validators: - UseVersionBetween(3,3) OIDCConnectorV3.Version: - UseVersionBetween(3,3) + OktaImportRuleV1.Version: + - UseVersionBetween(1,1) ProvisionTokenV2.Version: - UseVersionBetween(2,2) RoleV6.Version: diff --git a/terraform/provider/data_source_teleport_okta_import_rule.go b/terraform/provider/data_source_teleport_okta_import_rule.go new file mode 100755 index 000000000..b1a0fb554 --- /dev/null +++ b/terraform/provider/data_source_teleport_okta_import_rule.go @@ -0,0 +1,81 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-plugin-framework/path" + + tfschema "github.com/gravitational/teleport-plugins/terraform/tfschema" + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" +) + +// dataSourceTeleportOktaImportRuleType is the data source metadata type +type dataSourceTeleportOktaImportRuleType struct{} + +// dataSourceTeleportOktaImportRule is the resource +type dataSourceTeleportOktaImportRule struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportOktaImportRuleType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaOktaImportRuleV1(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportOktaImportRuleType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportOktaImportRule{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport OktaImportRule +func (r dataSourceTeleportOktaImportRule) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oktaImportRuleI, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + var state types.Object + oktaImportRule := oktaImportRuleI.(*apitypes.OktaImportRuleV1) + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, *oktaImportRule, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/terraform/provider/provider.go b/terraform/provider/provider.go index d479649ef..cdacef911 100644 --- a/terraform/provider/provider.go +++ b/terraform/provider/provider.go @@ -572,6 +572,7 @@ func (p *Provider) GetResources(_ context.Context) (map[string]tfsdk.ResourceTyp "teleport_user": resourceTeleportUserType{}, "teleport_bot": resourceTeleportBotType{}, "teleport_login_rule": resourceTeleportLoginRuleType{}, + "teleport_okta_import_rule": resourceTeleportOktaImportRuleType{}, }, nil } @@ -591,5 +592,6 @@ func (p *Provider) GetDataSources(_ context.Context) (map[string]tfsdk.DataSourc "teleport_trusted_cluster": dataSourceTeleportTrustedClusterType{}, "teleport_user": dataSourceTeleportUserType{}, "teleport_login_rule": dataSourceTeleportLoginRuleType{}, + "teleport_okta_import_rule": dataSourceTeleportOktaImportRuleType{}, }, nil } diff --git a/terraform/provider/resource_teleport_okta_import_rule.go b/terraform/provider/resource_teleport_okta_import_rule.go new file mode 100755 index 000000000..dcc2bd36b --- /dev/null +++ b/terraform/provider/resource_teleport_okta_import_rule.go @@ -0,0 +1,325 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-plugin-framework/path" + + apitypes "github.com/gravitational/teleport/api/types" + tfschema "github.com/gravitational/teleport-plugins/terraform/tfschema" + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/jonboulle/clockwork" +) + +// resourceTeleportOktaImportRuleType is the resource metadata type +type resourceTeleportOktaImportRuleType struct{} + +// resourceTeleportOktaImportRule is the resource +type resourceTeleportOktaImportRule struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportOktaImportRuleType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaOktaImportRuleV1(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportOktaImportRuleType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportOktaImportRule{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the OktaImportRule +func (r resourceTeleportOktaImportRule) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oktaImportRule := &apitypes.OktaImportRuleV1{} + diags = tfschema.CopyOktaImportRuleV1FromTerraform(ctx, plan, oktaImportRule) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + + _, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, oktaImportRule.Metadata.Name) + if !trace.IsNotFound(err) { + if err == nil { + n := oktaImportRule.Metadata.Name + existErr := fmt.Sprintf("OktaImportRule exists in Teleport. Either remove it (tctl rm okta_import_rule/%v)"+ + " or import it to the existing state (terraform import teleport_okta_import_rule.%v %v)", n, n, n) + + resp.Diagnostics.Append(diagFromErr("OktaImportRule exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + err = oktaImportRule.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting OktaImportRule defaults", trace.Wrap(err), "okta_import_rule")) + return + } + + _, err = r.p.Client.OktaClient().CreateOktaImportRule(ctx, oktaImportRule) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + id := oktaImportRule.Metadata.Name + var oktaImportRuleI apitypes.OktaImportRule + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + oktaImportRuleI, err = r.p.Client.OktaClient().GetOktaImportRule(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading OktaImportRule (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.Append(diagFromWrappedErr(diagMessage, trace.Wrap(err), "okta_import_rule")) + return + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + oktaImportRule, ok := oktaImportRuleI.(*apitypes.OktaImportRuleV1) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Errorf("Can not convert %T to OktaImportRuleV1", oktaImportRuleI), "okta_import_rule")) + return + } + + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, *oktaImportRule, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: oktaImportRule.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport OktaImportRule +func (r resourceTeleportOktaImportRule) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oktaImportRuleI, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + oktaImportRule := oktaImportRuleI.(*apitypes.OktaImportRuleV1) + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, *oktaImportRule, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport OktaImportRule +func (r resourceTeleportOktaImportRule) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oktaImportRule := &apitypes.OktaImportRuleV1{} + diags = tfschema.CopyOktaImportRuleV1FromTerraform(ctx, plan, oktaImportRule) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + name := oktaImportRule.Metadata.Name + + err := oktaImportRule.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating OktaImportRule", err, "okta_import_rule")) + return + } + + oktaImportRuleBefore, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", err, "okta_import_rule")) + return + } + + _, err = r.p.Client.OktaClient().UpdateOktaImportRule(ctx, oktaImportRule) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating OktaImportRule", err, "okta_import_rule")) + return + } + + var oktaImportRuleI apitypes.OktaImportRule + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + oktaImportRuleI, err = r.p.Client.OktaClient().GetOktaImportRule(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", err, "okta_import_rule")) + return + } + if oktaImportRuleBefore.GetMetadata().ID != oktaImportRuleI.GetMetadata().ID || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading OktaImportRule (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "okta_import_rule") + return + } + } + + oktaImportRule = oktaImportRuleI.(*apitypes.OktaImportRuleV1) + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, *oktaImportRule, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport OktaImportRule +func (r resourceTeleportOktaImportRule) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.OktaClient().DeleteOktaImportRule(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting OktaImportRuleV1", trace.Wrap(err), "okta_import_rule")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports OktaImportRule state +func (r resourceTeleportOktaImportRule) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + oktaImportRuleI, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + oktaImportRule := oktaImportRuleI.(*apitypes.OktaImportRuleV1) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, *oktaImportRule, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + state.Attrs["id"] = types.String{Value: oktaImportRule.Metadata.Name} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/terraform/reference.mdx b/terraform/reference.mdx index 058660af6..5a2e85525 100755 --- a/terraform/reference.mdx +++ b/terraform/reference.mdx @@ -15,6 +15,7 @@ Supported resources: - [teleport_github_connector](#teleport_github_connector) - [teleport_login_rule](#teleport_login_rule) - [teleport_oidc_connector](#teleport_oidc_connector) +- [teleport_okta_import_rule](#teleport_okta_import_rule) - [teleport_provision_token](#teleport_provision_token) - [teleport_role](#teleport_role) - [teleport_saml_connector](#teleport_saml_connector) @@ -869,6 +870,98 @@ resource "teleport_oidc_connector" "example" { ``` +## teleport_okta_import_rule + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | * | Spec is the specification for the Okta import rule. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | | Version is version | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | + +### spec + +Spec is the specification for the Okta import rule. + +| Name | Type | Required | Description | +|----------|--------|----------|-------------------------------------------------------------------------------------------------------| +| mappings | object | | Mappings is a list of matches that will map match conditions to labels. | +| priority | number | | Priority represents the priority of the rule application. Lower numbered rules will be applied first. | + +#### spec.mappings + +Mappings is a list of matches that will map match conditions to labels. + +| Name | Type | Required | Description | +|------------|----------------|----------|-------------------------------------------------------------------------------------------------------------| +| add_labels | map of strings | | AddLabels specifies which labels to add if any of the previous matches match. | +| match | object | | Match is a set of matching rules for this mapping. If any of these match, then the mapping will be applied. | + +##### spec.mappings.match + +Match is a set of matching rules for this mapping. If any of these match, then the mapping will be applied. + +| Name | Type | Required | Description | +|-----------|------------------|----------|---------------------------------------------------| +| app_ids | array of strings | | AppIDs is a list of app IDs to match against. | +| group_ids | array of strings | | GroupIDs is a list of group IDs to match against. | + +Example: + +``` +# Teleport Okta Import Rule resource + +resource "teleport_okta_import_rule" "example" { + metadata = { + description = "Example Okta Import Rule" + labels = { + "example" = "yes" + } + } + + version = "v1" + + spec = { + priority = 100 + mappings = [ + { + add_labels = { + "label1": "value1" + } + matches = [ + { + app_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label2": "value2" + } + matches = [ + { + group_ids = ["1", "2", "3"] + }, + ], + }, + ] + } +} + +``` + ## teleport_provision_token | Name | Type | Required | Description | diff --git a/terraform/test/fixtures/okta_import_rule_0_create.tf b/terraform/test/fixtures/okta_import_rule_0_create.tf new file mode 100644 index 000000000..b8d9ad8db --- /dev/null +++ b/terraform/test/fixtures/okta_import_rule_0_create.tf @@ -0,0 +1,36 @@ +resource "teleport_okta_import_rule" "test" { + metadata = { + name = "example" + description = "Test Okta Import Rule" + labels = { + example = "yes" + "teleport.dev/origin" = "okta" + } + } + + spec = { + priority = 100 + mappings = [ + { + add_labels = { + "label1" : "value1", + } + matches = [ + { + app_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label2" : "value2", + } + matches = [ + { + group_ids = ["1", "2", "3"] + }, + ], + } + ] + } +} diff --git a/terraform/test/fixtures/okta_import_rule_1_update.tf b/terraform/test/fixtures/okta_import_rule_1_update.tf new file mode 100644 index 000000000..ddc058972 --- /dev/null +++ b/terraform/test/fixtures/okta_import_rule_1_update.tf @@ -0,0 +1,46 @@ +resource "teleport_okta_import_rule" "test" { + metadata = { + name = "example" + description = "Test Okta Import Rule" + labels = { + example = "yes" + "teleport.dev/origin" = "okta" + } + } + + spec = { + priority = 100 + mappings = [ + { + add_labels = { + "label1" : "value1", + } + matches = [ + { + app_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label2" : "value2", + } + matches = [ + { + group_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label3" : "value3", + } + matches = [ + { + group_ids = ["1", "2", "3"] + }, + ], + } + ] + } +} diff --git a/terraform/test/main_test.go b/terraform/test/main_test.go index 4a0f544fb..d993984ef 100644 --- a/terraform/test/main_test.go +++ b/terraform/test/main_test.go @@ -125,6 +125,7 @@ func (s *TerraformBaseSuite) SetupSuite() { types.NewRule("app", unrestricted), types.NewRule("github", unrestricted), types.NewRule("oidc", unrestricted), + types.NewRule("okta_import_rule", unrestricted), types.NewRule("saml", unrestricted), types.NewRule("login_rule", unrestricted), }, diff --git a/terraform/test/okta_import_rule_test.go b/terraform/test/okta_import_rule_test.go new file mode 100644 index 000000000..3b29412bf --- /dev/null +++ b/terraform/test/okta_import_rule_test.go @@ -0,0 +1,135 @@ +// Copyright 2023 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package test + +import ( + "time" + + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestOktaImportRule() { + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.OktaClient().GetOktaImportRule(s.Context(), "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_okta_import_rule.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("okta_import_rule_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "okta_import_rule"), + ), + }, + { + Config: s.getFixture("okta_import_rule_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("okta_import_rule_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "okta_import_rule"), + ), + }, + { + Config: s.getFixture("okta_import_rule_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportOktaImportRule() { + r := "teleport_okta_import_rule" + id := "test_import" + name := r + "." + id + + oir := &types.OktaImportRuleV1{ + ResourceHeader: types.ResourceHeader{ + Metadata: types.Metadata{ + Name: id, + }, + }, + Spec: types.OktaImportRuleSpecV1{ + Priority: 100, + Mappings: []*types.OktaImportRuleMappingV1{ + { + AddLabels: map[string]string{ + "label1": "value1", + }, + Match: []*types.OktaImportRuleMatchV1{ + { + AppIDs: []string{"1", "2", "3"}, + }, + }, + }, + { + AddLabels: map[string]string{ + "label2": "value2", + }, + Match: []*types.OktaImportRuleMatchV1{ + { + GroupIDs: []string{"1", "2", "3"}, + }, + }, + }, + }, + }, + } + err := oir.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.OktaClient().CreateOktaImportRule(s.Context(), oir) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + _, err := s.client.OktaClient().GetOktaImportRule(s.Context(), oir.GetName()) + if trace.IsNotFound(err) { + return false + } + require.NoError(s.T(), err) + return true + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "okta_import_rule") + + return nil + }, + }, + }, + }) +} diff --git a/terraform/tfschema/types_terraform.go b/terraform/tfschema/types_terraform.go index da9771ef2..e3e67ca54 100644 --- a/terraform/tfschema/types_terraform.go +++ b/terraform/tfschema/types_terraform.go @@ -2932,6 +2932,112 @@ func GenSchemaTrustedClusterV2(ctx context.Context) (github_com_hashicorp_terraf }}, nil } +// GenSchemaOktaImportRuleV1 returns tfsdk.Schema definition for OktaImportRuleV1 +func GenSchemaOktaImportRuleV1(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "mappings": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "add_labels": { + Description: "AddLabels specifies which labels to add if any of the previous matches match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "match": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "app_ids": { + Description: "AppIDs is a list of app IDs to match against.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "group_ids": { + Description: "GroupIDs is a list of group IDs to match against.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "Match is a set of matching rules for this mapping. If any of these match, then the mapping will be applied.", + Optional: true, + }, + }), + Description: "Mappings is a list of matches that will map match conditions to labels.", + Optional: true, + }, + "priority": { + Description: "Priority represents the priority of the rule application. Lower numbered rules will be applied first.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + }), + Description: "Spec is the specification for the Okta import rule.", + Required: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Computed: true, + Description: "Version is version", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(1, 1)}, + }, + }}, nil +} + // CopyDatabaseV3FromTerraform copies contents of the source Terraform object into a target struct func CopyDatabaseV3FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.DatabaseV3) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics @@ -28962,6 +29068,923 @@ func CopyTrustedClusterV2ToTerraform(ctx context.Context, obj github_com_gravita return diags } +// CopyOktaImportRuleV1FromTerraform copies contents of the source Terraform object into a target struct +func CopyOktaImportRuleV1FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.OktaImportRuleV1) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.OktaImportRuleSpecV1{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["priority"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Priority"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Priority", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int32 + if !v.Null && !v.Unknown { + t = int32(v.Value) + } + obj.Priority = t + } + } + } + { + a, ok := tf.Attrs["mappings"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Mappings = make([]*github_com_gravitational_teleport_api_types.OktaImportRuleMappingV1, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.OktaImportRuleMappingV1 + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.OktaImportRuleMappingV1{} + obj := t + { + a, ok := tf.Attrs["match"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Match = make([]*github_com_gravitational_teleport_api_types.OktaImportRuleMatchV1, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.OktaImportRuleMatchV1 + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.OktaImportRuleMatchV1{} + obj := t + { + a, ok := tf.Attrs["app_ids"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AppIDs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AppIDs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["group_ids"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.GroupIDs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GroupIDs[k] = t + } + } + } + } + } + } + } + obj.Match[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["add_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.AddLabels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AddLabels[k] = t + } + } + } + } + } + } + } + obj.Mappings[k] = t + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyOktaImportRuleV1ToTerraform copies contents of the source Terraform object into a target struct +func CopyOktaImportRuleV1ToTerraform(ctx context.Context, obj github_com_gravitational_teleport_api_types.OktaImportRuleV1, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["priority"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Priority"}) + } else { + v, ok := tf.Attrs["priority"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Priority", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Priority", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Priority) == 0 + } + v.Value = int64(obj.Priority) + v.Unknown = false + tf.Attrs["priority"] = v + } + } + { + a, ok := tf.AttrTypes["mappings"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["mappings"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Mappings)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Mappings)) + } + } + if obj.Mappings != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Mappings) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Mappings)) + } + for k, a := range obj.Mappings { + v, ok := tf.Attrs["mappings"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["match"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["match"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Match)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Match)) + } + } + if obj.Match != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Match) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Match)) + } + for k, a := range obj.Match { + v, ok := tf.Attrs["match"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["app_ids"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["app_ids"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppIDs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppIDs)) + } + } + if obj.AppIDs != nil { + t := o.ElemType + if len(obj.AppIDs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppIDs)) + } + for k, a := range obj.AppIDs { + v, ok := tf.Attrs["app_ids"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AppIDs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["app_ids"] = c + } + } + } + { + a, ok := tf.AttrTypes["group_ids"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["group_ids"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupIDs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupIDs)) + } + } + if obj.GroupIDs != nil { + t := o.ElemType + if len(obj.GroupIDs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupIDs)) + } + for k, a := range obj.GroupIDs { + v, ok := tf.Attrs["group_ids"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.GroupIDs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["group_ids"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Match) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["match"] = c + } + } + } + { + a, ok := tf.AttrTypes["add_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["add_labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AddLabels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AddLabels)) + } + } + if obj.AddLabels != nil { + t := o.ElemType + for k, a := range obj.AddLabels { + v, ok := tf.Attrs["add_labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Mappings.AddLabels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AddLabels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["add_labels"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Mappings) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["mappings"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + // attrReadMissingDiag represents diagnostic message on an attribute missing in the source object type attrReadMissingDiag struct { Path string