diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index aa4ac1ddb7944..fb1d649dba81d 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -12,7 +12,10 @@ jobs: pull-requests: write with: base-ref: ${{ github.event.pull_request.base.sha || 'master' }} - allow-ghsas: 'GHSA-xwh9-gc39-5298' + # 'GHSA-6xf3-5hp7-xqqg' is a false positive. That's an old Teleport Vuln, + # but because of the replace, the dependency cannot find the correct + # Teleport version. + allow-ghsas: 'GHSA-6xf3-5hp7-xqqg' allow-dependencies-licenses: >- pkg:cargo/curve25519-dalek-derive, pkg:cargo/ring, diff --git a/.github/workflows/flaky-tests.yaml b/.github/workflows/flaky-tests.yaml index dfecd5ca4ecf6..98b21abf67cdc 100644 --- a/.github/workflows/flaky-tests.yaml +++ b/.github/workflows/flaky-tests.yaml @@ -79,7 +79,7 @@ jobs: - name: Run base difftest uses: ./.github/actions/difftest with: - flags: --skip="${{ steps.find_excluded.outputs.FLAKE_SKIP }}" -e "integrations/operator/**/*" -e "tool/tsh/**/*" -e "integration/**/*" -e "build.assets/**/*" -e "lib/auth/webauthncli/**/*" -e "lib/auth/touchid/**/*" -e "api/**/*" -e "examples/teleport-usage/**/*" -e "integrations/access/**" -e "integrations/lib/**" -e "integrations/lib/backoff/backoff_test.go" -e "e2e/**/*" + flags: --skip="${{ steps.find_excluded.outputs.FLAKE_SKIP }}" -e "integrations/operator/**/*" -e "integrations/terraform/**/*" -e "tool/tsh/**/*" -e "integration/**/*" -e "build.assets/**/*" -e "lib/auth/webauthncli/**/*" -e "lib/auth/touchid/**/*" -e "api/**/*" -e "examples/teleport-usage/**/*" -e "integrations/access/**" -e "integrations/lib/**" -e "integrations/lib/backoff/backoff_test.go" -e "e2e/**/*" target: test-go-unit - name: Run touch-id difftest diff --git a/.github/workflows/unit-tests-integrations.yaml b/.github/workflows/unit-tests-integrations.yaml index e4fe2d7b0582c..69cc35bc8d41b 100644 --- a/.github/workflows/unit-tests-integrations.yaml +++ b/.github/workflows/unit-tests-integrations.yaml @@ -67,6 +67,10 @@ jobs: run: make test-integrations-lib timeout-minutes: 5 + - name: Run terraform provider OSS tests + run: make test-terraform-provider + timeout-minutes: 15 + - name: Run operator tests timeout-minutes: 40 run: make test-operator diff --git a/Makefile b/Makefile index 6be5526804489..cfa3c37ca8683 100644 --- a/Makefile +++ b/Makefile @@ -680,7 +680,7 @@ tooling: ensure-gotestsum $(DIFF_TEST) # Runs all Go/shell tests, called by CI/CD. # .PHONY: test -test: test-helm test-sh test-api test-go test-rust test-operator +test: test-helm test-sh test-api test-go test-rust test-operator test-terraform-provider $(TEST_LOG_DIR): mkdir $(TEST_LOG_DIR) @@ -821,6 +821,12 @@ test-api: test-operator: make -C integrations/operator test # +# Runs Teleport Terraform provider tests. +# +.PHONY: test-terraform-provider +test-terraform-provider: + make -C integrations/terraform test +# # Runs Go tests on the integrations/kube-agent-updater module. These have to be run separately as the package name is different. # .PHONY: test-kube-agent-updater diff --git a/integrations/lib/testing/integration/authhelper.go b/integrations/lib/testing/integration/authhelper.go index 9bd4f04f7ffdf..e9987764cddac 100644 --- a/integrations/lib/testing/integration/authhelper.go +++ b/integrations/lib/testing/integration/authhelper.go @@ -44,7 +44,10 @@ import ( // integration tests to build teleport clients for each user/plugin/bot. type OSSAuthHelper struct { server *libauth.TestTLSServer - dir string + // dir is where we put identity files, and start the auth server + // (unless AuthConfig.Dir is manually set). + dir string + AuthConfig libauth.TestAuthServerConfig } // StartServer implements the AuthHelper interface. @@ -52,9 +55,10 @@ type OSSAuthHelper struct { // on the t.Cleanup() stack. func (a *OSSAuthHelper) StartServer(t *testing.T) *client.Client { a.dir = t.TempDir() - authServer, err := libauth.NewTestAuthServer(libauth.TestAuthServerConfig{ - Dir: a.dir, - }) + if a.AuthConfig.Dir == "" { + a.AuthConfig.Dir = a.dir + } + authServer, err := libauth.NewTestAuthServer(a.AuthConfig) require.NoError(t, err) t.Cleanup(func() { diff --git a/integrations/terraform/.gitignore b/integrations/terraform/.gitignore new file mode 100644 index 0000000000000..71ea42560a424 --- /dev/null +++ b/integrations/terraform/.gitignore @@ -0,0 +1,14 @@ +# Build artifacts +build/* + +# Terraform state +.terraform +*.tfstate* +*.lock.hcl + +example/vars.tfvars +example/*.tf + +tmp +*.swp +*.log diff --git a/integrations/terraform/LICENSE b/integrations/terraform/LICENSE new file mode 100644 index 0000000000000..261eeb9e9f8b2 --- /dev/null +++ b/integrations/terraform/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/integrations/terraform/Makefile b/integrations/terraform/Makefile new file mode 100644 index 0000000000000..58d79ac7b6e4c --- /dev/null +++ b/integrations/terraform/Makefile @@ -0,0 +1,132 @@ +include install.mk + +LOCALDIR := $(dir $(CURDIR)/$(word $(words $(MAKEFILE_LIST)),$(MAKEFILE_LIST))) +GENTERRAFORMPATH := $(shell go env GOPATH)/bin + +BUILDDIR ?= build +TFDIR ?= example + +ADDFLAGS ?= +BUILDFLAGS ?= $(ADDFLAGS) -ldflags '-w -s' +CGOFLAG ?= CGO_ENABLED=0 + +RELEASE = terraform-provider-teleport-v$(VERSION)-$(OS)-$(ARCH)-bin + +.PHONY: tfclean +tfclean: + rm -rf $(TFDIR)/terraform.tfstate + rm -rf $(TFDIR)/terraform.tfstate.backup + rm -rf $(TFDIR)/.terraform + rm -rf $(TFDIR)/.terraform.lock.hcl + +.PHONY: clean +clean: tfclean + rm -rf $(PROVIDER_PATH)* + rm -rf $(BUILDDIR)/* + rm -rf $(RELEASE).tar.gz + go clean + +.PHONY: build +build: clean + GOOS=$(OS) GOARCH=$(ARCH) $(CGOFLAG) go build -o $(BUILDDIR)/terraform-provider-teleport $(BUILDFLAGS) + +build-darwin-universal: $(addprefix $(BUILDDIR)/terraform-provider-teleport_,arm64 amd64) + lipo -create -output $(BUILDDIR)/terraform-provider-teleport $^ + rm -r $^ $(BUILDDIR)/$(OS) + +# Architecture-specific binaries for the universal binary are extracted from +# the release tarball. make will not automatically build this; you will need +# to run "make ARCH=amd64 release" and "make ARCH=arm64 release" first as is +# done in the build workflow. +$(BUILDDIR)/terraform-provider-teleport_%: terraform-provider-teleport-v$(VERSION)-$(OS)-%-bin.tar.gz + mkdir -p $(BUILDDIR)/$(OS)/$* + tar -xzf $< -C $(BUILDDIR)/$(OS)/$* + mv $(BUILDDIR)/$(OS)/$*/terraform-provider-teleport $@ + +CUSTOM_IMPORTS_TMP_DIR ?= /tmp/protoc-gen-terraform/custom-imports +PROTOC_GEN_TERRAFORM_VERSION ?= v2.1.0 +PROTOC_GEN_TERRAFORM_EXISTS := $(shell protoc-gen-terraform version 2>&1 >/dev/null | grep 'protoc-gen-terraform $(PROTOC_GEN_TERRAFORM_VERSION)') + +.PHONY: gen-tfschema +gen-tfschema: +ifndef PROTOC_GEN_TERRAFORM_EXISTS + @echo "protoc-gen-terraform $(PROTOC_GEN_TERRAFORM_VERSION) is not installed. Please, refer to README.md for installation instructions." + @exit -1 +endif + +# The wrappers.proto file needed for this generator exist only inside the go mod cache, +# so we retrieve the file path for the cached proto files with go mod tools. + $(eval PROTOBUF_MOD_PATH := $(shell go mod download --json github.com/gogo/protobuf | jq .Dir)) + + @protoc \ + -I=../../api/proto \ + -I=$(PROTOBUF_MOD_PATH) \ + --plugin=$(GENTERRAFORMPATH)/protoc-gen-terraform \ + --terraform_out=config=protoc-gen-terraform-teleport.yaml:./tfschema \ + teleport/legacy/types/types.proto + + @protoc \ + -I=../../api/proto \ + -I=$(PROTOBUF_MOD_PATH) \ + --plugin=$(GENTERRAFORMPATH)/protoc-gen-terraform \ + --terraform_out=config=protoc-gen-terraform-loginrule.yaml:./tfschema \ + teleport/loginrule/v1/loginrule.proto + + @protoc \ + -I=../../api/proto \ + -I=$(PROTOBUF_MOD_PATH) \ + --plugin=$(GENTERRAFORMPATH)/protoc-gen-terraform \ + --terraform_out=config=protoc-gen-terraform-devicetrust.yaml:./tfschema \ + teleport/legacy/types/device.proto + + @protoc \ + -I=../../api/proto \ + -I=$(PROTOBUF_MOD_PATH) \ + --plugin=$(GENTERRAFORMPATH)/protoc-gen-terraform \ + --terraform_out=config=protoc-gen-terraform-accesslist.yaml:./tfschema \ + teleport/accesslist/v1/accesslist.proto + + mv ./tfschema/github.com/gravitational/teleport/api/types/types_terraform.go ./tfschema/ + mv ./tfschema/github.com/gravitational/teleport/api/gen/proto/go/teleport/loginrule/v1/loginrule_terraform.go ./tfschema/loginrule/v1/ + mv ./tfschema/github.com/gravitational/teleport/api/gen/proto/go/teleport/accesslist/v1/accesslist_terraform.go ./tfschema/accesslist/v1/ + mv ./tfschema/github.com/gravitational/teleport/api/types/device_terraform.go ./tfschema/devicetrust/v1/ + rm -r ./tfschema/github.com/ + @go run ./gen/main.go + @go run ./gen/main.go docs + +.PHONY: release +ifeq ($(OS)-$(ARCH),darwin-universal) +release: build-darwin-universal +else +release: build +endif + tar -C $(BUILDDIR) -czf $(RELEASE).tar.gz . + +TERRAFORM_EXISTS := $(shell terraform -version 2>/dev/null | grep 'Terraform v1.') +CURRENT_ULIMIT := $(shell ulimit -n) + +.PHONY: test +test: install +ifndef TERRAFORM_EXISTS + @echo "Terraform v1.4+ is not installed (tfenv install 1.5.6 && tfenv use 1.5.6)." + terraform -version + @exit -1 +endif +# NOTE: This is related to an old bug in Terraform and will be fixed in future releases (possibly, by a workaround on our side) +ifeq ($(shell expr $(CURRENT_ULIMIT) \< 1024), 1) + @echo "ulimit -n is too low ($(CURRENT_ULIMIT)), please set ulimit -n 1024" + @exit -1 +endif + TF_ACC=true go test ./test -v + +.PHONY: apply +apply: install + terraform -chdir=$(TFDIR) init && terraform -chdir=$(TFDIR) apply -auto-approve + +.PHONY: reapply +reapply: + terraform -chdir=$(TFDIR) apply + +.PHONY: destroy +destroy: + terraform -chdir=$(TFDIR) destroy -auto-approve diff --git a/integrations/terraform/README.md b/integrations/terraform/README.md new file mode 100644 index 0000000000000..bcf481a0f02fc --- /dev/null +++ b/integrations/terraform/README.md @@ -0,0 +1,95 @@ +# Terraform Provider Plugin + +## Usage + +Please, refer to [official documentation](https://goteleport.com/docs/setup/guides/terraform-provider/). + +## Development + +1. Install [`protobuf`](https://grpc.io/docs/protoc-installation/). +2. Install [`protoc-gen-terraform`](https://github.com/gravitational/protoc-gen-terraform). + + ```go install github.com/gravitational/protoc-gen-terraform@main``` + +3. Install [`Terraform`](https://learn.hashicorp.com/tutorials/terraform/install-cli) v1.1.0+. Alternatively, you can use [`tfenv`](https://github.com/tfutils/tfenv). Please note that on Mac M1 you need to specify `TFENV_ARCH` (ex: `TFENV_ARCH=arm64 tfenv install 1.1.6`). + +4. Clone the plugin: + + ```bash + git clone git@github.com:gravitational/teleport-plugins + ``` + +5. Build and install the plugin: + + ```bash + cd teleport-plugins/terraform + make install + ``` + +6. Run tests: + + ```bash + make test + ``` + + Note: Some tests won't pass without a valid `teleport` binary, enterprise license, etc. + See [Testing](../TESTING.md) to see how to provide these values to the tests locally. + +# Updating the provider + +Run: + +``` +make gen-tfschema +``` + +This will generate `types_tfschema.go` from a current API `.proto` file, and regenerate the provider code. + +# Playing with examples locally + +1. Start Teleport. + + ``` + teleport start + ``` + +1. Create Terraform user and role: + + ``` + tctl create example/terraform.yaml + tctl auth sign --format=file --user=terraform --out=/tmp/terraform-identity --ttl=10h + ``` + +1. Create `main.tf` file: + + ``` + cp example/main.tf.example example/main.tf + ``` + + Please note that target identity file was exported to `/tmp/terraform-identity` on previous step. If you used another location, please change in in `main.tf`. + +1. Create sample resources: + + ``` + cp example/user.tf.example example/user.tf + cp example/role.tf.example example/role.tf + cp example/provision_token.tf.example example/provision_token.tf + ``` + + Please note that some resources require preliminary setup steps. + +1. Apply changes: + + ``` + make apply + ``` + +1. Make changes to .tf files and run: + ``` + make reapply + ``` + +1. Clean up: + ``` + make destroy + ``` diff --git a/integrations/terraform/example/access_list.tf.example b/integrations/terraform/example/access_list.tf.example new file mode 100644 index 0000000000000..1df59c34d5c1f --- /dev/null +++ b/integrations/terraform/example/access_list.tf.example @@ -0,0 +1,39 @@ +resource "teleport_access_list" "crane-operation" { + header = { + metadata = { + name = "crane-operation" + labels = { + example = "yes" + } + } + } + spec = { + description = "Used to grant access to the crane." + owners = [ + { + name = "gru" + description = "The supervillain." + } + ] + membership_requires = { + roles = ["minion"] + } + ownership_requires = { + roles = ["supervillain"] + } + grants = { + roles = ["crane-operator"] + traits = [{ + key = "allowed-machines" + values = ["crane", "forklift"] + }] + } + title = "Crane operation" + audit = { + recurrence = { + frequency = 3 # audit every 3 months + day_of_month = 15 # audit happen 15's day of the month. Possible values are 1, 15, and 31. + } + } + } +} diff --git a/integrations/terraform/example/app.tf.example b/integrations/terraform/example/app.tf.example new file mode 100644 index 0000000000000..38b64d0831ec0 --- /dev/null +++ b/integrations/terraform/example/app.tf.example @@ -0,0 +1,15 @@ +# Teleport App + +resource "teleport_app" "example" { + metadata = { + name = "example" + description = "Test app" + labels = { + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + uri = "localhost:3000" + } +} \ No newline at end of file diff --git a/integrations/terraform/example/auth_preference.tf.example b/integrations/terraform/example/auth_preference.tf.example new file mode 100644 index 0000000000000..d6da381bd6cda --- /dev/null +++ b/integrations/terraform/example/auth_preference.tf.example @@ -0,0 +1,15 @@ +# AuthPreference resource + +resource "teleport_auth_preference" "example" { + metadata = { + description = "Auth preference" + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + disconnect_expired_cert = true + } +} diff --git a/integrations/terraform/example/bot.tf.example b/integrations/terraform/example/bot.tf.example new file mode 100644 index 0000000000000..231d3b1d05d76 --- /dev/null +++ b/integrations/terraform/example/bot.tf.example @@ -0,0 +1,35 @@ +# Teleport Machine ID Bot creation example + +locals { + bot_name = "example" +} + +resource "random_password" "bot_token" { + length = 32 + special = false +} + +resource "time_offset" "bot_example_token_expiry" { + offset_hours = 1 +} + +resource "teleport_provision_token" "bot_example" { + metadata = { + expires = time_offset.bot_example_token_expiry.rfc3339 + description = "Bot join token for ${local.bot_name} generated by Terraform" + + name = random_password.bot_token.result + } + + spec = { + roles = ["Bot"] + bot_name = local.bot_name + join_method = "token" + } +} + +resource "teleport_bot" "example" { + name = local.bot_name + token_id = teleport_provision_token.bot_example.metadata.name + roles = ["access"] +} diff --git a/integrations/terraform/example/cluster_maintenance_config.tf.example b/integrations/terraform/example/cluster_maintenance_config.tf.example new file mode 100644 index 0000000000000..d00418da0a880 --- /dev/null +++ b/integrations/terraform/example/cluster_maintenance_config.tf.example @@ -0,0 +1,14 @@ +# Teleport Cluster Networking config + +resource "teleport_cluster_maintenance_config" "example" { + metadata = { + description = "Maintenance config" + } + + spec = { + agent_upgrades = { + utc_start_hour = 1 + weekdays = [ "monday" ] + } + } +} diff --git a/integrations/terraform/example/cluster_networking_config.tf.example b/integrations/terraform/example/cluster_networking_config.tf.example new file mode 100644 index 0000000000000..937d9f10ed881 --- /dev/null +++ b/integrations/terraform/example/cluster_networking_config.tf.example @@ -0,0 +1,15 @@ +# Teleport Cluster Networking config + +resource "teleport_cluster_networking_config" "example" { + metadata = { + description = "Networking config" + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + client_idle_timeout = "1h" + } +} \ No newline at end of file diff --git a/integrations/terraform/example/database.tf.example b/integrations/terraform/example/database.tf.example new file mode 100644 index 0000000000000..47effb514893f --- /dev/null +++ b/integrations/terraform/example/database.tf.example @@ -0,0 +1,16 @@ +# Teleport Database + +resource "teleport_database" "example" { + metadata = { + name = "example" + description = "Test database" + labels = { + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + protocol = "postgres" + uri = "localhost" + } +} \ No newline at end of file diff --git a/integrations/terraform/example/github_connector.tf.example b/integrations/terraform/example/github_connector.tf.example new file mode 100644 index 0000000000000..11a82fe5d0abf --- /dev/null +++ b/integrations/terraform/example/github_connector.tf.example @@ -0,0 +1,28 @@ +# Terraform Github connector + +variable "github_secret" {} + +resource "teleport_github_connector" "github" { + # This section tells Terraform that role example must be created before the GitHub connector + depends_on = [ + teleport_role.example + ] + + metadata = { + name = "example" + labels = { + example = "yes" + } + } + + spec = { + client_id = "client" + client_secret = var.github_secret + + teams_to_roles = [{ + organization = "gravitational" + team = "devs" + roles = ["example"] + }] + } +} diff --git a/integrations/terraform/example/login_rule.tf.example b/integrations/terraform/example/login_rule.tf.example new file mode 100644 index 0000000000000..ba4a00122fa65 --- /dev/null +++ b/integrations/terraform/example/login_rule.tf.example @@ -0,0 +1,26 @@ +# Teleport Login Rule resource + +resource "teleport_login_rule" "example" { + metadata = { + description = "Example Login Rule" + labels = { + "example" = "yes" + } + } + + version = "v1" + priority = 0 + traits_map = { + "logins" = { + values = [ + "external.logins", + "external.username", + ] + } + "groups" = { + values = [ + "external.groups", + ] + } + } +} diff --git a/integrations/terraform/example/main.tf.example b/integrations/terraform/example/main.tf.example new file mode 100644 index 0000000000000..abe96acef0465 --- /dev/null +++ b/integrations/terraform/example/main.tf.example @@ -0,0 +1,17 @@ +terraform { + required_providers { + teleport = { + version = "9.1.3" + source = "terraform.releases.teleport.dev/gravitational/teleport" + } + } +} + +# Terraform Provider configuration. See provider.go for available options +provider "teleport" { + # Path to Teleport identity file + identity_file_path = "/tmp/terraform-identity" + + # Teleport proxy addr + addr = "teleport.example.com:443" +} diff --git a/integrations/terraform/example/oidc_connector.tf.example b/integrations/terraform/example/oidc_connector.tf.example new file mode 100644 index 0000000000000..9145ff26e57f1 --- /dev/null +++ b/integrations/terraform/example/oidc_connector.tf.example @@ -0,0 +1,27 @@ +# Teleport OIDC connector +# +# Please note that OIDC connector will work in Enterprise version only. Check the setup docs: +# https://goteleport.com/docs/enterprise/sso/oidc/ + +variable "oidc_secret" {} + +resource "teleport_oidc_connector" "example" { + metadata = { + name = "example" + labels = { + test = "yes" + } + } + + spec = { + client_id = "client" + client_secret = var.oidc_secret + + claims_to_roles = [{ + claim = "test" + roles = ["terraform"] + }] + + redirect_url = ["https://example.com/redirect"] + } +} diff --git a/integrations/terraform/example/okta_import_rule.tf.example b/integrations/terraform/example/okta_import_rule.tf.example new file mode 100644 index 0000000000000..238600f708218 --- /dev/null +++ b/integrations/terraform/example/okta_import_rule.tf.example @@ -0,0 +1,58 @@ +# Teleport Okta Import Rule resource + +resource "teleport_okta_import_rule" "example" { + metadata = { + description = "Example Okta Import Rule" + labels = { + "example" = "yes" + } + } + + version = "v1" + + spec = { + priority = 100 + mappings = [ + { + add_labels = { + "label1": "value1" + } + match = [ + { + app_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label2": "value2" + } + match = [ + { + group_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label3" : "value3", + } + match = [ + { + group_name_regexes = ["^.*$"] + }, + ], + }, + { + add_labels = { + "label4" : "value4", + } + match = [ + { + app_name_regexes = ["^.*$"] + }, + ], + } + ] + } +} diff --git a/integrations/terraform/example/provision_token.tf.example b/integrations/terraform/example/provision_token.tf.example new file mode 100644 index 0000000000000..03bc67a8f1973 --- /dev/null +++ b/integrations/terraform/example/provision_token.tf.example @@ -0,0 +1,31 @@ +# Teleport Provision Token resource + +resource "teleport_provision_token" "example" { + metadata = { + expires = "2022-10-12T07:20:51Z" + description = "Example token" + + labels = { + example = "yes" + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + roles = ["Node", "Auth"] + } +} + +resource "teleport_provision_token" "iam-token" { + metadata = { + name = "iam-token" + } + spec = { + roles = ["Bot"] + bot_name = "mybot" + join_method = "iam" + allow = [{ + aws_account = "123456789012" + }] + } +} diff --git a/integrations/terraform/example/role.tf.example b/integrations/terraform/example/role.tf.example new file mode 100644 index 0000000000000..d5ee7d0e7800f --- /dev/null +++ b/integrations/terraform/example/role.tf.example @@ -0,0 +1,50 @@ +# Teleport Role resource + +resource "teleport_role" "example" { + metadata = { + name = "example" + description = "Example Teleport Role" + expires = "2022-10-12T07:20:51Z" + labels = { + example = "yes" + } + } + + spec = { + options = { + forward_agent = false + max_session_ttl = "7m" + port_forwarding = false + client_idle_timeout = "1h" + disconnect_expired_cert = true + permit_x11_forwarding = false + request_access = "denied" + } + + allow = { + logins = ["example"] + + rules = [{ + resources = ["user", "role"] + verbs = ["list"] + }] + + request = { + roles = ["example"] + claims_to_roles = [{ + claim = "example" + value = "example" + roles = ["example"] + }] + } + + node_labels = { + example = ["yes"] + } + } + + deny = { + logins = ["anonymous"] + } + } +} \ No newline at end of file diff --git a/integrations/terraform/example/saml_connector.tf.example b/integrations/terraform/example/saml_connector.tf.example new file mode 100644 index 0000000000000..3761d4ac4101f --- /dev/null +++ b/integrations/terraform/example/saml_connector.tf.example @@ -0,0 +1,43 @@ +# Teleport SAML connector +# +# Please note that SAML connector will work in Enterprise version only. Check the setup docs: +# https://goteleport.com/docs/enterprise/sso/okta/ + +resource "teleport_saml_connector" "example" { + # This block will tell Terraform to never update private key from our side if a keys are managed + # from an outside of Terraform. + + # lifecycle { + # ignore_changes = [ + # spec[0].signing_key_pair[0].cert, + # spec[0].signing_key_pair[0].private_key, + # spec[0].assertion_key_pair[0].cert, + # spec[0].assertion_key_pair[0].private_key, + # ] + # } + + # This section tells Terraform that role example must be created before the SAML connector + depends_on = [ + teleport_role.example + ] + + metadata = { + name = "example" + } + + spec = { + attributes_to_roles = [{ + name = "groups" + roles = ["example"] + value = "okta-admin" + }, + { + name = "groups" + roles = ["example"] + value = "okta-dev" + }] + + acs = "https://localhost:3025/v1/webapi/saml/acs" + entity_descriptor = "" + } +} \ No newline at end of file diff --git a/integrations/terraform/example/server.tf.example b/integrations/terraform/example/server.tf.example new file mode 100644 index 0000000000000..a6a08b39324ef --- /dev/null +++ b/integrations/terraform/example/server.tf.example @@ -0,0 +1,43 @@ +resource "teleport_server" "ssh_agentless" { + version = "v2" + sub_kind = "openssh" + // Name is not required for servers, this is a special case. + // When a name is not set, an UUID will be generated by Teleport and + // imported back into Terraform. + // Giving unique IDs to servers allows UUID-based dialing (as opposed to + // host-based dialing and IP-based dialing) which is more robust than its + // counterparts as it can point to a specific server if multiple servers + // share the same hostname/ip. + spec = { + addr = "127.0.0.1:22" + hostname = "test.local" + } +} + +resource "teleport_server" "ssh_agentless_eice" { + version = "v2" + sub_kind = "openssh-ec2-ice" + metadata = { + // It is recommended to put the account and instance ID as a name for EC2 Instance Connect + // When dialing to this instance, teleport will detect that this is an + // AWS instance ID an will contact this specific instance. This is more + // robust than host-based and IP-based dialing (because several server + // can have similar hostnames). + name = "123456789012-i-0123456789abcdef" + } + spec = { + addr = "127.0.0.1:22" + hostname = "test.local" + + cloud_metadata = { + aws = { + account_id = "123" + instance_id = "123" + region = "us-east-1" + vpc_id = "123" + integration = "foo" + subnet_id = "123" + } + } + } +} diff --git a/integrations/terraform/example/session_recording_config.tf.example b/integrations/terraform/example/session_recording_config.tf.example new file mode 100644 index 0000000000000..a32e73ad19837 --- /dev/null +++ b/integrations/terraform/example/session_recording_config.tf.example @@ -0,0 +1,15 @@ +# Teleport session recording config + +resource "teleport_session_recording_config" "example" { + metadata = { + description = "Session recording config" + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + proxy_checks_host_keys = true + } +} \ No newline at end of file diff --git a/integrations/terraform/example/terraform.yaml b/integrations/terraform/example/terraform.yaml new file mode 100644 index 0000000000000..608d274bcaebe --- /dev/null +++ b/integrations/terraform/example/terraform.yaml @@ -0,0 +1,40 @@ +kind: role +metadata: + name: terraform +spec: + allow: + app_labels: # This gives Terraform access to all apps in the cluster. You might want to restrict it. + '*': '*' + db_labels: # This gives Terraform access to all databases in the cluster. You might want to restrict it. + '*': '*' + db_users: ['*'] + db_names: ['*'] + + rules: + - resources: + - user + - role + - token + - trusted_cluster + - github + - oidc + - saml + - cluster_auth_preference + - cluster_networking_config + - cluster_maintenance_config + - session_recording_config + - app + - db + - login_rule + - device + - okta_import_rule + - access_list + verbs: ['list','create','read','update','delete'] +version: v6 +--- +kind: user +metadata: + name: terraform +spec: + roles: ['terraform'] +version: v2 diff --git a/integrations/terraform/example/trusted_cluster.tf.example b/integrations/terraform/example/trusted_cluster.tf.example new file mode 100644 index 0000000000000..e9dc220155137 --- /dev/null +++ b/integrations/terraform/example/trusted_cluster.tf.example @@ -0,0 +1,22 @@ +# Teleport trusted cluster +# +# https://goteleport.com/docs/setup/admin/trustedclusters/ + +resource "teleport_trusted_cluster" "cluster" { + metadata = { + name = "primary" + labels = { + test = "yes" + } + } + + spec = { + enabled = false + role_map = [{ + remote = "test" + local = ["admin"] + }] + proxy_addr = "localhost:3080" + token = "salami" + } +} diff --git a/integrations/terraform/example/trusted_device.tf.example b/integrations/terraform/example/trusted_device.tf.example new file mode 100644 index 0000000000000..4eafa867a8719 --- /dev/null +++ b/integrations/terraform/example/trusted_device.tf.example @@ -0,0 +1,8 @@ +# Trusted device resource + +resource "teleport_trusted_device" "TESTDEVICE1" { + spec = { + asset_tag = "TESTDEVICE1" + os_type = "macos" + } +} diff --git a/integrations/terraform/example/user.tf.example b/integrations/terraform/example/user.tf.example new file mode 100644 index 0000000000000..a8084960807c1 --- /dev/null +++ b/integrations/terraform/example/user.tf.example @@ -0,0 +1,43 @@ +# Teleport User resource + +resource "teleport_user" "example" { + # Tells Terraform that the role could not be destroyed while this user exists + depends_on = [ + teleport_role.example + ] + + metadata = { + name = "example" + description = "Example Teleport User" + + expires = "2022-10-12T07:20:50Z" + + labels = { + example = "yes" + } + } + + spec = { + roles = ["example"] + + oidc_identities = [{ + connector_id = "oidc1" + username = "example" + }] + + traits = { + "logins1" = ["example"] + "logins2" = ["example"] + } + + github_identities = [{ + connector_id = "github" + username = "example" + }] + + saml_identities = [{ + connector_id = "example-saml" + username = "example" + }] + } +} \ No newline at end of file diff --git a/integrations/terraform/gen/main.go b/integrations/terraform/gen/main.go new file mode 100644 index 0000000000000..e8f55e96f0bce --- /dev/null +++ b/integrations/terraform/gen/main.go @@ -0,0 +1,732 @@ +// Copyright 2023 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "bytes" + "context" + _ "embed" + "fmt" + "io" + "log" + "os" + "path" + "sort" + "strings" + "text/template" + + "github.com/hashicorp/terraform-plugin-framework/attr" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/olekukonko/tablewriter" + "golang.org/x/exp/slices" + + "github.com/gravitational/teleport/integrations/terraform/provider" + "github.com/gravitational/teleport/integrations/terraform/tfschema" + accesslistSchema "github.com/gravitational/teleport/integrations/terraform/tfschema/accesslist/v1" + devicetrustSchema "github.com/gravitational/teleport/integrations/terraform/tfschema/devicetrust/v1" + loginruleSchema "github.com/gravitational/teleport/integrations/terraform/tfschema/loginrule/v1" +) + +// payload represents template payload +type payload struct { + // Name represents resource name (capitalized) + Name string + // VarName represents resource variable name (underscored) + VarName string + // TypeName represents api/types resource type name + TypeName string + // IfaceName represents api/types interface for the (usually this is the same as Name) + IfaceName string + // GetMethod represents API get method name + GetMethod string + // CreateMethod represents API create method name + CreateMethod string + // CreateMethod represents API update method name + UpdateMethod string + // DeleteMethod represents API reset method used in singular resources + DeleteMethod string + // UpsertMethodArity represents Create/Update method arity, if it's 2, then the call signature would be "_, err :=" + UpsertMethodArity int + // WithSecrets value for a withSecrets param of Get method (empty means no param used) + WithSecrets string + // ID id value on create and import + ID string + // RandomMetadataName indicates that Metadata.Name must be generated (supported by plural resources only) + RandomMetadataName bool + // UUIDMetadataName functions similar to RandomMetadataName but generates UUID instead of + // generating 32 bit crypto random value + UUIDMetadataName bool + // Kind Teleport kind for a resource + Kind string + // DefaultVersion represents the default resource version on create + DefaultVersion string + // HasStaticID states whether this particular resource has a static (usually 0) Metadata.ID + // This is relevant to cache enabled clusters: we use Metadata.ID to check if the resource was updated + // Currently, the resources that don't have a dynamic Metadata.ID are strong consistent: oidc, github and saml connectors + HasStaticID bool + // ProtoPackagePath is the path of the package where the protobuf type of + // the resource is defined. + ProtoPackagePath string + // ProtoPackagePath is the name of the package where the protobuf type of + // the resource is defined. + ProtoPackage string + // SchemaPackagePath is the path of the package where the resource schema + // definitions are defined. + SchemaPackagePath string + // SchemaPackagePath is the name of the package where the resource schema + // definitions are defined. + SchemaPackage string + // IsPlainStruct states whether the resource type used by the API methods + // for this resource is a plain struct, rather than an interface. + IsPlainStruct bool + // HasCheckAndSetDefaults indicates whether the resource type has the CheckAndSetDefaults method + HasCheckAndSetDefaults bool + // ExtraImports contains a list of imports that are being used. + ExtraImports []string + // TerraformResourceType represents the resource type in Terraform code. + // e.g. `terraform import . identifier`. + // This is also used to name the generated files. + TerraformResourceType string + // WithNonce is used to force upsert behavior for nonce protected values. + WithNonce bool + // ConvertPackagePath is the path of the package doing the conversion between protobuf and the go types. + ConvertPackagePath string + // PropagatedFields is a list of fields that must be copied from the + // existing resource when we're updating it. For example: + // "Spec.Audit.NextAuditDate" in AccessList resource + PropagatedFields []string + // Namespaced indicates that the resource get and delete methods need the + // deprecated namespace parameter (always the default namespace). + Namespaced bool + // ForceSetKind indicates that the resource kind must be forcefully set by the provider. + // This is required for some special resources (ServerV2) that support multiple kinds. + // For those resources, we must set the kind, and don't want to have the user do it. + ForceSetKind string + // GetCanReturnNil is used to check for nil returned value when doing a Get. + GetCanReturnNil bool +} + +func (p *payload) CheckAndSetDefaults() error { + if p.ProtoPackage == "" { + p.ProtoPackage = "apitypes" + } + if p.ProtoPackagePath == "" { + p.ProtoPackagePath = "github.com/gravitational/teleport/api/types" + } + if p.SchemaPackage == "" { + p.SchemaPackage = "tfschema" + } + if p.SchemaPackagePath == "" { + p.SchemaPackagePath = "github.com/gravitational/teleport/integrations/terraform/tfschema" + } + return nil +} + +const ( + pluralResource = "plural_resource.go.tpl" + pluralDataSource = "plural_data_source.go.tpl" + singularResource = "singular_resource.go.tpl" + singularDataSource = "singular_data_source.go.tpl" + outFileResourceFormat = "provider/resource_%s.go" + outFileDataSourceFormat = "provider/data_source_%s.go" + + referenceDocsTemplate = "referencedocs.go.tpl" +) + +var ( + app = payload{ + Name: "App", + TypeName: "AppV3", + VarName: "app", + IfaceName: "Application", + GetMethod: "GetApp", + CreateMethod: "CreateApp", + UpdateMethod: "UpdateApp", + DeleteMethod: "DeleteApp", + ID: `app.Metadata.Name`, + Kind: "app", + HasStaticID: false, + TerraformResourceType: "teleport_app", + HasCheckAndSetDefaults: true, + } + + authPreference = payload{ + Name: "AuthPreference", + TypeName: "AuthPreferenceV2", + VarName: "authPreference", + GetMethod: "GetAuthPreference", + CreateMethod: "SetAuthPreference", + UpdateMethod: "SetAuthPreference", + DeleteMethod: "ResetAuthPreference", + ID: `"auth_preference"`, + Kind: "cluster_auth_preference", + HasStaticID: false, + TerraformResourceType: "teleport_auth_preference", + HasCheckAndSetDefaults: true, + } + + clusterMaintenance = payload{ + Name: "ClusterMaintenanceConfig", + TypeName: "ClusterMaintenanceConfigV1", + VarName: "clusterMaintenanceConfig", + GetMethod: "GetClusterMaintenanceConfig", + CreateMethod: "UpdateClusterMaintenanceConfig", + UpdateMethod: "UpdateClusterMaintenanceConfig", + DeleteMethod: "DeleteClusterMaintenanceConfig", + ID: `"cluster_maintenance_config"`, + Kind: "cluster_maintenance_config", + HasStaticID: true, + TerraformResourceType: "teleport_cluster_maintenance_config", + WithNonce: true, + GetCanReturnNil: true, + HasCheckAndSetDefaults: true, + } + + clusterNetworking = payload{ + Name: "ClusterNetworkingConfig", + TypeName: "ClusterNetworkingConfigV2", + VarName: "clusterNetworkingConfig", + GetMethod: "GetClusterNetworkingConfig", + CreateMethod: "SetClusterNetworkingConfig", + UpdateMethod: "SetClusterNetworkingConfig", + DeleteMethod: "ResetClusterNetworkingConfig", + ID: `"cluster_networking_config"`, + Kind: "cluster_networking_config", + HasStaticID: false, + TerraformResourceType: "teleport_cluster_networking_config", + HasCheckAndSetDefaults: true, + } + + database = payload{ + Name: "Database", + TypeName: "DatabaseV3", + VarName: "database", + GetMethod: "GetDatabase", + CreateMethod: "CreateDatabase", + UpdateMethod: "UpdateDatabase", + DeleteMethod: "DeleteDatabase", + ID: `database.Metadata.Name`, + Kind: "db", + HasStaticID: false, + TerraformResourceType: "teleport_database", + HasCheckAndSetDefaults: true, + } + + githubConnector = payload{ + Name: "GithubConnector", + TypeName: "GithubConnectorV3", + VarName: "githubConnector", + GetMethod: "GetGithubConnector", + CreateMethod: "CreateGithubConnector", + UpdateMethod: "UpsertGithubConnector", + UpsertMethodArity: 2, + DeleteMethod: "DeleteGithubConnector", + WithSecrets: "true", + ID: "githubConnector.Metadata.Name", + Kind: "github", + HasStaticID: true, + TerraformResourceType: "teleport_github_connector", + HasCheckAndSetDefaults: true, + } + + oidcConnector = payload{ + Name: "OIDCConnector", + TypeName: "OIDCConnectorV3", + VarName: "oidcConnector", + GetMethod: "GetOIDCConnector", + CreateMethod: "CreateOIDCConnector", + UpdateMethod: "UpsertOIDCConnector", + UpsertMethodArity: 2, + DeleteMethod: "DeleteOIDCConnector", + WithSecrets: "true", + ID: "oidcConnector.Metadata.Name", + Kind: "oidc", + HasStaticID: true, + TerraformResourceType: "teleport_oidc_connector", + HasCheckAndSetDefaults: true, + } + + samlConnector = payload{ + Name: "SAMLConnector", + TypeName: "SAMLConnectorV2", + VarName: "samlConnector", + GetMethod: "GetSAMLConnector", + CreateMethod: "CreateSAMLConnector", + UpdateMethod: "UpsertSAMLConnector", + UpsertMethodArity: 2, + DeleteMethod: "DeleteSAMLConnector", + WithSecrets: "true", + ID: "samlConnector.Metadata.Name", + Kind: "saml", + HasStaticID: true, + TerraformResourceType: "teleport_saml_connector", + HasCheckAndSetDefaults: true, + } + + provisionToken = payload{ + Name: "ProvisionToken", + TypeName: "ProvisionTokenV2", + VarName: "provisionToken", + GetMethod: "GetToken", + CreateMethod: "UpsertToken", + UpdateMethod: "UpsertToken", + DeleteMethod: "DeleteToken", + ID: "strconv.FormatInt(provisionToken.Metadata.ID, 10)", // must be a string + RandomMetadataName: true, + Kind: "token", + HasStaticID: false, + ExtraImports: []string{"strconv"}, + TerraformResourceType: "teleport_provision_token", + HasCheckAndSetDefaults: true, + } + + role = payload{ + Name: "Role", + TypeName: "RoleV6", + VarName: "role", + GetMethod: "GetRole", + CreateMethod: "CreateRole", + UpdateMethod: "UpsertRole", + UpsertMethodArity: 2, + DeleteMethod: "DeleteRole", + ID: "role.Metadata.Name", + Kind: "role", + HasStaticID: false, + TerraformResourceType: "teleport_role", + HasCheckAndSetDefaults: true, + } + + sessionRecording = payload{ + Name: "SessionRecordingConfig", + TypeName: "SessionRecordingConfigV2", + VarName: "sessionRecordingConfig", + GetMethod: "GetSessionRecordingConfig", + CreateMethod: "SetSessionRecordingConfig", + UpdateMethod: "SetSessionRecordingConfig", + DeleteMethod: "ResetSessionRecordingConfig", + ID: `"session_recording_config"`, + Kind: "session_recording_config", + HasStaticID: false, + TerraformResourceType: "teleport_session_recording_config", + HasCheckAndSetDefaults: true, + } + + trustedCluster = payload{ + Name: "TrustedCluster", + TypeName: "TrustedClusterV2", + VarName: "trustedCluster", + GetMethod: "GetTrustedCluster", + CreateMethod: "UpsertTrustedCluster", + UpdateMethod: "UpsertTrustedCluster", + DeleteMethod: "DeleteTrustedCluster", + UpsertMethodArity: 2, + ID: "trustedCluster.Metadata.Name", + Kind: "trusted_cluster", + HasStaticID: false, + TerraformResourceType: "teleport_trusted_cluster", + HasCheckAndSetDefaults: true, + } + + user = payload{ + Name: "User", + TypeName: "UserV2", + VarName: "user", + GetMethod: "GetUser", + CreateMethod: "CreateUser", + UpdateMethod: "UpsertUser", + UpsertMethodArity: 2, + DeleteMethod: "DeleteUser", + WithSecrets: "false", + ID: "user.Metadata.Name", + Kind: "user", + HasStaticID: false, + TerraformResourceType: "teleport_user", + HasCheckAndSetDefaults: true, + } + + loginRule = payload{ + Name: "LoginRule", + TypeName: "LoginRule", + VarName: "loginRule", + GetMethod: "GetLoginRule", + CreateMethod: "UpsertLoginRule", + UpsertMethodArity: 2, + UpdateMethod: "UpsertLoginRule", + DeleteMethod: "DeleteLoginRule", + ID: "loginRule.Metadata.Name", + Kind: "login_rule", + HasStaticID: true, + ProtoPackage: "loginrulev1", + ProtoPackagePath: "github.com/gravitational/teleport/api/gen/proto/go/teleport/loginrule/v1", + SchemaPackage: "schemav1", + SchemaPackagePath: "github.com/gravitational/teleport/integrations/terraform/tfschema/loginrule/v1", + IsPlainStruct: true, + TerraformResourceType: "teleport_login_rule", + } + + deviceTrust = payload{ + Name: "DeviceV1", + VarName: "trustedDevice", + TypeName: "DeviceV1", + GetMethod: "GetDeviceResource", + CreateMethod: "UpsertDeviceResource", + UpsertMethodArity: 2, + UpdateMethod: "UpsertDeviceResource", + DeleteMethod: "DeleteDeviceResource", + Kind: "device", + ID: "trustedDevice.Metadata.Name", + HasStaticID: true, + SchemaPackage: "schemav1", + SchemaPackagePath: "github.com/gravitational/teleport/integrations/terraform/tfschema/devicetrust/v1", + IsPlainStruct: true, + UUIDMetadataName: true, + TerraformResourceType: "teleport_device_trust", + } + + oktaImportRule = payload{ + Name: "OktaImportRule", + TypeName: "OktaImportRuleV1", + VarName: "oktaImportRule", + IfaceName: "OktaImportRule", + GetMethod: "OktaClient().GetOktaImportRule", + CreateMethod: "OktaClient().CreateOktaImportRule", + UpdateMethod: "OktaClient().UpdateOktaImportRule", + DeleteMethod: "OktaClient().DeleteOktaImportRule", + UpsertMethodArity: 2, + ID: "oktaImportRule.Metadata.Name", + Kind: "okta_import_rule", + HasStaticID: false, + TerraformResourceType: "teleport_okta_import_rule", + HasCheckAndSetDefaults: true, + } + + accessList = payload{ + Name: "AccessList", + TypeName: "AccessList", + VarName: "accessList", + GetMethod: "AccessListClient().GetAccessList", + CreateMethod: "AccessListClient().UpsertAccessList", + UpsertMethodArity: 2, + UpdateMethod: "AccessListClient().UpsertAccessList", + DeleteMethod: "AccessListClient().DeleteAccessList", + ID: "accessList.Header.Metadata.Name", + Kind: "access_list", + HasStaticID: false, + SchemaPackage: "schemav1", + SchemaPackagePath: "github.com/gravitational/teleport/integrations/terraform/tfschema/accesslist/v1", + ProtoPackage: "accesslist", + ProtoPackagePath: "github.com/gravitational/teleport/api/gen/proto/go/teleport/accesslist/v1", + TerraformResourceType: "teleport_access_list", + ConvertPackagePath: "github.com/gravitational/teleport/api/types/accesslist/convert/v1", + HasCheckAndSetDefaults: true, + PropagatedFields: []string{"Spec.Audit.NextAuditDate"}, + } + + server = payload{ + Name: "Server", + TypeName: "ServerV2", + VarName: "server", + GetMethod: "GetNode", + CreateMethod: "UpsertNode", + UpdateMethod: "UpsertNode", + UpsertMethodArity: 2, + DeleteMethod: "DeleteNode", + ID: "server.Metadata.Name", + Kind: "node", + HasStaticID: false, + TerraformResourceType: "teleport_server", + HasCheckAndSetDefaults: true, + Namespaced: true, + ForceSetKind: "apitypes.KindNode", + } +) + +func main() { + if len(os.Args) == 2 && os.Args[1] == "docs" { + genReferenceDocs() + } else { + genTFSchema() + } +} + +func genTFSchema() { + generateResource(app, pluralResource) + generateDataSource(app, pluralDataSource) + generateResource(authPreference, singularResource) + generateDataSource(authPreference, singularDataSource) + generateResource(clusterMaintenance, singularResource) + generateDataSource(clusterMaintenance, singularDataSource) + generateResource(clusterNetworking, singularResource) + generateDataSource(clusterNetworking, singularDataSource) + generateResource(database, pluralResource) + generateDataSource(database, pluralDataSource) + generateResource(githubConnector, pluralResource) + generateDataSource(githubConnector, pluralDataSource) + generateResource(oidcConnector, pluralResource) + generateDataSource(oidcConnector, pluralDataSource) + generateResource(samlConnector, pluralResource) + generateDataSource(samlConnector, pluralDataSource) + generateResource(provisionToken, pluralResource) + generateDataSource(provisionToken, pluralDataSource) + generateResource(role, pluralResource) + generateDataSource(role, pluralDataSource) + generateResource(trustedCluster, pluralResource) + generateDataSource(trustedCluster, pluralDataSource) + generateResource(sessionRecording, singularResource) + generateDataSource(sessionRecording, singularDataSource) + generateResource(user, pluralResource) + generateDataSource(user, pluralDataSource) + generateResource(loginRule, pluralResource) + generateDataSource(loginRule, pluralDataSource) + generateResource(deviceTrust, pluralResource) + generateDataSource(deviceTrust, pluralDataSource) + generateResource(oktaImportRule, pluralResource) + generateDataSource(oktaImportRule, pluralDataSource) + generateResource(accessList, pluralResource) + generateDataSource(accessList, pluralDataSource) + generateResource(server, pluralResource) + generateDataSource(server, pluralDataSource) +} + +func generateResource(p payload, tpl string) { + outFile := fmt.Sprintf(outFileResourceFormat, p.TerraformResourceType) + generate(p, tpl, outFile) +} +func generateDataSource(p payload, tpl string) { + outFile := fmt.Sprintf(outFileDataSourceFormat, p.TerraformResourceType) + generate(p, tpl, outFile) +} + +func generate(p payload, tpl, outFile string) { + if err := p.CheckAndSetDefaults(); err != nil { + log.Fatal(err) + } + + funcs := template.FuncMap{ + "schemaImport": func(p payload) string { + if p.SchemaPackage == "tfschema" { + return `"` + p.SchemaPackagePath + `"` + } + + return p.SchemaPackage + ` "` + p.SchemaPackagePath + `"` + }, + "protoImport": func(p payload) string { + if p.ConvertPackagePath != "" { + return "convert" + ` "` + p.ConvertPackagePath + `"` + } + + return p.ProtoPackage + ` "` + p.ProtoPackagePath + `"` + }, + } + + t, err := template.New(p.Name).Funcs(funcs).ParseFiles(path.Join("gen", tpl)) + if err != nil { + log.Fatal(err) + } + + var b bytes.Buffer + err = t.ExecuteTemplate(&b, tpl, p) + if err != nil { + log.Fatal(err) + } + + err = os.WriteFile(outFile, b.Bytes(), 0777) + if err != nil { + log.Fatal(err) + } +} + +// Create Docs Markdown +var ( + mapResourceSchema = map[string]func(context.Context) (tfsdk.Schema, diag.Diagnostics){ + "access_list": accesslistSchema.GenSchemaAccessList, + "app": tfschema.GenSchemaAppV3, + "auth_preference": tfschema.GenSchemaAuthPreferenceV2, + "bot": provider.GenSchemaBot, + "cluster_maintenance_config": tfschema.GenSchemaClusterMaintenanceConfigV1, + "cluster_networking_config": tfschema.GenSchemaClusterNetworkingConfigV2, + "database": tfschema.GenSchemaDatabaseV3, + "trusted_device": devicetrustSchema.GenSchemaDeviceV1, + "github_connector": tfschema.GenSchemaGithubConnectorV3, + "login_rule": loginruleSchema.GenSchemaLoginRule, + "okta_import_rule": tfschema.GenSchemaOktaImportRuleV1, + "oidc_connector": tfschema.GenSchemaOIDCConnectorV3, + "provision_token": tfschema.GenSchemaProvisionTokenV2, + "role": tfschema.GenSchemaRoleV6, + "saml_connector": tfschema.GenSchemaSAMLConnectorV2, + "session_recording_config": tfschema.GenSchemaSessionRecordingConfigV2, + "trusted_cluster": tfschema.GenSchemaTrustedClusterV2, + "user": tfschema.GenSchemaUserV2, + "server": tfschema.GenSchemaServerV2, + } + + // hiddenFields are fields that are not outputted to the reference doc. + // It supports non-top level fields by adding its prefix. Eg: metadata.namespace + hiddenFields = []string{ + "id", // read only field + "kind", // each resource already defines its kind so this is redundant + } + + // fieldComments is used to define specific descriptions for the given fields. + // Typical usage is for enums which we don't have comments yet. + fieldComments = map[string]string{ + "teleport_auth_preference.spec.require_session_mfa": "RequireMFAType is the type of MFA requirement enforced for this cluster: 0:Off, 1:Session, 2:SessionAndHardwareKey, 3:HardwareKeyTouch", + "teleport_role.spec.options.require_session_mfa": "RequireMFAType is the type of MFA requirement enforced for this role: 0:Off, 1:Session, 2:SessionAndHardwareKey, 3:HardwareKeyTouch", + } +) + +func genReferenceDocs() { + sortedNames := make([]string, 0, len(mapResourceSchema)) + for k := range mapResourceSchema { + sortedNames = append(sortedNames, k) + } + sort.Strings(sortedNames) + + t, err := template.ParseFiles(path.Join("gen", referenceDocsTemplate)) + if err != nil { + log.Fatal(err) + } + + referenceDocsResource := make([]referenceDocResource, 0, len(mapResourceSchema)) + for _, name := range sortedNames { + resourceName := "teleport_" + name + + schemaFn := mapResourceSchema[name] + schema, diags := schemaFn(context.Background()) + if diags.HasError() { + log.Fatalf("%v", diags) + } + + fieldDescBuilder := strings.Builder{} + dumpAttributes(&fieldDescBuilder, 0, resourceName, "", schema.Attributes) + + exampleFileName := fmt.Sprintf("example/%s.tf.example", name) + exampleBytes, err := os.ReadFile(exampleFileName) + if err != nil { + log.Fatalf("error loading %q file: %v", exampleFileName, err) + } + + referenceDocsResource = append(referenceDocsResource, referenceDocResource{ + Name: resourceName, + FieldsDesc: fieldDescBuilder.String(), + Example: string(exampleBytes), + }) + } + + var b bytes.Buffer + err = t.ExecuteTemplate(&b, referenceDocsTemplate, map[string]any{ + "resourceList": sortedNames, + "resourcesDoc": referenceDocsResource, + }) + if err != nil { + log.Fatal(err) + } + + err = os.WriteFile("reference.mdx", b.Bytes(), 0777) + if err != nil { + log.Fatal(err) + } +} + +type referenceDocResource struct { + Name string + FieldsDesc string + Example string +} + +func dumpAttributes(fp io.Writer, level int, resourceName string, prefix string, attrs map[string]tfsdk.Attribute) { + sortedAttrKeys := make([]string, 0, len(attrs)) + for k := range attrs { + sortedAttrKeys = append(sortedAttrKeys, k) + } + sort.Strings(sortedAttrKeys) + + table := tablewriter.NewWriter(fp) + table.SetHeader([]string{"Name", "Type", "Required", "Description"}) + table.SetAutoWrapText(false) + table.SetBorders(tablewriter.Border{Left: true, Top: false, Right: true, Bottom: false}) + table.SetCenterSeparator("|") + table.SetAutoFormatHeaders(false) + + for _, name := range sortedAttrKeys { + fullFieldPath := resourceName + "." + prefix + name + attr := attrs[name] + + if slices.Contains(hiddenFields, prefix+name) { + continue + } + + description := attr.Description + if d, found := fieldComments[fullFieldPath]; found { + description = d + } + // Using html.EscapeString also escapes `'`` (into `'`) + // This generates a lint error when running cspell because the word `doesn't` becomes `doesn't` + // and `doesn` isn't a valid word. + // This lint error happens when running the `Lint (docs)` CI step in the teleport repo. + // The mdx format supports `'"&` (the other chars that html.EscapeString escapes) without escaping. + descriptionMDXEscaped := strings.ReplaceAll(strings.ReplaceAll(description, "<", "<"), ">", ">") + table.Append([]string{name, typ(attr.Type), requiredString(attr.Required), descriptionMDXEscaped}) + } + table.Render() + fmt.Fprintln(fp) + + for _, name := range sortedAttrKeys { + attr := attrs[name] + if attr.Attributes != nil { + fmt.Fprintf(fp, "%s %s\n", strings.Repeat("#", 3+level), prefix+name) + fmt.Fprintln(fp) + fmt.Fprintln(fp, attr.Description) + fmt.Fprintln(fp) + + dumpAttributes(fp, level+1, resourceName, prefix+name+".", attr.Attributes.GetAttributes()) + } + } +} + +func typ(typ attr.Type) string { + if typ == nil { + return "object" + } + + switch typ.String() { + case "types.StringType": + return "string" + case "TimeType(2006-01-02T15:04:05Z07:00)": + return "RFC3339 time" + case "DurationType": + return "duration" + case "types.BoolType": + return "bool" + case "types.MapType[types.StringType]": + return "map of strings" + case "types.ListType[types.StringType]": + return "array of strings" + case "types.MapType[types.ListType[types.StringType]]": + return "map of string arrays" + case "types.Int64Type": + return "number" + default: + return typ.String() + } +} + +func requiredString(r bool) string { + if r { + return "*" + } + return " " +} diff --git a/integrations/terraform/gen/plural_data_source.go.tpl b/integrations/terraform/gen/plural_data_source.go.tpl new file mode 100644 index 0000000000000..afc79d5850b39 --- /dev/null +++ b/integrations/terraform/gen/plural_data_source.go.tpl @@ -0,0 +1,96 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + {{ if not .IsPlainStruct }} + {{- protoImport . }} + {{- end }} + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + {{- if .Namespaced }} + "github.com/gravitational/teleport/api/defaults" + {{- end }} + + {{ schemaImport . }} +) + +// dataSourceTeleport{{.Name}}Type is the data source metadata type +type dataSourceTeleport{{.Name}}Type struct{} + +// dataSourceTeleport{{.Name}} is the resource +type dataSourceTeleport{{.Name}} struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleport{{.Name}}Type) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return {{.SchemaPackage}}.GenSchema{{.TypeName}}(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleport{{.Name}}Type) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleport{{.Name}}{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport {{.Name}} +func (r dataSourceTeleport{{.Name}}) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + {{- if .ConvertPackagePath}} + diags := req.Config.GetAttribute(ctx, path.Root("header").AtName("metadata").AtName("name"), &id) + {{- else }} + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + {{- end}} + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + {{.VarName}}I, err := r.p.Client.{{.GetMethod}}(ctx, {{if .Namespaced}}defaults.Namespace, {{end}}id.Value{{if ne .WithSecrets ""}}, {{.WithSecrets}}{{end}}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + var state types.Object + {{if .IsPlainStruct -}} + {{.VarName}} := {{.VarName}}I + {{else if .ConvertPackagePath -}} + {{.VarName}} := convert.ToProto({{.VarName}}I) + {{else}} + {{.VarName}} := {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + {{- end}} + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/gen/plural_resource.go.tpl b/integrations/terraform/gen/plural_resource.go.tpl new file mode 100644 index 0000000000000..8652e04e1b27a --- /dev/null +++ b/integrations/terraform/gen/plural_resource.go.tpl @@ -0,0 +1,448 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" +{{- if .RandomMetadataName }} + "crypto/rand" + "encoding/hex" +{{- end }} + "fmt" +{{- range $i, $a := .ExtraImports }} + "{{$a}}" +{{- end }} +{{ if .UUIDMetadataName }} + "github.com/google/uuid" +{{- end }} + {{.ProtoPackage}} "{{.ProtoPackagePath}}" + {{ if .ConvertPackagePath -}} + convert "{{.ConvertPackagePath}}" + {{- end}} + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" +{{- if .Namespaced }} + "github.com/gravitational/teleport/api/defaults" +{{- end }} + + {{ schemaImport . }} +) + +// resourceTeleport{{.Name}}Type is the resource metadata type +type resourceTeleport{{.Name}}Type struct{} + +// resourceTeleport{{.Name}} is the resource +type resourceTeleport{{.Name}} struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleport{{.Name}}Type) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return {{.SchemaPackage}}.GenSchema{{.TypeName}}(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleport{{.Name}}Type) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleport{{.Name}}{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the {{.Name}} +func (r resourceTeleport{{.Name}}) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + {{.VarName}} := &{{.ProtoPackage}}.{{.TypeName}}{} + diags = {{.SchemaPackage}}.Copy{{.TypeName}}FromTerraform(ctx, plan, {{.VarName}}) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + {{if .RandomMetadataName -}} + if {{.VarName}}.Metadata.Name == "" { + b := make([]byte, 32) + _, err := rand.Read(b) + if err != nil { + resp.Diagnostics.AddError("Failed to generate random token", err.Error()) + return + } + {{.VarName}}.Metadata.Name = hex.EncodeToString(b) + } + {{end -}} + {{if .UUIDMetadataName -}} + if {{.VarName}}.Metadata.Name == "" { + {{.VarName}}.Metadata.Name = uuid.NewString() + } + {{end -}} + {{if .DefaultVersion -}} + if {{.VarName}}.Version == "" { + {{.VarName}}.Version = "{{.DefaultVersion}}" + } + {{- end}} +{{- if .ConvertPackagePath}} + {{.VarName}}Resource, err := convert.FromProto({{.VarName}}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Errorf("Can not convert %T to {{.TypeName}}: %s", {{.VarName}}Resource, err), "{{.Kind}}")) + return + } +{{- else }} + {{.VarName}}Resource := {{.VarName}} +{{end}} + +{{- if .ForceSetKind }} + {{.VarName}}Resource.Kind = {{.ForceSetKind}} +{{- end}} + +{{- if .HasCheckAndSetDefaults }} + err = {{.VarName}}Resource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting {{.Name}} defaults", trace.Wrap(err), "{{.Kind}}")) + return + } +{{- end}} + + id := {{.VarName}}Resource.Metadata.Name + + _, err = r.p.Client.{{.GetMethod}}(ctx, {{if .Namespaced}}defaults.Namespace, {{end}}id{{if ne .WithSecrets ""}}, {{.WithSecrets}}{{end}}) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("{{.Name}} exists in Teleport. Either remove it (tctl rm {{.Kind}}/%v)"+ + " or import it to the existing state (terraform import {{.TerraformResourceType}}.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("{{.Name}} exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{if eq .UpsertMethodArity 2}}_, {{end}}err = r.p.Client.{{.CreateMethod}}(ctx, {{.VarName}}Resource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + {{- if .IsPlainStruct }} + var {{.VarName}}I *{{.ProtoPackage}}.{{.Name}} + {{- else }} + {{if .ConvertPackagePath -}} + var {{.VarName}}I = {{.VarName}}Resource + {{- else }} + // Not really an inferface, just using the same name for easier templating. + var {{.VarName}}I {{.ProtoPackage}}.{{ if ne .IfaceName ""}}{{.IfaceName}}{{else}}{{.Name}}{{end}} + {{- end}} + {{- end }} + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + {{.VarName}}I, err = r.p.Client.{{.GetMethod}}(ctx, {{if .Namespaced}}defaults.Namespace, {{end}}id{{if ne .WithSecrets ""}}, {{.WithSecrets}}{{end}}) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(bErr), "{{.Kind}}")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading {{.Name}} (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "{{.Kind}}") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{if or .IsPlainStruct .ConvertPackagePath -}} + {{.VarName}}Resource = {{.VarName}}I + {{else -}} + {{.VarName}}Resource, ok := {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Errorf("Can not convert %T to {{.TypeName}}", {{.VarName}}I), "{{.Kind}}")) + return + } + {{- end}} + + {{- if .ConvertPackagePath}} + {{.VarName}} = convert.ToProto({{.VarName}}Resource) + {{else}} + {{.VarName}} = {{.VarName}}Resource + {{- end }} + + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: {{.ID}}} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport {{.Name}} +func (r resourceTeleport{{.Name}}) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + {{- if .ConvertPackagePath}} + diags = req.State.GetAttribute(ctx, path.Root("header").AtName("metadata").AtName("name"), &id) + {{- else }} + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + {{- end}} + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + {{.VarName}}I, err := r.p.Client.{{.GetMethod}}(ctx, {{if .Namespaced}}defaults.Namespace, {{end}}id.Value{{if ne .WithSecrets ""}}, {{.WithSecrets}}{{end}}) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + {{if .IsPlainStruct -}} + {{.VarName}} := {{.VarName}}I + {{else if .ConvertPackagePath -}} + {{.VarName}} := convert.ToProto({{.VarName}}I) + {{ else }} + {{.VarName}} := {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + {{end -}} + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport {{.Name}} +func (r resourceTeleport{{.Name}}) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + {{.VarName}} := &{{.ProtoPackage}}.{{.TypeName}}{} + diags = {{.SchemaPackage}}.Copy{{.TypeName}}FromTerraform(ctx, plan, {{.VarName}}) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + +{{- if .ConvertPackagePath}} + {{.VarName}}Resource, err := convert.FromProto({{.VarName}}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Errorf("Can not convert %T to {{.TypeName}}: %s", {{.VarName}}Resource, err), "{{.Kind}}")) + return + } +{{- else }} + {{.VarName}}Resource := {{.VarName}} +{{end}} + + {{if .HasCheckAndSetDefaults -}} + if err := {{.VarName}}Resource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating {{.Name}}", err, "{{.Kind}}")) + return + } + {{- end}} + name := {{.VarName}}Resource.Metadata.Name + + {{.VarName}}Before, err := r.p.Client.{{.GetMethod}}(ctx, {{if .Namespaced}}defaults.Namespace, {{end}}name{{if ne .WithSecrets ""}}, {{.WithSecrets}}{{end}}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", err, "{{.Kind}}")) + return + } + {{- $VarName := .VarName }} + {{- range $field := .PropagatedFields }} + {{ $VarName }}Resource.{{ $field }} = {{ $VarName }}Before.{{ $field }} + {{- end }} + + {{if eq .UpsertMethodArity 2}}_, {{end}}err = r.p.Client.{{.UpdateMethod}}(ctx, {{.VarName}}Resource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating {{.Name}}", err, "{{.Kind}}")) + return + } + + {{- if .IsPlainStruct }} + var {{.VarName}}I *{{.ProtoPackage}}.{{.Name}} + {{- else }} + {{if .ConvertPackagePath -}} + var {{.VarName}}I = {{.VarName}}Resource + {{- else }} + // Not really an inferface, just using the same name for easier templating. + var {{.VarName}}I {{.ProtoPackage}}.{{ if ne .IfaceName ""}}{{.IfaceName}}{{else}}{{.Name}}{{end}} + {{- end}} + {{- end }} + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + {{.VarName}}I, err = r.p.Client.{{.GetMethod}}(ctx, {{if .Namespaced}}defaults.Namespace, {{end}}name{{if ne .WithSecrets ""}}, {{.WithSecrets}}{{end}}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", err, "{{.Kind}}")) + return + } + if {{.VarName}}Before.GetMetadata().Revision != {{.VarName}}I.GetMetadata().Revision || {{.HasStaticID}} { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading {{.Name}} (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "{{.Kind}}") + return + } + } + + {{if or .IsPlainStruct .ConvertPackagePath -}} + {{.VarName}}Resource = {{.VarName}}I + {{else -}} + {{.VarName}}Resource, ok := {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Errorf("Can not convert %T to {{.TypeName}}", {{.VarName}}I), "{{.Kind}}")) + return + } + {{- end}} + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport {{.Name}} +func (r resourceTeleport{{.Name}}) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + {{- if .ConvertPackagePath}} + diags := req.State.GetAttribute(ctx, path.Root("header").AtName("metadata").AtName("name"), &id) + {{- else }} + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + {{- end}} + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.{{.DeleteMethod}}(ctx, {{if .Namespaced}}defaults.Namespace, {{end}}id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting {{.TypeName}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports {{.Name}} state +func (r resourceTeleport{{.Name}}) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + {{.VarName}}, err := r.p.Client.{{.GetMethod}}(ctx, {{if .Namespaced}}defaults.Namespace, {{end}}req.ID{{if ne .WithSecrets ""}}, {{.WithSecrets}}{{end}}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{if .IsPlainStruct -}} + {{.VarName}}Resource := {{.VarName}} + {{else if .ConvertPackagePath -}} + {{.VarName}}Resource := convert.ToProto({{.VarName}}) + {{else}} + {{.VarName}}Resource := {{.VarName}}.(*{{.ProtoPackage}}.{{.TypeName}}) + {{- end}} + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}Resource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + +{{- if or .IsPlainStruct .ConvertPackagePath}} + id := {{.VarName}}.Metadata.Name +{{- else }} + id := {{.VarName}}Resource.GetName() +{{- end}} + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/gen/referencedocs.go.tpl b/integrations/terraform/gen/referencedocs.go.tpl new file mode 100644 index 0000000000000..ef2e6051c8b18 --- /dev/null +++ b/integrations/terraform/gen/referencedocs.go.tpl @@ -0,0 +1,118 @@ +--- +title: Terraform provider resources +description: Terraform provider resources reference +--- + +{/* Content generated by teleport-plugins/terraform/gen/main.go DO NOT EDIT */} + +Supported resources: +{{range $_, $resource := .resourceList}} +- [teleport_{{$resource}}](#teleport_{{$resource}}) +{{- end}} + +## Provider configuration + +Ensure your Terraform version is v(=terraform.version=) or higher. + +Add the following configuration section to your `terraform` configuration block: + +``` +terraform { + required_providers { + teleport = { + version = "~> (=teleport.major_version=).0" + source = "terraform.releases.teleport.dev/gravitational/teleport" + } + } +} +``` + +The provider supports the following options: + +| Name | Type | Description | Environment Variable | +| ---------------------- | ------ | ------------------------------------------------------------------------------ | ---------------------------------- | +| `addr` | string | Teleport auth or proxy address in "host:port" format. | `TF_TELEPORT_ADDR` | +| `cert_path` | string | Path to Teleport certificate file. | `TF_TELEPORT_CERT` | +| `cert_base64` | string | Teleport certificate as base64. | `TF_TELEPORT_CERT_BASE64` | +| `identity_file_path` | string | Path to Teleport identity file. | `TF_TELEPORT_IDENTITY_FILE_PATH` | +| `identity_file_base64` | string | Teleport identity file as base64. | `TF_TELEPORT_IDENTITY_FILE_BASE64` | +| `key_path` | string | Path to Teleport key file. | `TF_TELEPORT_KEY` | +| `key_base64` | string | Teleport key as base64. | `TF_TELEPORT_KEY_BASE64` | +| `profile_dir` | string | Teleport profile path. | `TF_TELEPORT_PROFILE_PATH` | +| `profile_name` | string | Teleport profile name. | `TF_TELEPORT_PROFILE_NAME` | +| `root_ca_path` | string | Path to Teleport CA file. | `TF_TELEPORT_ROOT_CA` | +| `root_ca_base64` | string | Teleport CA as base64. | `TF_TELEPORT_ROOT_CA_BASE64` | +| `retry_base_duration` | string | Base duration between retries. [Format](https://pkg.go.dev/time#ParseDuration) | `TF_TELEPORT_RETRY_BASE_DURATION` | +| `retry_cap_duration` | string | Max duration between retries. [Format](https://pkg.go.dev/time#ParseDuration) | `TF_TELEPORT_RETRY_CAP_DURATION` | +| `retry_max_tries` | string | Max number of retries. | `TF_TELEPORT_RETRY_MAX_TRIES` | + +You need to specify at least one of: + +- `cert_path`, `key_path`,`root_ca_path` and `addr` to connect using key files. +- `cert_base64`, `key_base64`,`root_ca_base64` and `addr` to connect using a base64-encoded key. +- `identity_file_path` or `identity_file_base64` and `addr` to connect using an identity file. +- `profile_name`, `profile_dir` (both can be empty) and `addr` to connect using current profile from `~/.tsh` + +The `retry_*` values are used to retry the API calls to Teleport when the cache is stale. + +If more than one are provided, they will be tried in the order above until one succeeds. + +Example: + +``` +provider "teleport" { + addr = "localhost:3025" + cert_path = "tf.crt" + key_path = "tf.key" + root_ca_path = "tf.ca" +} +``` + +## Provider resource versioning + +Since Teleport 15, you must set the version on each resource, and version cannot +be changed in-place. Terraform will delete the resource and create a new one if +a version change is required. + +This is not enforced on previous Teleport provider versions, but we recommend doing +so. When the version is not specified, Terraform will pick the latest one by default. +However, version upgrades don't re-apply the resource defaults. This could lead +to different results if you create a new resource or upgrade an existing one. +To mitigate this, you should explicitly set the resource version. + + + Upgrading the Terraform Provider to a new version with `teleport_role` + resources without a specified version can change the role behavior and access + rules. You must set the role version before upgrading to ensure the role + access rules don't change. + + The default role version is the highest supported: + + - v12 default role version is `v5` + - v13 default role version is `v6` + - v14 default role version is `v7` + + For example, before upgrading from v12 to v13, edit every unversioned role + to pin the `v5` version: + + ```hcl + resource "teleport_role" "test" { + version = "v5" + metadata = { + name = "my-role" + } + // ... + } + ``` + + +{{range $_, $resource := .resourcesDoc}} +## {{$resource.Name}} + +{{$resource.FieldsDesc -}} +Example: + +``` +{{$resource.Example}} +``` +{{end}} diff --git a/integrations/terraform/gen/singular_data_source.go.tpl b/integrations/terraform/gen/singular_data_source.go.tpl new file mode 100644 index 0000000000000..b7c1ac2ac2030 --- /dev/null +++ b/integrations/terraform/gen/singular_data_source.go.tpl @@ -0,0 +1,79 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + {{ if not .IsPlainStruct }} + {{- protoImport . }} + {{- end }} + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + {{ schemaImport . }} +) + +// dataSourceTeleport{{.Name}}Type is the data source metadata type +type dataSourceTeleport{{.Name}}Type struct{} + +// dataSourceTeleport{{.Name}} is the resource +type dataSourceTeleport{{.Name}} struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleport{{.Name}}Type) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return {{.SchemaPackage}}.GenSchema{{.TypeName}}(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleport{{.Name}}Type) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleport{{.Name}}{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport {{.Name}} +func (r dataSourceTeleport{{.Name}}) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + {{.VarName}}I, err := r.p.Client.{{.GetMethod}}(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + var state types.Object + {{if .IsPlainStruct -}} + {{.VarName}} := {{.VarName}}I + {{else -}} + {{.VarName}} := {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + {{end -}} + diags := {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/gen/singular_resource.go.tpl b/integrations/terraform/gen/singular_resource.go.tpl new file mode 100644 index 0000000000000..d438c56e5b4a9 --- /dev/null +++ b/integrations/terraform/gen/singular_resource.go.tpl @@ -0,0 +1,336 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" +{{- if .WithNonce}} + "math" +{{- end}} + + {{.ProtoPackage}} "{{.ProtoPackagePath}}" + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + {{ schemaImport . }} +) + +// resourceTeleport{{.Name}}Type is the resource metadata type +type resourceTeleport{{.Name}}Type struct{} + +// resourceTeleport{{.Name}} is the resource +type resourceTeleport{{.Name}} struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleport{{.Name}}Type) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return {{.SchemaPackage}}.GenSchema{{.TypeName}}(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleport{{.Name}}Type) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleport{{.Name}}{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the {{.Name}} +func (r resourceTeleport{{.Name}}) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + {{.VarName}} := &{{.ProtoPackage}}.{{.TypeName}}{} + diags = {{.SchemaPackage}}.Copy{{.TypeName}}FromTerraform(ctx, plan, {{.VarName}}) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := {{.VarName}}.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting {{.Name}} defaults", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{if .DefaultVersion -}} + if {{.VarName}}.Version == "" { + {{.VarName}}.Version = "{{.DefaultVersion}}" + } + {{- end}} + + {{.VarName}}Before, err := r.p.Client.Get{{.Name}}(ctx) + if err != nil && !trace.IsNotFound(err) { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{- if .GetCanReturnNil }} + + if {{.VarName}}Before == nil { + {{.VarName}}Before = &{{.ProtoPackage}}.{{.TypeName}}{} + } + + {{- end}} + + {{- if .WithNonce}} + {{.VarName}} = {{.VarName}}.WithNonce(math.MaxUint64).(*{{.ProtoPackage}}.{{.TypeName}}) + {{- end}} + + err = r.p.Client.{{.CreateMethod}}(ctx, {{.VarName}}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{if .IsPlainStruct -}} + // Not really an inferface, just using the same name for easier templating. + var {{.VarName}}I *{{.ProtoPackage}}.{{.Name}} + {{else -}} + var {{.VarName}}I {{.ProtoPackage}}.{{ if ne .IfaceName ""}}{{.IfaceName}}{{else}}{{.Name}}{{end}} + {{- end}} + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + {{.VarName}}I, err = r.p.Client.{{.GetMethod}}(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + if {{.VarName}}Before.GetMetadata().Revision != {{.VarName}}I.GetMetadata().Revision || {{.HasStaticID}} { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(bErr), "{{.Kind}}")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading {{.Name}} (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "{{.Kind}}") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{if .IsPlainStruct -}} + {{.VarName}} = {{.VarName}}I + {{else -}} + {{.VarName}}, ok := {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + if !ok { + resp.Diagnostics.Append( + diagFromWrappedErr("Error reading {{.Name}}", trace.Errorf("Can not convert %T to {{.TypeName}}", {{.VarName}}I), "{{.Kind}}"), + ) + return + } + {{- end}} + + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: {{.ID}}} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport {{.Name}} +func (r resourceTeleport{{.Name}}) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + {{.VarName}}I, err := r.p.Client.Get{{.Name}}(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{.VarName}} := {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport {{.Name}} +func (r resourceTeleport{{.Name}}) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + {{.VarName}} := &{{.ProtoPackage}}.{{.TypeName}}{} + diags = {{.SchemaPackage}}.Copy{{.TypeName}}FromTerraform(ctx, plan, {{.VarName}}) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := {{.VarName}}.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{.VarName}}Before, err := r.p.Client.Get{{.Name}}(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + {{- $VarName := .VarName }} + {{- range $field := .PropagatedFields }} + {{ $VarName }}.{{ $field }} = {{ $VarName }}Before.{{ $field }} + {{- end }} + + {{- if .WithNonce}} + {{.VarName}} = {{.VarName}}.WithNonce(math.MaxUint64).(*{{.ProtoPackage}}.{{.TypeName}}) + {{- end}} + + err = r.p.Client.{{.UpdateMethod}}(ctx, {{.VarName}}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + var {{.VarName}}I {{.ProtoPackage}}.{{ if ne .IfaceName ""}}{{.IfaceName}}{{else}}{{.Name}}{{end}} + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + {{.VarName}}I, err = r.p.Client.{{.GetMethod}}(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + if {{.VarName}}Before.GetMetadata().Revision != {{.VarName}}I.GetMetadata().Revision || {{.HasStaticID}} { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(bErr), "{{.Kind}}")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading {{.Name}} (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "{{.Kind}}") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{.VarName}} = {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport {{.Name}} +func (r resourceTeleport{{.Name}}) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + err := r.p.Client.{{.DeleteMethod}}(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports {{.Name}} state +func (r resourceTeleport{{.Name}}) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + {{.VarName}}I, err := r.p.Client.Get{{.Name}}(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating {{.Name}}", trace.Wrap(err), "{{.Kind}}")) + return + } + + {{.VarName}} := {{.VarName}}I.(*{{.ProtoPackage}}.{{.TypeName}}) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = {{.SchemaPackage}}.Copy{{.TypeName}}ToTerraform(ctx, {{.VarName}}, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + state.Attrs["id"] = types.String{Value: {{.VarName}}.Metadata.Name} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/go.mod b/integrations/terraform/go.mod new file mode 100644 index 0000000000000..405ef6473c5d5 --- /dev/null +++ b/integrations/terraform/go.mod @@ -0,0 +1,354 @@ +module github.com/gravitational/teleport/integrations/terraform + +go 1.22 + +toolchain go1.22.2 + +require ( + github.com/gogo/protobuf v1.3.2 + github.com/google/go-cmp v0.6.0 + github.com/google/uuid v1.6.0 + github.com/gravitational/teleport v0.0.0 // replaced + github.com/gravitational/teleport/api v0.0.0 // replaced + github.com/gravitational/trace v1.4.0 + github.com/hashicorp/terraform-plugin-framework v0.10.0 + github.com/hashicorp/terraform-plugin-go v0.12.0 + github.com/hashicorp/terraform-plugin-sdk/v2 v2.10.1 + github.com/jonboulle/clockwork v0.4.0 + github.com/olekukonko/tablewriter v0.0.5 + github.com/sirupsen/logrus v1.9.3 + github.com/stretchr/testify v1.9.0 + golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 + google.golang.org/grpc v1.63.0 + google.golang.org/protobuf v1.33.0 +) + +require ( + cloud.google.com/go/compute v1.25.1 // indirect + cloud.google.com/go/compute/metadata v0.2.3 // indirect + cloud.google.com/go/container v1.35.0 // indirect + cloud.google.com/go/iam v1.1.7 // indirect + cloud.google.com/go/kms v1.15.8 // indirect + connectrpc.com/connect v1.16.0 // indirect + github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v3 v3.0.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v2 v2.4.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/mysql/armmysql v1.2.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/mysql/armmysqlflexibleservers v1.2.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/postgresql/armpostgresql v1.2.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/postgresql/armpostgresqlflexibleservers v1.1.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/redis/armredis/v2 v2.3.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/redisenterprise/armredisenterprise v1.2.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/sql/armsql v1.2.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/subscription/armsubscription v1.2.0 // indirect + github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect + github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect + github.com/BurntSushi/toml v1.3.2 // indirect + github.com/MakeNowJust/heredoc v1.0.0 // indirect + github.com/Masterminds/goutils v1.1.1 // indirect + github.com/Masterminds/semver/v3 v3.2.1 // indirect + github.com/Masterminds/sprig/v3 v3.2.3 // indirect + github.com/Masterminds/squirrel v1.5.4 // indirect + github.com/Microsoft/go-winio v0.6.1 // indirect + github.com/Microsoft/hcsshim v0.11.4 // indirect + github.com/ThalesIgnite/crypto11 v1.2.5 // indirect + github.com/agext/levenshtein v1.2.2 // indirect + github.com/alecthomas/kingpin/v2 v2.4.0 // indirect + github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect + github.com/apparentlymart/go-textseg v1.0.0 // indirect + github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect + github.com/armon/go-radix v1.0.0 // indirect + github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect + github.com/aws/aws-sdk-go v1.51.16 // indirect + github.com/aws/aws-sdk-go-v2 v1.26.1 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 // indirect + github.com/aws/aws-sdk-go-v2/config v1.27.11 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.17.11 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 // indirect + github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.15 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.5 // indirect + github.com/aws/aws-sdk-go-v2/service/athena v1.40.4 // indirect + github.com/aws/aws-sdk-go-v2/service/ec2 v1.156.0 // indirect + github.com/aws/aws-sdk-go-v2/service/ec2instanceconnect v1.23.2 // indirect + github.com/aws/aws-sdk-go-v2/service/ecs v1.41.7 // indirect + github.com/aws/aws-sdk-go-v2/service/eks v1.42.1 // indirect + github.com/aws/aws-sdk-go-v2/service/glue v1.78.0 // indirect + github.com/aws/aws-sdk-go-v2/service/iam v1.31.4 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.7 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.7 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.5 // indirect + github.com/aws/aws-sdk-go-v2/service/rds v1.76.1 // indirect + github.com/aws/aws-sdk-go-v2/service/s3 v1.53.1 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.20.5 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.4 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.28.6 // indirect + github.com/aws/smithy-go v1.20.2 // indirect + github.com/beevik/etree v1.3.0 // indirect + github.com/beorn7/perks v1.0.1 // indirect + github.com/boombuler/barcode v1.0.1 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/chai2010/gettext-go v1.0.2 // indirect + github.com/cloudflare/cfssl v1.6.4 // indirect + github.com/containerd/containerd v1.7.12 // indirect + github.com/containerd/log v0.1.0 // indirect + github.com/coreos/go-oidc v2.2.1+incompatible // indirect + github.com/coreos/go-semver v0.3.1 // indirect + github.com/coreos/pkg v0.0.0-20220810130054-c7d1c02cb6cf // indirect + github.com/crewjam/httperr v0.2.0 // indirect + github.com/crewjam/saml v0.4.14 // indirect + github.com/cyphar/filepath-securejoin v0.2.4 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/di-wu/parser v0.3.0 // indirect + github.com/di-wu/xsd-datetime v1.0.0 // indirect + github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect + github.com/distribution/reference v0.6.0 // indirect + github.com/dlclark/regexp2 v1.11.0 // indirect + github.com/docker/cli v25.0.1+incompatible // indirect + github.com/docker/distribution v2.8.3+incompatible // indirect + github.com/docker/docker v25.0.5+incompatible // indirect + github.com/docker/docker-credential-helpers v0.8.1 // indirect + github.com/docker/go-connections v0.5.0 // indirect + github.com/docker/go-metrics v0.0.1 // indirect + github.com/elimity-com/scim v0.0.0-20240320110924-172bf2aee9c8 // indirect + github.com/emicklei/go-restful/v3 v3.11.3 // indirect + github.com/evanphx/json-patch v5.9.0+incompatible // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect + github.com/fatih/color v1.16.0 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect + github.com/flynn/hid v0.0.0-20190502022136-f1b9b6cc019a // indirect + github.com/flynn/u2f v0.0.0-20180613185708-15554eb68e5d // indirect + github.com/fxamacker/cbor/v2 v2.6.0 // indirect + github.com/ghodss/yaml v1.0.0 // indirect + github.com/go-errors/errors v1.4.2 // indirect + github.com/go-gorp/gorp/v3 v3.1.0 // indirect + github.com/go-jose/go-jose/v3 v3.0.3 // indirect + github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/go-openapi/jsonpointer v0.20.2 // indirect + github.com/go-openapi/jsonreference v0.20.4 // indirect + github.com/go-openapi/swag v0.22.9 // indirect + github.com/go-piv/piv-go v1.11.0 // indirect + github.com/go-webauthn/webauthn v0.10.2 // indirect + github.com/go-webauthn/x v0.1.9 // indirect + github.com/gobwas/glob v0.2.3 // indirect + github.com/gobwas/httphead v0.1.0 // indirect + github.com/gobwas/pool v0.2.1 // indirect + github.com/gobwas/ws v1.3.2 // indirect + github.com/gofrs/flock v0.8.1 // indirect + github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v5 v5.2.1 // indirect + github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect + github.com/golang/protobuf v1.5.4 // indirect + github.com/google/btree v1.1.2 // indirect + github.com/google/certificate-transparency-go v1.1.7 // indirect + github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 // indirect + github.com/google/go-attestation v0.5.1 // indirect + github.com/google/go-tpm v0.9.0 // indirect + github.com/google/go-tpm-tools v0.4.4 // indirect + github.com/google/go-tspi v0.3.0 // indirect + github.com/google/gofuzz v1.2.0 // indirect + github.com/google/s2a-go v0.1.7 // indirect + github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect + github.com/googleapis/gax-go/v2 v2.12.3 // indirect + github.com/gorilla/mux v1.8.1 // indirect + github.com/gorilla/websocket v1.5.1 // indirect + github.com/gosuri/uitable v0.0.4 // indirect + github.com/gravitational/license v0.0.0-20240313232707-8312e719d624 // indirect + github.com/gravitational/oxy v0.0.0-20231219172753-f855322f2a6c // indirect + github.com/gravitational/roundtrip v1.0.2 // indirect + github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect + github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.0 // indirect + github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.1.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect + github.com/hashicorp/errwrap v1.1.0 // indirect + github.com/hashicorp/go-checkpoint v0.5.0 // indirect + github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect + github.com/hashicorp/go-hclog v1.2.1 // indirect + github.com/hashicorp/go-multierror v1.1.1 // indirect + github.com/hashicorp/go-plugin v1.4.4 // indirect + github.com/hashicorp/go-uuid v1.0.3 // indirect + github.com/hashicorp/go-version v1.6.0 // indirect + github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect + github.com/hashicorp/hc-install v0.3.1 // indirect + github.com/hashicorp/hcl/v2 v2.3.0 // indirect + github.com/hashicorp/logutils v1.0.0 // indirect + github.com/hashicorp/terraform-exec v0.15.0 // indirect + github.com/hashicorp/terraform-json v0.13.0 // indirect + github.com/hashicorp/terraform-plugin-log v0.6.0 // indirect + github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c // indirect + github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 // indirect + github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d // indirect + github.com/huandu/xstrings v1.4.0 // indirect + github.com/imdario/mergo v0.3.16 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/jackc/chunkreader/v2 v2.0.1 // indirect + github.com/jackc/pgio v1.0.0 // indirect + github.com/jackc/pgproto3/v2 v2.3.3 // indirect + github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/jmoiron/sqlx v1.3.5 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/julienschmidt/httprouter v1.3.0 // indirect + github.com/kelseyhightower/envconfig v1.4.0 // indirect + github.com/keys-pub/go-libfido2 v1.5.3-0.20220306005615-8ab03fb1ec27 // indirect + github.com/klauspost/compress v1.17.7 // indirect + github.com/kr/fs v0.1.0 // indirect + github.com/kr/pretty v0.3.1 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/kylelemons/godebug v1.1.0 // indirect + github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect + github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect + github.com/lib/pq v1.10.9 // indirect + github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect + github.com/mailgun/holster/v3 v3.16.2 // indirect + github.com/mailgun/minheap v0.0.0-20170619185613-3dbe6c6bf55f // indirect + github.com/mailgun/timetools v0.0.0-20170619190023-f3a7b8ffff47 // indirect + github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.15 // indirect + github.com/mattn/go-sqlite3 v1.14.22 // indirect + github.com/miekg/pkcs11 v1.1.1 // indirect + github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect + github.com/mitchellh/go-testing-interface v1.14.1 // indirect + github.com/mitchellh/go-wordwrap v1.0.1 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect + github.com/moby/locker v1.0.1 // indirect + github.com/moby/spdystream v0.2.0 // indirect + github.com/moby/term v0.5.0 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect + github.com/oklog/run v1.0.0 // indirect + github.com/okta/okta-sdk-golang/v2 v2.20.0 // indirect + github.com/opencontainers/go-digest v1.0.0 // indirect + github.com/opencontainers/image-spec v1.1.0-rc6 // indirect + github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627 // indirect + github.com/pavlo-v-chernykh/keystore-go/v4 v4.5.0 // indirect + github.com/pelletier/go-toml v1.9.5 // indirect + github.com/peterbourgon/diskv v2.0.1+incompatible // indirect + github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/pkg/sftp v1.13.6 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect + github.com/pquerna/cachecontrol v0.1.0 // indirect + github.com/pquerna/otp v1.4.0 // indirect + github.com/prometheus/client_golang v1.19.0 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.51.1 // indirect + github.com/prometheus/procfs v0.13.0 // indirect + github.com/rivo/uniseg v0.4.7 // indirect + github.com/rogpeppe/go-internal v1.12.0 // indirect + github.com/rubenv/sql-migrate v1.5.2 // indirect + github.com/russellhaering/gosaml2 v0.9.1 // indirect + github.com/russellhaering/goxmldsig v1.4.0 // indirect + github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/sashabaranov/go-openai v1.20.5 // indirect + github.com/schollz/progressbar/v3 v3.14.2 // indirect + github.com/scim2/filter-parser/v2 v2.2.0 // indirect + github.com/sethvargo/go-diceware v0.3.0 // indirect + github.com/shopspring/decimal v1.3.1 // indirect + github.com/sijms/go-ora/v2 v2.8.10 // indirect + github.com/spf13/cast v1.6.0 // indirect + github.com/spf13/cobra v1.8.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + github.com/stretchr/objx v0.5.2 // indirect + github.com/thales-e-security/pool v0.0.2 // indirect + github.com/tiktoken-go/tokenizer v0.1.0 // indirect + github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect + github.com/vmihailenco/msgpack/v4 v4.3.12 // indirect + github.com/vmihailenco/tagparser v0.1.1 // indirect + github.com/vulcand/predicate v1.2.0 // indirect + github.com/weppos/publicsuffix-go v0.30.1-0.20230620154423-38c92ad2d5c6 // indirect + github.com/x448/float16 v0.8.4 // indirect + github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect + github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect + github.com/xeipuuv/gojsonschema v1.2.0 // indirect + github.com/xhit/go-str2duration/v2 v2.1.0 // indirect + github.com/xlab/treeprint v1.2.0 // indirect + github.com/zclconf/go-cty v1.9.1 // indirect + github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 // indirect + github.com/zmap/zlint/v3 v3.5.0 // indirect + go.mongodb.org/mongo-driver v1.14.0 // indirect + go.opencensus.io v0.24.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.50.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 // indirect + go.opentelemetry.io/otel v1.25.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.25.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.25.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.25.0 // indirect + go.opentelemetry.io/otel/metric v1.25.0 // indirect + go.opentelemetry.io/otel/sdk v1.25.0 // indirect + go.opentelemetry.io/otel/trace v1.25.0 // indirect + go.opentelemetry.io/proto/otlp v1.1.0 // indirect + go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect + golang.org/x/crypto v0.22.0 // indirect + golang.org/x/mod v0.17.0 // indirect + golang.org/x/net v0.24.0 // indirect + golang.org/x/oauth2 v0.19.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/sys v0.19.0 // indirect + golang.org/x/term v0.19.0 // indirect + golang.org/x/text v0.14.0 // indirect + golang.org/x/time v0.5.0 // indirect + golang.org/x/tools v0.19.0 // indirect + google.golang.org/api v0.172.0 // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/genproto v0.0.0-20240325164216-beb30f47624b // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240325164216-beb30f47624b // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda // indirect + google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0 // indirect + gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + helm.sh/helm/v3 v3.14.3 // indirect + k8s.io/api v0.29.3 // indirect + k8s.io/apiextensions-apiserver v0.29.3 // indirect + k8s.io/apimachinery v0.29.3 // indirect + k8s.io/apiserver v0.29.3 // indirect + k8s.io/cli-runtime v0.29.3 // indirect + k8s.io/client-go v0.29.3 // indirect + k8s.io/component-base v0.29.3 // indirect + k8s.io/klog/v2 v2.120.1 // indirect + k8s.io/kube-openapi v0.0.0-20240224005224-582cce78233b // indirect + k8s.io/kubectl v0.29.3 // indirect + k8s.io/utils v0.0.0-20240102154912-e7106e64919e // indirect + oras.land/oras-go v1.2.5 // indirect + sigs.k8s.io/controller-runtime v0.17.2 // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect + sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect + sigs.k8s.io/kustomize/kyaml v0.16.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect + software.sslmate.com/src/go-pkcs12 v0.4.0 // indirect +) + +replace ( + github.com/alecthomas/kingpin/v2 => github.com/gravitational/kingpin/v2 v2.1.11-0.20230515143221-4ec6b70ecd33 + github.com/coreos/go-oidc => github.com/gravitational/go-oidc v0.1.1 + github.com/gogo/protobuf => github.com/gravitational/protobuf v1.3.2-0.20201123192827-2b9fcfaffcbf + github.com/gravitational/teleport => ../../ + github.com/gravitational/teleport/api => ../../api + github.com/julienschmidt/httprouter => github.com/gravitational/httprouter v1.3.1-0.20220408074523-c876c5e705a5 + github.com/microsoft/go-mssqldb => github.com/gravitational/go-mssqldb v0.11.1-0.20230331180905-0f76f1751cd3 + github.com/vulcand/predicate => github.com/gravitational/predicate v1.3.1 +) diff --git a/integrations/terraform/go.sum b/integrations/terraform/go.sum new file mode 100644 index 0000000000000..46a5682ff7a24 --- /dev/null +++ b/integrations/terraform/go.sum @@ -0,0 +1,2784 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= +cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= +cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= +cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= +cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= +cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= +cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= +cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= +cloud.google.com/go v0.61.0/go.mod h1:XukKJg4Y7QsUu0Hxg3qQKUWR4VuWivmyMK2+rUyxAqw= +cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= +cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= +cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= +cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= +cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= +cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= +cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= +cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= +cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= +cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= +cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= +cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= +cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= +cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= +cloud.google.com/go v0.100.1/go.mod h1:fs4QogzfH5n2pBXBP9vRiU+eCny7lD2vmFZy79Iuw1U= +cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= +cloud.google.com/go v0.102.0/go.mod h1:oWcCzKlqJ5zgHQt9YsaeTY9KzIvjyy0ArmiBUgpQ+nc= +cloud.google.com/go v0.102.1/go.mod h1:XZ77E9qnTEnrgEOvr4xzfdX5TRo7fB4T2F4O6+34hIU= +cloud.google.com/go v0.104.0/go.mod h1:OO6xxXdJyvuJPcEPBLN9BJPD+jep5G1+2U5B5gkRYtA= +cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM= +cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I= +cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY= +cloud.google.com/go v0.112.1 h1:uJSeirPke5UNZHIb4SxfZklVSiWWVqW4oXlETwZziwM= +cloud.google.com/go v0.112.1/go.mod h1:+Vbu+Y1UU+I1rjmzeMOb/8RfkKJK2Gyxi1X6jJCZLo4= +cloud.google.com/go/accessapproval v1.4.0/go.mod h1:zybIuC3KpDOvotz59lFe5qxRZx6C75OtwbisN56xYB4= +cloud.google.com/go/accessapproval v1.5.0/go.mod h1:HFy3tuiGvMdcd/u+Cu5b9NkO1pEICJ46IR82PoUdplw= +cloud.google.com/go/accessapproval v1.6.0/go.mod h1:R0EiYnwV5fsRFiKZkPHr6mwyk2wxUJ30nL4j2pcFY2E= +cloud.google.com/go/accesscontextmanager v1.3.0/go.mod h1:TgCBehyr5gNMz7ZaH9xubp+CE8dkrszb4oK9CWyvD4o= +cloud.google.com/go/accesscontextmanager v1.4.0/go.mod h1:/Kjh7BBu/Gh83sv+K60vN9QE5NJcd80sU33vIe2IFPE= +cloud.google.com/go/accesscontextmanager v1.6.0/go.mod h1:8XCvZWfYw3K/ji0iVnp+6pu7huxoQTLmxAbVjbloTtM= +cloud.google.com/go/accesscontextmanager v1.7.0/go.mod h1:CEGLewx8dwa33aDAZQujl7Dx+uYhS0eay198wB/VumQ= +cloud.google.com/go/aiplatform v1.22.0/go.mod h1:ig5Nct50bZlzV6NvKaTwmplLLddFx0YReh9WfTO5jKw= +cloud.google.com/go/aiplatform v1.24.0/go.mod h1:67UUvRBKG6GTayHKV8DBv2RtR1t93YRu5B1P3x99mYY= +cloud.google.com/go/aiplatform v1.27.0/go.mod h1:Bvxqtl40l0WImSb04d0hXFU7gDOiq9jQmorivIiWcKg= +cloud.google.com/go/aiplatform v1.35.0/go.mod h1:7MFT/vCaOyZT/4IIFfxH4ErVg/4ku6lKv3w0+tFTgXQ= +cloud.google.com/go/aiplatform v1.36.1/go.mod h1:WTm12vJRPARNvJ+v6P52RDHCNe4AhvjcIZ/9/RRHy/k= +cloud.google.com/go/aiplatform v1.37.0/go.mod h1:IU2Cv29Lv9oCn/9LkFiiuKfwrRTq+QQMbW+hPCxJGZw= +cloud.google.com/go/analytics v0.11.0/go.mod h1:DjEWCu41bVbYcKyvlws9Er60YE4a//bK6mnhWvQeFNI= +cloud.google.com/go/analytics v0.12.0/go.mod h1:gkfj9h6XRf9+TS4bmuhPEShsh3hH8PAZzm/41OOhQd4= +cloud.google.com/go/analytics v0.17.0/go.mod h1:WXFa3WSym4IZ+JiKmavYdJwGG/CvpqiqczmL59bTD9M= +cloud.google.com/go/analytics v0.18.0/go.mod h1:ZkeHGQlcIPkw0R/GW+boWHhCOR43xz9RN/jn7WcqfIE= +cloud.google.com/go/analytics v0.19.0/go.mod h1:k8liqf5/HCnOUkbawNtrWWc+UAzyDlW89doe8TtoDsE= +cloud.google.com/go/apigateway v1.3.0/go.mod h1:89Z8Bhpmxu6AmUxuVRg/ECRGReEdiP3vQtk4Z1J9rJk= +cloud.google.com/go/apigateway v1.4.0/go.mod h1:pHVY9MKGaH9PQ3pJ4YLzoj6U5FUDeDFBllIz7WmzJoc= +cloud.google.com/go/apigateway v1.5.0/go.mod h1:GpnZR3Q4rR7LVu5951qfXPJCHquZt02jf7xQx7kpqN8= +cloud.google.com/go/apigeeconnect v1.3.0/go.mod h1:G/AwXFAKo0gIXkPTVfZDd2qA1TxBXJ3MgMRBQkIi9jc= +cloud.google.com/go/apigeeconnect v1.4.0/go.mod h1:kV4NwOKqjvt2JYR0AoIWo2QGfoRtn/pkS3QlHp0Ni04= +cloud.google.com/go/apigeeconnect v1.5.0/go.mod h1:KFaCqvBRU6idyhSNyn3vlHXc8VMDJdRmwDF6JyFRqZ8= +cloud.google.com/go/apigeeregistry v0.4.0/go.mod h1:EUG4PGcsZvxOXAdyEghIdXwAEi/4MEaoqLMLDMIwKXY= +cloud.google.com/go/apigeeregistry v0.5.0/go.mod h1:YR5+s0BVNZfVOUkMa5pAR2xGd0A473vA5M7j247o1wM= +cloud.google.com/go/apigeeregistry v0.6.0/go.mod h1:BFNzW7yQVLZ3yj0TKcwzb8n25CFBri51GVGOEUcgQsc= +cloud.google.com/go/apikeys v0.4.0/go.mod h1:XATS/yqZbaBK0HOssf+ALHp8jAlNHUgyfprvNcBIszU= +cloud.google.com/go/apikeys v0.5.0/go.mod h1:5aQfwY4D+ewMMWScd3hm2en3hCj+BROlyrt3ytS7KLI= +cloud.google.com/go/apikeys v0.6.0/go.mod h1:kbpXu5upyiAlGkKrJgQl8A0rKNNJ7dQ377pdroRSSi8= +cloud.google.com/go/appengine v1.4.0/go.mod h1:CS2NhuBuDXM9f+qscZ6V86m1MIIqPj3WC/UoEuR1Sno= +cloud.google.com/go/appengine v1.5.0/go.mod h1:TfasSozdkFI0zeoxW3PTBLiNqRmzraodCWatWI9Dmak= +cloud.google.com/go/appengine v1.6.0/go.mod h1:hg6i0J/BD2cKmDJbaFSYHFyZkgBEfQrDg/X0V5fJn84= +cloud.google.com/go/appengine v1.7.0/go.mod h1:eZqpbHFCqRGa2aCdope7eC0SWLV1j0neb/QnMJVWx6A= +cloud.google.com/go/appengine v1.7.1/go.mod h1:IHLToyb/3fKutRysUlFO0BPt5j7RiQ45nrzEJmKTo6E= +cloud.google.com/go/area120 v0.5.0/go.mod h1:DE/n4mp+iqVyvxHN41Vf1CR602GiHQjFPusMFW6bGR4= +cloud.google.com/go/area120 v0.6.0/go.mod h1:39yFJqWVgm0UZqWTOdqkLhjoC7uFfgXRC8g/ZegeAh0= +cloud.google.com/go/area120 v0.7.0/go.mod h1:a3+8EUD1SX5RUcCs3MY5YasiO1z6yLiNLRiFrykbynY= +cloud.google.com/go/area120 v0.7.1/go.mod h1:j84i4E1RboTWjKtZVWXPqvK5VHQFJRF2c1Nm69pWm9k= +cloud.google.com/go/artifactregistry v1.6.0/go.mod h1:IYt0oBPSAGYj/kprzsBjZ/4LnG/zOcHyFHjWPCi6SAQ= +cloud.google.com/go/artifactregistry v1.7.0/go.mod h1:mqTOFOnGZx8EtSqK/ZWcsm/4U8B77rbcLP6ruDU2Ixk= +cloud.google.com/go/artifactregistry v1.8.0/go.mod h1:w3GQXkJX8hiKN0v+at4b0qotwijQbYUqF2GWkZzAhC0= +cloud.google.com/go/artifactregistry v1.9.0/go.mod h1:2K2RqvA2CYvAeARHRkLDhMDJ3OXy26h3XW+3/Jh2uYc= +cloud.google.com/go/artifactregistry v1.11.1/go.mod h1:lLYghw+Itq9SONbCa1YWBoWs1nOucMH0pwXN1rOBZFI= +cloud.google.com/go/artifactregistry v1.11.2/go.mod h1:nLZns771ZGAwVLzTX/7Al6R9ehma4WUEhZGWV6CeQNQ= +cloud.google.com/go/artifactregistry v1.12.0/go.mod h1:o6P3MIvtzTOnmvGagO9v/rOjjA0HmhJ+/6KAXrmYDCI= +cloud.google.com/go/artifactregistry v1.13.0/go.mod h1:uy/LNfoOIivepGhooAUpL1i30Hgee3Cu0l4VTWHUC08= +cloud.google.com/go/asset v1.5.0/go.mod h1:5mfs8UvcM5wHhqtSv8J1CtxxaQq3AdBxxQi2jGW/K4o= +cloud.google.com/go/asset v1.7.0/go.mod h1:YbENsRK4+xTiL+Ofoj5Ckf+O17kJtgp3Y3nn4uzZz5s= +cloud.google.com/go/asset v1.8.0/go.mod h1:mUNGKhiqIdbr8X7KNayoYvyc4HbbFO9URsjbytpUaW0= +cloud.google.com/go/asset v1.9.0/go.mod h1:83MOE6jEJBMqFKadM9NLRcs80Gdw76qGuHn8m3h8oHQ= +cloud.google.com/go/asset v1.10.0/go.mod h1:pLz7uokL80qKhzKr4xXGvBQXnzHn5evJAEAtZiIb0wY= +cloud.google.com/go/asset v1.11.1/go.mod h1:fSwLhbRvC9p9CXQHJ3BgFeQNM4c9x10lqlrdEUYXlJo= +cloud.google.com/go/asset v1.12.0/go.mod h1:h9/sFOa4eDIyKmH6QMpm4eUK3pDojWnUhTgJlk762Hg= +cloud.google.com/go/asset v1.13.0/go.mod h1:WQAMyYek/b7NBpYq/K4KJWcRqzoalEsxz/t/dTk4THw= +cloud.google.com/go/assuredworkloads v1.5.0/go.mod h1:n8HOZ6pff6re5KYfBXcFvSViQjDwxFkAkmUFffJRbbY= +cloud.google.com/go/assuredworkloads v1.6.0/go.mod h1:yo2YOk37Yc89Rsd5QMVECvjaMKymF9OP+QXWlKXUkXw= +cloud.google.com/go/assuredworkloads v1.7.0/go.mod h1:z/736/oNmtGAyU47reJgGN+KVoYoxeLBoj4XkKYscNI= +cloud.google.com/go/assuredworkloads v1.8.0/go.mod h1:AsX2cqyNCOvEQC8RMPnoc0yEarXQk6WEKkxYfL6kGIo= +cloud.google.com/go/assuredworkloads v1.9.0/go.mod h1:kFuI1P78bplYtT77Tb1hi0FMxM0vVpRC7VVoJC3ZoT0= +cloud.google.com/go/assuredworkloads v1.10.0/go.mod h1:kwdUQuXcedVdsIaKgKTp9t0UJkE5+PAVNhdQm4ZVq2E= +cloud.google.com/go/automl v1.5.0/go.mod h1:34EjfoFGMZ5sgJ9EoLsRtdPSNZLcfflJR39VbVNS2M0= +cloud.google.com/go/automl v1.6.0/go.mod h1:ugf8a6Fx+zP0D59WLhqgTDsQI9w07o64uf/Is3Nh5p8= +cloud.google.com/go/automl v1.7.0/go.mod h1:RL9MYCCsJEOmt0Wf3z9uzG0a7adTT1fe+aObgSpkCt8= +cloud.google.com/go/automl v1.8.0/go.mod h1:xWx7G/aPEe/NP+qzYXktoBSDfjO+vnKMGgsApGJJquM= +cloud.google.com/go/automl v1.12.0/go.mod h1:tWDcHDp86aMIuHmyvjuKeeHEGq76lD7ZqfGLN6B0NuU= +cloud.google.com/go/baremetalsolution v0.3.0/go.mod h1:XOrocE+pvK1xFfleEnShBlNAXf+j5blPPxrhjKgnIFc= +cloud.google.com/go/baremetalsolution v0.4.0/go.mod h1:BymplhAadOO/eBa7KewQ0Ppg4A4Wplbn+PsFKRLo0uI= +cloud.google.com/go/baremetalsolution v0.5.0/go.mod h1:dXGxEkmR9BMwxhzBhV0AioD0ULBmuLZI8CdwalUxuss= +cloud.google.com/go/batch v0.3.0/go.mod h1:TR18ZoAekj1GuirsUsR1ZTKN3FC/4UDnScjT8NXImFE= +cloud.google.com/go/batch v0.4.0/go.mod h1:WZkHnP43R/QCGQsZ+0JyG4i79ranE2u8xvjq/9+STPE= +cloud.google.com/go/batch v0.7.0/go.mod h1:vLZN95s6teRUqRQ4s3RLDsH8PvboqBK+rn1oevL159g= +cloud.google.com/go/beyondcorp v0.2.0/go.mod h1:TB7Bd+EEtcw9PCPQhCJtJGjk/7TC6ckmnSFS+xwTfm4= +cloud.google.com/go/beyondcorp v0.3.0/go.mod h1:E5U5lcrcXMsCuoDNyGrpyTm/hn7ne941Jz2vmksAxW8= +cloud.google.com/go/beyondcorp v0.4.0/go.mod h1:3ApA0mbhHx6YImmuubf5pyW8srKnCEPON32/5hj+RmM= +cloud.google.com/go/beyondcorp v0.5.0/go.mod h1:uFqj9X+dSfrheVp7ssLTaRHd2EHqSL4QZmH4e8WXGGU= +cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= +cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= +cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= +cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= +cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= +cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/bigquery v1.42.0/go.mod h1:8dRTJxhtG+vwBKzE5OseQn/hiydoQN3EedCaOdYmxRA= +cloud.google.com/go/bigquery v1.43.0/go.mod h1:ZMQcXHsl+xmU1z36G2jNGZmKp9zNY5BUua5wDgmNCfw= +cloud.google.com/go/bigquery v1.44.0/go.mod h1:0Y33VqXTEsbamHJvJHdFmtqHvMIY28aK1+dFsvaChGc= +cloud.google.com/go/bigquery v1.47.0/go.mod h1:sA9XOgy0A8vQK9+MWhEQTY6Tix87M/ZurWFIxmF9I/E= +cloud.google.com/go/bigquery v1.48.0/go.mod h1:QAwSz+ipNgfL5jxiaK7weyOhzdoAy1zFm0Nf1fysJac= +cloud.google.com/go/bigquery v1.49.0/go.mod h1:Sv8hMmTFFYBlt/ftw2uN6dFdQPzBlREY9yBh7Oy7/4Q= +cloud.google.com/go/bigquery v1.50.0/go.mod h1:YrleYEh2pSEbgTBZYMJ5SuSr0ML3ypjRB1zgf7pvQLU= +cloud.google.com/go/billing v1.4.0/go.mod h1:g9IdKBEFlItS8bTtlrZdVLWSSdSyFUZKXNS02zKMOZY= +cloud.google.com/go/billing v1.5.0/go.mod h1:mztb1tBc3QekhjSgmpf/CV4LzWXLzCArwpLmP2Gm88s= +cloud.google.com/go/billing v1.6.0/go.mod h1:WoXzguj+BeHXPbKfNWkqVtDdzORazmCjraY+vrxcyvI= +cloud.google.com/go/billing v1.7.0/go.mod h1:q457N3Hbj9lYwwRbnlD7vUpyjq6u5U1RAOArInEiD5Y= +cloud.google.com/go/billing v1.12.0/go.mod h1:yKrZio/eu+okO/2McZEbch17O5CB5NpZhhXG6Z766ss= +cloud.google.com/go/billing v1.13.0/go.mod h1:7kB2W9Xf98hP9Sr12KfECgfGclsH3CQR0R08tnRlRbc= +cloud.google.com/go/binaryauthorization v1.1.0/go.mod h1:xwnoWu3Y84jbuHa0zd526MJYmtnVXn0syOjaJgy4+dM= +cloud.google.com/go/binaryauthorization v1.2.0/go.mod h1:86WKkJHtRcv5ViNABtYMhhNWRrD1Vpi//uKEy7aYEfI= +cloud.google.com/go/binaryauthorization v1.3.0/go.mod h1:lRZbKgjDIIQvzYQS1p99A7/U1JqvqeZg0wiI5tp6tg0= +cloud.google.com/go/binaryauthorization v1.4.0/go.mod h1:tsSPQrBd77VLplV70GUhBf/Zm3FsKmgSqgm4UmiDItk= +cloud.google.com/go/binaryauthorization v1.5.0/go.mod h1:OSe4OU1nN/VswXKRBmciKpo9LulY41gch5c68htf3/Q= +cloud.google.com/go/certificatemanager v1.3.0/go.mod h1:n6twGDvcUBFu9uBgt4eYvvf3sQ6My8jADcOVwHmzadg= +cloud.google.com/go/certificatemanager v1.4.0/go.mod h1:vowpercVFyqs8ABSmrdV+GiFf2H/ch3KyudYQEMM590= +cloud.google.com/go/certificatemanager v1.6.0/go.mod h1:3Hh64rCKjRAX8dXgRAyOcY5vQ/fE1sh8o+Mdd6KPgY8= +cloud.google.com/go/channel v1.8.0/go.mod h1:W5SwCXDJsq/rg3tn3oG0LOxpAo6IMxNa09ngphpSlnk= +cloud.google.com/go/channel v1.9.0/go.mod h1:jcu05W0my9Vx4mt3/rEHpfxc9eKi9XwsdDL8yBMbKUk= +cloud.google.com/go/channel v1.11.0/go.mod h1:IdtI0uWGqhEeatSB62VOoJ8FSUhJ9/+iGkJVqp74CGE= +cloud.google.com/go/channel v1.12.0/go.mod h1:VkxCGKASi4Cq7TbXxlaBezonAYpp1GCnKMY6tnMQnLU= +cloud.google.com/go/cloudbuild v1.3.0/go.mod h1:WequR4ULxlqvMsjDEEEFnOG5ZSRSgWOywXYDb1vPE6U= +cloud.google.com/go/cloudbuild v1.4.0/go.mod h1:5Qwa40LHiOXmz3386FrjrYM93rM/hdRr7b53sySrTqA= +cloud.google.com/go/cloudbuild v1.6.0/go.mod h1:UIbc/w9QCbH12xX+ezUsgblrWv+Cv4Tw83GiSMHOn9M= +cloud.google.com/go/cloudbuild v1.7.0/go.mod h1:zb5tWh2XI6lR9zQmsm1VRA+7OCuve5d8S+zJUul8KTg= +cloud.google.com/go/cloudbuild v1.9.0/go.mod h1:qK1d7s4QlO0VwfYn5YuClDGg2hfmLZEb4wQGAbIgL1s= +cloud.google.com/go/clouddms v1.3.0/go.mod h1:oK6XsCDdW4Ib3jCCBugx+gVjevp2TMXFtgxvPSee3OM= +cloud.google.com/go/clouddms v1.4.0/go.mod h1:Eh7sUGCC+aKry14O1NRljhjyrr0NFC0G2cjwX0cByRk= +cloud.google.com/go/clouddms v1.5.0/go.mod h1:QSxQnhikCLUw13iAbffF2CZxAER3xDGNHjsTAkQJcQA= +cloud.google.com/go/cloudtasks v1.5.0/go.mod h1:fD92REy1x5woxkKEkLdvavGnPJGEn8Uic9nWuLzqCpY= +cloud.google.com/go/cloudtasks v1.6.0/go.mod h1:C6Io+sxuke9/KNRkbQpihnW93SWDU3uXt92nu85HkYI= +cloud.google.com/go/cloudtasks v1.7.0/go.mod h1:ImsfdYWwlWNJbdgPIIGJWC+gemEGTBK/SunNQQNCAb4= +cloud.google.com/go/cloudtasks v1.8.0/go.mod h1:gQXUIwCSOI4yPVK7DgTVFiiP0ZW/eQkydWzwVMdHxrI= +cloud.google.com/go/cloudtasks v1.9.0/go.mod h1:w+EyLsVkLWHcOaqNEyvcKAsWp9p29dL6uL9Nst1cI7Y= +cloud.google.com/go/cloudtasks v1.10.0/go.mod h1:NDSoTLkZ3+vExFEWu2UJV1arUyzVDAiZtdWcsUyNwBs= +cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= +cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= +cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= +cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz/FMzPu0s= +cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU= +cloud.google.com/go/compute v1.7.0/go.mod h1:435lt8av5oL9P3fv1OEzSbSUe+ybHXGMPQHHZWZxy9U= +cloud.google.com/go/compute v1.10.0/go.mod h1:ER5CLbMxl90o2jtNbGSbtfOpQKR0t15FOtRsugnLrlU= +cloud.google.com/go/compute v1.12.0/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= +cloud.google.com/go/compute v1.12.1/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= +cloud.google.com/go/compute v1.13.0/go.mod h1:5aPTS0cUNMIc1CE546K+Th6weJUNQErARyZtRXDJ8GE= +cloud.google.com/go/compute v1.14.0/go.mod h1:YfLtxrj9sU4Yxv+sXzZkyPjEyPBZfXHUvjxega5vAdo= +cloud.google.com/go/compute v1.15.1/go.mod h1:bjjoF/NtFUrkD/urWfdHaKuOPDR5nWIs63rR+SXhcpA= +cloud.google.com/go/compute v1.18.0/go.mod h1:1X7yHxec2Ga+Ss6jPyjxRxpu2uu7PLgsOVXvgU0yacs= +cloud.google.com/go/compute v1.19.0/go.mod h1:rikpw2y+UMidAe9tISo04EHNOIf42RLYF/q8Bs93scU= +cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IKd5/kvShxE= +cloud.google.com/go/compute v1.25.1 h1:ZRpHJedLtTpKgr3RV1Fx23NuaAEN1Zfx9hw1u4aJdjU= +cloud.google.com/go/compute v1.25.1/go.mod h1:oopOIR53ly6viBYxaDhBfJwzUAxf1zE//uf3IB011ls= +cloud.google.com/go/compute/metadata v0.1.0/go.mod h1:Z1VN+bulIf6bt4P/C37K4DyZYZEXYonfTBHHFPO/4UU= +cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= +cloud.google.com/go/compute/metadata v0.2.1/go.mod h1:jgHgmJd2RKBGzXqF5LR2EZMGxBkeanZ9wwa75XHJgOM= +cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= +cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= +cloud.google.com/go/contactcenterinsights v1.3.0/go.mod h1:Eu2oemoePuEFc/xKFPjbTuPSj0fYJcPls9TFlPNnHHY= +cloud.google.com/go/contactcenterinsights v1.4.0/go.mod h1:L2YzkGbPsv+vMQMCADxJoT9YiTTnSEd6fEvCeHTYVck= +cloud.google.com/go/contactcenterinsights v1.6.0/go.mod h1:IIDlT6CLcDoyv79kDv8iWxMSTZhLxSCofVV5W6YFM/w= +cloud.google.com/go/container v1.6.0/go.mod h1:Xazp7GjJSeUYo688S+6J5V+n/t+G5sKBTFkKNudGRxg= +cloud.google.com/go/container v1.7.0/go.mod h1:Dp5AHtmothHGX3DwwIHPgq45Y8KmNsgN3amoYfxVkLo= +cloud.google.com/go/container v1.13.1/go.mod h1:6wgbMPeQRw9rSnKBCAJXnds3Pzj03C4JHamr8asWKy4= +cloud.google.com/go/container v1.14.0/go.mod h1:3AoJMPhHfLDxLvrlVWaK57IXzaPnLaZq63WX59aQBfM= +cloud.google.com/go/container v1.15.0/go.mod h1:ft+9S0WGjAyjDggg5S06DXj+fHJICWg8L7isCQe9pQA= +cloud.google.com/go/container v1.35.0 h1:y5gmgrMMhTrLnQQdMCw0t/Yis9Ps7jvAG4JYcRWxR8g= +cloud.google.com/go/container v1.35.0/go.mod h1:02fCocALhTHLw4zwqrRaFrztjoQd53yZWFq0nvr+hQo= +cloud.google.com/go/containeranalysis v0.5.1/go.mod h1:1D92jd8gRR/c0fGMlymRgxWD3Qw9C1ff6/T7mLgVL8I= +cloud.google.com/go/containeranalysis v0.6.0/go.mod h1:HEJoiEIu+lEXM+k7+qLCci0h33lX3ZqoYFdmPcoO7s4= +cloud.google.com/go/containeranalysis v0.7.0/go.mod h1:9aUL+/vZ55P2CXfuZjS4UjQ9AgXoSw8Ts6lemfmxBxI= +cloud.google.com/go/containeranalysis v0.9.0/go.mod h1:orbOANbwk5Ejoom+s+DUCTTJ7IBdBQJDcSylAx/on9s= +cloud.google.com/go/datacatalog v1.3.0/go.mod h1:g9svFY6tuR+j+hrTw3J2dNcmI0dzmSiyOzm8kpLq0a0= +cloud.google.com/go/datacatalog v1.5.0/go.mod h1:M7GPLNQeLfWqeIm3iuiruhPzkt65+Bx8dAKvScX8jvs= +cloud.google.com/go/datacatalog v1.6.0/go.mod h1:+aEyF8JKg+uXcIdAmmaMUmZ3q1b/lKLtXCmXdnc0lbc= +cloud.google.com/go/datacatalog v1.7.0/go.mod h1:9mEl4AuDYWw81UGc41HonIHH7/sn52H0/tc8f8ZbZIE= +cloud.google.com/go/datacatalog v1.8.0/go.mod h1:KYuoVOv9BM8EYz/4eMFxrr4DUKhGIOXxZoKYF5wdISM= +cloud.google.com/go/datacatalog v1.8.1/go.mod h1:RJ58z4rMp3gvETA465Vg+ag8BGgBdnRPEMMSTr5Uv+M= +cloud.google.com/go/datacatalog v1.12.0/go.mod h1:CWae8rFkfp6LzLumKOnmVh4+Zle4A3NXLzVJ1d1mRm0= +cloud.google.com/go/datacatalog v1.13.0/go.mod h1:E4Rj9a5ZtAxcQJlEBTLgMTphfP11/lNaAshpoBgemX8= +cloud.google.com/go/dataflow v0.6.0/go.mod h1:9QwV89cGoxjjSR9/r7eFDqqjtvbKxAK2BaYU6PVk9UM= +cloud.google.com/go/dataflow v0.7.0/go.mod h1:PX526vb4ijFMesO1o202EaUmouZKBpjHsTlCtB4parQ= +cloud.google.com/go/dataflow v0.8.0/go.mod h1:Rcf5YgTKPtQyYz8bLYhFoIV/vP39eL7fWNcSOyFfLJE= +cloud.google.com/go/dataform v0.3.0/go.mod h1:cj8uNliRlHpa6L3yVhDOBrUXH+BPAO1+KFMQQNSThKo= +cloud.google.com/go/dataform v0.4.0/go.mod h1:fwV6Y4Ty2yIFL89huYlEkwUPtS7YZinZbzzj5S9FzCE= +cloud.google.com/go/dataform v0.5.0/go.mod h1:GFUYRe8IBa2hcomWplodVmUx/iTL0FrsauObOM3Ipr0= +cloud.google.com/go/dataform v0.6.0/go.mod h1:QPflImQy33e29VuapFdf19oPbE4aYTJxr31OAPV+ulA= +cloud.google.com/go/dataform v0.7.0/go.mod h1:7NulqnVozfHvWUBpMDfKMUESr+85aJsC/2O0o3jWPDE= +cloud.google.com/go/datafusion v1.4.0/go.mod h1:1Zb6VN+W6ALo85cXnM1IKiPw+yQMKMhB9TsTSRDo/38= +cloud.google.com/go/datafusion v1.5.0/go.mod h1:Kz+l1FGHB0J+4XF2fud96WMmRiq/wj8N9u007vyXZ2w= +cloud.google.com/go/datafusion v1.6.0/go.mod h1:WBsMF8F1RhSXvVM8rCV3AeyWVxcC2xY6vith3iw3S+8= +cloud.google.com/go/datalabeling v0.5.0/go.mod h1:TGcJ0G2NzcsXSE/97yWjIZO0bXj0KbVlINXMG9ud42I= +cloud.google.com/go/datalabeling v0.6.0/go.mod h1:WqdISuk/+WIGeMkpw/1q7bK/tFEZxsrFJOJdY2bXvTQ= +cloud.google.com/go/datalabeling v0.7.0/go.mod h1:WPQb1y08RJbmpM3ww0CSUAGweL0SxByuW2E+FU+wXcM= +cloud.google.com/go/dataplex v1.3.0/go.mod h1:hQuRtDg+fCiFgC8j0zV222HvzFQdRd+SVX8gdmFcZzA= +cloud.google.com/go/dataplex v1.4.0/go.mod h1:X51GfLXEMVJ6UN47ESVqvlsRplbLhcsAt0kZCCKsU0A= +cloud.google.com/go/dataplex v1.5.2/go.mod h1:cVMgQHsmfRoI5KFYq4JtIBEUbYwc3c7tXmIDhRmNNVQ= +cloud.google.com/go/dataplex v1.6.0/go.mod h1:bMsomC/aEJOSpHXdFKFGQ1b0TDPIeL28nJObeO1ppRs= +cloud.google.com/go/dataproc v1.7.0/go.mod h1:CKAlMjII9H90RXaMpSxQ8EU6dQx6iAYNPcYPOkSbi8s= +cloud.google.com/go/dataproc v1.8.0/go.mod h1:5OW+zNAH0pMpw14JVrPONsxMQYMBqJuzORhIBfBn9uI= +cloud.google.com/go/dataproc v1.12.0/go.mod h1:zrF3aX0uV3ikkMz6z4uBbIKyhRITnxvr4i3IjKsKrw4= +cloud.google.com/go/dataqna v0.5.0/go.mod h1:90Hyk596ft3zUQ8NkFfvICSIfHFh1Bc7C4cK3vbhkeo= +cloud.google.com/go/dataqna v0.6.0/go.mod h1:1lqNpM7rqNLVgWBJyk5NF6Uen2PHym0jtVJonplVsDA= +cloud.google.com/go/dataqna v0.7.0/go.mod h1:Lx9OcIIeqCrw1a6KdO3/5KMP1wAmTc0slZWwP12Qq3c= +cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= +cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/datastore v1.10.0/go.mod h1:PC5UzAmDEkAmkfaknstTYbNpgE49HAgW2J1gcgUfmdM= +cloud.google.com/go/datastore v1.11.0/go.mod h1:TvGxBIHCS50u8jzG+AW/ppf87v1of8nwzFNgEZU1D3c= +cloud.google.com/go/datastream v1.2.0/go.mod h1:i/uTP8/fZwgATHS/XFu0TcNUhuA0twZxxQ3EyCUQMwo= +cloud.google.com/go/datastream v1.3.0/go.mod h1:cqlOX8xlyYF/uxhiKn6Hbv6WjwPPuI9W2M9SAXwaLLQ= +cloud.google.com/go/datastream v1.4.0/go.mod h1:h9dpzScPhDTs5noEMQVWP8Wx8AFBRyS0s8KWPx/9r0g= +cloud.google.com/go/datastream v1.5.0/go.mod h1:6TZMMNPwjUqZHBKPQ1wwXpb0d5VDVPl2/XoS5yi88q4= +cloud.google.com/go/datastream v1.6.0/go.mod h1:6LQSuswqLa7S4rPAOZFVjHIG3wJIjZcZrw8JDEDJuIs= +cloud.google.com/go/datastream v1.7.0/go.mod h1:uxVRMm2elUSPuh65IbZpzJNMbuzkcvu5CjMqVIUHrww= +cloud.google.com/go/deploy v1.4.0/go.mod h1:5Xghikd4VrmMLNaF6FiRFDlHb59VM59YoDQnOUdsH/c= +cloud.google.com/go/deploy v1.5.0/go.mod h1:ffgdD0B89tToyW/U/D2eL0jN2+IEV/3EMuXHA0l4r+s= +cloud.google.com/go/deploy v1.6.0/go.mod h1:f9PTHehG/DjCom3QH0cntOVRm93uGBDt2vKzAPwpXQI= +cloud.google.com/go/deploy v1.8.0/go.mod h1:z3myEJnA/2wnB4sgjqdMfgxCA0EqC3RBTNcVPs93mtQ= +cloud.google.com/go/dialogflow v1.15.0/go.mod h1:HbHDWs33WOGJgn6rfzBW1Kv807BE3O1+xGbn59zZWI4= +cloud.google.com/go/dialogflow v1.16.1/go.mod h1:po6LlzGfK+smoSmTBnbkIZY2w8ffjz/RcGSS+sh1el0= +cloud.google.com/go/dialogflow v1.17.0/go.mod h1:YNP09C/kXA1aZdBgC/VtXX74G/TKn7XVCcVumTflA+8= +cloud.google.com/go/dialogflow v1.18.0/go.mod h1:trO7Zu5YdyEuR+BhSNOqJezyFQ3aUzz0njv7sMx/iek= +cloud.google.com/go/dialogflow v1.19.0/go.mod h1:JVmlG1TwykZDtxtTXujec4tQ+D8SBFMoosgy+6Gn0s0= +cloud.google.com/go/dialogflow v1.29.0/go.mod h1:b+2bzMe+k1s9V+F2jbJwpHPzrnIyHihAdRFMtn2WXuM= +cloud.google.com/go/dialogflow v1.31.0/go.mod h1:cuoUccuL1Z+HADhyIA7dci3N5zUssgpBJmCzI6fNRB4= +cloud.google.com/go/dialogflow v1.32.0/go.mod h1:jG9TRJl8CKrDhMEcvfcfFkkpp8ZhgPz3sBGmAUYJ2qE= +cloud.google.com/go/dlp v1.6.0/go.mod h1:9eyB2xIhpU0sVwUixfBubDoRwP+GjeUoxxeueZmqvmM= +cloud.google.com/go/dlp v1.7.0/go.mod h1:68ak9vCiMBjbasxeVD17hVPxDEck+ExiHavX8kiHG+Q= +cloud.google.com/go/dlp v1.9.0/go.mod h1:qdgmqgTyReTz5/YNSSuueR8pl7hO0o9bQ39ZhtgkWp4= +cloud.google.com/go/documentai v1.7.0/go.mod h1:lJvftZB5NRiFSX4moiye1SMxHx0Bc3x1+p9e/RfXYiU= +cloud.google.com/go/documentai v1.8.0/go.mod h1:xGHNEB7CtsnySCNrCFdCyyMz44RhFEEX2Q7UD0c5IhU= +cloud.google.com/go/documentai v1.9.0/go.mod h1:FS5485S8R00U10GhgBC0aNGrJxBP8ZVpEeJ7PQDZd6k= +cloud.google.com/go/documentai v1.10.0/go.mod h1:vod47hKQIPeCfN2QS/jULIvQTugbmdc0ZvxxfQY1bg4= +cloud.google.com/go/documentai v1.16.0/go.mod h1:o0o0DLTEZ+YnJZ+J4wNfTxmDVyrkzFvttBXXtYRMHkM= +cloud.google.com/go/documentai v1.18.0/go.mod h1:F6CK6iUH8J81FehpskRmhLq/3VlwQvb7TvwOceQ2tbs= +cloud.google.com/go/domains v0.6.0/go.mod h1:T9Rz3GasrpYk6mEGHh4rymIhjlnIuB4ofT1wTxDeT4Y= +cloud.google.com/go/domains v0.7.0/go.mod h1:PtZeqS1xjnXuRPKE/88Iru/LdfoRyEHYA9nFQf4UKpg= +cloud.google.com/go/domains v0.8.0/go.mod h1:M9i3MMDzGFXsydri9/vW+EWz9sWb4I6WyHqdlAk0idE= +cloud.google.com/go/edgecontainer v0.1.0/go.mod h1:WgkZ9tp10bFxqO8BLPqv2LlfmQF1X8lZqwW4r1BTajk= +cloud.google.com/go/edgecontainer v0.2.0/go.mod h1:RTmLijy+lGpQ7BXuTDa4C4ssxyXT34NIuHIgKuP4s5w= +cloud.google.com/go/edgecontainer v0.3.0/go.mod h1:FLDpP4nykgwwIfcLt6zInhprzw0lEi2P1fjO6Ie0qbc= +cloud.google.com/go/edgecontainer v1.0.0/go.mod h1:cttArqZpBB2q58W/upSG++ooo6EsblxDIolxa3jSjbY= +cloud.google.com/go/errorreporting v0.3.0/go.mod h1:xsP2yaAp+OAW4OIm60An2bbLpqIhKXdWR/tawvl7QzU= +cloud.google.com/go/essentialcontacts v1.3.0/go.mod h1:r+OnHa5jfj90qIfZDO/VztSFqbQan7HV75p8sA+mdGI= +cloud.google.com/go/essentialcontacts v1.4.0/go.mod h1:8tRldvHYsmnBCHdFpvU+GL75oWiBKl80BiqlFh9tp+8= +cloud.google.com/go/essentialcontacts v1.5.0/go.mod h1:ay29Z4zODTuwliK7SnX8E86aUF2CTzdNtvv42niCX0M= +cloud.google.com/go/eventarc v1.7.0/go.mod h1:6ctpF3zTnaQCxUjHUdcfgcA1A2T309+omHZth7gDfmc= +cloud.google.com/go/eventarc v1.8.0/go.mod h1:imbzxkyAU4ubfsaKYdQg04WS1NvncblHEup4kvF+4gw= +cloud.google.com/go/eventarc v1.10.0/go.mod h1:u3R35tmZ9HvswGRBnF48IlYgYeBcPUCjkr4BTdem2Kw= +cloud.google.com/go/eventarc v1.11.0/go.mod h1:PyUjsUKPWoRBCHeOxZd/lbOOjahV41icXyUY5kSTvVY= +cloud.google.com/go/filestore v1.3.0/go.mod h1:+qbvHGvXU1HaKX2nD0WEPo92TP/8AQuCVEBXNY9z0+w= +cloud.google.com/go/filestore v1.4.0/go.mod h1:PaG5oDfo9r224f8OYXURtAsY+Fbyq/bLYoINEK8XQAI= +cloud.google.com/go/filestore v1.5.0/go.mod h1:FqBXDWBp4YLHqRnVGveOkHDf8svj9r5+mUDLupOWEDs= +cloud.google.com/go/filestore v1.6.0/go.mod h1:di5unNuss/qfZTw2U9nhFqo8/ZDSc466dre85Kydllg= +cloud.google.com/go/firestore v1.9.0/go.mod h1:HMkjKHNTtRyZNiMzu7YAsLr9K3X2udY2AMwDaMEQiiE= +cloud.google.com/go/firestore v1.15.0 h1:/k8ppuWOtNuDHt2tsRV42yI21uaGnKDEQnRFeBpbFF8= +cloud.google.com/go/firestore v1.15.0/go.mod h1:GWOxFXcv8GZUtYpWHw/w6IuYNux/BtmeVTMmjrm4yhk= +cloud.google.com/go/functions v1.6.0/go.mod h1:3H1UA3qiIPRWD7PeZKLvHZ9SaQhR26XIJcC0A5GbvAk= +cloud.google.com/go/functions v1.7.0/go.mod h1:+d+QBcWM+RsrgZfV9xo6KfA1GlzJfxcfZcRPEhDDfzg= +cloud.google.com/go/functions v1.8.0/go.mod h1:RTZ4/HsQjIqIYP9a9YPbU+QFoQsAlYgrwOXJWHn1POY= +cloud.google.com/go/functions v1.9.0/go.mod h1:Y+Dz8yGguzO3PpIjhLTbnqV1CWmgQ5UwtlpzoyquQ08= +cloud.google.com/go/functions v1.10.0/go.mod h1:0D3hEOe3DbEvCXtYOZHQZmD+SzYsi1YbI7dGvHfldXw= +cloud.google.com/go/functions v1.12.0/go.mod h1:AXWGrF3e2C/5ehvwYo/GH6O5s09tOPksiKhz+hH8WkA= +cloud.google.com/go/functions v1.13.0/go.mod h1:EU4O007sQm6Ef/PwRsI8N2umygGqPBS/IZQKBQBcJ3c= +cloud.google.com/go/gaming v1.5.0/go.mod h1:ol7rGcxP/qHTRQE/RO4bxkXq+Fix0j6D4LFPzYTIrDM= +cloud.google.com/go/gaming v1.6.0/go.mod h1:YMU1GEvA39Qt3zWGyAVA9bpYz/yAhTvaQ1t2sK4KPUA= +cloud.google.com/go/gaming v1.7.0/go.mod h1:LrB8U7MHdGgFG851iHAfqUdLcKBdQ55hzXy9xBJz0+w= +cloud.google.com/go/gaming v1.8.0/go.mod h1:xAqjS8b7jAVW0KFYeRUxngo9My3f33kFmua++Pi+ggM= +cloud.google.com/go/gaming v1.9.0/go.mod h1:Fc7kEmCObylSWLO334NcO+O9QMDyz+TKC4v1D7X+Bc0= +cloud.google.com/go/gkebackup v0.2.0/go.mod h1:XKvv/4LfG829/B8B7xRkk8zRrOEbKtEam6yNfuQNH60= +cloud.google.com/go/gkebackup v0.3.0/go.mod h1:n/E671i1aOQvUxT541aTkCwExO/bTer2HDlj4TsBRAo= +cloud.google.com/go/gkebackup v0.4.0/go.mod h1:byAyBGUwYGEEww7xsbnUTBHIYcOPy/PgUWUtOeRm9Vg= +cloud.google.com/go/gkeconnect v0.5.0/go.mod h1:c5lsNAg5EwAy7fkqX/+goqFsU1Da/jQFqArp+wGNr/o= +cloud.google.com/go/gkeconnect v0.6.0/go.mod h1:Mln67KyU/sHJEBY8kFZ0xTeyPtzbq9StAVvEULYK16A= +cloud.google.com/go/gkeconnect v0.7.0/go.mod h1:SNfmVqPkaEi3bF/B3CNZOAYPYdg7sU+obZ+QTky2Myw= +cloud.google.com/go/gkehub v0.9.0/go.mod h1:WYHN6WG8w9bXU0hqNxt8rm5uxnk8IH+lPY9J2TV7BK0= +cloud.google.com/go/gkehub v0.10.0/go.mod h1:UIPwxI0DsrpsVoWpLB0stwKCP+WFVG9+y977wO+hBH0= +cloud.google.com/go/gkehub v0.11.0/go.mod h1:JOWHlmN+GHyIbuWQPl47/C2RFhnFKH38jH9Ascu3n0E= +cloud.google.com/go/gkehub v0.12.0/go.mod h1:djiIwwzTTBrF5NaXCGv3mf7klpEMcST17VBTVVDcuaw= +cloud.google.com/go/gkemulticloud v0.3.0/go.mod h1:7orzy7O0S+5kq95e4Hpn7RysVA7dPs8W/GgfUtsPbrA= +cloud.google.com/go/gkemulticloud v0.4.0/go.mod h1:E9gxVBnseLWCk24ch+P9+B2CoDFJZTyIgLKSalC7tuI= +cloud.google.com/go/gkemulticloud v0.5.0/go.mod h1:W0JDkiyi3Tqh0TJr//y19wyb1yf8llHVto2Htf2Ja3Y= +cloud.google.com/go/grafeas v0.2.0/go.mod h1:KhxgtF2hb0P191HlY5besjYm6MqTSTj3LSI+M+ByZHc= +cloud.google.com/go/gsuiteaddons v1.3.0/go.mod h1:EUNK/J1lZEZO8yPtykKxLXI6JSVN2rg9bN8SXOa0bgM= +cloud.google.com/go/gsuiteaddons v1.4.0/go.mod h1:rZK5I8hht7u7HxFQcFei0+AtfS9uSushomRlg+3ua1o= +cloud.google.com/go/gsuiteaddons v1.5.0/go.mod h1:TFCClYLd64Eaa12sFVmUyG62tk4mdIsI7pAnSXRkcFo= +cloud.google.com/go/iam v0.1.0/go.mod h1:vcUNEa0pEm0qRVpmWepWaFMIAI8/hjB9mO8rNCJtF6c= +cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= +cloud.google.com/go/iam v0.5.0/go.mod h1:wPU9Vt0P4UmCux7mqtRu6jcpPAb74cP1fh50J3QpkUc= +cloud.google.com/go/iam v0.6.0/go.mod h1:+1AH33ueBne5MzYccyMHtEKqLE4/kJOibtffMHDMFMc= +cloud.google.com/go/iam v0.7.0/go.mod h1:H5Br8wRaDGNc8XP3keLc4unfUUZeyH3Sfl9XpQEYOeg= +cloud.google.com/go/iam v0.8.0/go.mod h1:lga0/y3iH6CX7sYqypWJ33hf7kkfXJag67naqGESjkE= +cloud.google.com/go/iam v0.11.0/go.mod h1:9PiLDanza5D+oWFZiH1uG+RnRCfEGKoyl6yo4cgWZGY= +cloud.google.com/go/iam v0.12.0/go.mod h1:knyHGviacl11zrtZUoDuYpDgLjvr28sLQaG0YB2GYAY= +cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0= +cloud.google.com/go/iam v1.1.7 h1:z4VHOhwKLF/+UYXAJDFwGtNF0b6gjsW1Pk9Ml0U/IoM= +cloud.google.com/go/iam v1.1.7/go.mod h1:J4PMPg8TtyurAUvSmPj8FF3EDgY1SPRZxcUGrn7WXGA= +cloud.google.com/go/iap v1.4.0/go.mod h1:RGFwRJdihTINIe4wZ2iCP0zF/qu18ZwyKxrhMhygBEc= +cloud.google.com/go/iap v1.5.0/go.mod h1:UH/CGgKd4KyohZL5Pt0jSKE4m3FR51qg6FKQ/z/Ix9A= +cloud.google.com/go/iap v1.6.0/go.mod h1:NSuvI9C/j7UdjGjIde7t7HBz+QTwBcapPE07+sSRcLk= +cloud.google.com/go/iap v1.7.0/go.mod h1:beqQx56T9O1G1yNPph+spKpNibDlYIiIixiqsQXxLIo= +cloud.google.com/go/iap v1.7.1/go.mod h1:WapEwPc7ZxGt2jFGB/C/bm+hP0Y6NXzOYGjpPnmMS74= +cloud.google.com/go/ids v1.1.0/go.mod h1:WIuwCaYVOzHIj2OhN9HAwvW+DBdmUAdcWlFxRl+KubM= +cloud.google.com/go/ids v1.2.0/go.mod h1:5WXvp4n25S0rA/mQWAg1YEEBBq6/s+7ml1RDCW1IrcY= +cloud.google.com/go/ids v1.3.0/go.mod h1:JBdTYwANikFKaDP6LtW5JAi4gubs57SVNQjemdt6xV4= +cloud.google.com/go/iot v1.3.0/go.mod h1:r7RGh2B61+B8oz0AGE+J72AhA0G7tdXItODWsaA2oLs= +cloud.google.com/go/iot v1.4.0/go.mod h1:dIDxPOn0UvNDUMD8Ger7FIaTuvMkj+aGk94RPP0iV+g= +cloud.google.com/go/iot v1.5.0/go.mod h1:mpz5259PDl3XJthEmh9+ap0affn/MqNSP4My77Qql9o= +cloud.google.com/go/iot v1.6.0/go.mod h1:IqdAsmE2cTYYNO1Fvjfzo9po179rAtJeVGUvkLN3rLE= +cloud.google.com/go/kms v1.4.0/go.mod h1:fajBHndQ+6ubNw6Ss2sSd+SWvjL26RNo/dr7uxsnnOA= +cloud.google.com/go/kms v1.5.0/go.mod h1:QJS2YY0eJGBg3mnDfuaCyLauWwBJiHRboYxJ++1xJNg= +cloud.google.com/go/kms v1.6.0/go.mod h1:Jjy850yySiasBUDi6KFUwUv2n1+o7QZFyuUJg6OgjA0= +cloud.google.com/go/kms v1.8.0/go.mod h1:4xFEhYFqvW+4VMELtZyxomGSYtSQKzM178ylFW4jMAg= +cloud.google.com/go/kms v1.9.0/go.mod h1:qb1tPTgfF9RQP8e1wq4cLFErVuTJv7UsSC915J8dh3w= +cloud.google.com/go/kms v1.10.0/go.mod h1:ng3KTUtQQU9bPX3+QGLsflZIHlkbn8amFAMY63m8d24= +cloud.google.com/go/kms v1.10.1/go.mod h1:rIWk/TryCkR59GMC3YtHtXeLzd634lBbKenvyySAyYI= +cloud.google.com/go/kms v1.15.8 h1:szIeDCowID8th2i8XE4uRev5PMxQFqW+JjwYxL9h6xs= +cloud.google.com/go/kms v1.15.8/go.mod h1:WoUHcDjD9pluCg7pNds131awnH429QGvRM3N/4MyoVs= +cloud.google.com/go/language v1.4.0/go.mod h1:F9dRpNFQmJbkaop6g0JhSBXCNlO90e1KWx5iDdxbWic= +cloud.google.com/go/language v1.6.0/go.mod h1:6dJ8t3B+lUYfStgls25GusK04NLh3eDLQnWM3mdEbhI= +cloud.google.com/go/language v1.7.0/go.mod h1:DJ6dYN/W+SQOjF8e1hLQXMF21AkH2w9wiPzPCJa2MIE= +cloud.google.com/go/language v1.8.0/go.mod h1:qYPVHf7SPoNNiCL2Dr0FfEFNil1qi3pQEyygwpgVKB8= +cloud.google.com/go/language v1.9.0/go.mod h1:Ns15WooPM5Ad/5no/0n81yUetis74g3zrbeJBE+ptUY= +cloud.google.com/go/lifesciences v0.5.0/go.mod h1:3oIKy8ycWGPUyZDR/8RNnTOYevhaMLqh5vLUXs9zvT8= +cloud.google.com/go/lifesciences v0.6.0/go.mod h1:ddj6tSX/7BOnhxCSd3ZcETvtNr8NZ6t/iPhY2Tyfu08= +cloud.google.com/go/lifesciences v0.8.0/go.mod h1:lFxiEOMqII6XggGbOnKiyZ7IBwoIqA84ClvoezaA/bo= +cloud.google.com/go/logging v1.6.1/go.mod h1:5ZO0mHHbvm8gEmeEUHrmDlTDSu5imF6MUP9OfilNXBw= +cloud.google.com/go/logging v1.7.0/go.mod h1:3xjP2CjkM3ZkO73aj4ASA5wRPGGCRrPIAeNqVNkzY8M= +cloud.google.com/go/longrunning v0.1.1/go.mod h1:UUFxuDWkv22EuY93jjmDMFT5GPQKeFVJBIF6QlTqdsE= +cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc= +cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo= +cloud.google.com/go/longrunning v0.5.6 h1:xAe8+0YaWoCKr9t1+aWe+OeQgN/iJK1fEgZSXmjuEaE= +cloud.google.com/go/longrunning v0.5.6/go.mod h1:vUaDrWYOMKRuhiv6JBnn49YxCPz2Ayn9GqyjaBT8/mA= +cloud.google.com/go/managedidentities v1.3.0/go.mod h1:UzlW3cBOiPrzucO5qWkNkh0w33KFtBJU281hacNvsdE= +cloud.google.com/go/managedidentities v1.4.0/go.mod h1:NWSBYbEMgqmbZsLIyKvxrYbtqOsxY1ZrGM+9RgDqInM= +cloud.google.com/go/managedidentities v1.5.0/go.mod h1:+dWcZ0JlUmpuxpIDfyP5pP5y0bLdRwOS4Lp7gMni/LA= +cloud.google.com/go/maps v0.1.0/go.mod h1:BQM97WGyfw9FWEmQMpZ5T6cpovXXSd1cGmFma94eubI= +cloud.google.com/go/maps v0.6.0/go.mod h1:o6DAMMfb+aINHz/p/jbcY+mYeXBoZoxTfdSQ8VAJaCw= +cloud.google.com/go/maps v0.7.0/go.mod h1:3GnvVl3cqeSvgMcpRlQidXsPYuDGQ8naBis7MVzpXsY= +cloud.google.com/go/mediatranslation v0.5.0/go.mod h1:jGPUhGTybqsPQn91pNXw0xVHfuJ3leR1wj37oU3y1f4= +cloud.google.com/go/mediatranslation v0.6.0/go.mod h1:hHdBCTYNigsBxshbznuIMFNe5QXEowAuNmmC7h8pu5w= +cloud.google.com/go/mediatranslation v0.7.0/go.mod h1:LCnB/gZr90ONOIQLgSXagp8XUW1ODs2UmUMvcgMfI2I= +cloud.google.com/go/memcache v1.4.0/go.mod h1:rTOfiGZtJX1AaFUrOgsMHX5kAzaTQ8azHiuDoTPzNsE= +cloud.google.com/go/memcache v1.5.0/go.mod h1:dk3fCK7dVo0cUU2c36jKb4VqKPS22BTkf81Xq617aWM= +cloud.google.com/go/memcache v1.6.0/go.mod h1:XS5xB0eQZdHtTuTF9Hf8eJkKtR3pVRCcvJwtm68T3rA= +cloud.google.com/go/memcache v1.7.0/go.mod h1:ywMKfjWhNtkQTxrWxCkCFkoPjLHPW6A7WOTVI8xy3LY= +cloud.google.com/go/memcache v1.9.0/go.mod h1:8oEyzXCu+zo9RzlEaEjHl4KkgjlNDaXbCQeQWlzNFJM= +cloud.google.com/go/metastore v1.5.0/go.mod h1:2ZNrDcQwghfdtCwJ33nM0+GrBGlVuh8rakL3vdPY3XY= +cloud.google.com/go/metastore v1.6.0/go.mod h1:6cyQTls8CWXzk45G55x57DVQ9gWg7RiH65+YgPsNh9s= +cloud.google.com/go/metastore v1.7.0/go.mod h1:s45D0B4IlsINu87/AsWiEVYbLaIMeUSoxlKKDqBGFS8= +cloud.google.com/go/metastore v1.8.0/go.mod h1:zHiMc4ZUpBiM7twCIFQmJ9JMEkDSyZS9U12uf7wHqSI= +cloud.google.com/go/metastore v1.10.0/go.mod h1:fPEnH3g4JJAk+gMRnrAnoqyv2lpUCqJPWOodSaf45Eo= +cloud.google.com/go/monitoring v1.7.0/go.mod h1:HpYse6kkGo//7p6sT0wsIC6IBDET0RhIsnmlA53dvEk= +cloud.google.com/go/monitoring v1.8.0/go.mod h1:E7PtoMJ1kQXWxPjB6mv2fhC5/15jInuulFdYYtlcvT4= +cloud.google.com/go/monitoring v1.12.0/go.mod h1:yx8Jj2fZNEkL/GYZyTLS4ZtZEZN8WtDEiEqG4kLK50w= +cloud.google.com/go/monitoring v1.13.0/go.mod h1:k2yMBAB1H9JT/QETjNkgdCGD9bPF712XiLTVr+cBrpw= +cloud.google.com/go/networkconnectivity v1.4.0/go.mod h1:nOl7YL8odKyAOtzNX73/M5/mGZgqqMeryi6UPZTk/rA= +cloud.google.com/go/networkconnectivity v1.5.0/go.mod h1:3GzqJx7uhtlM3kln0+x5wyFvuVH1pIBJjhCpjzSt75o= +cloud.google.com/go/networkconnectivity v1.6.0/go.mod h1:OJOoEXW+0LAxHh89nXd64uGG+FbQoeH8DtxCHVOMlaM= +cloud.google.com/go/networkconnectivity v1.7.0/go.mod h1:RMuSbkdbPwNMQjB5HBWD5MpTBnNm39iAVpC3TmsExt8= +cloud.google.com/go/networkconnectivity v1.10.0/go.mod h1:UP4O4sWXJG13AqrTdQCD9TnLGEbtNRqjuaaA7bNjF5E= +cloud.google.com/go/networkconnectivity v1.11.0/go.mod h1:iWmDD4QF16VCDLXUqvyspJjIEtBR/4zq5hwnY2X3scM= +cloud.google.com/go/networkmanagement v1.4.0/go.mod h1:Q9mdLLRn60AsOrPc8rs8iNV6OHXaGcDdsIQe1ohekq8= +cloud.google.com/go/networkmanagement v1.5.0/go.mod h1:ZnOeZ/evzUdUsnvRt792H0uYEnHQEMaz+REhhzJRcf4= +cloud.google.com/go/networkmanagement v1.6.0/go.mod h1:5pKPqyXjB/sgtvB5xqOemumoQNB7y95Q7S+4rjSOPYY= +cloud.google.com/go/networksecurity v0.5.0/go.mod h1:xS6fOCoqpVC5zx15Z/MqkfDwH4+m/61A3ODiDV1xmiQ= +cloud.google.com/go/networksecurity v0.6.0/go.mod h1:Q5fjhTr9WMI5mbpRYEbiexTzROf7ZbDzvzCrNl14nyU= +cloud.google.com/go/networksecurity v0.7.0/go.mod h1:mAnzoxx/8TBSyXEeESMy9OOYwo1v+gZ5eMRnsT5bC8k= +cloud.google.com/go/networksecurity v0.8.0/go.mod h1:B78DkqsxFG5zRSVuwYFRZ9Xz8IcQ5iECsNrPn74hKHU= +cloud.google.com/go/notebooks v1.2.0/go.mod h1:9+wtppMfVPUeJ8fIWPOq1UnATHISkGXGqTkxeieQ6UY= +cloud.google.com/go/notebooks v1.3.0/go.mod h1:bFR5lj07DtCPC7YAAJ//vHskFBxA5JzYlH68kXVdk34= +cloud.google.com/go/notebooks v1.4.0/go.mod h1:4QPMngcwmgb6uw7Po99B2xv5ufVoIQ7nOGDyL4P8AgA= +cloud.google.com/go/notebooks v1.5.0/go.mod h1:q8mwhnP9aR8Hpfnrc5iN5IBhrXUy8S2vuYs+kBJ/gu0= +cloud.google.com/go/notebooks v1.7.0/go.mod h1:PVlaDGfJgj1fl1S3dUwhFMXFgfYGhYQt2164xOMONmE= +cloud.google.com/go/notebooks v1.8.0/go.mod h1:Lq6dYKOYOWUCTvw5t2q1gp1lAp0zxAxRycayS0iJcqQ= +cloud.google.com/go/optimization v1.1.0/go.mod h1:5po+wfvX5AQlPznyVEZjGJTMr4+CAkJf2XSTQOOl9l4= +cloud.google.com/go/optimization v1.2.0/go.mod h1:Lr7SOHdRDENsh+WXVmQhQTrzdu9ybg0NecjHidBq6xs= +cloud.google.com/go/optimization v1.3.1/go.mod h1:IvUSefKiwd1a5p0RgHDbWCIbDFgKuEdB+fPPuP0IDLI= +cloud.google.com/go/orchestration v1.3.0/go.mod h1:Sj5tq/JpWiB//X/q3Ngwdl5K7B7Y0KZ7bfv0wL6fqVA= +cloud.google.com/go/orchestration v1.4.0/go.mod h1:6W5NLFWs2TlniBphAViZEVhrXRSMgUGDfW7vrWKvsBk= +cloud.google.com/go/orchestration v1.6.0/go.mod h1:M62Bevp7pkxStDfFfTuCOaXgaaqRAga1yKyoMtEoWPQ= +cloud.google.com/go/orgpolicy v1.4.0/go.mod h1:xrSLIV4RePWmP9P3tBl8S93lTmlAxjm06NSm2UTmKvE= +cloud.google.com/go/orgpolicy v1.5.0/go.mod h1:hZEc5q3wzwXJaKrsx5+Ewg0u1LxJ51nNFlext7Tanwc= +cloud.google.com/go/orgpolicy v1.10.0/go.mod h1:w1fo8b7rRqlXlIJbVhOMPrwVljyuW5mqssvBtU18ONc= +cloud.google.com/go/osconfig v1.7.0/go.mod h1:oVHeCeZELfJP7XLxcBGTMBvRO+1nQ5tFG9VQTmYS2Fs= +cloud.google.com/go/osconfig v1.8.0/go.mod h1:EQqZLu5w5XA7eKizepumcvWx+m8mJUhEwiPqWiZeEdg= +cloud.google.com/go/osconfig v1.9.0/go.mod h1:Yx+IeIZJ3bdWmzbQU4fxNl8xsZ4amB+dygAwFPlvnNo= +cloud.google.com/go/osconfig v1.10.0/go.mod h1:uMhCzqC5I8zfD9zDEAfvgVhDS8oIjySWh+l4WK6GnWw= +cloud.google.com/go/osconfig v1.11.0/go.mod h1:aDICxrur2ogRd9zY5ytBLV89KEgT2MKB2L/n6x1ooPw= +cloud.google.com/go/oslogin v1.4.0/go.mod h1:YdgMXWRaElXz/lDk1Na6Fh5orF7gvmJ0FGLIs9LId4E= +cloud.google.com/go/oslogin v1.5.0/go.mod h1:D260Qj11W2qx/HVF29zBg+0fd6YCSjSqLUkY/qEenQU= +cloud.google.com/go/oslogin v1.6.0/go.mod h1:zOJ1O3+dTU8WPlGEkFSh7qeHPPSoxrcMbbK1Nm2iX70= +cloud.google.com/go/oslogin v1.7.0/go.mod h1:e04SN0xO1UNJ1M5GP0vzVBFicIe4O53FOfcixIqTyXo= +cloud.google.com/go/oslogin v1.9.0/go.mod h1:HNavntnH8nzrn8JCTT5fj18FuJLFJc4NaZJtBnQtKFs= +cloud.google.com/go/phishingprotection v0.5.0/go.mod h1:Y3HZknsK9bc9dMi+oE8Bim0lczMU6hrX0UpADuMefr0= +cloud.google.com/go/phishingprotection v0.6.0/go.mod h1:9Y3LBLgy0kDTcYET8ZH3bq/7qni15yVUoAxiFxnlSUA= +cloud.google.com/go/phishingprotection v0.7.0/go.mod h1:8qJI4QKHoda/sb/7/YmMQ2omRLSLYSu9bU0EKCNI+Lk= +cloud.google.com/go/policytroubleshooter v1.3.0/go.mod h1:qy0+VwANja+kKrjlQuOzmlvscn4RNsAc0e15GGqfMxg= +cloud.google.com/go/policytroubleshooter v1.4.0/go.mod h1:DZT4BcRw3QoO8ota9xw/LKtPa8lKeCByYeKTIf/vxdE= +cloud.google.com/go/policytroubleshooter v1.5.0/go.mod h1:Rz1WfV+1oIpPdN2VvvuboLVRsB1Hclg3CKQ53j9l8vw= +cloud.google.com/go/policytroubleshooter v1.6.0/go.mod h1:zYqaPTsmfvpjm5ULxAyD/lINQxJ0DDsnWOP/GZ7xzBc= +cloud.google.com/go/privatecatalog v0.5.0/go.mod h1:XgosMUvvPyxDjAVNDYxJ7wBW8//hLDDYmnsNcMGq1K0= +cloud.google.com/go/privatecatalog v0.6.0/go.mod h1:i/fbkZR0hLN29eEWiiwue8Pb+GforiEIBnV9yrRUOKI= +cloud.google.com/go/privatecatalog v0.7.0/go.mod h1:2s5ssIFO69F5csTXcwBP7NPFTZvps26xGzvQ2PQaBYg= +cloud.google.com/go/privatecatalog v0.8.0/go.mod h1:nQ6pfaegeDAq/Q5lrfCQzQLhubPiZhSaNhIgfJlnIXs= +cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= +cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= +cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= +cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= +cloud.google.com/go/pubsub v1.26.0/go.mod h1:QgBH3U/jdJy/ftjPhTkyXNj543Tin1pRYcdcPRnFIRI= +cloud.google.com/go/pubsub v1.27.1/go.mod h1:hQN39ymbV9geqBnfQq6Xf63yNhUAhv9CZhzp5O6qsW0= +cloud.google.com/go/pubsub v1.28.0/go.mod h1:vuXFpwaVoIPQMGXqRyUQigu/AX1S3IWugR9xznmcXX8= +cloud.google.com/go/pubsub v1.30.0/go.mod h1:qWi1OPS0B+b5L+Sg6Gmc9zD1Y+HaM0MdUr7LsupY1P4= +cloud.google.com/go/pubsublite v1.5.0/go.mod h1:xapqNQ1CuLfGi23Yda/9l4bBCKz/wC3KIJ5gKcxveZg= +cloud.google.com/go/pubsublite v1.6.0/go.mod h1:1eFCS0U11xlOuMFV/0iBqw3zP12kddMeCbj/F3FSj9k= +cloud.google.com/go/pubsublite v1.7.0/go.mod h1:8hVMwRXfDfvGm3fahVbtDbiLePT3gpoiJYJY+vxWxVM= +cloud.google.com/go/recaptchaenterprise v1.3.1/go.mod h1:OdD+q+y4XGeAlxRaMn1Y7/GveP6zmq76byL6tjPE7d4= +cloud.google.com/go/recaptchaenterprise/v2 v2.1.0/go.mod h1:w9yVqajwroDNTfGuhmOjPDN//rZGySaf6PtFVcSCa7o= +cloud.google.com/go/recaptchaenterprise/v2 v2.2.0/go.mod h1:/Zu5jisWGeERrd5HnlS3EUGb/D335f9k51B/FVil0jk= +cloud.google.com/go/recaptchaenterprise/v2 v2.3.0/go.mod h1:O9LwGCjrhGHBQET5CA7dd5NwwNQUErSgEDit1DLNTdo= +cloud.google.com/go/recaptchaenterprise/v2 v2.4.0/go.mod h1:Am3LHfOuBstrLrNCBrlI5sbwx9LBg3te2N6hGvHn2mE= +cloud.google.com/go/recaptchaenterprise/v2 v2.5.0/go.mod h1:O8LzcHXN3rz0j+LBC91jrwI3R+1ZSZEWrfL7XHgNo9U= +cloud.google.com/go/recaptchaenterprise/v2 v2.6.0/go.mod h1:RPauz9jeLtB3JVzg6nCbe12qNoaa8pXc4d/YukAmcnA= +cloud.google.com/go/recaptchaenterprise/v2 v2.7.0/go.mod h1:19wVj/fs5RtYtynAPJdDTb69oW0vNHYDBTbB4NvMD9c= +cloud.google.com/go/recommendationengine v0.5.0/go.mod h1:E5756pJcVFeVgaQv3WNpImkFP8a+RptV6dDLGPILjvg= +cloud.google.com/go/recommendationengine v0.6.0/go.mod h1:08mq2umu9oIqc7tDy8sx+MNJdLG0fUi3vaSVbztHgJ4= +cloud.google.com/go/recommendationengine v0.7.0/go.mod h1:1reUcE3GIu6MeBz/h5xZJqNLuuVjNg1lmWMPyjatzac= +cloud.google.com/go/recommender v1.5.0/go.mod h1:jdoeiBIVrJe9gQjwd759ecLJbxCDED4A6p+mqoqDvTg= +cloud.google.com/go/recommender v1.6.0/go.mod h1:+yETpm25mcoiECKh9DEScGzIRyDKpZ0cEhWGo+8bo+c= +cloud.google.com/go/recommender v1.7.0/go.mod h1:XLHs/W+T8olwlGOgfQenXBTbIseGclClff6lhFVe9Bs= +cloud.google.com/go/recommender v1.8.0/go.mod h1:PkjXrTT05BFKwxaUxQmtIlrtj0kph108r02ZZQ5FE70= +cloud.google.com/go/recommender v1.9.0/go.mod h1:PnSsnZY7q+VL1uax2JWkt/UegHssxjUVVCrX52CuEmQ= +cloud.google.com/go/redis v1.7.0/go.mod h1:V3x5Jq1jzUcg+UNsRvdmsfuFnit1cfe3Z/PGyq/lm4Y= +cloud.google.com/go/redis v1.8.0/go.mod h1:Fm2szCDavWzBk2cDKxrkmWBqoCiL1+Ctwq7EyqBCA/A= +cloud.google.com/go/redis v1.9.0/go.mod h1:HMYQuajvb2D0LvMgZmLDZW8V5aOC/WxstZHiy4g8OiA= +cloud.google.com/go/redis v1.10.0/go.mod h1:ThJf3mMBQtW18JzGgh41/Wld6vnDDc/F/F35UolRZPM= +cloud.google.com/go/redis v1.11.0/go.mod h1:/X6eicana+BWcUda5PpwZC48o37SiFVTFSs0fWAJ7uQ= +cloud.google.com/go/resourcemanager v1.3.0/go.mod h1:bAtrTjZQFJkiWTPDb1WBjzvc6/kifjj4QBYuKCCoqKA= +cloud.google.com/go/resourcemanager v1.4.0/go.mod h1:MwxuzkumyTX7/a3n37gmsT3py7LIXwrShilPh3P1tR0= +cloud.google.com/go/resourcemanager v1.5.0/go.mod h1:eQoXNAiAvCf5PXxWxXjhKQoTMaUSNrEfg+6qdf/wots= +cloud.google.com/go/resourcemanager v1.6.0/go.mod h1:YcpXGRs8fDzcUl1Xw8uOVmI8JEadvhRIkoXXUNVYcVo= +cloud.google.com/go/resourcemanager v1.7.0/go.mod h1:HlD3m6+bwhzj9XCouqmeiGuni95NTrExfhoSrkC/3EI= +cloud.google.com/go/resourcesettings v1.3.0/go.mod h1:lzew8VfESA5DQ8gdlHwMrqZs1S9V87v3oCnKCWoOuQU= +cloud.google.com/go/resourcesettings v1.4.0/go.mod h1:ldiH9IJpcrlC3VSuCGvjR5of/ezRrOxFtpJoJo5SmXg= +cloud.google.com/go/resourcesettings v1.5.0/go.mod h1:+xJF7QSG6undsQDfsCJyqWXyBwUoJLhetkRMDRnIoXA= +cloud.google.com/go/retail v1.8.0/go.mod h1:QblKS8waDmNUhghY2TI9O3JLlFk8jybHeV4BF19FrE4= +cloud.google.com/go/retail v1.9.0/go.mod h1:g6jb6mKuCS1QKnH/dpu7isX253absFl6iE92nHwlBUY= +cloud.google.com/go/retail v1.10.0/go.mod h1:2gDk9HsL4HMS4oZwz6daui2/jmKvqShXKQuB2RZ+cCc= +cloud.google.com/go/retail v1.11.0/go.mod h1:MBLk1NaWPmh6iVFSz9MeKG/Psyd7TAgm6y/9L2B4x9Y= +cloud.google.com/go/retail v1.12.0/go.mod h1:UMkelN/0Z8XvKymXFbD4EhFJlYKRx1FGhQkVPU5kF14= +cloud.google.com/go/run v0.2.0/go.mod h1:CNtKsTA1sDcnqqIFR3Pb5Tq0usWxJJvsWOCPldRU3Do= +cloud.google.com/go/run v0.3.0/go.mod h1:TuyY1+taHxTjrD0ZFk2iAR+xyOXEA0ztb7U3UNA0zBo= +cloud.google.com/go/run v0.8.0/go.mod h1:VniEnuBwqjigv0A7ONfQUaEItaiCRVujlMqerPPiktM= +cloud.google.com/go/run v0.9.0/go.mod h1:Wwu+/vvg8Y+JUApMwEDfVfhetv30hCG4ZwDR/IXl2Qg= +cloud.google.com/go/scheduler v1.4.0/go.mod h1:drcJBmxF3aqZJRhmkHQ9b3uSSpQoltBPGPxGAWROx6s= +cloud.google.com/go/scheduler v1.5.0/go.mod h1:ri073ym49NW3AfT6DZi21vLZrG07GXr5p3H1KxN5QlI= +cloud.google.com/go/scheduler v1.6.0/go.mod h1:SgeKVM7MIwPn3BqtcBntpLyrIJftQISRrYB5ZtT+KOk= +cloud.google.com/go/scheduler v1.7.0/go.mod h1:jyCiBqWW956uBjjPMMuX09n3x37mtyPJegEWKxRsn44= +cloud.google.com/go/scheduler v1.8.0/go.mod h1:TCET+Y5Gp1YgHT8py4nlg2Sew8nUHMqcpousDgXJVQc= +cloud.google.com/go/scheduler v1.9.0/go.mod h1:yexg5t+KSmqu+njTIh3b7oYPheFtBWGcbVUYF1GGMIc= +cloud.google.com/go/secretmanager v1.6.0/go.mod h1:awVa/OXF6IiyaU1wQ34inzQNc4ISIDIrId8qE5QGgKA= +cloud.google.com/go/secretmanager v1.8.0/go.mod h1:hnVgi/bN5MYHd3Gt0SPuTPPp5ENina1/LxM+2W9U9J4= +cloud.google.com/go/secretmanager v1.9.0/go.mod h1:b71qH2l1yHmWQHt9LC80akm86mX8AL6X1MA01dW8ht4= +cloud.google.com/go/secretmanager v1.10.0/go.mod h1:MfnrdvKMPNra9aZtQFvBcvRU54hbPD8/HayQdlUgJpU= +cloud.google.com/go/security v1.5.0/go.mod h1:lgxGdyOKKjHL4YG3/YwIL2zLqMFCKs0UbQwgyZmfJl4= +cloud.google.com/go/security v1.7.0/go.mod h1:mZklORHl6Bg7CNnnjLH//0UlAlaXqiG7Lb9PsPXLfD0= +cloud.google.com/go/security v1.8.0/go.mod h1:hAQOwgmaHhztFhiQ41CjDODdWP0+AE1B3sX4OFlq+GU= +cloud.google.com/go/security v1.9.0/go.mod h1:6Ta1bO8LXI89nZnmnsZGp9lVoVWXqsVbIq/t9dzI+2Q= +cloud.google.com/go/security v1.10.0/go.mod h1:QtOMZByJVlibUT2h9afNDWRZ1G96gVywH8T5GUSb9IA= +cloud.google.com/go/security v1.12.0/go.mod h1:rV6EhrpbNHrrxqlvW0BWAIawFWq3X90SduMJdFwtLB8= +cloud.google.com/go/security v1.13.0/go.mod h1:Q1Nvxl1PAgmeW0y3HTt54JYIvUdtcpYKVfIB8AOMZ+0= +cloud.google.com/go/securitycenter v1.13.0/go.mod h1:cv5qNAqjY84FCN6Y9z28WlkKXyWsgLO832YiWwkCWcU= +cloud.google.com/go/securitycenter v1.14.0/go.mod h1:gZLAhtyKv85n52XYWt6RmeBdydyxfPeTrpToDPw4Auc= +cloud.google.com/go/securitycenter v1.15.0/go.mod h1:PeKJ0t8MoFmmXLXWm41JidyzI3PJjd8sXWaVqg43WWk= +cloud.google.com/go/securitycenter v1.16.0/go.mod h1:Q9GMaLQFUD+5ZTabrbujNWLtSLZIZF7SAR0wWECrjdk= +cloud.google.com/go/securitycenter v1.18.1/go.mod h1:0/25gAzCM/9OL9vVx4ChPeM/+DlfGQJDwBy/UC8AKK0= +cloud.google.com/go/securitycenter v1.19.0/go.mod h1:LVLmSg8ZkkyaNy4u7HCIshAngSQ8EcIRREP3xBnyfag= +cloud.google.com/go/servicecontrol v1.4.0/go.mod h1:o0hUSJ1TXJAmi/7fLJAedOovnujSEvjKCAFNXPQ1RaU= +cloud.google.com/go/servicecontrol v1.5.0/go.mod h1:qM0CnXHhyqKVuiZnGKrIurvVImCs8gmqWsDoqe9sU1s= +cloud.google.com/go/servicecontrol v1.10.0/go.mod h1:pQvyvSRh7YzUF2efw7H87V92mxU8FnFDawMClGCNuAA= +cloud.google.com/go/servicecontrol v1.11.0/go.mod h1:kFmTzYzTUIuZs0ycVqRHNaNhgR+UMUpw9n02l/pY+mc= +cloud.google.com/go/servicecontrol v1.11.1/go.mod h1:aSnNNlwEFBY+PWGQ2DoM0JJ/QUXqV5/ZD9DOLB7SnUk= +cloud.google.com/go/servicedirectory v1.4.0/go.mod h1:gH1MUaZCgtP7qQiI+F+A+OpeKF/HQWgtAddhTbhL2bs= +cloud.google.com/go/servicedirectory v1.5.0/go.mod h1:QMKFL0NUySbpZJ1UZs3oFAmdvVxhhxB6eJ/Vlp73dfg= +cloud.google.com/go/servicedirectory v1.6.0/go.mod h1:pUlbnWsLH9c13yGkxCmfumWEPjsRs1RlmJ4pqiNjVL4= +cloud.google.com/go/servicedirectory v1.7.0/go.mod h1:5p/U5oyvgYGYejufvxhgwjL8UVXjkuw7q5XcG10wx1U= +cloud.google.com/go/servicedirectory v1.8.0/go.mod h1:srXodfhY1GFIPvltunswqXpVxFPpZjf8nkKQT7XcXaY= +cloud.google.com/go/servicedirectory v1.9.0/go.mod h1:29je5JjiygNYlmsGz8k6o+OZ8vd4f//bQLtvzkPPT/s= +cloud.google.com/go/servicemanagement v1.4.0/go.mod h1:d8t8MDbezI7Z2R1O/wu8oTggo3BI2GKYbdG4y/SJTco= +cloud.google.com/go/servicemanagement v1.5.0/go.mod h1:XGaCRe57kfqu4+lRxaFEAuqmjzF0r+gWHjWqKqBvKFo= +cloud.google.com/go/servicemanagement v1.6.0/go.mod h1:aWns7EeeCOtGEX4OvZUWCCJONRZeFKiptqKf1D0l/Jc= +cloud.google.com/go/servicemanagement v1.8.0/go.mod h1:MSS2TDlIEQD/fzsSGfCdJItQveu9NXnUniTrq/L8LK4= +cloud.google.com/go/serviceusage v1.3.0/go.mod h1:Hya1cozXM4SeSKTAgGXgj97GlqUvF5JaoXacR1JTP/E= +cloud.google.com/go/serviceusage v1.4.0/go.mod h1:SB4yxXSaYVuUBYUml6qklyONXNLt83U0Rb+CXyhjEeU= +cloud.google.com/go/serviceusage v1.5.0/go.mod h1:w8U1JvqUqwJNPEOTQjrMHkw3IaIFLoLsPLvsE3xueec= +cloud.google.com/go/serviceusage v1.6.0/go.mod h1:R5wwQcbOWsyuOfbP9tGdAnCAc6B9DRwPG1xtWMDeuPA= +cloud.google.com/go/shell v1.3.0/go.mod h1:VZ9HmRjZBsjLGXusm7K5Q5lzzByZmJHf1d0IWHEN5X4= +cloud.google.com/go/shell v1.4.0/go.mod h1:HDxPzZf3GkDdhExzD/gs8Grqk+dmYcEjGShZgYa9URw= +cloud.google.com/go/shell v1.6.0/go.mod h1:oHO8QACS90luWgxP3N9iZVuEiSF84zNyLytb+qE2f9A= +cloud.google.com/go/spanner v1.41.0/go.mod h1:MLYDBJR/dY4Wt7ZaMIQ7rXOTLjYrmxLE/5ve9vFfWos= +cloud.google.com/go/spanner v1.44.0/go.mod h1:G8XIgYdOK+Fbcpbs7p2fiprDw4CaZX63whnSMLVBxjk= +cloud.google.com/go/spanner v1.45.0/go.mod h1:FIws5LowYz8YAE1J8fOS7DJup8ff7xJeetWEo5REA2M= +cloud.google.com/go/speech v1.6.0/go.mod h1:79tcr4FHCimOp56lwC01xnt/WPJZc4v3gzyT7FoBkCM= +cloud.google.com/go/speech v1.7.0/go.mod h1:KptqL+BAQIhMsj1kOP2la5DSEEerPDuOP/2mmkhHhZQ= +cloud.google.com/go/speech v1.8.0/go.mod h1:9bYIl1/tjsAnMgKGHKmBZzXKEkGgtU+MpdDPTE9f7y0= +cloud.google.com/go/speech v1.9.0/go.mod h1:xQ0jTcmnRFFM2RfX/U+rk6FQNUF6DQlydUSyoooSpco= +cloud.google.com/go/speech v1.14.1/go.mod h1:gEosVRPJ9waG7zqqnsHpYTOoAS4KouMRLDFMekpJ0J0= +cloud.google.com/go/speech v1.15.0/go.mod h1:y6oH7GhqCaZANH7+Oe0BhgIogsNInLlz542tg3VqeYI= +cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= +cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= +cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= +cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= +cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= +cloud.google.com/go/storage v1.22.1/go.mod h1:S8N1cAStu7BOeFfE8KAQzmyyLkK8p/vmRq6kuBTW58Y= +cloud.google.com/go/storage v1.23.0/go.mod h1:vOEEDNFnciUMhBeT6hsJIn3ieU5cFRmzeLgDvXzfIXc= +cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s= +cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= +cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= +cloud.google.com/go/storage v1.40.0 h1:VEpDQV5CJxFmJ6ueWNsKxcr1QAYOXEgxDa+sBbJahPw= +cloud.google.com/go/storage v1.40.0/go.mod h1:Rrj7/hKlG87BLqDJYtwR0fbPld8uJPbQ2ucUMY7Ir0g= +cloud.google.com/go/storagetransfer v1.5.0/go.mod h1:dxNzUopWy7RQevYFHewchb29POFv3/AaBgnhqzqiK0w= +cloud.google.com/go/storagetransfer v1.6.0/go.mod h1:y77xm4CQV/ZhFZH75PLEXY0ROiS7Gh6pSKrM8dJyg6I= +cloud.google.com/go/storagetransfer v1.7.0/go.mod h1:8Giuj1QNb1kfLAiWM1bN6dHzfdlDAVC9rv9abHot2W4= +cloud.google.com/go/storagetransfer v1.8.0/go.mod h1:JpegsHHU1eXg7lMHkvf+KE5XDJ7EQu0GwNJbbVGanEw= +cloud.google.com/go/talent v1.1.0/go.mod h1:Vl4pt9jiHKvOgF9KoZo6Kob9oV4lwd/ZD5Cto54zDRw= +cloud.google.com/go/talent v1.2.0/go.mod h1:MoNF9bhFQbiJ6eFD3uSsg0uBALw4n4gaCaEjBw9zo8g= +cloud.google.com/go/talent v1.3.0/go.mod h1:CmcxwJ/PKfRgd1pBjQgU6W3YBwiewmUzQYH5HHmSCmM= +cloud.google.com/go/talent v1.4.0/go.mod h1:ezFtAgVuRf8jRsvyE6EwmbTK5LKciD4KVnHuDEFmOOA= +cloud.google.com/go/talent v1.5.0/go.mod h1:G+ODMj9bsasAEJkQSzO2uHQWXHHXUomArjWQQYkqK6c= +cloud.google.com/go/texttospeech v1.4.0/go.mod h1:FX8HQHA6sEpJ7rCMSfXuzBcysDAuWusNNNvN9FELDd8= +cloud.google.com/go/texttospeech v1.5.0/go.mod h1:oKPLhR4n4ZdQqWKURdwxMy0uiTS1xU161C8W57Wkea4= +cloud.google.com/go/texttospeech v1.6.0/go.mod h1:YmwmFT8pj1aBblQOI3TfKmwibnsfvhIBzPXcW4EBovc= +cloud.google.com/go/tpu v1.3.0/go.mod h1:aJIManG0o20tfDQlRIej44FcwGGl/cD0oiRyMKG19IQ= +cloud.google.com/go/tpu v1.4.0/go.mod h1:mjZaX8p0VBgllCzF6wcU2ovUXN9TONFLd7iz227X2Xg= +cloud.google.com/go/tpu v1.5.0/go.mod h1:8zVo1rYDFuW2l4yZVY0R0fb/v44xLh3llq7RuV61fPM= +cloud.google.com/go/trace v1.3.0/go.mod h1:FFUE83d9Ca57C+K8rDl/Ih8LwOzWIV1krKgxg6N0G28= +cloud.google.com/go/trace v1.4.0/go.mod h1:UG0v8UBqzusp+z63o7FK74SdFE+AXpCLdFb1rshXG+Y= +cloud.google.com/go/trace v1.8.0/go.mod h1:zH7vcsbAhklH8hWFig58HvxcxyQbaIqMarMg9hn5ECA= +cloud.google.com/go/trace v1.9.0/go.mod h1:lOQqpE5IaWY0Ixg7/r2SjixMuc6lfTFeO4QGM4dQWOk= +cloud.google.com/go/translate v1.3.0/go.mod h1:gzMUwRjvOqj5i69y/LYLd8RrNQk+hOmIXTi9+nb3Djs= +cloud.google.com/go/translate v1.4.0/go.mod h1:06Dn/ppvLD6WvA5Rhdp029IX2Mi3Mn7fpMRLPvXT5Wg= +cloud.google.com/go/translate v1.5.0/go.mod h1:29YDSYveqqpA1CQFD7NQuP49xymq17RXNaUDdc0mNu0= +cloud.google.com/go/translate v1.6.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= +cloud.google.com/go/translate v1.7.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= +cloud.google.com/go/video v1.8.0/go.mod h1:sTzKFc0bUSByE8Yoh8X0mn8bMymItVGPfTuUBUyRgxk= +cloud.google.com/go/video v1.9.0/go.mod h1:0RhNKFRF5v92f8dQt0yhaHrEuH95m068JYOvLZYnJSw= +cloud.google.com/go/video v1.12.0/go.mod h1:MLQew95eTuaNDEGriQdcYn0dTwf9oWiA4uYebxM5kdg= +cloud.google.com/go/video v1.13.0/go.mod h1:ulzkYlYgCp15N2AokzKjy7MQ9ejuynOJdf1tR5lGthk= +cloud.google.com/go/video v1.14.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= +cloud.google.com/go/video v1.15.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= +cloud.google.com/go/videointelligence v1.6.0/go.mod h1:w0DIDlVRKtwPCn/C4iwZIJdvC69yInhW0cfi+p546uU= +cloud.google.com/go/videointelligence v1.7.0/go.mod h1:k8pI/1wAhjznARtVT9U1llUaFNPh7muw8QyOUpavru4= +cloud.google.com/go/videointelligence v1.8.0/go.mod h1:dIcCn4gVDdS7yte/w+koiXn5dWVplOZkE+xwG9FgK+M= +cloud.google.com/go/videointelligence v1.9.0/go.mod h1:29lVRMPDYHikk3v8EdPSaL8Ku+eMzDljjuvRs105XoU= +cloud.google.com/go/videointelligence v1.10.0/go.mod h1:LHZngX1liVtUhZvi2uNS0VQuOzNi2TkY1OakiuoUOjU= +cloud.google.com/go/vision v1.2.0/go.mod h1:SmNwgObm5DpFBme2xpyOyasvBc1aPdjvMk2bBk0tKD0= +cloud.google.com/go/vision/v2 v2.2.0/go.mod h1:uCdV4PpN1S0jyCyq8sIM42v2Y6zOLkZs+4R9LrGYwFo= +cloud.google.com/go/vision/v2 v2.3.0/go.mod h1:UO61abBx9QRMFkNBbf1D8B1LXdS2cGiiCRx0vSpZoUo= +cloud.google.com/go/vision/v2 v2.4.0/go.mod h1:VtI579ll9RpVTrdKdkMzckdnwMyX2JILb+MhPqRbPsY= +cloud.google.com/go/vision/v2 v2.5.0/go.mod h1:MmaezXOOE+IWa+cS7OhRRLK2cNv1ZL98zhqFFZaaH2E= +cloud.google.com/go/vision/v2 v2.6.0/go.mod h1:158Hes0MvOS9Z/bDMSFpjwsUrZ5fPrdwuyyvKSGAGMY= +cloud.google.com/go/vision/v2 v2.7.0/go.mod h1:H89VysHy21avemp6xcf9b9JvZHVehWbET0uT/bcuY/0= +cloud.google.com/go/vmmigration v1.2.0/go.mod h1:IRf0o7myyWFSmVR1ItrBSFLFD/rJkfDCUTO4vLlJvsE= +cloud.google.com/go/vmmigration v1.3.0/go.mod h1:oGJ6ZgGPQOFdjHuocGcLqX4lc98YQ7Ygq8YQwHh9A7g= +cloud.google.com/go/vmmigration v1.5.0/go.mod h1:E4YQ8q7/4W9gobHjQg4JJSgXXSgY21nA5r8swQV+Xxc= +cloud.google.com/go/vmmigration v1.6.0/go.mod h1:bopQ/g4z+8qXzichC7GW1w2MjbErL54rk3/C843CjfY= +cloud.google.com/go/vmwareengine v0.1.0/go.mod h1:RsdNEf/8UDvKllXhMz5J40XxDrNJNN4sagiox+OI208= +cloud.google.com/go/vmwareengine v0.2.2/go.mod h1:sKdctNJxb3KLZkE/6Oui94iw/xs9PRNC2wnNLXsHvH8= +cloud.google.com/go/vmwareengine v0.3.0/go.mod h1:wvoyMvNWdIzxMYSpH/R7y2h5h3WFkx6d+1TIsP39WGY= +cloud.google.com/go/vpcaccess v1.4.0/go.mod h1:aQHVbTWDYUR1EbTApSVvMq1EnT57ppDmQzZ3imqIk4w= +cloud.google.com/go/vpcaccess v1.5.0/go.mod h1:drmg4HLk9NkZpGfCmZ3Tz0Bwnm2+DKqViEpeEpOq0m8= +cloud.google.com/go/vpcaccess v1.6.0/go.mod h1:wX2ILaNhe7TlVa4vC5xce1bCnqE3AeH27RV31lnmZes= +cloud.google.com/go/webrisk v1.4.0/go.mod h1:Hn8X6Zr+ziE2aNd8SliSDWpEnSS1u4R9+xXZmFiHmGE= +cloud.google.com/go/webrisk v1.5.0/go.mod h1:iPG6fr52Tv7sGk0H6qUFzmL3HHZev1htXuWDEEsqMTg= +cloud.google.com/go/webrisk v1.6.0/go.mod h1:65sW9V9rOosnc9ZY7A7jsy1zoHS5W9IAXv6dGqhMQMc= +cloud.google.com/go/webrisk v1.7.0/go.mod h1:mVMHgEYH0r337nmt1JyLthzMr6YxwN1aAIEc2fTcq7A= +cloud.google.com/go/webrisk v1.8.0/go.mod h1:oJPDuamzHXgUc+b8SiHRcVInZQuybnvEW72PqTc7sSg= +cloud.google.com/go/websecurityscanner v1.3.0/go.mod h1:uImdKm2wyeXQevQJXeh8Uun/Ym1VqworNDlBXQevGMo= +cloud.google.com/go/websecurityscanner v1.4.0/go.mod h1:ebit/Fp0a+FWu5j4JOmJEV8S8CzdTkAS77oDsiSqYWQ= +cloud.google.com/go/websecurityscanner v1.5.0/go.mod h1:Y6xdCPy81yi0SQnDY1xdNTNpfY1oAgXUlcfN3B3eSng= +cloud.google.com/go/workflows v1.6.0/go.mod h1:6t9F5h/unJz41YqfBmqSASJSXccBLtD1Vwf+KmJENM0= +cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoISEXH2bcHC3M= +cloud.google.com/go/workflows v1.8.0/go.mod h1:ysGhmEajwZxGn1OhGOGKsTXc5PyxOc0vfKf5Af+to4M= +cloud.google.com/go/workflows v1.9.0/go.mod h1:ZGkj1aFIOd9c8Gerkjjq7OW7I5+l6cSvT3ujaO/WwSA= +cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw= +connectrpc.com/connect v1.16.0 h1:rdtfQjZ0OyFkWPTegBNcH7cwquGAN1WzyJy80oFNibg= +connectrpc.com/connect v1.16.0/go.mod h1:XpZAduBQUySsb4/KO5JffORVkDI4B6/EYPi7N8xpNZw= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8= +git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 h1:E+OJmp2tPvt1W+amx48v1eqbjDYsgN+RzP4q16yV5eM= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1/go.mod h1:a6xsAQUZg+VsS3TJ05SRp524Hs4pZ/AeFSr5ENf0Yjo= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v3 v3.0.1 h1:H3g2mkmu105ON0c/Gqx3Bm+bzoIijLom8LmV9Gjn7X0= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v3 v3.0.1/go.mod h1:EAc3kjhZf9soch7yLID8PeKcE6VfKvQTllSBHYVdXd8= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v2 v2.4.0 h1:1u/K2BFv0MwkG6he8RYuUcbbeK22rkoZbg4lKa/msZU= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v2 v2.4.0/go.mod h1:U5gpsREQZE6SLk1t/cFfc1eMhYAlYpEzvaYXuDfefy8= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal v1.1.2 h1:mLY+pNLjCUeKhgnAJWAKhEUQM+RJQo2H1fuGSw1Ky1E= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal v1.1.2/go.mod h1:FbdwsQ2EzwvXxOPcMFYO8ogEc9uMMIj3YkmCdXdAFmk= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0 h1:PTFGRSlMKCQelWwxUyYVEUqseBJVemLyqWJjvMyt0do= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0/go.mod h1:LRr2FzBTQlONPPa5HREE5+RjSCTXl7BwOvYOaWTqCaI= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/mysql/armmysql v1.2.0 h1:dhywcZH9yPDIje9aTqwy6psZSPzI6CJLYEprDahIBSQ= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/mysql/armmysql v1.2.0/go.mod h1:6z3b+JdBLH0eMzfBex/cvEIoEFVEwXuB0wbgdfN11iM= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/mysql/armmysqlflexibleservers v1.2.0 h1:3jDMffAwnvs6qmOqhjNVHB29AKxs6brnzJeo65E1YwM= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/mysql/armmysqlflexibleservers v1.2.0/go.mod h1:0mKVz3WT8oNjBunT1zD/HPwMleQ72QClMa7Gmsm+6Kc= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork v1.0.0 h1:nBy98uKOIfun5z6wx6jwWLrULcM0+cjBalBFZlEZ7CA= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork v1.0.0/go.mod h1:243D9iHbcQXoFUtgHJwL7gl2zx1aDuDMjvBZVGr2uW0= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/postgresql/armpostgresql v1.2.0 h1:0hXKrsbh2M6CQyW0TDC9Bsyd99vQmrOxiBTUfQHZjPA= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/postgresql/armpostgresql v1.2.0/go.mod h1:bvZZor36Jg9q9kouuMyfJ+ay77+qK+YUfThXH1FdXjU= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/postgresql/armpostgresqlflexibleservers v1.1.0 h1:HzqcSJWx32XQdr8KtxAu/SZJj0PqDo9tKf2YGPdynV0= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/postgresql/armpostgresqlflexibleservers v1.1.0/go.mod h1:nKcJObAisSPDrO9lMuuCBoYY7Ki7ADt8p6XmBhpKNTk= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/redis/armredis/v2 v2.3.0 h1:/DeaPA3K0LQXaFGsGJMBeCswc2arEsM1SsueqAJIwe8= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/redis/armredis/v2 v2.3.0/go.mod h1:FMVQhV2nfxsI9cDUBqn/rWfN5y1KxwZ/+q1Bl1oqko0= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/redisenterprise/armredisenterprise v1.2.0 h1:hTmVmyvriwO+ymGLEsH7HZokVwinC2MZl8F0LjvPdHU= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/redisenterprise/armredisenterprise v1.2.0/go.mod h1:uHEpZj4TWSZEp35rIByJ8RX7hQBm3bxfPxS4tiz+x+g= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1 h1:7CBQ+Ei8SP2c6ydQTGCCrS35bDxgTMfoP2miAwK++OU= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1/go.mod h1:c/wcGeGx5FUPbM/JltUYHZcKmigwyVLJlDq+4HdtXaw= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/sql/armsql v1.2.0 h1:S087deZ0kP1RUg4pU7w9U9xpUedTCbOtz+mnd0+hrkQ= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/sql/armsql v1.2.0/go.mod h1:B4cEyXrWBmbfMDAPnpJ1di7MAt5DKP57jPEObAvZChg= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/subscription/armsubscription v1.2.0 h1:UrGzkHueDwAWDdjQxC+QaXHd4tVCkISYE9j7fSSXF8k= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/subscription/armsubscription v1.2.0/go.mod h1:qskvSQeW+cxEE2bcKYyKimB1/KiQ9xpJ99bcHY0BX6c= +github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1 h1:fXPMAmuh0gDuRDey0atC8cXBuKIlqCzCkL8sm1n9Ov0= +github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1/go.mod h1:SUZc9YRRHfx2+FAQKNDGrssXehqLpxmwRv2mC/5ntj4= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= +github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8= +github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= +github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/ClickHouse/ch-go v0.61.5 h1:zwR8QbYI0tsMiEcze/uIMK+Tz1D3XZXLdNrlaOpeEI4= +github.com/ClickHouse/ch-go v0.61.5/go.mod h1:s1LJW/F/LcFs5HJnuogFMta50kKDO0lf9zzfrbl0RQg= +github.com/ClickHouse/clickhouse-go/v2 v2.23.0 h1:srmRrkS0BR8gEut87u8jpcZ7geOob6nGj9ifrb+aKmg= +github.com/ClickHouse/clickhouse-go/v2 v2.23.0/go.mod h1:tBhdF3f3RdP7sS59+oBAtTyhWpy0024ZxDMhgxra0QE= +github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= +github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= +github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk= +github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= +github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= +github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= +github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= +github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= +github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= +github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= +github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= +github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= +github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= +github.com/Masterminds/squirrel v1.5.4 h1:uUcX/aBc8O7Fg9kaISIUsHXdKuqehiXAMQTYX8afzqM= +github.com/Masterminds/squirrel v1.5.4/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= +github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= +github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= +github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= +github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= +github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8= +github.com/Microsoft/hcsshim v0.11.4/go.mod h1:smjE4dvqPX9Zldna+t5FG3rnoHhaB7QYxPRqGcpAD9w= +github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= +github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= +github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/OJnIp5u0s1SbQ8dVfLCZJsnvazdBP5hS4iRs= +github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= +github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= +github.com/ThalesIgnite/crypto11 v1.2.5 h1:1IiIIEqYmBvUYFeMnHqRft4bwf/O36jryEUpY+9ef8E= +github.com/ThalesIgnite/crypto11 v1.2.5/go.mod h1:ILDKtnCKiQ7zRoNxcp36Y1ZR8LBPmR2E23+wTQe/MlE= +github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= +github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= +github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE= +github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/ahmetb/go-linq v3.0.0+incompatible/go.mod h1:PFffvbdbtw+QTB0WKRP0cNht7vnCfnGlEpak/DVg5cY= +github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm/4RlzPXRlREEwqTHAN3T56Bv2ITsFT3gY= +github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk= +github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= +github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc= +github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= +github.com/alicebob/gopher-json v0.0.0-20230218143504-906a9b012302 h1:uvdUDbHQHO85qeSydJtItA4T55Pw6BtAejd0APRJOCE= +github.com/alicebob/gopher-json v0.0.0-20230218143504-906a9b012302/go.mod h1:SGnFV6hVsYE877CKEZ6tDNTjaSXYUk6QqoIK6PrAtcc= +github.com/alicebob/miniredis/v2 v2.32.1 h1:Bz7CciDnYSaa0mX5xODh6GUITRSx+cVhjNoOR4JssBo= +github.com/alicebob/miniredis/v2 v2.32.1/go.mod h1:AqkLNAfUm0K07J28hnAyyQKf/x0YkCY/g5DCtuL01Mw= +github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= +github.com/andybalholm/brotli v1.1.0 h1:eLKJA0d02Lf0mVpIDgYnqXcUn0GqVmEFny3VuID1U3M= +github.com/andybalholm/brotli v1.1.0/go.mod h1:sms7XGricyQI9K10gOSf56VKKWS4oLer58Q+mhRPtnY= +github.com/andybalholm/crlf v0.0.0-20171020200849-670099aa064f/go.mod h1:k8feO4+kXDxro6ErPXBRTJ/ro2mf0SsFG8s7doP9kJE= +github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/apache/arrow/go/v10 v10.0.1/go.mod h1:YvhnlEePVnBS4+0z3fhPfUy7W1Ikj0Ih0vcRo/gZ1M0= +github.com/apache/arrow/go/v11 v11.0.0/go.mod h1:Eg5OsL5H+e299f7u5ssuXsuHQVEGC4xei5aX110hRiI= +github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU= +github.com/apparentlymart/go-cidr v1.0.1/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= +github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= +github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0 h1:MzVXffFUye+ZcSR6opIgz9Co7WcDx6ZcY+RjfFHoA0I= +github.com/apparentlymart/go-dump v0.0.0-20190214190832-042adf3cf4a0/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= +github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= +github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= +github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= +github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= +github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= +github.com/aquasecurity/libbpfgo v0.5.1-libbpf-1.2 h1:Y7QB6jUsMyr0Bd+rAj67X2/ezNYLuxwp3kkjw5M3Q+4= +github.com/aquasecurity/libbpfgo v0.5.1-libbpf-1.2/go.mod h1:0rEApF1YBHGuZ4C8OYI9q5oDBVpgqtRqYATePl9mCDk= +github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= +github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= +github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= +github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= +github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.51.16 h1:vnWKK8KjbftEkuPX8bRj3WHsLy1uhotn0eXptpvrxJI= +github.com/aws/aws-sdk-go v1.51.16/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go-v2 v1.26.1 h1:5554eUqIYVWpU0YmeeYZ0wU64H2VLBs8TlhRB2L+EkA= +github.com/aws/aws-sdk-go-v2 v1.26.1/go.mod h1:ffIFB97e2yNsv4aTSGkqtHnppsIJzw7G7BReUZ3jCXM= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 h1:x6xsQXGSmW6frevwDA+vi/wqhp1ct18mVXYN08/93to= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2/go.mod h1:lPprDr1e6cJdyYeGXnRaJoP4Md+cDBvi2eOj00BlGmg= +github.com/aws/aws-sdk-go-v2/config v1.27.11 h1:f47rANd2LQEYHda2ddSCKYId18/8BhSRM4BULGmfgNA= +github.com/aws/aws-sdk-go-v2/config v1.27.11/go.mod h1:SMsV78RIOYdve1vf36z8LmnszlRWkwMQtomCAI0/mIE= +github.com/aws/aws-sdk-go-v2/credentials v1.17.11 h1:YuIB1dJNf1Re822rriUOTxopaHHvIq0l/pX3fwO+Tzs= +github.com/aws/aws-sdk-go-v2/credentials v1.17.11/go.mod h1:AQtFPsDH9bI2O+71anW6EKL+NcD7LG3dpKGMV4SShgo= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 h1:FVJ0r5XTHSmIHJV6KuDmdYhEpvlHpiSd38RQWhut5J4= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1/go.mod h1:zusuAeqezXzAB24LGuzuekqMAEgWkVYukBec3kr3jUg= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.15 h1:7Zwtt/lP3KNRkeZre7soMELMGNoBrutx8nobg1jKWmo= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.15/go.mod h1:436h2adoHb57yd+8W+gYPrrA9U/R/SuAuOO42Ushzhw= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 h1:aw39xVGeRWlWx9EzGVnhOR4yOjQDHPQ6o6NmBlscyQg= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5/go.mod h1:FSaRudD0dXiMPK2UjknVwwTYyZMRsHv3TtkabsZih5I= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 h1:PG1F3OD1szkuQPzDw3CIQsRIrtTlUC3lP84taWzHlq0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5/go.mod h1:jU1li6RFryMz+so64PpKtudI+QzbKoIEivqdf6LNpOc= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 h1:hT8rVHwugYE2lEfdFE0QWVo81lF7jMrYJVDWI+f+VxU= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0/go.mod h1:8tu/lYfQfFe6IGnaOdrpVgEL2IrrDOf6/m9RQum4NkY= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.5 h1:81KE7vaZzrl7yHBYHVEzYB8sypz11NMOZ40YlWvPxsU= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.5/go.mod h1:LIt2rg7Mcgn09Ygbdh/RdIm0rQ+3BNkbP1gyVMFtRK0= +github.com/aws/aws-sdk-go-v2/service/athena v1.40.4 h1:tiHIjFXSyb5DbNfnu3ql2r86s6llLdzwWAVJkPgw/I0= +github.com/aws/aws-sdk-go-v2/service/athena v1.40.4/go.mod h1:6OHesqDfYPNzYI+VaXtmylYLyppuUy9SwRk4CH/pQA4= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.31.1 h1:dZXY07Dm59TxAjJcUfNMJHLDI/gLMxTRZefn2jFAVsw= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.31.1/go.mod h1:lVLqEtX+ezgtfalyJs7Peb0uv9dEpAQP5yuq2O26R44= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.156.0 h1:TFK9GeUINErClL2+A+GLYhjiChVdaXCgIUiCsS/UQrE= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.156.0/go.mod h1:xejKuuRDjz6z5OqyeLsz01MlOqqW7CqpAB4PabNvpu8= +github.com/aws/aws-sdk-go-v2/service/ec2instanceconnect v1.23.2 h1:TX5ZoNUPAV7lt6+K9E3av+8lLh3yQfiFY78I0NDBMrQ= +github.com/aws/aws-sdk-go-v2/service/ec2instanceconnect v1.23.2/go.mod h1:d6tV12vujPlm/akeG0CTwZtCeTWSBWNobw0uZ9m/Rys= +github.com/aws/aws-sdk-go-v2/service/ecs v1.41.7 h1:aFdgmJ8G385PVC9mp8b9roGGHU/XbrKEQTbzl6V0GbE= +github.com/aws/aws-sdk-go-v2/service/ecs v1.41.7/go.mod h1:rcFIIrVk3NGCT3BV84HQM3ut+Dr1PO71UvvT8GeLAv4= +github.com/aws/aws-sdk-go-v2/service/eks v1.42.1 h1:q7MWjPP0uCmUvuGDFCvkbqRkqfH+Bq6di9RTd64S0YM= +github.com/aws/aws-sdk-go-v2/service/eks v1.42.1/go.mod h1:UhKBrO0Ezz8iIg02a6u4irGKBKh0gTz3fF8LNdD2vDI= +github.com/aws/aws-sdk-go-v2/service/glue v1.78.0 h1:B7NIez2lCPjP9F/ucgjJSZ9JWHBO9KIeLAxn39G8mLA= +github.com/aws/aws-sdk-go-v2/service/glue v1.78.0/go.mod h1:maQT+ebL6UAFXYp8fJlK2Dv/s42LZuggi2l6pVeE2B4= +github.com/aws/aws-sdk-go-v2/service/iam v1.31.4 h1:eVm30ZIDv//r6Aogat9I88b5YX1xASSLcEDqHYRPVl0= +github.com/aws/aws-sdk-go-v2/service/iam v1.31.4/go.mod h1:aXWImQV0uTW35LM0A/T4wEg6R1/ReXUu4SM6/lUHYK0= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2 h1:Ji0DY1xUsUr3I8cHps0G+XM3WWU16lP6yG8qu1GAZAs= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2/go.mod h1:5CsjAbs3NlGQyZNFACh+zztPDI7fU6eW9QsxjfnuBKg= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.7 h1:ZMeFZ5yk+Ek+jNr1+uwCd2tG89t6oTS5yVWpa6yy2es= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.7/go.mod h1:mxV05U+4JiHqIpGqqYXOHLPKUC6bDXC44bsUhNjOEwY= +github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.9.6 h1:6tayEze2Y+hiL3kdnEUxSPsP+pJsUfwLSFspFl1ru9Q= +github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.9.6/go.mod h1:qVNb/9IOVsLCZh0x2lnagrBwQ9fxajUpXS7OZfIsKn0= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.7 h1:ogRAwT1/gxJBcSWDMZlgyFUM962F51A5CRhDLbxLdmo= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.7/go.mod h1:YCsIZhXfRPLFFCl5xxY+1T9RKzOKjCut+28JSX2DnAk= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.5 h1:f9RyWNtS8oH7cZlbn+/JNPpjUk5+5fLd5lM9M0i49Ys= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.5/go.mod h1:h5CoMZV2VF297/VLhRhO1WF+XYWOzXo+4HsObA4HjBQ= +github.com/aws/aws-sdk-go-v2/service/rds v1.76.1 h1:6NeDO4UyHun2N5Lmkv2yW1sNblRLRjq3j6Azv7kUyuM= +github.com/aws/aws-sdk-go-v2/service/rds v1.76.1/go.mod h1:Rw15qGaGWu3jO0dOz7JyvdOEjgae//YrJxVWLYGynvg= +github.com/aws/aws-sdk-go-v2/service/s3 v1.53.1 h1:6cnno47Me9bRykw9AEv9zkXE+5or7jz8TsskTTccbgc= +github.com/aws/aws-sdk-go-v2/service/s3 v1.53.1/go.mod h1:qmdkIIAC+GCLASF7R2whgNrJADz0QZPX+Seiw/i4S3o= +github.com/aws/aws-sdk-go-v2/service/sns v1.29.4 h1:VhW/J21SPH9bNmk1IYdZtzqA6//N2PB5Py5RexNmLVg= +github.com/aws/aws-sdk-go-v2/service/sns v1.29.4/go.mod h1:DojKGyWXa4p+e+C+GpG7qf02QaE68Nrg2v/UAXQhKhU= +github.com/aws/aws-sdk-go-v2/service/sqs v1.31.4 h1:mE2ysZMEeQ3ulHWs4mmc4fZEhOfeY1o6QXAfDqjbSgw= +github.com/aws/aws-sdk-go-v2/service/sqs v1.31.4/go.mod h1:lCN2yKnj+Sp9F6UzpoPPTir+tSaC9Jwf6LcmTqnXFZw= +github.com/aws/aws-sdk-go-v2/service/sso v1.20.5 h1:vN8hEbpRnL7+Hopy9dzmRle1xmDc7o8tmY0klsr175w= +github.com/aws/aws-sdk-go-v2/service/sso v1.20.5/go.mod h1:qGzynb/msuZIE8I75DVRCUXw3o3ZyBmUvMwQ2t/BrGM= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.4 h1:Jux+gDDyi1Lruk+KHF91tK2KCuY61kzoCpvtvJJBtOE= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.4/go.mod h1:mUYPBhaF2lGiukDEjJX2BLRRKTmoUSitGDUgM4tRxak= +github.com/aws/aws-sdk-go-v2/service/sts v1.28.6 h1:cwIxeBttqPN3qkaAjcEcsh8NYr8n2HZPkcKgPAi1phU= +github.com/aws/aws-sdk-go-v2/service/sts v1.28.6/go.mod h1:FZf1/nKNEkHdGGJP/cI2MoIMquumuRK6ol3QQJNDxmw= +github.com/aws/aws-sigv4-auth-cassandra-gocql-driver-plugin v1.1.0 h1:EJsHUYgFBV7/N1YtL73lsfZODAOU+CnNSZfEAlqqQaA= +github.com/aws/aws-sigv4-auth-cassandra-gocql-driver-plugin v1.1.0/go.mod h1:AxKuXHc0zv2yYaeueUG7R3ONbcnQIuDj0bkdFmPVRzU= +github.com/aws/smithy-go v1.20.2 h1:tbp628ireGtzcHDDmLT/6ADHidqnwgF57XOXZe6tp4Q= +github.com/aws/smithy-go v1.20.2/go.mod h1:krry+ya/rV9RDcV/Q16kpu6ypI4K2czasz0NC3qS14E= +github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= +github.com/beevik/etree v1.3.0 h1:hQTc+pylzIKDb23yYprodCWWTt+ojFfUZyzU09a/hmU= +github.com/beevik/etree v1.3.0/go.mod h1:aiPf89g/1k3AShMVAzriilpcE4R/Vuor90y83zVZWFc= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= +github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= +github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70= +github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= +github.com/bufbuild/protocompile v0.6.0 h1:Uu7WiSQ6Yj9DbkdnOe7U4mNKp58y9WDMKDn28/ZlunY= +github.com/bufbuild/protocompile v0.6.0/go.mod h1:YNP35qEYoYGme7QMtz5SBCoN4kL4g12jTtjuzRNdjpE= +github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd h1:rFt+Y/IK1aEZkEHchZRSq9OQbsSzIT/OrI8YFFmRIng= +github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= +github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b h1:otBG+dV+YK+Soembjv71DPz3uX/V/6MMlSyD9JBQ6kQ= +github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= +github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 h1:nvj0OLI3YqYXer/kZD8Ri1aaunCxIEsOst1BVJswV0o= +github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= +github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= +github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= +github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= +github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cloudflare/cfssl v1.6.4 h1:NMOvfrEjFfC63K3SGXgAnFdsgkmiq4kATme5BfcqrO8= +github.com/cloudflare/cfssl v1.6.4/go.mod h1:8b3CQMxfWPAeom3zBnGJ6sd+G1NkL5TXqmDXacb+1J0= +github.com/cloudflare/circl v1.1.0 h1:bZgT/A+cikZnKIwn7xL2OBj012Bmvho/o6RpRvv3GKY= +github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM= +github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw= +github.com/containerd/containerd v1.7.12 h1:+KQsnv4VnzyxWcfO9mlxxELaoztsDEjOuCMPAuPqgU0= +github.com/containerd/containerd v1.7.12/go.mod h1:/5OMpE1p0ylxtEUGY8kuCYkDRzJm9NO1TFMWjUpdevk= +github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG023MDM= +github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= +github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= +github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= +github.com/coreos/bbolt v1.3.3/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= +github.com/coreos/etcd v3.3.15+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4= +github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec= +github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f h1:JOrtw2xFKzlg+cbHpyrpLDmnN1HqhBfnX7WDiW7eG2c= +github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= +github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/coreos/pkg v0.0.0-20220810130054-c7d1c02cb6cf h1:GOPo6vn/vTN+3IwZBvXX0y5doJfSC7My0cdzelyOCsQ= +github.com/coreos/pkg v0.0.0-20220810130054-c7d1c02cb6cf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/creack/pty v1.1.21 h1:1/QdRyBaHHJP61QkWMXlOIBfsgdDeeKfK8SYVUWJKf0= +github.com/creack/pty v1.1.21/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= +github.com/crewjam/httperr v0.2.0 h1:b2BfXR8U3AlIHwNeFFvZ+BV1LFvKLlzMjzaTnZMybNo= +github.com/crewjam/httperr v0.2.0/go.mod h1:Jlz+Sg/XqBQhyMjdDiC+GNNRzZTD7x39Gu3pglZ5oH4= +github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c= +github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME= +github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= +github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= +github.com/datastax/go-cassandra-native-protocol v0.0.0-20220706104457-5e8aad05cf90 h1:SiFe3gwoHPt95ly6HLjwyyItxROxCUJuxqqTnguR5ac= +github.com/datastax/go-cassandra-native-protocol v0.0.0-20220706104457-5e8aad05cf90/go.mod h1:6FzirJfdffakAVqmHjwVfFkpru/gNbIazUOK5rIhndc= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= +github.com/di-wu/parser v0.2.2/go.mod h1:SLp58pW6WamdmznrVRrw2NTyn4wAvT9rrEFynKX7nYo= +github.com/di-wu/parser v0.3.0 h1:NMOvy5ifswgt4gsdhySVcKOQtvjC43cHZIfViWctqQY= +github.com/di-wu/parser v0.3.0/go.mod h1:SLp58pW6WamdmznrVRrw2NTyn4wAvT9rrEFynKX7nYo= +github.com/di-wu/xsd-datetime v1.0.0 h1:vZoGNkbzpBNoc+JyfVLEbutNDNydYV8XwHeV7eUJoxI= +github.com/di-wu/xsd-datetime v1.0.0/go.mod h1:i3iEhrP3WchwseOBeIdW/zxeoleXTOzx1WyDXgdmOww= +github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 h1:ge14PCmCvPjpMQMIAH7uKg0lrtNSOdpYsRXlwk3QbaE= +github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352/go.mod h1:SKVExuS+vpu2l9IoOc0RwqE7NYnb0JlcFHFnEJkVDzc= +github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aBfCb7iqHmDEIp6fBvC/hQUddQfg+3qdYjwzaiP9Hnc= +github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI= +github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= +github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= +github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI= +github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= +github.com/dmarkham/enumer v1.5.9 h1:NM/1ma/AUNieHZg74w67GkHFBNB15muOt3sj486QVZk= +github.com/dmarkham/enumer v1.5.9/go.mod h1:e4VILe2b1nYK3JKJpRmNdl5xbDQvELc6tQ8b+GsGk6E= +github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= +github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= +github.com/docker/cli v25.0.1+incompatible h1:mFpqnrS6Hsm3v1k7Wa/BO23oz0k121MTbTO1lpcGSkU= +github.com/docker/cli v25.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= +github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE= +github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo= +github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= +github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= +github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= +github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8= +github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= +github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= +github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= +github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 h1:ZClxb8laGDf5arXfYcAtECDFgAgHklGI8CxgjHnXKJ4= +github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= +github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= +github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= +github.com/elastic/elastic-transport-go/v8 v8.5.0 h1:v5membAl7lvQgBTexPRDBO/RdnlQX+FM9fUVDyXxvH0= +github.com/elastic/elastic-transport-go/v8 v8.5.0/go.mod h1:YLHer5cj0csTzNFXoNQ8qhtGY1GTvSqPnKWKaqQE3Hk= +github.com/elastic/go-elasticsearch/v8 v8.13.0 h1:YXPAWpvbYX0mWSNG9tnEpvs4h1stgMy5JUeKZECYYB8= +github.com/elastic/go-elasticsearch/v8 v8.13.0/go.mod h1:DIn7HopJs4oZC/w0WoJR13uMUxtHeq92eI5bqv5CRfI= +github.com/elimity-com/scim v0.0.0-20240320110924-172bf2aee9c8 h1:0+BTyxIYgiVAry/P5s8R4dYuLkhB9Nhso8ogFWNr4IQ= +github.com/elimity-com/scim v0.0.0-20240320110924-172bf2aee9c8/go.mod h1:JkjcmqbLW+khwt2fmBPJFBhx2zGZ8XobRZ+O0VhlwWo= +github.com/emicklei/go-restful/v3 v3.11.3 h1:yagOQz/38xJmcNeZJtrUcKjkHRltIaIFXKWeG1SkWGE= +github.com/emicklei/go-restful/v3 v3.11.3/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg= +github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= +github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= +github.com/envoyproxy/go-control-plane v0.10.3/go.mod h1:fJJn/j26vwOu972OllsvAgJJM//w9BV6Fxbg2LuVd34= +github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f/go.mod h1:sfYdkwUW4BA3PbKjySwjJy+O4Pu0h62rlqCMHNk+K+Q= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo= +github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w= +github.com/envoyproxy/protoc-gen-validate v0.10.1/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss= +github.com/evanphx/json-patch v5.9.0+incompatible h1:fBXyNpNMuTTDdquAq/uisOr2lShz4oaXpDTX2bLe7ls= +github.com/evanphx/json-patch v5.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= +github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= +github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= +github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= +github.com/flynn/hid v0.0.0-20190502022136-f1b9b6cc019a h1:fsyWnwbywFpHJS4T55vDW+UUeWP2WomJbB45/jf4If4= +github.com/flynn/hid v0.0.0-20190502022136-f1b9b6cc019a/go.mod h1:Osz+xPHFsGWK9kZCEVcwXazcF/CHjscCVZosNFgwUIY= +github.com/flynn/u2f v0.0.0-20180613185708-15554eb68e5d h1:2D6Rp/MRcrKnRFr7kfgBOJnJPFN0jPfc36ggct5MaK0= +github.com/flynn/u2f v0.0.0-20180613185708-15554eb68e5d/go.mod h1:shcCQPgKtaJz4obqb6Si031WgtSrW+Tj+ZLq/mRNrM8= +github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= +github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= +github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI= +github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= +github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= +github.com/fxamacker/cbor/v2 v2.6.0 h1:sU6J2usfADwWlYDAFhZBQ6TnLFBHxgesMrQfQgk1tWA= +github.com/fxamacker/cbor/v2 v2.6.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= +github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= +github.com/go-asn1-ber/asn1-ber v1.5.5 h1:MNHlNMBDgEKD4TcKr36vQN68BA00aDfjIt3/bD50WnA= +github.com/go-asn1-ber/asn1-ber v1.5.5/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= +github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= +github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= +github.com/go-faster/city v1.0.1 h1:4WAxSZ3V2Ws4QRDrscLEDcibJY8uf41H6AhXDrNDcGw= +github.com/go-faster/city v1.0.1/go.mod h1:jKcUJId49qdW3L1qKHH/3wPeUstCVpVSXTM6vO3VcTw= +github.com/go-faster/errors v0.7.1 h1:MkJTnDoEdi9pDabt1dpWf7AA8/BaSYZqibYyhZ20AYg= +github.com/go-faster/errors v0.7.1/go.mod h1:5ySTjWFiphBs07IKuiL69nxdfd5+fzh1u7FPGZP2quo= +github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g= +github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks= +github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= +github.com/go-fonts/liberation v0.2.0/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= +github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= +github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= +github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= +github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= +github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= +github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= +github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= +github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= +github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gorp/gorp/v3 v3.1.0 h1:ItKF/Vbuj31dmV4jxA1qblpSwkl9g1typ24xoe70IGs= +github.com/go-gorp/gorp/v3 v3.1.0/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpjH8TixEw= +github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= +github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U= +github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk= +github.com/go-ldap/ldap/v3 v3.4.6 h1:ert95MdbiG7aWo/oPYp9btL3KJlMPKnP58r09rI8T+A= +github.com/go-ldap/ldap/v3 v3.4.6/go.mod h1:IGMQANNtxpsOzj7uUAMjpGBaOVTC4DYyIy8VsTdxmtc= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-mysql-org/go-mysql v1.5.0 h1:Hyj3DH3AkWswW/MmWLsvNpJr1v6y8Dp90kW+1nzE+Vc= +github.com/go-mysql-org/go-mysql v1.5.0/go.mod h1:GX0clmylJLdZEYAojPCDTCvwZxbTBrke93dV55715u0= +github.com/go-openapi/jsonpointer v0.20.2 h1:mQc3nmndL8ZBzStEo3JYF8wzmeWffDH4VbXz58sAx6Q= +github.com/go-openapi/jsonpointer v0.20.2/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= +github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdXSSgNeAhojU= +github.com/go-openapi/jsonreference v0.20.4/go.mod h1:5pZJyJP2MnYCpoeoMAql78cCHauHj0V9Lhc506VOpw4= +github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= +github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= +github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= +github.com/go-pdf/fpdf v0.6.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= +github.com/go-piv/piv-go v1.11.0 h1:5vAaCdRTFSIW4PeqMbnsDlUZ7odMYWnHBDGdmtU/Zhg= +github.com/go-piv/piv-go v1.11.0/go.mod h1:NZ2zmjVkfFaL/CF8cVQ/pXdXtuj110zEKGdJM6fJZZM= +github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= +github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= +github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/go-webauthn/webauthn v0.10.2 h1:OG7B+DyuTytrEPFmTX503K77fqs3HDK/0Iv+z8UYbq4= +github.com/go-webauthn/webauthn v0.10.2/go.mod h1:Gd1IDsGAybuvK1NkwUTLbGmeksxuRJjVN2PE/xsPxHs= +github.com/go-webauthn/x v0.1.9 h1:v1oeLmoaa+gPOaZqUdDentu6Rl7HkSSsmOT6gxEQHhE= +github.com/go-webauthn/x v0.1.9/go.mod h1:pJNMlIMP1SU7cN8HNlKJpLEnFHCygLCvaLZ8a1xeoQA= +github.com/gobuffalo/logger v1.0.6 h1:nnZNpxYo0zx+Aj9RfMPBm+x9zAU2OayFh/xrAWi34HU= +github.com/gobuffalo/logger v1.0.6/go.mod h1:J31TBEHR1QLV2683OXTAItYIg8pv2JMHnF/quuAbMjs= +github.com/gobuffalo/packd v1.0.1 h1:U2wXfRr4E9DH8IdsDLlRFwTZTK7hLfq9qT/QHXGVe/0= +github.com/gobuffalo/packd v1.0.1/go.mod h1:PP2POP3p3RXGz7Jh6eYEf93S7vA2za6xM7QT85L4+VY= +github.com/gobuffalo/packr/v2 v2.8.3 h1:xE1yzvnO56cUC0sTpKR3DIbxZgB54AftTFMhB2XEWlY= +github.com/gobuffalo/packr/v2 v2.8.3/go.mod h1:0SahksCVcx4IMnigTjiFuyldmTrdTctXsOdiU5KwbKc= +github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= +github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= +github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU= +github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM= +github.com/gobwas/pool v0.2.1 h1:xfeeEhW7pwmX8nuLVlqbzVc7udMDrwetjEv+TZIz1og= +github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= +github.com/gobwas/ws v1.3.2 h1:zlnbNHxumkRvfPWgfXu8RBwyNR1x8wh9cf5PTOCqs9Q= +github.com/gobwas/ws v1.3.2/go.mod h1:hRKAFb8wOxFROYNsT1bqfWnhX+b5MFeJM9r2ZSwg/KY= +github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/gocql/gocql v1.6.0 h1:IdFdOTbnpbd0pDhl4REKQDM+Q0SzKXQ1Yh+YZZ8T/qU= +github.com/gocql/gocql v1.6.0/go.mod h1:3gM2c4D3AnkISwBxGnMMsS8Oy4y2lhbPRsH4xnJrHG8= +github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw= +github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= +github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= +github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY= +github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= +github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A= +github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI= +github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= +github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ= +github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= +github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= +github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= +github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k= +github.com/gomodule/redigo v1.8.2/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= +github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= +github.com/google/certificate-transparency-go v1.0.21/go.mod h1:QeJfpSbVSfYc7RgB3gJFj9cbuQMMchQxrWXz8Ruopmg= +github.com/google/certificate-transparency-go v1.1.7 h1:IASD+NtgSTJLPdzkthwvAG1ZVbF2WtFg4IvoA68XGSw= +github.com/google/certificate-transparency-go v1.1.7/go.mod h1:FSSBo8fyMVgqptbfF6j5p/XNdgQftAhSmXcIxV9iphE= +github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= +github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 h1:0VpGH+cDhbDtdcweoyCVsF3fhN8kejK6rFe/2FFX2nU= +github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49/go.mod h1:BkkQ4L1KS1xMt2aWSPStnn55ChGC0DPOn2FQYj+f25M= +github.com/google/go-attestation v0.5.1 h1:jqtOrLk5MNdliTKjPbIPrAaRKJaKW+0LIU2n/brJYms= +github.com/google/go-attestation v0.5.1/go.mod h1:KqGatdUhg5kPFkokyzSBDxwSCFyRgIgtRkMp6c3lOBQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-configfs-tsm v0.2.2 h1:YnJ9rXIOj5BYD7/0DNnzs8AOp7UcvjfTvt215EWcs98= +github.com/google/go-configfs-tsm v0.2.2/go.mod h1:EL1GTDFMb5PZQWDviGfZV9n87WeGTR/JUg13RfwkgRo= +github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= +github.com/google/go-github/v50 v50.2.0/go.mod h1:VBY8FB6yPIjrtKhozXv4FQupxKLS6H4m6xFZlT43q8Q= +github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= +github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= +github.com/google/go-sev-guest v0.9.3 h1:GOJ+EipURdeWFl/YYdgcCxyPeMgQUWlI056iFkBD8UU= +github.com/google/go-sev-guest v0.9.3/go.mod h1:hc1R4R6f8+NcJwITs0L90fYWTsBpd1Ix+Gur15sqHDs= +github.com/google/go-tdx-guest v0.3.1 h1:gl0KvjdsD4RrJzyLefDOvFOUH3NAJri/3qvaL5m83Iw= +github.com/google/go-tdx-guest v0.3.1/go.mod h1:/rc3d7rnPykOPuY8U9saMyEps0PZDThLk/RygXm04nE= +github.com/google/go-tpm v0.9.0 h1:sQF6YqWMi+SCXpsmS3fd21oPy/vSddwZry4JnmltHVk= +github.com/google/go-tpm v0.9.0/go.mod h1:FkNVkc6C+IsvDI9Jw1OveJmxGZUUaKxtrpOS47QWKfU= +github.com/google/go-tpm-tools v0.4.4 h1:oiQfAIkc6xTy9Fl5NKTeTJkBTlXdHsxAofmQyxBKY98= +github.com/google/go-tpm-tools v0.4.4/go.mod h1:T8jXkp2s+eltnCDIsXR84/MTcVU9Ja7bh3Mit0pa4AY= +github.com/google/go-tspi v0.3.0 h1:ADtq8RKfP+jrTyIWIZDIYcKOMecRqNJFOew2IT0Inus= +github.com/google/go-tspi v0.3.0/go.mod h1:xfMGI3G0PhxCdNVcYr1C4C+EizojDg/TXuX5by8CiHI= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/logger v1.1.1 h1:+6Z2geNxc9G+4D4oDO9njjjn2d0wN5d7uOo0vOIW1NQ= +github.com/google/logger v1.1.1/go.mod h1:BkeJZ+1FhQ+/d087r4dzojEg1u2ZX+ZqG1jTUrLM+zQ= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= +github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/renameio v0.1.0 h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/renameio/v2 v2.0.0 h1:UifI23ZTGY8Tt29JbYFiuyIU3eX+RNFtUwefq9qAhxg= +github.com/google/renameio/v2 v2.0.0/go.mod h1:BtmJXm5YlszgC+TD4HOEEUFgkJP3nLxehU6hfe7jRt4= +github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= +github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= +github.com/google/safetext v0.0.0-20240104143208-7a7d9b3d812f h1:o2yGZLlsOj5H5uvtQNEdi6DeA0GbUP3lm0gWW5RvY0s= +github.com/google/safetext v0.0.0-20240104143208-7a7d9b3d812f/go.mod h1:H3K1Iu/utuCfa10JO+GsmKUYSWi7ug57Rk6GaDRHaaQ= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= +github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= +github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= +github.com/googleapis/enterprise-certificate-proxy v0.2.1/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= +github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= +github.com/googleapis/enterprise-certificate-proxy v0.3.2 h1:Vie5ybvEvT75RniqhfFxPRy3Bf7vr3h0cechB90XaQs= +github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= +github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= +github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM= +github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM= +github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c= +github.com/googleapis/gax-go/v2 v2.5.1/go.mod h1:h6B0KMMFNtI2ddbGJn3T3ZbwkeT6yqEF02fYlzkUCyo= +github.com/googleapis/gax-go/v2 v2.6.0/go.mod h1:1mjbznJAPHFpesgE5ucqfYEscaz5kMdcIDwU/6+DDoY= +github.com/googleapis/gax-go/v2 v2.7.0/go.mod h1:TEop28CZZQ2y+c0VxMUmu1lV+fQx57QpBWsYpwqHJx8= +github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= +github.com/googleapis/gax-go/v2 v2.12.3 h1:5/zPPDvw8Q1SuXjrqrZslrqT7dL/uJT2CQii/cLCKqA= +github.com/googleapis/gax-go/v2 v2.12.3/go.mod h1:AKloxT6GtNbaLm8QTNSidHUVsHYcBHwWRvkNFJUQcS4= +github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= +github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= +github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE= +github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w= +github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= +github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= +github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= +github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY= +github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= +github.com/gravitational/go-mssqldb v0.11.1-0.20230331180905-0f76f1751cd3 h1:3JGTacvAeV5tIC4/9XsdLC2K5K7FWaXxIwpW4t+dGH0= +github.com/gravitational/go-mssqldb v0.11.1-0.20230331180905-0f76f1751cd3/go.mod h1:LbRWqr72fXehxAGLXO8nDNQAi4gthRz4j7f8L2LS0XM= +github.com/gravitational/go-oidc v0.1.1 h1:T5nZxwkrfqfDMW4VPomCiG50Ae5ToaL9NFxEJHKURXc= +github.com/gravitational/go-oidc v0.1.1/go.mod h1:A/IrBuKme/aPiJ9RIctJnSfPKUAzSQ4zaacIXDCQGx4= +github.com/gravitational/httprouter v1.3.1-0.20220408074523-c876c5e705a5 h1:qg8FcGwRACSHortU1UxCSo9nF0t34rPWjk9Nef3j2Ic= +github.com/gravitational/httprouter v1.3.1-0.20220408074523-c876c5e705a5/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= +github.com/gravitational/kingpin/v2 v2.1.11-0.20230515143221-4ec6b70ecd33 h1:VFER/+0TfRypJhc9XeuggTtEZzhhe75DSVqMv/avHEU= +github.com/gravitational/kingpin/v2 v2.1.11-0.20230515143221-4ec6b70ecd33/go.mod h1:0gyi0zQnjuFk8xrkNKamJoyUo382HRL7ATRpFZCw6tE= +github.com/gravitational/license v0.0.0-20240313232707-8312e719d624 h1:TjiJ98fWU5N28MBktP5vj1/xohin7cX/JBPPJ8iCiTE= +github.com/gravitational/license v0.0.0-20240313232707-8312e719d624/go.mod h1:pERQ8qtFfvV0Pfw9jA5o1WH1snupQQ3SZ+n8CVdRJNs= +github.com/gravitational/oxy v0.0.0-20231219172753-f855322f2a6c h1:CINwa3yHKRph2q1Y5j2EeS85blKHm+0MeiFGf4Ncxow= +github.com/gravitational/oxy v0.0.0-20231219172753-f855322f2a6c/go.mod h1:onQ3S635jMe2GSIRSpFgtSH3TUuQks8gfkxijOeZaIA= +github.com/gravitational/predicate v1.3.1 h1:f1uGg2FF6z5wZbcafYpLZJ1gl+82I0MlSd0cQKDPQe0= +github.com/gravitational/predicate v1.3.1/go.mod h1:H5e9dUW7zb/cuKkkhfnyT9SsI/WHWJ8Ra011La16DTY= +github.com/gravitational/protobuf v1.3.2-0.20201123192827-2b9fcfaffcbf h1:MQ4e8XcxvZTeuOmRl7yE519vcWc2h/lyvYzsvt41cdY= +github.com/gravitational/protobuf v1.3.2-0.20201123192827-2b9fcfaffcbf/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gravitational/roundtrip v1.0.2 h1:eOCY0NEKKaB0ksJmvhO6lPMFz1pIIef+vyPBTBROQ5c= +github.com/gravitational/roundtrip v1.0.2/go.mod h1:fuI1booM2hLRA/B/m5MRAPOU6mBZNYcNycono2UuTw0= +github.com/gravitational/trace v1.4.0 h1:TtTeMElVwMX21Udb1nmK2tpWYAAMJoyjevzKOaxIFZQ= +github.com/gravitational/trace v1.4.0/go.mod h1:g79NZzwCjWS/VVubYowaFAQsTjVTohGi0hFbIWSyGoY= +github.com/gravitational/ttlmap v0.0.0-20171116003245-91fd36b9004c h1:C2iWDiod8vQ3YnOiCdMP9qYeg2UifQ8KSk36r0NswSE= +github.com/gravitational/ttlmap v0.0.0-20171116003245-91fd36b9004c/go.mod h1:erKVikttPjeHKDCQZcqowEqiccy23cJAqPadZgfjNm8= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= +github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.0 h1:f4tggROQKKcnh4eItay6z/HbHLqghBxS8g7pyMhmDio= +github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.0/go.mod h1:hKAkSgNkL0FII46ZkJcpVEAai4KV+swlIWCKfekd1pA= +github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.1.0 h1:pRhl55Yx1eC7BZ1N+BBWwnKaMyD8uC+34TLdndZMAKk= +github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.1.0/go.mod h1:XKMd7iuf/RGPSMJ/U4HP0zS2Z9Fh8Ps9a+6X26m/tmI= +github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/grpc-gateway v1.10.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3/go.mod h1:o//XUCC/F+yRGJoPO/VU0GSB0f8Nhgmxx0VIRUvaC0w= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 h1:/c3QmbOGMGTOumP2iT/rCwB7b0QDGLKzqOmktBjT+Is= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1/go.mod h1:5SN9VR2LTsRFsrEC6FHgRbTWrTHu6tqPeKxEQv15giM= +github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed h1:5upAirOpQc1Q53c0bnx2ufif5kANL7bfZWcc6VJWJd8= +github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4= +github.com/hashicorp/consul/api v1.7.0/go.mod h1:1NSuaUUkFaJzMasbfq/11wKYWSR67Xn6r2DXKhuDNFg= +github.com/hashicorp/consul/sdk v0.6.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM= +github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU= +github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg= +github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= +github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= +github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= +github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= +github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= +github.com/hashicorp/go-getter v1.5.3 h1:NF5+zOlQegim+w/EUhSLh6QhXHmZMEeHLQzllkQ3ROU= +github.com/hashicorp/go-getter v1.5.3/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= +github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= +github.com/hashicorp/go-hclog v0.12.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= +github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= +github.com/hashicorp/go-hclog v0.16.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= +github.com/hashicorp/go-hclog v1.2.1 h1:YQsLlGDJgwhXFpucSPyVbCBviQtjlHv3jLTlp8YmtEw= +github.com/hashicorp/go-hclog v1.2.1/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= +github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= +github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= +github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= +github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hashicorp/go-plugin v1.3.0/go.mod h1:F9eH4LrE/ZsRdbwhfjs9k9HoDUwAHnYtXdgmf1AVNs0= +github.com/hashicorp/go-plugin v1.4.1/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= +github.com/hashicorp/go-plugin v1.4.4 h1:NVdrSdFRt3SkZtNckJ6tog7gbpRrcbOjQi/rgF7JYWQ= +github.com/hashicorp/go-plugin v1.4.4/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= +github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= +github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= +github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= +github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= +github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= +github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= +github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= +github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= +github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= +github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= +github.com/hashicorp/hc-install v0.3.1 h1:VIjllE6KyAI1A244G8kTaHXy+TL5/XYzvrtFi8po/Yk= +github.com/hashicorp/hc-install v0.3.1/go.mod h1:3LCdWcCDS1gaHC9mhHCGbkYfoY6vdsKohGjugbZdZak= +github.com/hashicorp/hcl/v2 v2.3.0 h1:iRly8YaMwTBAKhn1Ybk7VSdzbnopghktCD031P8ggUE= +github.com/hashicorp/hcl/v2 v2.3.0/go.mod h1:d+FwDBbOLvpAM3Z6J7gPj/VoAGkNe/gm352ZhjJ/Zv8= +github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= +github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= +github.com/hashicorp/mdns v1.0.1/go.mod h1:4gW7WsVCke5TE7EPeYliwHlRUyBtfCwuFwuMg2DmyNY= +github.com/hashicorp/memberlist v0.2.2/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= +github.com/hashicorp/serf v0.9.3/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk= +github.com/hashicorp/terraform-exec v0.15.0 h1:cqjh4d8HYNQrDoEmlSGelHmg2DYDh5yayckvJ5bV18E= +github.com/hashicorp/terraform-exec v0.15.0/go.mod h1:H4IG8ZxanU+NW0ZpDRNsvh9f0ul7C0nHP+rUR/CHs7I= +github.com/hashicorp/terraform-json v0.13.0 h1:Li9L+lKD1FO5RVFRM1mMMIBDoUHslOniyEi5CM+FWGY= +github.com/hashicorp/terraform-json v0.13.0/go.mod h1:y5OdLBCT+rxbwnpxZs9kGL7R9ExU76+cpdY8zHwoazk= +github.com/hashicorp/terraform-plugin-framework v0.10.0 h1:LGYcnvNdVaZA1ZHe53BHLVjaaGs7HTiq6+9Js29stL4= +github.com/hashicorp/terraform-plugin-framework v0.10.0/go.mod h1:CK7Opzukfu/2CPJs+HzUdfHrFlp+ZIQeSxjF0x8k464= +github.com/hashicorp/terraform-plugin-go v0.5.0/go.mod h1:PAVN26PNGpkkmsvva1qfriae5Arky3xl3NfzKa8XFVM= +github.com/hashicorp/terraform-plugin-go v0.12.0 h1:6wW9mT1dSs0Xq4LR6HXj1heQ5ovr5GxXNJwkErZzpJw= +github.com/hashicorp/terraform-plugin-go v0.12.0/go.mod h1:kwhmaWHNDvT1B3QiSJdAtrB/D4RaKSY/v3r2BuoWK4M= +github.com/hashicorp/terraform-plugin-log v0.2.0/go.mod h1:E1kJmapEHzqu1x6M++gjvhzM2yMQNXPVWZRCB8sgYjg= +github.com/hashicorp/terraform-plugin-log v0.6.0 h1:/Vq78uSIdUSZ3iqDc9PESKtwt8YqNKN6u+khD+lLjuw= +github.com/hashicorp/terraform-plugin-log v0.6.0/go.mod h1:p4R1jWBXRTvL4odmEkFfDdhUjHf9zcs/BCoNHAc7IK4= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.10.1 h1:B9AocC+dxrCqcf4vVhztIkSkt3gpRjUkEka8AmZWGlQ= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.10.1/go.mod h1:FjM9DXWfP0w/AeOtJoSKHBZ01LqmaO6uP4bXhv3fekw= +github.com/hashicorp/terraform-registry-address v0.0.0-20210412075316-9b2996cce896/go.mod h1:bzBPnUIkI0RxauU8Dqo+2KrZZ28Cf48s8V6IHt3p4co= +github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c h1:D8aRO6+mTqHfLsK/BC3j5OAoogv1WLRWzY1AaTo3rBg= +github.com/hashicorp/terraform-registry-address v0.0.0-20220623143253-7d51757b572c/go.mod h1:Wn3Na71knbXc1G8Lh+yu/dQWWJeFQEpDeJMtWMtlmNI= +github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734 h1:HKLsbzeOsfXmKNpr3GiT18XAblV0BjCbzL8KQAMZGa0= +github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg= +github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= +github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d h1:kJCB4vdITiW1eC1vq2e6IsrXKrZit1bv/TDYFGMp4BQ= +github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= +github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= +github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= +github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= +github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8= +github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk= +github.com/jackc/pgconn v1.14.3 h1:bVoTr12EGANZz66nZPkMInAV/KHD2TxH9npjXXgiB3w= +github.com/jackc/pgconn v1.14.3/go.mod h1:RZbme4uasqzybK2RK5c65VsHxoyaml09lx3tXOcO/VM= +github.com/jackc/pgerrcode v0.0.0-20240316143900-6e2875d9b438 h1:Dj0L5fhJ9F82ZJyVOmBx6msDp/kfd1t9GRfny/mfJA0= +github.com/jackc/pgerrcode v0.0.0-20240316143900-6e2875d9b438/go.mod h1:a/s9Lp5W7n/DD0VrVoyJ00FbP2ytTPDVOivvn2bMlds= +github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE= +github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8= +github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM= +github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= +github.com/jackc/pgproto3/v2 v2.3.3 h1:1HLSx5H+tXR9pW3in3zaztoEwQYRC9SQaYUHjTSUOag= +github.com/jackc/pgproto3/v2 v2.3.3/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA= +github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9 h1:L0QtFUgDarD7Fpv9jeVMgy/+Ec0mtnmYuImjTz6dtDA= +github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= +github.com/jackc/pgtype v1.14.3 h1:h6W9cPuHsRWQFTWUZMAKMgG5jSwQI0Zurzdvlx3Plus= +github.com/jackc/pgtype v1.14.3/go.mod h1:aKeozOde08iifGosdJpz9MBZonJOUJxqNpPBcMJTlVA= +github.com/jackc/pgx/v4 v4.18.3 h1:dE2/TrEsGX3RBprb3qryqSV9Y60iZN1C6i8IrmW9/BA= +github.com/jackc/pgx/v4 v4.18.3/go.mod h1:Ey4Oru5tH5sB6tV7hDmfWFahwF15Eb7DNXlRKx2CkVw= +github.com/jackc/pgx/v5 v5.5.5 h1:amBjrZVmksIdNjxGW/IiIMzxMKZFelXbUoPNb+8sjQw= +github.com/jackc/pgx/v5 v5.5.5/go.mod h1:ez9gk+OAat140fv9ErkZDYFWmXLfV+++K0uAOiwgm1A= +github.com/jackc/puddle/v2 v2.2.1 h1:RhxXJtFG022u4ibrCSMSiu5aOq1i77R3OHKNJj77OAk= +github.com/jackc/puddle/v2 v2.2.1/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= +github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= +github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= +github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8= +github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs= +github.com/jcmturner/dnsutils/v2 v2.0.0 h1:lltnkeZGL0wILNvrNiVCR6Ro5PGU/SeBvVO/8c/iPbo= +github.com/jcmturner/dnsutils/v2 v2.0.0/go.mod h1:b0TnjGOvI/n42bZa+hmXL+kFJZsFT7G4t3HTlQ184QM= +github.com/jcmturner/gofork v1.7.6 h1:QH0l3hzAU1tfT3rZCnW5zXl+orbkNMMRGJfdJjHVETg= +github.com/jcmturner/gofork v1.7.6/go.mod h1:1622LH6i/EZqLloHfE7IeZ0uEJwMSUyQ/nDd82IeqRo= +github.com/jcmturner/goidentity/v6 v6.0.1 h1:VKnZd2oEIMorCTsFBnJWbExfNN7yZr3EhJAxwOkZg6o= +github.com/jcmturner/goidentity/v6 v6.0.1/go.mod h1:X1YW3bgtvwAXju7V3LCIMpY0Gbxyjn/mY9zx4tFonSg= +github.com/jcmturner/gokrb5/v8 v8.4.4 h1:x1Sv4HaTpepFkXbt2IkL29DXRf8sOfZXo8eRKh687T8= +github.com/jcmturner/gokrb5/v8 v8.4.4/go.mod h1:1btQEpgT6k+unzCwX1KdWMEwPPkkgBtP+F6aCACiMrs= +github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZY= +github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc= +github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= +github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= +github.com/jhump/protoreflect v1.15.3 h1:6SFRuqU45u9hIZPJAoZ8c28T3nK64BNdp9w6jFonzls= +github.com/jhump/protoreflect v1.15.3/go.mod h1:4ORHmSBmlCW8fh3xHmJMGyul1zNqZK4Elxc8qKP+p1k= +github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= +github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= +github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/jmoiron/sqlx v1.3.5 h1:vFFPA71p1o5gAeqtEAwLU4dnX2napprKtHr7PYIcN3g= +github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Ccp0mQ= +github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= +github.com/jonboulle/clockwork v0.3.0/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= +github.com/jonboulle/clockwork v0.4.0 h1:p4Cf1aMWXnXAUh8lVfewRBx1zaTSYKrKMF2g3ST4RZ4= +github.com/jonboulle/clockwork v0.4.0/go.mod h1:xgRqUGwRcjKCO1vbZUEtSLrqKoPSsUpK7fnezOII0kc= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/josharian/native v1.1.0 h1:uuaP0hAbW7Y4l0ZRQ6C9zfb7Mg1mbFKry/xzDAfmtLA= +github.com/josharian/native v1.1.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= +github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= +github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213/go.mod h1:vNUNkEQ1e29fT/6vq2aBdFsgNPmy8qMdSay1npru+Sw= +github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw= +github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= +github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= +github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= +github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck= +github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/keys-pub/go-libfido2 v1.5.3-0.20220306005615-8ab03fb1ec27 h1:10nfvqVK4/KINnLT8bDICrRnfguTJ300dNGpW8D2bQo= +github.com/keys-pub/go-libfido2 v1.5.3-0.20220306005615-8ab03fb1ec27/go.mod h1:P0V19qHwJNY0htZwZDe9Ilvs/nokGhdFX7faKFyZ6+U= +github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/asmfmt v1.3.2/go.mod h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE= +github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= +github.com/klauspost/compress v1.17.7 h1:ehO88t2UGzQK66LMdE8tibEd1ErmzZjNEqWkjLAKQQg= +github.com/klauspost/compress v1.17.7/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8= +github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw= +github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o= +github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk= +github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw= +github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/lyft/protoc-gen-star v0.6.0/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= +github.com/lyft/protoc-gen-star v0.6.1/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= +github.com/lyft/protoc-gen-star/v2 v2.0.1/go.mod h1:RcCdONR2ScXaYnQC5tUzxzlpA3WVYF7/opLeUgcQs/o= +github.com/mailgun/holster/v3 v3.16.2 h1:Zl5Spy4WdgLMKWbHgkuDwsQwsJN0Xr3Mgt2dZGJih18= +github.com/mailgun/holster/v3 v3.16.2/go.mod h1:U3cbmr+/KfYqWINVCqyEhEID8hBDOPHEj+XmDKbi2nk= +github.com/mailgun/lemma v0.0.0-20170619173223-4214099fb348 h1:H2VEGfxRuhOR5Dl6guYNTXrHEMh0JkKFDBZqxVCQ3RE= +github.com/mailgun/lemma v0.0.0-20170619173223-4214099fb348/go.mod h1:2+eAliypGoT5/vXx9ufZ7N9I3H8Z/tXVGqyNVzCOfKQ= +github.com/mailgun/metrics v0.0.0-20150124003306-2b3c4565aafd h1:yCc0lIUQncZ7luEMtOpYjYYcIOh1d/eQOGWnMKRHuoI= +github.com/mailgun/metrics v0.0.0-20150124003306-2b3c4565aafd/go.mod h1:l716ZJt823cQ7oTK8odsf+KL5EZbSnk/0r3lFnzEUxA= +github.com/mailgun/minheap v0.0.0-20170619185613-3dbe6c6bf55f h1:aOqSQstfwSx9+tcM/xiKTio3IVjs7ZL2vU8kI9bI6bM= +github.com/mailgun/minheap v0.0.0-20170619185613-3dbe6c6bf55f/go.mod h1:V3EvCedtJTvUYzJF2GZMRB0JMlai+6cBu3VCTQz33GQ= +github.com/mailgun/timetools v0.0.0-20170619190023-f3a7b8ffff47 h1:jlyJPTyctWqANbaxi/nXRrxX4WeeAGMPaHPj9XlO0Rw= +github.com/mailgun/timetools v0.0.0-20170619190023-f3a7b8ffff47/go.mod h1:RYmqHbhWwIz3z9eVmQ2rx82rulEMG0t+Q1bzfc9DYN4= +github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f h1:ZZYhg16XocqSKPGNQAe0aeweNtFxuedbwwb4fSlg7h4= +github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f/go.mod h1:8heskWJ5c0v5J9WH89ADhyal1DOZcayll8fSbhB+/9A= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/markbates/errx v1.1.0 h1:QDFeR+UP95dO12JgW+tgi2UVfo0V8YBHiUIOaeBPiEI= +github.com/markbates/errx v1.1.0/go.mod h1:PLa46Oex9KNbVDZhKel8v1OT7hD5JZ2eI7AHhA0wswc= +github.com/markbates/oncer v1.0.0 h1:E83IaVAHygyndzPimgUYJjbshhDTALZyXxvk9FOlQRY= +github.com/markbates/oncer v1.0.0/go.mod h1:Z59JA581E9GP6w96jai+TGqafHPW+cPfRxz2aSZ0mcI= +github.com/markbates/safe v1.0.1 h1:yjZkbvRM6IzKj9tlu/zMJLS0n/V351OZWRnF3QfaUxI= +github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= +github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= +github.com/mattermost/xml-roundtrip-validator v0.1.0 h1:RXbVD2UAl7A7nOTR4u7E3ILa4IbtvKBHw64LDsmu9hU= +github.com/mattermost/xml-roundtrip-validator v0.1.0/go.mod h1:qccnGMcpgwcNaBnxqpJpWWUiPNr5H3O8eDgGV9gT5To= +github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= +github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= +github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= +github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= +github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= +github.com/mattn/go-sqlite3 v1.14.14/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= +github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= +github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/mdlayher/netlink v1.7.2 h1:/UtM3ofJap7Vl4QWCPDGXY8d3GIY2UGSDbK+QWmY8/g= +github.com/mdlayher/netlink v1.7.2/go.mod h1:xraEF7uJbxLhc5fpHL4cPe221LI2bdttWlU+ZGLfQSw= +github.com/mdlayher/socket v0.5.1 h1:VZaqt6RkGkt2OE9l3GcC6nZkqD3xKeQLyfleW/uBcos= +github.com/mdlayher/socket v0.5.1/go.mod h1:TjPLHI1UgwEv5J1B5q0zTZq12A/6H7nKmtTanQE37IQ= +github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= +github.com/miekg/dns v1.1.26 h1:gPxPSwALAeHJSjarOs00QjVdV9QoBvc1D2ujQUr5BzU= +github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= +github.com/miekg/pkcs11 v1.0.3-0.20190429190417-a667d056470f/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= +github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU= +github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= +github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY= +github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8IeTMnF8JTXieKnO4Z6JCsikNEzj0DwauVzE= +github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= +github.com/mitchellh/cli v1.1.2/go.mod h1:6iaV0fGdElS6dPBx0EApTxHrcWvmJphyh2n8YBLPPZ4= +github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db h1:62I3jR2EmQ4l5rM/4FEfDWcRD+abF5XlKShorW5LRoQ= +github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db/go.mod h1:l0dey0ia/Uv7NcFFVbCLtqEBQbrT4OCwCSKTEv6enCw= +github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= +github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= +github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= +github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= +github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= +github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= +github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= +github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= +github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78= +github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= +github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= +github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0= +github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= +github.com/montanaflynn/stats v0.7.0 h1:r3y12KyNxj/Sb/iOE46ws+3mS1+MZca1wlHQFPsY/JU= +github.com/montanaflynn/stats v0.7.0/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow= +github.com/mreiferson/go-httpclient v0.0.0-20160630210159-31f0106b4474/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= +github.com/mreiferson/go-httpclient v0.0.0-20201222173833-5e475fde3a4d/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k+Mg7cowZ8yv4Trqw9UsJby758= +github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce/go.mod h1:uFMI8w+ref4v2r9jz+c9i1IfIttS/OkmLfrk1jne5hs= +github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= +github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= +github.com/okta/okta-sdk-golang/v2 v2.20.0 h1:EDKM+uOPfihOMNwgHMdno+NAsIfyXkVnoFAYVPay0YU= +github.com/okta/okta-sdk-golang/v2 v2.20.0/go.mod h1:FMy5hN5G8Rd/VoS0XrfyPPhIfOVo78ZK7lvwiQRS2+U= +github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= +github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= +github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= +github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= +github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= +github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= +github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= +github.com/opencontainers/image-spec v1.1.0-rc6 h1:XDqvyKsJEbRtATzkgItUqBA7QHk58yxX1Ov9HERHNqU= +github.com/opencontainers/image-spec v1.1.0-rc6/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM= +github.com/opensearch-project/opensearch-go/v2 v2.3.0 h1:nQIEMr+A92CkhHrZgUhcfsrZjibvB3APXf2a1VwCmMQ= +github.com/opensearch-project/opensearch-go/v2 v2.3.0/go.mod h1:8LDr9FCgUTVoT+5ESjc2+iaZuldqE+23Iq0r1XeNue8= +github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= +github.com/pascaldekloe/name v1.0.1 h1:9lnXOHeqeHHnWLbKfH6X98+4+ETVqFqxN09UXSjcMb0= +github.com/pascaldekloe/name v1.0.1/go.mod h1:Z//MfYJnH4jVpQ9wkclwu2I2MkHmXTlT9wR5UZScttM= +github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627 h1:pSCLCl6joCFRnjpeojzOpEYs4q7Vditq8fySFG5ap3Y= +github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ= +github.com/paulmach/orb v0.11.1 h1:3koVegMC4X/WeiXYz9iswopaTwMem53NzTJuTF20JzU= +github.com/paulmach/orb v0.11.1/go.mod h1:5mULz1xQfs3bmQm63QEJA6lNGujuRafwA5S/EnuLaLU= +github.com/pavlo-v-chernykh/keystore-go/v4 v4.5.0 h1:2nosf3P75OZv2/ZO/9Px5ZgZ5gbKrzA3joN1QMfOGMQ= +github.com/pavlo-v-chernykh/keystore-go/v4 v4.5.0/go.mod h1:lAVhWwbNaveeJmxrxuSTxMgKpF6DjnuVpn6T8WiBwYQ= +github.com/pborman/uuid v1.2.1 h1:+ZZIw58t/ozdjRaXh/3awHfmWRbzYxJoAdNJxe/3pvw= +github.com/pborman/uuid v1.2.1/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= +github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= +github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI= +github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= +github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= +github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= +github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= +github.com/pierrec/lz4/v4 v4.1.15/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= +github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ= +github.com/pierrec/lz4/v4 v4.1.21/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= +github.com/pingcap/errors v0.11.5-0.20201126102027-b0a155152ca3 h1:LllgC9eGfqzkfubMgjKIDyZYaa609nNWAyNZtpy2B3M= +github.com/pingcap/errors v0.11.5-0.20201126102027-b0a155152ca3/go.mod h1:G7x87le1poQzLB/TqvTJI2ILrSgobnq4Ut7luOwvfvI= +github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= +github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= +github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= +github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= +github.com/pkg/sftp v1.13.6 h1:JFZT4XbOU7l77xGSpOdW+pwIMqP044IyjXX6FGyEKFo= +github.com/pkg/sftp v1.13.6/go.mod h1:tz1ryNURKu77RL+GuCzmoJYxQczL3wLNNpPWagdg4Qk= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= +github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= +github.com/poy/onpar v1.1.2 h1:QaNrNiZx0+Nar5dLgTVp5mXkyoVFIbepjyEoGSnhbAY= +github.com/poy/onpar v1.1.2/go.mod h1:6X8FLNoxyr9kkmnlqpK6LSoiOtrO6MICtWwEuWkLjzg= +github.com/pquerna/cachecontrol v0.1.0 h1:yJMy84ti9h/+OEWa752kBTKv4XC30OtVVHYv/8cTqKc= +github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= +github.com/pquerna/otp v1.4.0 h1:wZvl1TIVxKRThZIBiwOOHOGP/1+nZyWBil9Y2XNEDzg= +github.com/pquerna/otp v1.4.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= +github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= +github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= +github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= +github.com/prometheus/common v0.51.1 h1:eIjN50Bwglz6a/c3hAgSMcofL3nD+nFQkV6Dd4DsQCw= +github.com/prometheus/common v0.51.1/go.mod h1:lrWtQx+iDfn2mbH5GUzlH9TSHyfZpHkSiG1W7y3sF2Q= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= +github.com/prometheus/procfs v0.13.0 h1:GqzLlQyfsPbaEHaQkO7tbDlriv/4o5Hudv6OXHGKX7o= +github.com/prometheus/procfs v0.13.0/go.mod h1:cd4PFCR54QLnGKPaKGA6l+cfuNXtht43ZKY6tow0Y1g= +github.com/redis/go-redis/v9 v9.3.0 h1:RiVDjmig62jIWp7Kk4XVLs0hzV6pI3PyTnnL0cnn0u0= +github.com/redis/go-redis/v9 v9.3.0/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M= +github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= +github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= +github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/rs/zerolog v1.28.0 h1:MirSo27VyNi7RJYP3078AA1+Cyzd2GB66qy3aUHvsWY= +github.com/rs/zerolog v1.28.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0= +github.com/rubenv/sql-migrate v1.5.2 h1:bMDqOnrJVV/6JQgQ/MxOpU+AdO8uzYYA/TxFUBzFtS0= +github.com/rubenv/sql-migrate v1.5.2/go.mod h1:H38GW8Vqf8F0Su5XignRyaRcbXbJunSWxs+kmzlg0Is= +github.com/russellhaering/gosaml2 v0.9.1 h1:H/whrl8NuSoxyW46Ww5lKPskm+5K+qYLw9afqJ/Zef0= +github.com/russellhaering/gosaml2 v0.9.1/go.mod h1:ja+qgbayxm+0mxBRLMSUuX3COqy+sb0RRhIGun/W2kc= +github.com/russellhaering/goxmldsig v1.3.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw= +github.com/russellhaering/goxmldsig v1.4.0 h1:8UcDh/xGyQiyrW+Fq5t8f+l2DLB1+zlhYzkPUJ7Qhys= +github.com/russellhaering/goxmldsig v1.4.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw= +github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w= +github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk= +github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= +github.com/sashabaranov/go-openai v1.20.5 h1:Sab4nzBLtoyxm4jRqH9G9pkIh50WpBFacPTEpruPB6o= +github.com/sashabaranov/go-openai v1.20.5/go.mod h1:lj5b/K+zjTSFxVLijLSTDZuP7adOgerWeFyZLUhAKRg= +github.com/schollz/progressbar/v3 v3.14.2 h1:EducH6uNLIWsr560zSV1KrTeUb/wZGAHqyMFIEa99ks= +github.com/schollz/progressbar/v3 v3.14.2/go.mod h1:aQAZQnhF4JGFtRJiw/eobaXpsqpVQAftEQ+hLGXaRc4= +github.com/scim2/filter-parser/v2 v2.2.0 h1:QGadEcsmypxg8gYChRSM2j1edLyE/2j72j+hdmI4BJM= +github.com/scim2/filter-parser/v2 v2.2.0/go.mod h1:jWnkDToqX/Y0ugz0P5VvpVEUKcWcyHHj+X+je9ce5JA= +github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= +github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= +github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys= +github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= +github.com/segmentio/encoding v0.4.0 h1:MEBYvRqiUB2nfR2criEXWqwdY6HJOUrCn5hboVOVmy8= +github.com/segmentio/encoding v0.4.0/go.mod h1:/d03Cd8PoaDeceuhUUUQWjU0KhWjrmYrWPgtJHYZSnI= +github.com/segmentio/parquet-go v0.0.0-20230712180008-5d42db8f0d47 h1:5am1AKPVBj3ncaEsqsGQl/cvsW5mSrO9NSPqWWhH8OA= +github.com/segmentio/parquet-go v0.0.0-20230712180008-5d42db8f0d47/go.mod h1:+J0xQnJjm8DuQUHBO7t57EnmPbstT6+b45+p3DC9k1Q= +github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= +github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= +github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= +github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8= +github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I= +github.com/sethvargo/go-diceware v0.3.0 h1:UVVEfmN/uF50JfWAN7nbY6CiAlp5xeSx+5U0lWKkMCQ= +github.com/sethvargo/go-diceware v0.3.0/go.mod h1:lH5Q/oSPMivseNdhMERAC7Ti5oOPqsaVddU1BcN1CY0= +github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= +github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= +github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= +github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726 h1:xT+JlYxNGqyT+XcU8iUrN18JYed2TvG9yN5ULG2jATM= +github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726/go.mod h1:3yhqj7WBBfRhbBlzyOC3gUxftwsU0u8gqevxwIHQpMw= +github.com/siddontang/go-log v0.0.0-20180807004314-8d05993dda07 h1:oI+RNwuC9jF2g2lP0u0cVEEZrc/AYBCuFdvwrLWM/6Q= +github.com/siddontang/go-log v0.0.0-20180807004314-8d05993dda07/go.mod h1:yFdBgwXP24JziuRl2NMUahT7nGLNOKi1SIiFxMttVD4= +github.com/sijms/go-ora/v2 v2.8.10 h1:Ekhx0I+A9qVBy1eOLa2eIhHWWYwVTa0MM78KS6h+5fg= +github.com/sijms/go-ora/v2 v2.8.10/go.mod h1:EHxlY6x7y9HAsdfumurRfTd+v8NrEOTR3Xl4FWlH6xk= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= +github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= +github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= +github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg= +github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU= +github.com/tiktoken-go/tokenizer v0.1.0 h1:c1fXriHSR/NmhMDTwUDLGiNhHwTV+ElABGvqhCWLRvY= +github.com/tiktoken-go/tokenizer v0.1.0/go.mod h1:7SZW3pZUKWLJRilTvWCa86TOVIiiJhYj3FQ5V3alWcg= +github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= +github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= +github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/vmihailenco/msgpack/v4 v4.3.12 h1:07s4sz9IReOgdikxLTKNbBdqDMLsjPKXwvCazn8G65U= +github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= +github.com/vmihailenco/tagparser v0.1.1 h1:quXMXlA39OCbd2wAdTsGDlK9RkOk6Wuw+x37wVyIuWY= +github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= +github.com/weppos/publicsuffix-go v0.12.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= +github.com/weppos/publicsuffix-go v0.13.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= +github.com/weppos/publicsuffix-go v0.30.0/go.mod h1:kBi8zwYnR0zrbm8RcuN1o9Fzgpnnn+btVN8uWPMyXAY= +github.com/weppos/publicsuffix-go v0.30.1-0.20230620154423-38c92ad2d5c6 h1:kNn7cjQYeNjKUflvFFCxFeyS7ENcDdfPmkhFpgd0G/A= +github.com/weppos/publicsuffix-go v0.30.1-0.20230620154423-38c92ad2d5c6/go.mod h1:wdMq89hDN07Zqr0yqYAXIBTJXl4MEELx+HYHOZdf5gM= +github.com/weppos/publicsuffix-go/publicsuffix/generator v0.0.0-20220927085643-dc0d00c92642/go.mod h1:GHfoeIdZLdZmLjMlzBftbTDntahTttUMWjxZwQJhULE= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= +github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= +github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= +github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c= +github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= +github.com/xdg-go/scram v1.1.2 h1:FHX5I5B4i4hKRVRBCFRxq1iQRej7WO3hhBuJf+UUySY= +github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4= +github.com/xdg-go/stringprep v1.0.4 h1:XLI/Ng3O1Atzq0oBs3TWm+5ZVgkq2aqdlvP9JtoZ6c8= +github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= +github.com/xhit/go-str2duration/v2 v2.1.0 h1:lxklc02Drh6ynqX+DdPyp5pCKLUQpRT8bp8Ydu2Bstc= +github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= +github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= +github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= +github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d h1:splanxYIlg+5LfHAM6xpdFEAYOk8iySO56hMFq6uLyA= +github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= +github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/yuin/gopher-lua v1.1.1 h1:kYKnWBjvbNP4XLT3+bPEwAXJx262OhaHDWDVOPjL46M= +github.com/yuin/gopher-lua v1.1.1/go.mod h1:GBR0iDaNXjAgGg9zfCvksxSRnQx76gclCIb7kdAd1Pw= +github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43 h1:+lm10QQTNSBd8DVTNGHx7o/IKu9HYDvLMffDhbyLccI= +github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= +github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50 h1:hlE8//ciYMztlGpl/VA+Zm1AcTPHYkHJPbHqE6WJUXE= +github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= +github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f h1:ERexzlUfuTvpE74urLSbIQW0Z/6hF9t8U4NsJLaioAY= +github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= +github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= +github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= +github.com/zclconf/go-cty v1.9.1 h1:viqrgQwFl5UpSxc046qblj78wZXVDFnSOufaOTER+cc= +github.com/zclconf/go-cty v1.9.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= +github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= +github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA= +github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE= +github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE= +github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54tB79AMBcySS0R2XIyZBAVmeHranShAFELYx7is= +github.com/zmap/zcertificate v0.0.1/go.mod h1:q0dlN54Jm4NVSSuzisusQY0hqDWvu92C+TWveAxiVWk= +github.com/zmap/zcrypto v0.0.0-20201128221613-3719af1573cf/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= +github.com/zmap/zcrypto v0.0.0-20201211161100-e54a5822fb7e/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= +github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 h1:DZH5n7L3L8RxKdSyJHZt7WePgwdhHnPhQFdQSJaHF+o= +github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300/go.mod h1:mOd4yUMgn2fe2nV9KXsa9AyQBFZGzygVPovsZR+Rl5w= +github.com/zmap/zlint/v3 v3.0.0/go.mod h1:paGwFySdHIBEMJ61YjoqT4h7Ge+fdYG4sUQhnTb1lJ8= +github.com/zmap/zlint/v3 v3.5.0 h1:Eh2B5t6VKgVH0DFmTwOqE50POvyDhUaU9T2mJOe1vfQ= +github.com/zmap/zlint/v3 v3.5.0/go.mod h1:JkNSrsDJ8F4VRtBZcYUQSvnWFL7utcjDIn+FE64mlBI= +go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= +go.etcd.io/etcd/api/v3 v3.5.13 h1:8WXU2/NBge6AUF1K1gOexB6e07NgsN1hXK0rSTtgSp4= +go.etcd.io/etcd/api/v3 v3.5.13/go.mod h1:gBqlqkcMMZMVTMm4NDZloEVJzxQOQIls8splbqBDa0c= +go.etcd.io/etcd/client/pkg/v3 v3.5.13 h1:RVZSAnWWWiI5IrYAXjQorajncORbS0zI48LQlE2kQWg= +go.etcd.io/etcd/client/pkg/v3 v3.5.13/go.mod h1:XxHT4u1qU12E2+po+UVPrEeL94Um6zL58ppuJWXSAB8= +go.etcd.io/etcd/client/v3 v3.5.13 h1:o0fHTNJLeO0MyVbc7I3fsCf6nrOqn5d+diSarKnB2js= +go.etcd.io/etcd/client/v3 v3.5.13/go.mod h1:cqiAeY8b5DEEcpxvgWKsbLIWNM/8Wy2xJSDMtioMcoI= +go.mongodb.org/mongo-driver v1.14.0 h1:P98w8egYRjYe3XDjxhYJagTokP/H6HzlsnojRgZRd80= +go.mongodb.org/mongo-driver v1.14.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= +go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= +go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= +go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= +go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws v0.50.0 h1:0zXBsTKPsly2MlyLYyra1GuL23fsY5RMsi6E2ZOe988= +go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws v0.50.0/go.mod h1:Tztzncf+ezyOCjXz8zRjVL2agqyBxhymGnK6rqgoY5c= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.50.0 h1:zvpPXY7RfYAGSdYQLjp6zxdJNSYD/+FFoCTQN9IPxBs= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.50.0/go.mod h1:BMn8NB1vsxTljvuorms2hyOs8IBuuBEq0pl7ltOfy30= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 h1:cEPbyTSEHlQR89XVlyo78gqluF8Y3oMeBkXGWzQsfXY= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0/go.mod h1:DKdbWcT4GH1D0Y3Sqt/PFXt2naRKDWtU+eE6oLdFNA8= +go.opentelemetry.io/otel v1.25.0 h1:gldB5FfhRl7OJQbUHt/8s0a7cE8fbsPAtdpRaApKy4k= +go.opentelemetry.io/otel v1.25.0/go.mod h1:Wa2ds5NOXEMkCmUou1WA7ZBfLTHWIsp034OVD7AO+Vg= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.25.0 h1:dT33yIHtmsqpixFsSQPwNeY5drM9wTcoL8h0FWF4oGM= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.25.0/go.mod h1:h95q0LBGh7hlAC08X2DhSeyIG02YQ0UyioTCVAqRPmc= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.25.0 h1:vOL89uRfOCCNIjkisd0r7SEdJF3ZJFyCNY34fdZs8eU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.25.0/go.mod h1:8GlBGcDk8KKi7n+2S4BT/CPZQYH3erLu0/k64r1MYgo= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.25.0 h1:Mbi5PKN7u322woPa85d7ebZ+SOvEoPvoiBu+ryHWgfA= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.25.0/go.mod h1:e7ciERRhZaOZXVjx5MiL8TK5+Xv7G5Gv5PA2ZDEJdL8= +go.opentelemetry.io/otel/metric v1.25.0 h1:LUKbS7ArpFL/I2jJHdJcqMGxkRdxpPHE0VU/D4NuEwA= +go.opentelemetry.io/otel/metric v1.25.0/go.mod h1:rkDLUSd2lC5lq2dFNrX9LGAbINP5B7WBkC78RXCpH5s= +go.opentelemetry.io/otel/sdk v1.25.0 h1:PDryEJPC8YJZQSyLY5eqLeafHtG+X7FWnf3aXMtxbqo= +go.opentelemetry.io/otel/sdk v1.25.0/go.mod h1:oFgzCM2zdsxKzz6zwpTZYLLQsFwc+K0daArPdIhuxkw= +go.opentelemetry.io/otel/trace v1.25.0 h1:tqukZGLwQYRIFtSQM2u2+yfMVTgGVeqRLPUYx1Dq6RM= +go.opentelemetry.io/otel/trace v1.25.0/go.mod h1:hCCs70XM/ljO+BeQkyFnbK28SBIJ/Emuha+ccrCRT7I= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= +go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= +go.opentelemetry.io/proto/otlp v1.1.0 h1:2Di21piLrCqJ3U3eXGCTPHE9R8Nh+0uglSnOyxikMeI= +go.opentelemetry.io/proto/otlp v1.1.0/go.mod h1:GpBHCBWiqvVLDqmHZsoMM3C5ySeKTC7ej/RNTae6MdY= +go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= +go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= +go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= +go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= +golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= +golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= +golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= +golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 h1:aAcj0Da7eBAtrTp03QXWvm88pSyOt+UgdZw2BFZ+lEw= +golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8/go.mod h1:CQ1k9gNrJ50XIzaKCRR2hssIjF07kZFEiieALBM/ARQ= +golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200618115811-c13761719519/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20201208152932-35266b937fa6/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20210216034530-4410531fe030/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20210607152325-775e3b0c77b9/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20210628002857-a66eb6448b8d/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20211028202545-6944b10bf410/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20220302094943-723b81ca9867/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= +golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= +golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191009170851-d66e71096ffb/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= +golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220617184016-355a448f1bc9/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20221012135044-0b7e1fb9d458/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= +golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= +golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= +golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= +golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= +golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= +golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= +golang.org/x/oauth2 v0.0.0-20220622183110-fd043fe589d2/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= +golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= +golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= +golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= +golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= +golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= +golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= +golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= +golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= +golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= +golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= +golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200713011307-fd294ab11aed/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= +golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw= +golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= +golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= +golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= +gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo= +gonum.org/v1/gonum v0.8.2/go.mod h1:oe/vMfY3deqTw+1EZJhuvEW2iwGF1bW9wwu7XCu0+v0= +gonum.org/v1/gonum v0.9.3/go.mod h1:TZumC3NeyVQskjXqmyWt4S3bINhy7B4eYwW69EbyX+0= +gonum.org/v1/gonum v0.11.0/go.mod h1:fSG4YDCxxUZQJ7rKsQrj0gMOg00Il0Z96/qMA4bVQhA= +gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= +gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc= +gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY= +gonum.org/v1/plot v0.10.1/go.mod h1:VZW5OlhkL1mysU9vaqNHnsy86inf6Ot+jB3r+BczCEo= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= +google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= +google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= +google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= +google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= +google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= +google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= +google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= +google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= +google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= +google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= +google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= +google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= +google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= +google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA= +google.golang.org/api v0.71.0/go.mod h1:4PyU6e6JogV1f9eA4voyrTY2batOLdgZ5qZ5HOCc4j8= +google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs= +google.golang.org/api v0.75.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= +google.golang.org/api v0.77.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= +google.golang.org/api v0.78.0/go.mod h1:1Sg78yoMLOhlQTeF+ARBoytAcH1NNyyl390YMy6rKmw= +google.golang.org/api v0.80.0/go.mod h1:xY3nI94gbvBrE0J6NHXhxOmW97HG7Khjkku6AFB3Hyg= +google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o= +google.golang.org/api v0.85.0/go.mod h1:AqZf8Ep9uZ2pyTvgL+x0D3Zt0eoT9b5E8fmzfu6FO2g= +google.golang.org/api v0.90.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= +google.golang.org/api v0.93.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= +google.golang.org/api v0.95.0/go.mod h1:eADj+UBuxkh5zlrSntJghuNeg8HwQ1w5lTKkuqaETEI= +google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.97.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.98.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.99.0/go.mod h1:1YOf74vkVndF7pG6hIHuINsM7eWwpVTAfNMNiL91A08= +google.golang.org/api v0.100.0/go.mod h1:ZE3Z2+ZOr87Rx7dqFsdRQkRBk36kDtp/h+QpHbB7a70= +google.golang.org/api v0.102.0/go.mod h1:3VFl6/fzoA+qNuS1N1/VfXY4LjoXN/wzeIp7TweWwGo= +google.golang.org/api v0.103.0/go.mod h1:hGtW6nK1AC+d9si/UBhw8Xli+QMOf6xyNAyJw4qU9w0= +google.golang.org/api v0.106.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.107.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.108.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.110.0/go.mod h1:7FC4Vvx1Mooxh8C5HWjzZHcavuS2f6pmJpZx60ca7iI= +google.golang.org/api v0.111.0/go.mod h1:qtFHvU9mhgTJegR31csQ+rwxyUTHOKFqCKWp1J0fdw0= +google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= +google.golang.org/api v0.172.0 h1:/1OcMZGPmW1rX2LCu2CmGUD1KXK1+pfzxotxyRUCCdk= +google.golang.org/api v0.172.0/go.mod h1:+fJZq6QXWfa9pXhnIzsjx4yI22d4aI9ZpLb58gvXjis= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= +google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= +google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= +google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= +google.golang.org/genproto v0.0.0-20200711021454-869866162049/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210329143202-679c6ae281ee/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= +google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= +google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= +google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= +google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= +google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= +google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= +google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220310185008-1973136f34c6/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E= +google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220413183235-5e96e2839df9/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220414192740-2d67ff6cf2b4/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220421151946-72621c1f0bd3/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220429170224-98d788798c3e/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220518221133-4f43b3371335/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220523171625-347a074981d8/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= +google.golang.org/genproto v0.0.0-20220608133413-ed9918b62aac/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220616135557-88e70c0c3a90/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220624142145-8cd45d7dbd1f/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220628213854-d9e0b6570c03/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220722212130-b98a9ff5e252/go.mod h1:GkXuJDJ6aQ7lnJcRF+SJVgFdQhypqgl3LB1C9vabdRE= +google.golang.org/genproto v0.0.0-20220801145646-83ce21fca29f/go.mod h1:iHe1svFLAZg9VWz891+QbRMwUv9O/1Ww+/mngYeThbc= +google.golang.org/genproto v0.0.0-20220815135757-37a418bb8959/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220817144833-d7fd3f11b9b1/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220822174746-9e6da59bd2fc/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220829144015-23454907ede3/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220829175752-36a9c930ecbf/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= +google.golang.org/genproto v0.0.0-20220913154956-18f8339a66a5/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220914142337-ca0e39ece12f/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220915135415-7fd63a7952de/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220916172020-2692e8806bfa/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220919141832-68c03719ef51/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= +google.golang.org/genproto v0.0.0-20220920201722-2b89144ce006/go.mod h1:ht8XFiar2npT/g4vkk7O0WYS1sHOHbdujxbEp7CJWbw= +google.golang.org/genproto v0.0.0-20220926165614-551eb538f295/go.mod h1:woMGP53BroOrRY3xTxlbr8Y3eB/nzAvvFM83q7kG2OI= +google.golang.org/genproto v0.0.0-20220926220553-6981cbe3cfce/go.mod h1:woMGP53BroOrRY3xTxlbr8Y3eB/nzAvvFM83q7kG2OI= +google.golang.org/genproto v0.0.0-20221010155953-15ba04fc1c0e/go.mod h1:3526vdqwhZAwq4wsRUaVG555sVgsNmIjRtO7t/JH29U= +google.golang.org/genproto v0.0.0-20221014173430-6e2ab493f96b/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= +google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= +google.golang.org/genproto v0.0.0-20221024153911-1573dae28c9c/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= +google.golang.org/genproto v0.0.0-20221024183307-1bc688fe9f3e/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= +google.golang.org/genproto v0.0.0-20221027153422-115e99e71e1c/go.mod h1:CGI5F/G+E5bKwmfYo09AXuVN4dD894kIKUFmVbP2/Fo= +google.golang.org/genproto v0.0.0-20221109142239-94d6d90a7d66/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221114212237-e4508ebdbee1/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221117204609-8f9c96812029/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221201164419-0e50fba7f41c/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221201204527-e3fa12d562f3/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= +google.golang.org/genproto v0.0.0-20221202195650-67e5cbc046fd/go.mod h1:cTsE614GARnxrLsqKREzmNYJACSWWpAWdNMwnD7c2BE= +google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230112194545-e10362b5ecf9/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230113154510-dbe35b8444a5/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230124163310-31e0e69b6fc2/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230125152338-dcaf20b6aeaa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230209215440-0dfe4f8abfcc/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230216225411-c8e22ba71e44/go.mod h1:8B0gmkoRebU8ukX6HP+4wrVQUY1+6PkQ44BSyIlflHA= +google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw= +google.golang.org/genproto v0.0.0-20230223222841-637eb2293923/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw= +google.golang.org/genproto v0.0.0-20230303212802-e74f57abe488/go.mod h1:TvhZT5f700eVlTNwND1xoEZQeWTB2RY/65kplwl/bFA= +google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= +google.golang.org/genproto v0.0.0-20230320184635-7606e756e683/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= +google.golang.org/genproto v0.0.0-20230323212658-478b75c54725/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230330154414-c0448cd141ea/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230331144136-dcfb400f0633/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= +google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU= +google.golang.org/genproto v0.0.0-20240325164216-beb30f47624b h1:8zcpGzRahaXldEGnUcFFpn+ELUyE3ZLZjd4eLDAZ9nQ= +google.golang.org/genproto v0.0.0-20240325164216-beb30f47624b/go.mod h1:CnZenrTdRJb7jc+jOm0Rkywq+9wh0QC4U8tyiRbEPPM= +google.golang.org/genproto/googleapis/api v0.0.0-20240325164216-beb30f47624b h1:ySB/T5Kio6jk7TEUTOhGhpW4b/NOgrc98LBjJyTAk8g= +google.golang.org/genproto/googleapis/api v0.0.0-20240325164216-beb30f47624b/go.mod h1:K4kfzHtI0kqWA79gecJarFtDn/Mls+GxQcg3Zox91Ac= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda h1:LI5DOvAxUPMv/50agcLLoo+AdWc1irS9Rzz4vPuD1V4= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= +google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= +google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= +google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= +google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= +google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= +google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.46.2/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.47.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= +google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= +google.golang.org/grpc v1.52.3/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= +google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= +google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= +google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= +google.golang.org/grpc v1.63.0 h1:WjKe+dnvABXyPJMD7KDNLxtoGk5tgk+YFWN6cBWjZE8= +google.golang.org/grpc v1.63.0/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA= +google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= +google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0 h1:rNBFJjBCOgVr9pWD7rs/knKL4FRTKgpZmsRfV214zcA= +google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0/go.mod h1:Dk1tviKTvMCz5tvh7t+fh94dhmQVHuCt2OzJB3CTW9Y= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= +gopkg.in/dnaeon/go-vcr.v3 v3.2.0 h1:Rltp0Vf+Aq0u4rQXgmXgtgoRDStTnFN83cWgSGSoRzM= +gopkg.in/dnaeon/go-vcr.v3 v3.2.0/go.mod h1:2IMOnnlx9I6u9x+YBsM3tAMx6AlOxnJ0pWxQAzZ79Ag= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 h1:VpOs+IwYnYBaFnrNAeB8UUWtL3vEUnzSCL1nVjPhqrw= +gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA= +gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= +gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= +gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= +gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= +gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= +gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= +helm.sh/helm/v3 v3.14.3 h1:HmvRJlwyyt9HjgmAuxHbHv3PhMz9ir/XNWHyXfmnOP4= +helm.sh/helm/v3 v3.14.3/go.mod h1:v6myVbyseSBJTzhmeE39UcPLNv6cQK6qss3dvgAySaE= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las= +k8s.io/api v0.29.3 h1:2ORfZ7+bGC3YJqGpV0KSDDEVf8hdGQ6A03/50vj8pmw= +k8s.io/api v0.29.3/go.mod h1:y2yg2NTyHUUkIoTC+phinTnEa3KFM6RZ3szxt014a80= +k8s.io/apiextensions-apiserver v0.29.3 h1:9HF+EtZaVpFjStakF4yVufnXGPRppWFEQ87qnO91YeI= +k8s.io/apiextensions-apiserver v0.29.3/go.mod h1:po0XiY5scnpJfFizNGo6puNU6Fq6D70UJY2Cb2KwAVc= +k8s.io/apimachinery v0.29.3 h1:2tbx+5L7RNvqJjn7RIuIKu9XTsIZ9Z5wX2G22XAa5EU= +k8s.io/apimachinery v0.29.3/go.mod h1:hx/S4V2PNW4OMg3WizRrHutyB5la0iCUbZym+W0EQIU= +k8s.io/apiserver v0.29.3 h1:xR7ELlJ/BZSr2n4CnD3lfA4gzFivh0wwfNfz9L0WZcE= +k8s.io/apiserver v0.29.3/go.mod h1:hrvXlwfRulbMbBgmWRQlFru2b/JySDpmzvQwwk4GUOs= +k8s.io/cli-runtime v0.29.3 h1:r68rephmmytoywkw2MyJ+CxjpasJDQY7AGc3XY2iv1k= +k8s.io/cli-runtime v0.29.3/go.mod h1:aqVUsk86/RhaGJwDhHXH0jcdqBrgdF3bZWk4Z9D4mkM= +k8s.io/client-go v0.29.3 h1:R/zaZbEAxqComZ9FHeQwOh3Y1ZUs7FaHKZdQtIc2WZg= +k8s.io/client-go v0.29.3/go.mod h1:tkDisCvgPfiRpxGnOORfkljmS+UrW+WtXAy2fTvXJB0= +k8s.io/component-base v0.29.3 h1:Oq9/nddUxlnrCuuR2K/jp6aflVvc0uDvxMzAWxnGzAo= +k8s.io/component-base v0.29.3/go.mod h1:Yuj33XXjuOk2BAaHsIGHhCKZQAgYKhqIxIjIr2UXYio= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240224005224-582cce78233b h1:1dzw/KqgSPod72SUp2tuTOmK33TlY2fHlrVU2M9VrOM= +k8s.io/kube-openapi v0.0.0-20240224005224-582cce78233b/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw= +k8s.io/kubectl v0.29.3 h1:RuwyyIU42MAISRIePaa8Q7A3U74Q9P4MoJbDFz9o3us= +k8s.io/kubectl v0.29.3/go.mod h1:yCxfY1dbwgVdEt2zkJ6d5NNLOhhWgTyrqACIoFhpdd4= +k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= +k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +launchpad.net/gocheck v0.0.0-20140225173054-000000000087 h1:Izowp2XBH6Ya6rv+hqbceQyw/gSGoXfH/UPoTGduL54= +launchpad.net/gocheck v0.0.0-20140225173054-000000000087/go.mod h1:hj7XX3B/0A+80Vse0e+BUHsHMTEhd0O4cpUHr/e/BUM= +lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/cc/v3 v3.36.2/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/cc/v3 v3.36.3/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc= +modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw= +modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.8/go.mod h1:zNjwkizS+fIFDrDjIAgBSCLkWbJuHF+ar3QRn+Z9aws= +modernc.org/ccgo/v3 v3.16.9/go.mod h1:zNMzC9A9xeNUepy6KuZBbugn3c0Mc9TeiJO4lgvkJDo= +modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ= +modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM= +modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.16.0/go.mod h1:N4LD6DBE9cf+Dzf9buBlzVJndKr/iJHG97vGLHYnb5A= +modernc.org/libc v1.16.1/go.mod h1:JjJE0eu4yeK7tab2n4S1w8tlWd9MxXLRzheaRnAKymU= +modernc.org/libc v1.16.17/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU= +modernc.org/libc v1.16.19/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.17.0/go.mod h1:XsgLldpP4aWlPlsjqKRdHPqCxCjISdHfM/yeWC5GyW0= +modernc.org/libc v1.17.1/go.mod h1:FZ23b+8LjxZs7XtFMbSzL/EhPxNbfZbErxEHc7cbD9s= +modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/memory v1.2.0/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/memory v1.2.1/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= +modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/sqlite v1.18.1/go.mod h1:6ho+Gow7oX5V+OiOQ6Tr4xeqbx13UZ6t+Fw9IRUG4d4= +modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw= +modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw= +modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw= +modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= +modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8= +mvdan.cc/sh/v3 v3.7.0 h1:lSTjdP/1xsddtaKfGg7Myu7DnlHItd3/M2tomOcNNBg= +mvdan.cc/sh/v3 v3.7.0/go.mod h1:K2gwkaesF/D7av7Kxl0HbF5kGOd2ArupNTX3X44+8l8= +oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo= +oras.land/oras-go v1.2.5/go.mod h1:PuAwRShRZCsZb7g8Ar3jKKQR/2A/qN+pkYxIOd/FAoo= +rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= +rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= +rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= +rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= +sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeGOUvw0= +sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= +sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= +sigs.k8s.io/kustomize/kyaml v0.16.0 h1:6J33uKSoATlKZH16unr2XOhDI+otoe2sR3M8PDzW3K0= +sigs.k8s.io/kustomize/kyaml v0.16.0/go.mod h1:xOK/7i+vmE14N2FdFyugIshB8eF6ALpy7jI87Q2nRh4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= +software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k= +software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= diff --git a/integrations/terraform/install.mk b/integrations/terraform/install.mk new file mode 100644 index 0000000000000..9fec620ce1ad1 --- /dev/null +++ b/integrations/terraform/install.mk @@ -0,0 +1,12 @@ +VERSION?=15.1.10 + +OS ?= $(shell go env GOOS) +ARCH ?= $(shell go env GOARCH) +TERRAFORM_ARCH=$(OS)_$(ARCH) + +PROVIDER_PATH = ~/.terraform.d/plugins/terraform.releases.teleport.dev/gravitational/teleport/$(VERSION)/$(TERRAFORM_ARCH)/ + +.PHONY: install +install: build + mkdir -p $(PROVIDER_PATH) + mv $(BUILDDIR)/terraform-provider-teleport $(PROVIDER_PATH) diff --git a/integrations/terraform/main.go b/integrations/terraform/main.go new file mode 100644 index 0000000000000..4c11f1bbffdad --- /dev/null +++ b/integrations/terraform/main.go @@ -0,0 +1,34 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package main + +import ( + "context" + "log" + + "github.com/hashicorp/terraform-plugin-framework/providerserver" + + "github.com/gravitational/teleport/integrations/terraform/provider" +) + +func main() { + err := providerserver.Serve(context.Background(), provider.New, providerserver.ServeOpts{ + Address: "terraform.releases.teleport.dev/gravitational/teleport", + }) + if err != nil { + log.Fatal(err) + } +} diff --git a/integrations/terraform/protoc-gen-terraform-accesslist.yaml b/integrations/terraform/protoc-gen-terraform-accesslist.yaml new file mode 100644 index 0000000000000..60196357c103d --- /dev/null +++ b/integrations/terraform/protoc-gen-terraform-accesslist.yaml @@ -0,0 +1,78 @@ +--- +target_package_name: "v1" +default_package_name: "github.com/gravitational/teleport/api/gen/proto/go/teleport/accesslist/v1" +duration_custom_type: Duration +use_state_for_unknown_by_default: true + +# Top-level type names to export +types: + - "AccessList" + +# These import paths were not being automatically picked up by +# protoc-gen-terraform without these overrides +import_path_overrides: + "types": "github.com/gravitational/teleport/api/types" + "wrappers": "github.com/gravitational/teleport/api/types/wrappers" + "durationpb": "google.golang.org/protobuf/types/known/durationpb" + "timestamppb": "google.golang.org/protobuf/types/known/timestamppb" + "v1": "github.com/gravitational/teleport/api/gen/proto/go/teleport/header/v1" + "v11": "github.com/gravitational/teleport/api/gen/proto/go/teleport/trait/v1" + +# id field is required for integration tests. It is not used by provider. +# We have to add it manually (might be removed in the future versions). +injected_fields: + AccessList: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + +# These fields will be excluded +exclude_fields: + # Metadata (we id resources by name on our side) + - "AccessList.header.metadata.id" + # Read only field + - "AccessList.spec.owners.ineligible_status" + - "AccessList.status" + +# These fields will be marked as Computed: true +computed_fields: + # Metadata + - "AccessList.header.metadata.namespace" + - "AccessList.spec.audit.next_audit_date" + +# These fields will be marked as Required: true +required_fields: + - "Metadata.name" + - "AccessList.header.version" + - "AccessList.spec.owners" + - "AccessList.spec.grants" + - "AccessList.spec.audit" + - "AccessList.spec.audit.recurrence" + - "AccessList.spec.audit.recurrence.frequency" + +plan_modifiers: + # Force to recreate resource if it's name changes + Metadata.name: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()" + +# This must be defined for the generator to be happy, but in reality all time +# fields are overridden (because the protobuf timestamps contain locks and the +# linter gets mad if we use raw structs instead of pointers). +time_type: + type: "PlaceholderType" +duration_type: + type: "PlaceholderType" + +validators: + # Expires must be in the future + Metadata.expires: + - github_com_gravitational_teleport_integrations_terraform_tfschema.MustTimeBeInFuture() + +custom_types: + "AccessList.header.metadata.expires": Timestamp + "AccessList.spec.audit.next_audit_date": Timestamp + "AccessList.spec.audit.frequency": Duration + "AccessList.spec.audit.notifications.start": Duration diff --git a/integrations/terraform/protoc-gen-terraform-devicetrust.yaml b/integrations/terraform/protoc-gen-terraform-devicetrust.yaml new file mode 100644 index 0000000000000..274f7393a4246 --- /dev/null +++ b/integrations/terraform/protoc-gen-terraform-devicetrust.yaml @@ -0,0 +1,70 @@ +--- +target_package_name: "v1" +default_package_name: "github.com/gravitational/teleport/api/types" +use_state_for_unknown_by_default: true + +# Top-level type names to export +types: + - "DeviceV1" + +# These import paths were not being automatically picked up by +# protoc-gen-terraform without these overrides +import_path_overrides: + "types": "github.com/gravitational/teleport/api/types" + "wrappers": "github.com/gravitational/teleport/api/types/wrappers" + + +injected_fields: + DeviceV1: + # id field is required for integration tests. It is also used by this provider + # to hold Metadata.name value returned by Teleport. + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + + + +# These fields will be marked as Computed: true +computed_fields: + # Metadata + - "DeviceV1.Metadata" + - "DeviceV1.Kind" + # DeviceV1 + - "DeviceV1.spec.enroll_status" + + +# These fields will be marked as Required: true +required_fields: + - "DeviceV1.spec.asset_tag" + - "DeviceV1.spec.os_type" + - "DeviceV1.Version" + + +exclude_fields: + # Below fields are either managed or not used on Teleport side + - "DeviceV1.SubKind" + - "DeviceV1.Metadata.ID" + - "DeviceV1.Metadata.Namespace" + - "DeviceV1.Metadata.Description" + - "DeviceV1.Metadata.Expires" + - "DeviceV1.spec.create_time" + - "DeviceV1.spec.update_time" + - "DeviceV1.spec.credential" + - "DeviceV1.spec.collected_data" + - "DeviceV1.spec.profile" + +plan_modifiers: + # Force to recreate resource if asset tag changes + "DeviceV1.spec.asset_tag": + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()" + + +time_type: + type: "github.com/gravitational/teleport/integrations/terraform/tfschema.TimeType" + value_type: "github.com/gravitational/teleport/integrations/terraform/tfschema.TimeValue" + cast_to_type: "time.Time" + cast_from_type: "time.Time" + type_constructor: "github.com/gravitational/teleport/integrations/terraform/tfschema.UseRFC3339Time()" diff --git a/integrations/terraform/protoc-gen-terraform-loginrule.yaml b/integrations/terraform/protoc-gen-terraform-loginrule.yaml new file mode 100644 index 0000000000000..dfad9893f5caa --- /dev/null +++ b/integrations/terraform/protoc-gen-terraform-loginrule.yaml @@ -0,0 +1,65 @@ +--- +target_package_name: "v1" +default_package_name: "github.com/gravitational/teleport/api/gen/proto/go/teleport/loginrule/v1" +duration_custom_type: Duration +use_state_for_unknown_by_default: true + +# Top-level type names to export +types: + - "LoginRule" + +# These import paths were not being automatically picked up by +# protoc-gen-terraform without these overrides +import_path_overrides: + "types": "github.com/gravitational/teleport/api/types" + "wrappers": "github.com/gravitational/teleport/api/types/wrappers" + +# id field is required for integration tests. It is not used by provider. +# We have to add it manually (might be removed in the future versions). +injected_fields: + LoginRule: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + +# These fields will be excluded +exclude_fields: + # Metadata (we id resources by name on our side) + - "Metadata.ID" + +# These fields will be marked as Computed: true +computed_fields: + # Metadata + - "Metadata.Namespace" + +# These fields will be marked as Required: true +required_fields: + # LoginRule + - "Metadata.Name" + - "LoginRule.version" + - "LoginRule.priority" + +plan_modifiers: + # Force to recreate resource if it's name changes + Metadata.Name: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()" + +validators: + Metadata.Expires: + - github_com_gravitational_teleport_integrations_terraform_tfschema.MustTimeBeInFuture() + LoginRule: + - github_com_gravitational_teleport_integrations_terraform_tfschema.UseAnyOfValidator("traits_map", "traits_expression") + LoginRule.TraitsExpression: + - github_com_gravitational_teleport_integrations_terraform_tfschema.UseAnyOfValidator("traits_map", "traits_expression") + TraitsExpression: + - github_com_gravitational_teleport_integrations_terraform_tfschema.UseAnyOfValidator("traits_map", "traits_expression") + +time_type: + type: "github.com/gravitational/teleport/integrations/terraform/tfschema.TimeType" + value_type: "github.com/gravitational/teleport/integrations/terraform/tfschema.TimeValue" + cast_to_type: "time.Time" + cast_from_type: "time.Time" + type_constructor: "github.com/gravitational/teleport/integrations/terraform/tfschema.UseRFC3339Time()" diff --git a/integrations/terraform/protoc-gen-terraform-teleport.yaml b/integrations/terraform/protoc-gen-terraform-teleport.yaml new file mode 100644 index 0000000000000..b4ca7b9c922b8 --- /dev/null +++ b/integrations/terraform/protoc-gen-terraform-teleport.yaml @@ -0,0 +1,434 @@ +--- +target_package_name: "tfschema" +default_package_name: "github.com/gravitational/teleport/api/types" +duration_custom_type: Duration +use_state_for_unknown_by_default: true + +# Top-level type names to export +types: + - "AppV3" + - "AuthPreferenceV2" + - "ClusterMaintenanceConfigV1" + - "ClusterNetworkingConfigV2" + - "DatabaseV3" + - "GithubConnectorV3" + - "OIDCConnectorV3" + - "OktaImportRuleV1" + - "ProvisionTokenV2" + - "RoleV6" + - "SAMLConnectorV2" + - "ServerV2" + - "SessionRecordingConfigV2" + - "TrustedClusterV2" + - "UserV2" + +# id field is required for integration tests. It is not used by provider. +# We have to add it manually (might be removed in the future versions). +injected_fields: + AppV3: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + AuthPreferenceV2: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + ClusterMaintenanceConfigV1: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + ClusterNetworkingConfigV2: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + DatabaseV3: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + GithubConnectorV3: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + OIDCConnectorV3: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + OktaImportRuleV1: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + ProvisionTokenV2: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + RoleV6: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + SAMLConnectorV2: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + ServerV2: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + SessionRecordingConfigV2: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + TrustedClusterV2: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + UserV2: + - + name: id + type: github.com/hashicorp/terraform-plugin-framework/types.StringType + computed: true + plan_modifiers: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + +# These fields will be excluded +exclude_fields: + # Metadata (we id resources by name on our side) + - "Metadata.ID" + + # AuthPreference + - "AuthPreferenceV2.Metadata.Name" # It's a singleton resource + + # ClusterMaintenanceConfig + - "ClusterMaintenanceConfigV1.Metadata.Name" # It's a singleton resource + + # NetworkingConfig + - "ClusterNetworkingConfigV2.Metadata.Name" # It's a singleton resource + + # Status + - "DatabaseV3.Status" + + # Role + - "RoleV6.Spec.Allow.Namespaces" # These fields are not settable via API + - "RoleV6.Spec.Deny.Namespaces" + + # Server + - "ServerSpecV2.CmdLabels" + + # SessionRecordingConfig + - "SessionRecordingConfigV2.Metadata.Name" # It's a singleton resource + + # User + - "UserSpecV2.LocalAuth" # We do not need to set user auth data + - "UserSpecV2.Expires" # Those fields are Teleport side meta, we do not need to change them via Terraform + - "UserSpecV2.CreatedBy" + - "UserSpecV2.Status" + +name_overrides: + +# These fields will be marked as Computed: true +computed_fields: + # Metadata + - "Metadata.Namespace" + + # App + - "AppV3.Metadata.Labels" + - "AppV3.Kind" + + # Auth preference + - "AuthPreferenceV2.Spec.SecondFactor" + - "AuthPreferenceV2.Spec.Type" + - "AuthPreferenceV2.Spec.LockingMode" + - "AuthPreferenceV2.Metadata.Namespace" + - "AuthPreferenceV2.Metadata.Labels" + - "AuthPreferenceV2.Kind" + + # ClusterMaintenanceConfig + - "ClusterMaintenanceConfigV1.Kind" + + # Cluster networking + - "ClusterNetworkingConfigV2.Spec.KeepAliveCountMax" + - "ClusterNetworkingConfigV2.Spec.KeepAliveInterval" + - "ClusterNetworkingConfigV2.Kind" + - "ClusterNetworkingConfigV2.Version" + + # Database + - "DatabaseV3.Kind" + + # Github connector + - "GithubConnectorV3.Kind" + + # Provision token + - "ProvisionTokenV2.Spec.AWSIIDTTL" + - "ProvisionTokenV2.Kind" + - "ProvisionTokenV2.Metadata.Name" + + # OIDC connector + - "OIDCConnectorV3.Kind" + + # Okta import rule + - "OktaImportRuleV1.Kind" + + # Role + - "RoleV6.Spec.Options.MaxSessionTTL" + - "RoleV6.Spec.Options.CertificateFormat" + # KubernetesResources was added in v12 + # When not set, the api returns kind:Pod/name:*/namespace:* + # We must include this as computed, otherwise terraform would complain about an unexpected field: + # https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#computed + # Computed is often used to represent values that are not user configurable or can not be known at time of terraform plan or apply, + #------------------------------------ + # role_test.go:244: Step 1/8 error: Error running apply: exit status 1 + # + # Error: Provider produced inconsistent result after apply + # + # When applying changes to teleport_role.upgrade, provider + # "provider[\"registry.terraform.io/hashicorp/teleport\"]" produced an + # unexpected new value: .spec.allow.kubernetes_resources: was null, but now + # cty.ListVal([]cty.Value{cty.ObjectVal(map[string]cty.Value{"kind":cty.StringVal("pod"), + # "name":cty.StringVal("*"), "namespace":cty.StringVal("*")})}). + # + # This is a bug in the provider, which should be reported in the provider's own + # issue tracker. + #------------------------------------ + # The following tests were added to validate the behavior: + # - TestTerraform/TestRoleVersionUpgrade + # - TestTerraform/TestRoleWithKubernetesResources + - "RoleV6.Spec.Allow.KubernetesResources" + - "RoleV6.Spec.Allow.KubernetesResources.Verbs" + - "RoleV6.Spec.Options.BPF" + - "RoleV6.Kind" + + # SAML connector + - "SAMLConnectorV2.Spec.Audience" + - "SAMLConnectorV2.Spec.Issuer" + - "SAMLConnectorV2.Spec.ServiceProviderIssuer" + - "SAMLConnectorV2.Spec.SSO" + - "SAMLConnectorV2.Spec.SigningKeyPair" + - "SAMLConnectorV2.Spec.SigningKeyPair.PrivateKey" + - "SAMLConnectorV2.Spec.SigningKeyPair.Cert" + - "SAMLConnectorV2.Spec.EncryprionKeyPair" + - "SAMLConnectorV2.Spec.EncryptionKeyPair.PrivateKey" + - "SAMLConnectorV2.Spec.EncryptionKeyPair.Cert" + - "SAMLConnectorV2.Kind" + + # Server + - "ServerV2.Kind" + # Name is not required for servers, this is a special case. + # When a name is not set, an UUID will be generated by Teleport and + # imported back into Terraform. + # Giving unique IDs to servers allows UUID-based dialing (as opposed to + # host-based dialing and IP-based dialing) which is more robust than its + # counterparts as it can point to a specific server if multiple servers + # share the same hostname/ip. + - "ServerV2.Metadata.Name" + # Metadata must be marked computed as well, because we ccan potentially compute Metadata.Name. + # If there's no metadata and the attribute is not marked as comnputed, it will + # keep its values.Null = true field, which means its content won't be imported + # back into the state. + - "ServerV2.Metadata" + + # Session recording + - "SessionRecordingConfigV2.Spec.Mode" + - "SessionRecordingConfigV2.Kind" + + # Trusted cluster + - "TrustedClusterV2.Kind" + + # User + - "UserV2.Kind" + +# These fields will be marked as Required: true +required_fields: + # App + - "AppV3.Metadata.Name" + - "AppV3.Version" + + # Auth preference + - "AuthPreferenceV2.Spec" + - "AuthPreferenceV2.Metadata.Name" + + # Database + - "DatabaseV3.Spec.Protocol" + - "DatabaseV3.Spec.URI" + - "DatabaseV3.Metadata.Name" + - "DatabaseV3.Version" + + # Github connector + - "GithubConnectorV3.Spec" + - "GithubConnectorV3.Spec.ClientID" + - "GithubConnectorV3.Spec.ClientSecret" + - "GithubConnectorV3.Metadata.Name" + - "GithubConnectorV3.Version" + + # OIDC connector + - "OIDCConnectorV3.Spec" + - "OIDCConnectorV3.Metadata.Name" + - "OIDCConnectorV3.Version" + + # Okta import rule + - "OktaImportRuleV1.Spec" + - "OktaImportRuleV1.Metadata.Name" + - "OktaImportRuleV1.Version" + + # Provision token + - "ProvisionTokenV2.Spec" + - "ProvisionTokenV2.Spec.Options" + - "ProvisionTokenV2.Spec.Roles" + - "ProvisionTokenV2.Version" + + # Role + - "RoleV6.Metadata.Name" + - "RoleV6.Version" + + # SAML connector + - "SAMLConnectorV2.Spec" + - "SAMLConnectorV2.Spec.AssertionConsumerService" + - "SAMLConnectorV2.Spec.AttributesToRoles" + - "SAMLConnectorV2.Metadata.Name" + - "SAMLConnectorV2.Version" + + # Server + - "ServerV2.Version" + - "ServerV2.SubKind" + + # Trusted cluster + - "TrustedClusterV2.Metadata.Name" + - "TrustedClusterV2.Version" + - "TrustedClusterV2.Spec" + + # User + - "UserV2.Metadata.Name" + - "UserV2.Version" + + - "SessionRecordingConfigV2.Version" + - "ClusterMaintenanceConfigV1.Version" + - "AuthPreferenceV2.Version" + +# These fields must be marked as sensitive +sensitive_fields: + - "ProvisionTokenV2.Metadata.Name" + - "SAMLConnectorV2.Spec.Cert" + - "SAMLConnectorV2.Spec.SigningKeyPair.PrivateKey" + - "SAMLConnectorV2.Spec.EncryptionKeyPair.PrivateKey" + - "SAMLConnectorV2.Spec.EntityDescriptor" + - "GithubConnectorV3.Spec.ClientSecret" + - "OIDCConnectorV3.Spec.ClientSecret" + - "OIDCConnectorV3.Spec.GoogleServiceAccount" + - "TrustedClusterV2.Spec.Token" + +# These suffixes for custom methods called when field has custom_type flag. By default they might be weird. +suffixes: + "BoolOption": "BoolOption" # This is listed here for convenience. Just to have all custom method names in a single place. + "Labels": "Labels" + "github.com/gravitational/teleport/api/types/wrappers.Traits": "Traits" + "github.com/gravitational/teleport/api/types/wrappers.Strings": "Strings" + +plan_modifiers: + # Force to recreate resource if it's name changes + Metadata.Name: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()" + ProvisionTokenV2.Metadata.Name: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()" + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + ServerV2.Metadata.Name: + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()" + - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()" + +validators: + # Expires must be in the future + Metadata.Expires: + - MustTimeBeInFuture() + AppV3.Version: + - UseVersionBetween(3,3) + AuthPreferenceV2.Version: + - UseVersionBetween(2,2) + AuthPreferenceV2.Metadata.Labels: + - UseMapKeysPresentValidator("teleport.dev/origin") + ClusterNetworkingConfigV2.Version: + - UseVersionBetween(2,2) + ClusterNetworkingConfigV2.Metadata.Labels: + - UseMapKeysPresentValidator("teleport.dev/origin") + DatabaseV3.Version: + - UseVersionBetween(3,3) + DatabaseV3.Metadata.Labels: + - UseMapKeysPresentValidator("teleport.dev/origin") + GithubConnectorV3.Version: + - UseVersionBetween(3,3) + OIDCConnectorV3.Version: + - UseVersionBetween(3,3) + OktaImportRuleV1.Version: + - UseVersionBetween(1,1) + ProvisionTokenV2.Version: + - UseVersionBetween(2,2) + RoleV6.Version: + - UseVersionBetween(3,7) + SAMLConnectorV2.Version: + - UseVersionBetween(2,2) + SAMLConnectorV2.Spec: + - UseAnyOfValidator("entity_descriptor", "entity_descriptor_url") + ServerV2.Version: + - UseVersionBetween(2,2) + ServerV2.SubKind: + - UseValueIn("openssh", "openssh-ec2-ice") + SessionRecordingConfigV2.Version: + - UseVersionBetween(2,2) + SessionRecordingConfigV2.Metadata.Labels: + - UseMapKeysPresentValidator("teleport.dev/origin") + UserV2.Version: + - UseVersionBetween(2,2) + ClusterMaintenanceConfigV1.Version: + - UseVersionBetween(1,1) + +time_type: + type: "TimeType" + value_type: "TimeValue" + cast_to_type: "time.Time" + cast_from_type: "time.Time" + type_constructor: UseRFC3339Time() + +duration_type: + type: "DurationType" + value_type: "DurationValue" + cast_to_type: "time.Duration" + cast_from_type: "time.Duration" diff --git a/integrations/terraform/provider/data_source_teleport_access_list.go b/integrations/terraform/provider/data_source_teleport_access_list.go new file mode 100755 index 0000000000000..3513e76d2020c --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_access_list.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + convert "github.com/gravitational/teleport/api/types/accesslist/convert/v1" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + schemav1 "github.com/gravitational/teleport/integrations/terraform/tfschema/accesslist/v1" +) + +// dataSourceTeleportAccessListType is the data source metadata type +type dataSourceTeleportAccessListType struct{} + +// dataSourceTeleportAccessList is the resource +type dataSourceTeleportAccessList struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportAccessListType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return schemav1.GenSchemaAccessList(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportAccessListType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportAccessList{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport AccessList +func (r dataSourceTeleportAccessList) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("header").AtName("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + accessListI, err := r.p.Client.AccessListClient().GetAccessList(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Wrap(err), "access_list")) + return + } + + var state types.Object + accessList := convert.ToProto(accessListI) + + diags = schemav1.CopyAccessListToTerraform(ctx, accessList, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_app.go b/integrations/terraform/provider/data_source_teleport_app.go new file mode 100755 index 0000000000000..fe0bc51362859 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_app.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportAppType is the data source metadata type +type dataSourceTeleportAppType struct{} + +// dataSourceTeleportApp is the resource +type dataSourceTeleportApp struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportAppType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaAppV3(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportAppType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportApp{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport App +func (r dataSourceTeleportApp) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + appI, err := r.p.Client.GetApp(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Wrap(err), "app")) + return + } + + var state types.Object + + app := appI.(*apitypes.AppV3) + diags = tfschema.CopyAppV3ToTerraform(ctx, app, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_auth_preference.go b/integrations/terraform/provider/data_source_teleport_auth_preference.go new file mode 100755 index 0000000000000..e73781ba6ffd2 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_auth_preference.go @@ -0,0 +1,73 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportAuthPreferenceType is the data source metadata type +type dataSourceTeleportAuthPreferenceType struct{} + +// dataSourceTeleportAuthPreference is the resource +type dataSourceTeleportAuthPreference struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportAuthPreferenceType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaAuthPreferenceV2(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportAuthPreferenceType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportAuthPreference{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport AuthPreference +func (r dataSourceTeleportAuthPreference) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + authPreferenceI, err := r.p.Client.GetAuthPreference(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + var state types.Object + authPreference := authPreferenceI.(*apitypes.AuthPreferenceV2) + diags := tfschema.CopyAuthPreferenceV2ToTerraform(ctx, authPreference, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_cluster_maintenance_config.go b/integrations/terraform/provider/data_source_teleport_cluster_maintenance_config.go new file mode 100755 index 0000000000000..8e6d1a1bf0dce --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_cluster_maintenance_config.go @@ -0,0 +1,73 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportClusterMaintenanceConfigType is the data source metadata type +type dataSourceTeleportClusterMaintenanceConfigType struct{} + +// dataSourceTeleportClusterMaintenanceConfig is the resource +type dataSourceTeleportClusterMaintenanceConfig struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportClusterMaintenanceConfigType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaClusterMaintenanceConfigV1(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportClusterMaintenanceConfigType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportClusterMaintenanceConfig{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport ClusterMaintenanceConfig +func (r dataSourceTeleportClusterMaintenanceConfig) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + clusterMaintenanceConfigI, err := r.p.Client.GetClusterMaintenanceConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + var state types.Object + clusterMaintenanceConfig := clusterMaintenanceConfigI.(*apitypes.ClusterMaintenanceConfigV1) + diags := tfschema.CopyClusterMaintenanceConfigV1ToTerraform(ctx, clusterMaintenanceConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_cluster_networking_config.go b/integrations/terraform/provider/data_source_teleport_cluster_networking_config.go new file mode 100755 index 0000000000000..4b7c5b869b31c --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_cluster_networking_config.go @@ -0,0 +1,73 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportClusterNetworkingConfigType is the data source metadata type +type dataSourceTeleportClusterNetworkingConfigType struct{} + +// dataSourceTeleportClusterNetworkingConfig is the resource +type dataSourceTeleportClusterNetworkingConfig struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportClusterNetworkingConfigType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaClusterNetworkingConfigV2(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportClusterNetworkingConfigType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportClusterNetworkingConfig{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport ClusterNetworkingConfig +func (r dataSourceTeleportClusterNetworkingConfig) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + clusterNetworkingConfigI, err := r.p.Client.GetClusterNetworkingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + var state types.Object + clusterNetworkingConfig := clusterNetworkingConfigI.(*apitypes.ClusterNetworkingConfigV2) + diags := tfschema.CopyClusterNetworkingConfigV2ToTerraform(ctx, clusterNetworkingConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_database.go b/integrations/terraform/provider/data_source_teleport_database.go new file mode 100755 index 0000000000000..d87a47e123495 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_database.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportDatabaseType is the data source metadata type +type dataSourceTeleportDatabaseType struct{} + +// dataSourceTeleportDatabase is the resource +type dataSourceTeleportDatabase struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportDatabaseType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaDatabaseV3(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportDatabaseType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportDatabase{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport Database +func (r dataSourceTeleportDatabase) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + databaseI, err := r.p.Client.GetDatabase(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Wrap(err), "db")) + return + } + + var state types.Object + + database := databaseI.(*apitypes.DatabaseV3) + diags = tfschema.CopyDatabaseV3ToTerraform(ctx, database, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_device_trust.go b/integrations/terraform/provider/data_source_teleport_device_trust.go new file mode 100755 index 0000000000000..df74e8a6b9f9c --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_device_trust.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + schemav1 "github.com/gravitational/teleport/integrations/terraform/tfschema/devicetrust/v1" +) + +// dataSourceTeleportDeviceV1Type is the data source metadata type +type dataSourceTeleportDeviceV1Type struct{} + +// dataSourceTeleportDeviceV1 is the resource +type dataSourceTeleportDeviceV1 struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportDeviceV1Type) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return schemav1.GenSchemaDeviceV1(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportDeviceV1Type) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportDeviceV1{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport DeviceV1 +func (r dataSourceTeleportDeviceV1) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + trustedDeviceI, err := r.p.Client.GetDeviceResource(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", trace.Wrap(err), "device")) + return + } + + var state types.Object + trustedDevice := trustedDeviceI + + diags = schemav1.CopyDeviceV1ToTerraform(ctx, trustedDevice, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_github_connector.go b/integrations/terraform/provider/data_source_teleport_github_connector.go new file mode 100755 index 0000000000000..4e9aeb00d92f3 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_github_connector.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportGithubConnectorType is the data source metadata type +type dataSourceTeleportGithubConnectorType struct{} + +// dataSourceTeleportGithubConnector is the resource +type dataSourceTeleportGithubConnector struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportGithubConnectorType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaGithubConnectorV3(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportGithubConnectorType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportGithubConnector{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport GithubConnector +func (r dataSourceTeleportGithubConnector) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + githubConnectorI, err := r.p.Client.GetGithubConnector(ctx, id.Value, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Wrap(err), "github")) + return + } + + var state types.Object + + githubConnector := githubConnectorI.(*apitypes.GithubConnectorV3) + diags = tfschema.CopyGithubConnectorV3ToTerraform(ctx, githubConnector, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_login_rule.go b/integrations/terraform/provider/data_source_teleport_login_rule.go new file mode 100755 index 0000000000000..f1f916bd1da49 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_login_rule.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + schemav1 "github.com/gravitational/teleport/integrations/terraform/tfschema/loginrule/v1" +) + +// dataSourceTeleportLoginRuleType is the data source metadata type +type dataSourceTeleportLoginRuleType struct{} + +// dataSourceTeleportLoginRule is the resource +type dataSourceTeleportLoginRule struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportLoginRuleType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return schemav1.GenSchemaLoginRule(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportLoginRuleType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportLoginRule{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport LoginRule +func (r dataSourceTeleportLoginRule) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + loginRuleI, err := r.p.Client.GetLoginRule(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", trace.Wrap(err), "login_rule")) + return + } + + var state types.Object + loginRule := loginRuleI + + diags = schemav1.CopyLoginRuleToTerraform(ctx, loginRule, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_oidc_connector.go b/integrations/terraform/provider/data_source_teleport_oidc_connector.go new file mode 100755 index 0000000000000..83196d1ed9c10 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_oidc_connector.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportOIDCConnectorType is the data source metadata type +type dataSourceTeleportOIDCConnectorType struct{} + +// dataSourceTeleportOIDCConnector is the resource +type dataSourceTeleportOIDCConnector struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportOIDCConnectorType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaOIDCConnectorV3(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportOIDCConnectorType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportOIDCConnector{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport OIDCConnector +func (r dataSourceTeleportOIDCConnector) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oidcConnectorI, err := r.p.Client.GetOIDCConnector(ctx, id.Value, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Wrap(err), "oidc")) + return + } + + var state types.Object + + oidcConnector := oidcConnectorI.(*apitypes.OIDCConnectorV3) + diags = tfschema.CopyOIDCConnectorV3ToTerraform(ctx, oidcConnector, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_okta_import_rule.go b/integrations/terraform/provider/data_source_teleport_okta_import_rule.go new file mode 100755 index 0000000000000..f8f7bd1753e19 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_okta_import_rule.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportOktaImportRuleType is the data source metadata type +type dataSourceTeleportOktaImportRuleType struct{} + +// dataSourceTeleportOktaImportRule is the resource +type dataSourceTeleportOktaImportRule struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportOktaImportRuleType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaOktaImportRuleV1(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportOktaImportRuleType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportOktaImportRule{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport OktaImportRule +func (r dataSourceTeleportOktaImportRule) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oktaImportRuleI, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + var state types.Object + + oktaImportRule := oktaImportRuleI.(*apitypes.OktaImportRuleV1) + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, oktaImportRule, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_provision_token.go b/integrations/terraform/provider/data_source_teleport_provision_token.go new file mode 100755 index 0000000000000..adc0180be6c75 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_provision_token.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportProvisionTokenType is the data source metadata type +type dataSourceTeleportProvisionTokenType struct{} + +// dataSourceTeleportProvisionToken is the resource +type dataSourceTeleportProvisionToken struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportProvisionTokenType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaProvisionTokenV2(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportProvisionTokenType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportProvisionToken{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport ProvisionToken +func (r dataSourceTeleportProvisionToken) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + provisionTokenI, err := r.p.Client.GetToken(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Wrap(err), "token")) + return + } + + var state types.Object + + provisionToken := provisionTokenI.(*apitypes.ProvisionTokenV2) + diags = tfschema.CopyProvisionTokenV2ToTerraform(ctx, provisionToken, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_role.go b/integrations/terraform/provider/data_source_teleport_role.go new file mode 100755 index 0000000000000..63ea402da5fcd --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_role.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportRoleType is the data source metadata type +type dataSourceTeleportRoleType struct{} + +// dataSourceTeleportRole is the resource +type dataSourceTeleportRole struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportRoleType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaRoleV6(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportRoleType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportRole{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport Role +func (r dataSourceTeleportRole) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + roleI, err := r.p.Client.GetRole(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Wrap(err), "role")) + return + } + + var state types.Object + + role := roleI.(*apitypes.RoleV6) + diags = tfschema.CopyRoleV6ToTerraform(ctx, role, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_saml_connector.go b/integrations/terraform/provider/data_source_teleport_saml_connector.go new file mode 100755 index 0000000000000..5d1730ed28c2d --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_saml_connector.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportSAMLConnectorType is the data source metadata type +type dataSourceTeleportSAMLConnectorType struct{} + +// dataSourceTeleportSAMLConnector is the resource +type dataSourceTeleportSAMLConnector struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportSAMLConnectorType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaSAMLConnectorV2(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportSAMLConnectorType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportSAMLConnector{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport SAMLConnector +func (r dataSourceTeleportSAMLConnector) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + samlConnectorI, err := r.p.Client.GetSAMLConnector(ctx, id.Value, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Wrap(err), "saml")) + return + } + + var state types.Object + + samlConnector := samlConnectorI.(*apitypes.SAMLConnectorV2) + diags = tfschema.CopySAMLConnectorV2ToTerraform(ctx, samlConnector, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_server.go b/integrations/terraform/provider/data_source_teleport_server.go new file mode 100755 index 0000000000000..894f357aa0657 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_server.go @@ -0,0 +1,83 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/gravitational/teleport/api/defaults" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportServerType is the data source metadata type +type dataSourceTeleportServerType struct{} + +// dataSourceTeleportServer is the resource +type dataSourceTeleportServer struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportServerType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaServerV2(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportServerType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportServer{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport Server +func (r dataSourceTeleportServer) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + serverI, err := r.p.Client.GetNode(ctx, defaults.Namespace, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Wrap(err), "node")) + return + } + + var state types.Object + + server := serverI.(*apitypes.ServerV2) + diags = tfschema.CopyServerV2ToTerraform(ctx, server, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_session_recording_config.go b/integrations/terraform/provider/data_source_teleport_session_recording_config.go new file mode 100755 index 0000000000000..7db41e6a342f6 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_session_recording_config.go @@ -0,0 +1,73 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportSessionRecordingConfigType is the data source metadata type +type dataSourceTeleportSessionRecordingConfigType struct{} + +// dataSourceTeleportSessionRecordingConfig is the resource +type dataSourceTeleportSessionRecordingConfig struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportSessionRecordingConfigType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaSessionRecordingConfigV2(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportSessionRecordingConfigType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportSessionRecordingConfig{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport SessionRecordingConfig +func (r dataSourceTeleportSessionRecordingConfig) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + sessionRecordingConfigI, err := r.p.Client.GetSessionRecordingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + var state types.Object + sessionRecordingConfig := sessionRecordingConfigI.(*apitypes.SessionRecordingConfigV2) + diags := tfschema.CopySessionRecordingConfigV2ToTerraform(ctx, sessionRecordingConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_trusted_cluster.go b/integrations/terraform/provider/data_source_teleport_trusted_cluster.go new file mode 100755 index 0000000000000..35c8a099010df --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_trusted_cluster.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportTrustedClusterType is the data source metadata type +type dataSourceTeleportTrustedClusterType struct{} + +// dataSourceTeleportTrustedCluster is the resource +type dataSourceTeleportTrustedCluster struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportTrustedClusterType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaTrustedClusterV2(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportTrustedClusterType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportTrustedCluster{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport TrustedCluster +func (r dataSourceTeleportTrustedCluster) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + trustedClusterI, err := r.p.Client.GetTrustedCluster(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Wrap(err), "trusted_cluster")) + return + } + + var state types.Object + + trustedCluster := trustedClusterI.(*apitypes.TrustedClusterV2) + diags = tfschema.CopyTrustedClusterV2ToTerraform(ctx, trustedCluster, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/data_source_teleport_user.go b/integrations/terraform/provider/data_source_teleport_user.go new file mode 100755 index 0000000000000..62863b7d44ef2 --- /dev/null +++ b/integrations/terraform/provider/data_source_teleport_user.go @@ -0,0 +1,82 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// dataSourceTeleportUserType is the data source metadata type +type dataSourceTeleportUserType struct{} + +// dataSourceTeleportUser is the resource +type dataSourceTeleportUser struct { + p Provider +} + +// GetSchema returns the data source schema +func (r dataSourceTeleportUserType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaUserV2(ctx) +} + +// NewDataSource creates the empty data source +func (r dataSourceTeleportUserType) NewDataSource(_ context.Context, p tfsdk.Provider) (tfsdk.DataSource, diag.Diagnostics) { + return dataSourceTeleportUser{ + p: *(p.(*Provider)), + }, nil +} + +// Read reads teleport User +func (r dataSourceTeleportUser) Read(ctx context.Context, req tfsdk.ReadDataSourceRequest, resp *tfsdk.ReadDataSourceResponse) { + var id types.String + diags := req.Config.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + userI, err := r.p.Client.GetUser(ctx, id.Value, false) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Wrap(err), "user")) + return + } + + var state types.Object + + user := userI.(*apitypes.UserV2) + diags = tfschema.CopyUserV2ToTerraform(ctx, user, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/errors.go b/integrations/terraform/provider/errors.go new file mode 100644 index 0000000000000..d31715366d192 --- /dev/null +++ b/integrations/terraform/provider/errors.go @@ -0,0 +1,51 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + log "github.com/sirupsen/logrus" +) + +// diagFromWrappedErr wraps error with additional information +func diagFromWrappedErr(summary string, err error, kind string) diag.Diagnostic { + var notFoundErr = "Terraform user has no rights to perform this action. Check that Terraform user role has " + + "['list','create','read','update','delete'] verbs for '" + kind + "' resource." + + var accessDeniedErr = "Terraform user is missing on the Teleport side. Check that your auth credentials (certs) " + + "specified in provider configuration belong to existing user and are not expired." + + if trace.IsNotFound(err) { + return diagFromErr(summary, trace.WrapWithMessage(err, notFoundErr)) + } + + if trace.IsAccessDenied(err) { + return diagFromErr(summary, trace.WrapWithMessage(err, accessDeniedErr)) + } + + return diagFromErr(summary, trace.Wrap(err)) +} + +// diagFromErr converts error to diag.Diagnostics. If logging level is debug, provides trace.DebugReport instead of short text. +func diagFromErr(summary string, err error) diag.Diagnostic { + if log.GetLevel() >= log.DebugLevel { + return diag.NewErrorDiagnostic(err.Error(), trace.DebugReport(err)) + } + + return diag.NewErrorDiagnostic(summary, err.Error()) +} diff --git a/integrations/terraform/provider/provider.go b/integrations/terraform/provider/provider.go new file mode 100644 index 0000000000000..e9eb81b29cd0e --- /dev/null +++ b/integrations/terraform/provider/provider.go @@ -0,0 +1,609 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "crypto/tls" + "crypto/x509" + "encoding/base64" + "fmt" + "net" + "os" + "path/filepath" + "strconv" + "strings" + "time" + + "github.com/gravitational/teleport/api/client" + "github.com/gravitational/teleport/integrations/lib" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + log "github.com/sirupsen/logrus" + "google.golang.org/grpc" + "google.golang.org/grpc/grpclog" +) + +const ( + // minServerVersion is the minimal teleport version the plugin supports. + minServerVersion = "15.0.0-0" +) + +type RetryConfig struct { + Base time.Duration + Cap time.Duration + MaxTries int +} + +// Provider Teleport Provider +type Provider struct { + configured bool + Client *client.Client + RetryConfig RetryConfig +} + +// providerData provider schema struct +type providerData struct { + // Addr Teleport address + Addr types.String `tfsdk:"addr"` + // CertPath path to TLS certificate file + CertPath types.String `tfsdk:"cert_path"` + // CertBase64 base64 encoded TLS certificate file + CertBase64 types.String `tfsdk:"cert_base64"` + // KeyPath path to TLS private key file + KeyPath types.String `tfsdk:"key_path"` + // KeyBase64 base64 encoded TLS private key + KeyBase64 types.String `tfsdk:"key_base64"` + // RootCAPath path to TLS root CA certificate file + RootCaPath types.String `tfsdk:"root_ca_path"` + // RootCaPath base64 encoded root CA certificate + RootCaBase64 types.String `tfsdk:"root_ca_base64"` + // ProfileName Teleport profile name + ProfileName types.String `tfsdk:"profile_name"` + // ProfileDir Teleport profile dir + ProfileDir types.String `tfsdk:"profile_dir"` + // IdentityFilePath path to identity file + IdentityFilePath types.String `tfsdk:"identity_file_path"` + // IdentityFile identity file content + IdentityFile types.String `tfsdk:"identity_file"` + // IdentityFile identity file content encoded in base64 + IdentityFileBase64 types.String `tfsdk:"identity_file_base64"` + // RetryBaseDuration is used to setup the retry algorithm when the API returns 'not found' + RetryBaseDuration types.String `tfsdk:"retry_base_duration"` + // RetryCapDuration is used to setup the retry algorithm when the API returns 'not found' + RetryCapDuration types.String `tfsdk:"retry_cap_duration"` + // RetryMaxTries sets the max number of tries when retrying + RetryMaxTries types.String `tfsdk:"retry_max_tries"` + // DialTimeout sets timeout when trying to connect to the server. + DialTimeoutDuration types.String `tfsdk:"dial_timeout_duration"` +} + +// New returns an empty provider struct +func New() tfsdk.Provider { + return &Provider{} +} + +// GetSchema returns the Terraform provider schema +func (p *Provider) GetSchema(_ context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfsdk.Schema{ + Attributes: map[string]tfsdk.Attribute{ + "addr": { + Type: types.StringType, + Optional: true, + Description: "host:port where Teleport Auth server is running.", + }, + "cert_path": { + Type: types.StringType, + Optional: true, + Description: "Path to Teleport auth certificate file.", + }, + "cert_base64": { + Type: types.StringType, + Optional: true, + Description: "Base64 encoded TLS auth certificate.", + }, + "key_path": { + Type: types.StringType, + Optional: true, + Description: "Path to Teleport auth key file.", + }, + "key_base64": { + Type: types.StringType, + Sensitive: true, + Optional: true, + Description: "Base64 encoded TLS auth key.", + }, + "root_ca_path": { + Type: types.StringType, + Optional: true, + Description: "Path to Teleport Root CA.", + }, + "root_ca_base64": { + Type: types.StringType, + Optional: true, + Description: "Base64 encoded Root CA.", + }, + "profile_name": { + Type: types.StringType, + Optional: true, + Description: "Teleport profile name.", + }, + "profile_dir": { + Type: types.StringType, + Optional: true, + Description: "Teleport profile path.", + }, + "identity_file_path": { + Type: types.StringType, + Optional: true, + Description: "Teleport identity file path.", + }, + "identity_file": { + Type: types.StringType, + Sensitive: true, + Optional: true, + Description: "Teleport identity file content.", + }, + "identity_file_base64": { + Type: types.StringType, + Sensitive: true, + Optional: true, + Description: "Teleport identity file content base64 encoded.", + }, + "retry_base_duration": { + Type: types.StringType, + Sensitive: false, + Optional: true, + Description: "Retry algorithm when the API returns 'not found': base duration between retries (https://pkg.go.dev/time#ParseDuration).", + }, + "retry_cap_duration": { + Type: types.StringType, + Sensitive: false, + Optional: true, + Description: "Retry algorithm when the API returns 'not found': max duration between retries (https://pkg.go.dev/time#ParseDuration).", + }, + "retry_max_tries": { + Type: types.StringType, + Sensitive: false, + Optional: true, + Description: "Retry algorithm when the API returns 'not found': max tries.", + }, + "dial_timeout_duration": { + Type: types.StringType, + Sensitive: false, + Optional: true, + Description: "DialTimeout sets timeout when trying to connect to the server.", + }, + }, + }, nil +} + +// IsConfigured checks if provider is configured, adds diagnostics if not +func (p *Provider) IsConfigured(diags diag.Diagnostics) bool { + if !p.configured { + diags.AddError( + "Provider not configured", + "The provider hasn't been configured before apply, likely because it depends on an unknown value from another resource. This leads to weird stuff happening, so we'd prefer if you didn't do that. Thanks!", + ) + } + + return p.configured +} + +// Configure configures the Teleport client +func (p *Provider) Configure(ctx context.Context, req tfsdk.ConfigureProviderRequest, resp *tfsdk.ConfigureProviderResponse) { + var creds []client.Credentials + + p.configureLog() + + var config providerData + diags := req.Config.Get(ctx, &config) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + addr := p.stringFromConfigOrEnv(config.Addr, "TF_TELEPORT_ADDR", "") + certPath := p.stringFromConfigOrEnv(config.CertPath, "TF_TELEPORT_CERT", "") + certBase64 := p.stringFromConfigOrEnv(config.CertBase64, "TF_TELEPORT_CERT_BASE64", "") + keyPath := p.stringFromConfigOrEnv(config.KeyPath, "TF_TELEPORT_KEY", "") + keyBase64 := p.stringFromConfigOrEnv(config.KeyBase64, "TF_TELEPORT_KEY_BASE64", "") + caPath := p.stringFromConfigOrEnv(config.RootCaPath, "TF_TELEPORT_ROOT_CA", "") + caBase64 := p.stringFromConfigOrEnv(config.RootCaBase64, "TF_TELEPORT_CA_BASE64", "") + profileName := p.stringFromConfigOrEnv(config.ProfileName, "TF_TELEPORT_PROFILE_NAME", "") + profileDir := p.stringFromConfigOrEnv(config.ProfileDir, "TF_TELEPORT_PROFILE_PATH", "") + identityFilePath := p.stringFromConfigOrEnv(config.IdentityFilePath, "TF_TELEPORT_IDENTITY_FILE_PATH", "") + identityFile := p.stringFromConfigOrEnv(config.IdentityFile, "TF_TELEPORT_IDENTITY_FILE", "") + identityFileBase64 := p.stringFromConfigOrEnv(config.IdentityFileBase64, "TF_TELEPORT_IDENTITY_FILE_BASE64", "") + retryBaseDurationStr := p.stringFromConfigOrEnv(config.RetryBaseDuration, "TF_TELEPORT_RETRY_BASE_DURATION", "1s") + retryCapDurationStr := p.stringFromConfigOrEnv(config.RetryCapDuration, "TF_TELEPORT_RETRY_CAP_DURATION", "5s") + maxTriesStr := p.stringFromConfigOrEnv(config.RetryMaxTries, "TF_TELEPORT_RETRY_MAX_TRIES", "10") + dialTimeoutDurationStr := p.stringFromConfigOrEnv(config.DialTimeoutDuration, "TF_TELEPORT_DIAL_TIMEOUT_DURATION", "30s") + + if !p.validateAddr(addr, resp) { + return + } + + log.WithFields(log.Fields{"addr": addr}).Debug("Using Teleport address") + + if certPath != "" && keyPath != "" { + l := log.WithField("cert_path", certPath).WithField("key_path", keyPath).WithField("root_ca_path", caPath) + l.Debug("Using auth with certificate, private key and (optionally) CA read from files") + + cred, ok := p.getCredentialsFromKeyPair(certPath, keyPath, caPath, resp) + if !ok { + return + } + creds = append(creds, cred) + } + + if certBase64 != "" && keyBase64 != "" { + log.Debug("Using auth with certificate, private key and (optionally) CA read from base64 encoded vars") + cred, ok := p.getCredentialsFromBase64(certBase64, keyBase64, caBase64, resp) + if !ok { + return + } + creds = append(creds, cred) + } + + if identityFilePath != "" { + log.WithField("identity_file_path", identityFilePath).Debug("Using auth with identity file") + + if !p.fileExists(identityFilePath) { + resp.Diagnostics.AddError( + "Identity file not found", + fmt.Sprintf( + "File %v not found! Use `tctl auth sign --user=example@example.com --format=file --out=%v` to generate identity file", + identityFilePath, + identityFilePath, + ), + ) + return + } + + creds = append(creds, client.LoadIdentityFile(identityFilePath)) + } + + if identityFile != "" { + log.Debug("Using auth from identity file provided with environment variable TF_TELEPORT_IDENTITY_FILE") + creds = append(creds, client.LoadIdentityFileFromString(identityFile)) + } + + if identityFileBase64 != "" { + log.Debug("Using auth from base64 encoded identity file provided with environment variable TF_TELEPORT_IDENTITY_FILE_BASE64") + decoded, err := base64.StdEncoding.DecodeString(identityFileBase64) + if err != nil { + resp.Diagnostics.AddError( + "Failed to decode Identity file using base 64", + fmt.Sprintf("Error when trying to decode: %v", err), + ) + return + } + + creds = append(creds, client.LoadIdentityFileFromString(string(decoded))) + } + + if profileDir != "" || len(creds) == 0 { + log.WithFields(log.Fields{ + "dir": profileDir, + "name": profileName, + }).Debug("Using profile as the default auth method") + creds = append(creds, client.LoadProfile(profileDir, profileName)) + } + + dialTimeoutDuration, err := time.ParseDuration(dialTimeoutDurationStr) + if err != nil { + resp.Diagnostics.AddError( + "Failed to parse Dial Timeout Duration Cap Duration", + fmt.Sprintf("Please check if dial_timeout_duration (or TF_TELEPORT_DIAL_TIMEOUT_DURATION) is set correctly. Error: %s", err), + ) + return + } + + client, err := client.New(ctx, client.Config{ + Addrs: []string{addr}, + Credentials: creds, + DialTimeout: dialTimeoutDuration, + DialOpts: []grpc.DialOption{ + grpc.WithReturnConnectionError(), + grpc.WithDefaultCallOptions( + grpc.WaitForReady(true), + ), + }, + }) + + if err != nil { + log.WithError(err).Debug("Error connecting to Teleport!") + resp.Diagnostics.AddError("Error connecting to Teleport!", err.Error()) + return + } + + if !p.checkTeleportVersion(ctx, client, resp) { + return + } + + retryBaseDuration, err := time.ParseDuration(retryBaseDurationStr) + if err != nil { + resp.Diagnostics.AddError( + "Failed to parse Retry Base Duration", + fmt.Sprintf("Please check if retry_cap_duration (or TF_TELEPORT_RETRY_BASE_DURATION) is set correctly. Error: %s", err), + ) + return + } + + retryCapDuration, err := time.ParseDuration(retryCapDurationStr) + if err != nil { + resp.Diagnostics.AddError( + "Failed to parse Retry Cap Duration", + fmt.Sprintf("Please check if retry_cap_duration (or TF_TELEPORT_RETRY_CAP_DURATION) is set correctly. Error: %s", err), + ) + return + } + + maxTries, err := strconv.ParseUint(maxTriesStr, 10, 32) + if err != nil { + resp.Diagnostics.AddError( + "Failed to parse Retry Max Tries", + fmt.Sprintf("Please check if retry_max_tries (or TF_TELEPORT_RETRY_MAX_TRIES) is set correctly. Error: %s", err), + ) + return + } + + p.RetryConfig = RetryConfig{ + Base: retryBaseDuration, + Cap: retryCapDuration, + MaxTries: int(maxTries), + } + p.Client = client + p.configured = true +} + +// checkTeleportVersion ensures that Teleport version is at least minServerVersion +func (p *Provider) checkTeleportVersion(ctx context.Context, client *client.Client, resp *tfsdk.ConfigureProviderResponse) bool { + log.Debug("Checking Teleport server version") + pong, err := client.Ping(ctx) + if err != nil { + if trace.IsNotImplemented(err) { + resp.Diagnostics.AddError( + "Teleport version is too old!", + fmt.Sprintf("Server version must be at least %s", minServerVersion), + ) + return false + } + log.WithError(err).Debug("Teleport version check error!") + resp.Diagnostics.AddError("Unable to get Teleport server version!", "Unable to get Teleport server version!") + return false + } + err = lib.AssertServerVersion(pong, minServerVersion) + if err != nil { + log.WithError(err).Debug("Teleport version check error!") + resp.Diagnostics.AddError("Teleport version check error!", err.Error()) + return false + } + return true +} + +// stringFromConfigOrEnv returns value from config or from env var if config value is empty, default otherwise +func (p *Provider) stringFromConfigOrEnv(value types.String, env string, def string) string { + if value.Unknown || value.Null { + value := os.Getenv(env) + if value != "" { + return value + } + } + + configValue := strings.TrimSpace(value.Value) + + if configValue == "" { + return def + } + + return configValue +} + +// validateAddr validates passed addr +func (p *Provider) validateAddr(addr string, resp *tfsdk.ConfigureProviderResponse) bool { + if addr == "" { + resp.Diagnostics.AddError( + "Teleport address is empty", + "Please, specify either TF_TELEPORT_ADDR or addr in provider configuration", + ) + return false + } + + _, _, err := net.SplitHostPort(addr) + if err != nil { + log.WithField("addr", addr).WithError(err).Debug("Teleport addr format error!") + resp.Diagnostics.AddError( + "Invalid Teleport addr format", + "Teleport addr must be specified as host:port", + ) + return false + } + return true +} + +// getCredentialsFromBase64 returns client.Credentials built from base64 encoded keys +func (p *Provider) getCredentialsFromBase64(certBase64, keyBase64, caBase64 string, resp *tfsdk.ConfigureProviderResponse) (client.Credentials, bool) { + cert, err := base64.StdEncoding.DecodeString(certBase64) + if err != nil { + resp.Diagnostics.AddError( + "Failed to base64 decode cert", + fmt.Sprintf("Please check if cert_base64 (or TF_TELEPORT_CERT_BASE64) is set correctly. Error: %s", err), + ) + return nil, false + } + key, err := base64.StdEncoding.DecodeString(keyBase64) + if err != nil { + resp.Diagnostics.AddError( + "Failed to base64 decode key", + fmt.Sprintf("Please check if key_base64 (or TF_TELEPORT_KEY_BASE64) is set correctly. Error: %s", err), + ) + return nil, false + } + rootCa, err := base64.StdEncoding.DecodeString(caBase64) + if err != nil { + resp.Diagnostics.AddError( + "Failed to base64 decode root ca", + fmt.Sprintf("Please check if root_ca_base64 (or TF_TELEPORT_CA_BASE64) is set correctly. Error: %s", err), + ) + return nil, false + } + tlsConfig, err := createTLSConfig(cert, key, rootCa) + if err != nil { + resp.Diagnostics.AddError( + "Failed to create TLS config", + fmt.Sprintf("Error: %s", err), + ) + return nil, false + } + return client.LoadTLS(tlsConfig), true +} + +// getCredentialsFromKeyPair returns client.Credentials built from path to key files +func (p *Provider) getCredentialsFromKeyPair(certPath string, keyPath string, caPath string, resp *tfsdk.ConfigureProviderResponse) (client.Credentials, bool) { + if !p.fileExists(certPath) { + resp.Diagnostics.AddError( + "Certificate file not found", + fmt.Sprintf("File %v not found! Use 'tctl auth sign --user=example@example.com --format=tls --out=%v' to generate keys", + certPath, + filepath.Dir(certPath), + ), + ) + return nil, false + } + + if !p.fileExists(keyPath) { + resp.Diagnostics.AddError( + "Private key file not found", + fmt.Sprintf("File %v not found! Use 'tctl auth sign --user=example@example.com --format=tls --out=%v' to generate keys", + keyPath, + filepath.Dir(keyPath), + ), + ) + return nil, false + } + + if !p.fileExists(caPath) { + resp.Diagnostics.AddError( + "Root CA certificate file not found", + fmt.Sprintf("File %v not found! Use 'tctl auth sign --user=example@example.com --format=tls --out=%v' to generate keys", + caPath, + filepath.Dir(caPath), + ), + ) + return nil, false + } + + return client.LoadKeyPair(certPath, keyPath, caPath), true +} + +// fileExists returns true if file exists +func (p *Provider) fileExists(path string) bool { + _, err := os.Stat(path) + if os.IsNotExist(err) { + return false + } + if err != nil { + return false + } + return true +} + +// configureLog configures logging +func (p *Provider) configureLog() { + // Get Terraform log level + level, err := log.ParseLevel(os.Getenv("TF_LOG")) + if err != nil { + log.SetLevel(log.ErrorLevel) + } else { + log.SetLevel(level) + } + + log.SetFormatter(&log.TextFormatter{}) + + // Show GRPC debug logs only if TF_LOG=DEBUG + if log.GetLevel() >= log.DebugLevel { + l := grpclog.NewLoggerV2(log.StandardLogger().Out, log.StandardLogger().Out, log.StandardLogger().Out) + grpclog.SetLoggerV2(l) + } +} + +// createTLSConfig returns tls.Config build from keys +func createTLSConfig(cert, key, rootCa []byte) (*tls.Config, error) { + keyPair, err := tls.X509KeyPair(cert, key) + if err != nil { + return nil, err + } + caCertPool := x509.NewCertPool() + caCertPool.AppendCertsFromPEM(rootCa) + + return &tls.Config{ + Certificates: []tls.Certificate{keyPair}, + RootCAs: caCertPool, + }, nil +} + +// GetResources returns the map of provider resources +func (p *Provider) GetResources(_ context.Context) (map[string]tfsdk.ResourceType, diag.Diagnostics) { + return map[string]tfsdk.ResourceType{ + "teleport_app": resourceTeleportAppType{}, + "teleport_auth_preference": resourceTeleportAuthPreferenceType{}, + "teleport_cluster_maintenance_config": resourceTeleportClusterMaintenanceConfigType{}, + "teleport_cluster_networking_config": resourceTeleportClusterNetworkingConfigType{}, + "teleport_database": resourceTeleportDatabaseType{}, + "teleport_github_connector": resourceTeleportGithubConnectorType{}, + "teleport_provision_token": resourceTeleportProvisionTokenType{}, + "teleport_oidc_connector": resourceTeleportOIDCConnectorType{}, + "teleport_role": resourceTeleportRoleType{}, + "teleport_saml_connector": resourceTeleportSAMLConnectorType{}, + "teleport_session_recording_config": resourceTeleportSessionRecordingConfigType{}, + "teleport_trusted_cluster": resourceTeleportTrustedClusterType{}, + "teleport_user": resourceTeleportUserType{}, + "teleport_bot": resourceTeleportBotType{}, + "teleport_login_rule": resourceTeleportLoginRuleType{}, + "teleport_trusted_device": resourceTeleportDeviceV1Type{}, + "teleport_okta_import_rule": resourceTeleportOktaImportRuleType{}, + "teleport_access_list": resourceTeleportAccessListType{}, + "teleport_server": resourceTeleportServerType{}, + }, nil +} + +// GetDataSources returns the map of provider data sources +func (p *Provider) GetDataSources(_ context.Context) (map[string]tfsdk.DataSourceType, diag.Diagnostics) { + return map[string]tfsdk.DataSourceType{ + "teleport_app": dataSourceTeleportAppType{}, + "teleport_auth_preference": dataSourceTeleportAuthPreferenceType{}, + "teleport_cluster_maintenance_config": dataSourceTeleportClusterMaintenanceConfigType{}, + "teleport_cluster_networking_config": dataSourceTeleportClusterNetworkingConfigType{}, + "teleport_database": dataSourceTeleportDatabaseType{}, + "teleport_github_connector": dataSourceTeleportGithubConnectorType{}, + "teleport_provision_token": dataSourceTeleportProvisionTokenType{}, + "teleport_oidc_connector": dataSourceTeleportOIDCConnectorType{}, + "teleport_role": dataSourceTeleportRoleType{}, + "teleport_saml_connector": dataSourceTeleportSAMLConnectorType{}, + "teleport_session_recording_config": dataSourceTeleportSessionRecordingConfigType{}, + "teleport_trusted_cluster": dataSourceTeleportTrustedClusterType{}, + "teleport_user": dataSourceTeleportUserType{}, + "teleport_login_rule": dataSourceTeleportLoginRuleType{}, + "teleport_trusted_device": dataSourceTeleportDeviceV1Type{}, + "teleport_okta_import_rule": dataSourceTeleportOktaImportRuleType{}, + "teleport_access_list": dataSourceTeleportAccessListType{}, + }, nil +} diff --git a/integrations/terraform/provider/resource_teleport_access_list.go b/integrations/terraform/provider/resource_teleport_access_list.go new file mode 100755 index 0000000000000..301a74485e552 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_access_list.go @@ -0,0 +1,332 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + accesslist "github.com/gravitational/teleport/api/gen/proto/go/teleport/accesslist/v1" + convert "github.com/gravitational/teleport/api/types/accesslist/convert/v1" + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + schemav1 "github.com/gravitational/teleport/integrations/terraform/tfschema/accesslist/v1" +) + +// resourceTeleportAccessListType is the resource metadata type +type resourceTeleportAccessListType struct{} + +// resourceTeleportAccessList is the resource +type resourceTeleportAccessList struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportAccessListType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return schemav1.GenSchemaAccessList(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportAccessListType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportAccessList{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the AccessList +func (r resourceTeleportAccessList) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + accessList := &accesslist.AccessList{} + diags = schemav1.CopyAccessListFromTerraform(ctx, plan, accessList) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + accessListResource, err := convert.FromProto(accessList) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Errorf("Can not convert %T to AccessList: %s", accessListResource, err), "access_list")) + return + } + err = accessListResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting AccessList defaults", trace.Wrap(err), "access_list")) + return + } + + id := accessListResource.Metadata.Name + + _, err = r.p.Client.AccessListClient().GetAccessList(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("AccessList exists in Teleport. Either remove it (tctl rm access_list/%v)"+ + " or import it to the existing state (terraform import teleport_access_list.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("AccessList exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Wrap(err), "access_list")) + return + } + + _, err = r.p.Client.AccessListClient().UpsertAccessList(ctx, accessListResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating AccessList", trace.Wrap(err), "access_list")) + return + } + var accessListI = accessListResource + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + accessListI, err = r.p.Client.AccessListClient().GetAccessList(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Wrap(bErr), "access_list")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading AccessList (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "access_list") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Wrap(err), "access_list")) + return + } + + accessListResource = accessListI + + accessList = convert.ToProto(accessListResource) + + + diags = schemav1.CopyAccessListToTerraform(ctx, accessList, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: accessList.Header.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport AccessList +func (r resourceTeleportAccessList) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("header").AtName("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + accessListI, err := r.p.Client.AccessListClient().GetAccessList(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Wrap(err), "access_list")) + return + } + accessList := convert.ToProto(accessListI) + diags = schemav1.CopyAccessListToTerraform(ctx, accessList, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport AccessList +func (r resourceTeleportAccessList) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + accessList := &accesslist.AccessList{} + diags = schemav1.CopyAccessListFromTerraform(ctx, plan, accessList) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + accessListResource, err := convert.FromProto(accessList) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Errorf("Can not convert %T to AccessList: %s", accessListResource, err), "access_list")) + return + } + + if err := accessListResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating AccessList", err, "access_list")) + return + } + name := accessListResource.Metadata.Name + + accessListBefore, err := r.p.Client.AccessListClient().GetAccessList(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", err, "access_list")) + return + } + accessListResource.Spec.Audit.NextAuditDate = accessListBefore.Spec.Audit.NextAuditDate + + _, err = r.p.Client.AccessListClient().UpsertAccessList(ctx, accessListResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating AccessList", err, "access_list")) + return + } + var accessListI = accessListResource + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + accessListI, err = r.p.Client.AccessListClient().GetAccessList(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", err, "access_list")) + return + } + if accessListBefore.GetMetadata().Revision != accessListI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Wrap(err), "access_list")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading AccessList (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "access_list") + return + } + } + + accessListResource = accessListI + + diags = schemav1.CopyAccessListToTerraform(ctx, accessList, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport AccessList +func (r resourceTeleportAccessList) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("header").AtName("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.AccessListClient().DeleteAccessList(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting AccessList", trace.Wrap(err), "access_list")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports AccessList state +func (r resourceTeleportAccessList) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + accessList, err := r.p.Client.AccessListClient().GetAccessList(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AccessList", trace.Wrap(err), "access_list")) + return + } + + accessListResource := convert.ToProto(accessList) + + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = schemav1.CopyAccessListToTerraform(ctx, accessListResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := accessList.Metadata.Name + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_app.go b/integrations/terraform/provider/resource_teleport_app.go new file mode 100755 index 0000000000000..1d2b387fbc9ec --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_app.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportAppType is the resource metadata type +type resourceTeleportAppType struct{} + +// resourceTeleportApp is the resource +type resourceTeleportApp struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportAppType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaAppV3(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportAppType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportApp{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the App +func (r resourceTeleportApp) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + app := &apitypes.AppV3{} + diags = tfschema.CopyAppV3FromTerraform(ctx, plan, app) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + appResource := app + + err = appResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting App defaults", trace.Wrap(err), "app")) + return + } + + id := appResource.Metadata.Name + + _, err = r.p.Client.GetApp(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("App exists in Teleport. Either remove it (tctl rm app/%v)"+ + " or import it to the existing state (terraform import teleport_app.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("App exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Wrap(err), "app")) + return + } + + err = r.p.Client.CreateApp(ctx, appResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating App", trace.Wrap(err), "app")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var appI apitypes.Application + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + appI, err = r.p.Client.GetApp(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Wrap(bErr), "app")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading App (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "app") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Wrap(err), "app")) + return + } + + appResource, ok := appI.(*apitypes.AppV3) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Errorf("Can not convert %T to AppV3", appI), "app")) + return + } + app = appResource + + diags = tfschema.CopyAppV3ToTerraform(ctx, app, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: app.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport App +func (r resourceTeleportApp) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + appI, err := r.p.Client.GetApp(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Wrap(err), "app")) + return + } + + app := appI.(*apitypes.AppV3) + diags = tfschema.CopyAppV3ToTerraform(ctx, app, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport App +func (r resourceTeleportApp) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + app := &apitypes.AppV3{} + diags = tfschema.CopyAppV3FromTerraform(ctx, plan, app) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + appResource := app + + + if err := appResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating App", err, "app")) + return + } + name := appResource.Metadata.Name + + appBefore, err := r.p.Client.GetApp(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", err, "app")) + return + } + + err = r.p.Client.UpdateApp(ctx, appResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating App", err, "app")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var appI apitypes.Application + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + appI, err = r.p.Client.GetApp(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", err, "app")) + return + } + if appBefore.GetMetadata().Revision != appI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Wrap(err), "app")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading App (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "app") + return + } + } + + appResource, ok := appI.(*apitypes.AppV3) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Errorf("Can not convert %T to AppV3", appI), "app")) + return + } + diags = tfschema.CopyAppV3ToTerraform(ctx, app, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport App +func (r resourceTeleportApp) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteApp(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting AppV3", trace.Wrap(err), "app")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports App state +func (r resourceTeleportApp) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + app, err := r.p.Client.GetApp(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading App", trace.Wrap(err), "app")) + return + } + + + appResource := app.(*apitypes.AppV3) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyAppV3ToTerraform(ctx, appResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := appResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_auth_preference.go b/integrations/terraform/provider/resource_teleport_auth_preference.go new file mode 100755 index 0000000000000..598d50da56a05 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_auth_preference.go @@ -0,0 +1,300 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportAuthPreferenceType is the resource metadata type +type resourceTeleportAuthPreferenceType struct{} + +// resourceTeleportAuthPreference is the resource +type resourceTeleportAuthPreference struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportAuthPreferenceType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaAuthPreferenceV2(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportAuthPreferenceType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportAuthPreference{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the AuthPreference +func (r resourceTeleportAuthPreference) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + authPreference := &apitypes.AuthPreferenceV2{} + diags = tfschema.CopyAuthPreferenceV2FromTerraform(ctx, plan, authPreference) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := authPreference.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting AuthPreference defaults", trace.Wrap(err), "cluster_auth_preference")) + return + } + + + + authPreferenceBefore, err := r.p.Client.GetAuthPreference(ctx) + if err != nil && !trace.IsNotFound(err) { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + err = r.p.Client.SetAuthPreference(ctx, authPreference) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + var authPreferenceI apitypes.AuthPreference + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + authPreferenceI, err = r.p.Client.GetAuthPreference(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + if authPreferenceBefore.GetMetadata().Revision != authPreferenceI.GetMetadata().Revision || false { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(bErr), "cluster_auth_preference")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading AuthPreference (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "cluster_auth_preference") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + authPreference, ok := authPreferenceI.(*apitypes.AuthPreferenceV2) + if !ok { + resp.Diagnostics.Append( + diagFromWrappedErr("Error reading AuthPreference", trace.Errorf("Can not convert %T to AuthPreferenceV2", authPreferenceI), "cluster_auth_preference"), + ) + return + } + + diags = tfschema.CopyAuthPreferenceV2ToTerraform(ctx, authPreference, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: "auth_preference"} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport AuthPreference +func (r resourceTeleportAuthPreference) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + authPreferenceI, err := r.p.Client.GetAuthPreference(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + authPreference := authPreferenceI.(*apitypes.AuthPreferenceV2) + diags = tfschema.CopyAuthPreferenceV2ToTerraform(ctx, authPreference, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport AuthPreference +func (r resourceTeleportAuthPreference) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + authPreference := &apitypes.AuthPreferenceV2{} + diags = tfschema.CopyAuthPreferenceV2FromTerraform(ctx, plan, authPreference) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := authPreference.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + authPreferenceBefore, err := r.p.Client.GetAuthPreference(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + err = r.p.Client.SetAuthPreference(ctx, authPreference) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + var authPreferenceI apitypes.AuthPreference + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + authPreferenceI, err = r.p.Client.GetAuthPreference(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + if authPreferenceBefore.GetMetadata().Revision != authPreferenceI.GetMetadata().Revision || false { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(bErr), "cluster_auth_preference")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading AuthPreference (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "cluster_auth_preference") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + authPreference = authPreferenceI.(*apitypes.AuthPreferenceV2) + diags = tfschema.CopyAuthPreferenceV2ToTerraform(ctx, authPreference, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport AuthPreference +func (r resourceTeleportAuthPreference) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + err := r.p.Client.ResetAuthPreference(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports AuthPreference state +func (r resourceTeleportAuthPreference) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + authPreferenceI, err := r.p.Client.GetAuthPreference(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating AuthPreference", trace.Wrap(err), "cluster_auth_preference")) + return + } + + authPreference := authPreferenceI.(*apitypes.AuthPreferenceV2) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyAuthPreferenceV2ToTerraform(ctx, authPreference, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + state.Attrs["id"] = types.String{Value: authPreference.Metadata.Name} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_bot.go b/integrations/terraform/provider/resource_teleport_bot.go new file mode 100644 index 0000000000000..1d61edf960126 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_bot.go @@ -0,0 +1,255 @@ +/* +Copyright 2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + headerv1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/header/v1" + machineidv1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/machineid/v1" + "github.com/gravitational/teleport/api/utils" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +func GenSchemaBot(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfsdk.Schema{ + Attributes: map[string]tfsdk.Attribute{ + "id": { + Type: types.StringType, + Computed: true, + }, + "name": { + Type: types.StringType, + Required: true, + Description: "The name of the bot, i.e. the unprefixed User name", + PlanModifiers: []tfsdk.AttributePlanModifier{ + tfsdk.RequiresReplace(), + }, + }, + "user_name": { + Type: types.StringType, + Computed: true, + Description: "The name of the generated bot user", + }, + "role_name": { + Type: types.StringType, + Computed: true, + Description: "The name of the generated bot role", + }, + "token_ttl": { + Type: types.StringType, + Optional: true, + Computed: true, + Description: "Deprecated. This field is not required anymore and has no effect.", + }, + "token_id": { + Type: types.StringType, + // Implementation note: this is not used anymore, we can skip this + // This will go away eventually when we'll generate the bot provider instead + Optional: true, + Sensitive: true, + Description: "Deprecated. This field is not required anymore and has no effect.", + }, + "roles": { + Type: types.ListType{ + ElemType: types.StringType, + }, + Required: true, + Description: "A list of roles the created bot should be allowed to assume via role impersonation.", + + // TODO: Consider dropping RequiresReplace() in the future if a + // UpdateBotRoles() API becomes available that can modify the + // underlying bot user. + PlanModifiers: []tfsdk.AttributePlanModifier{ + tfsdk.RequiresReplace(), + }, + }, + // Implementation note: This needs RequiresReplace() to handle + // updates properly but we aren't able to attach plan modifiers to + // fields from schema methods here. See ModifyPlan below. + "traits": tfschema.GenSchemaTraits(ctx), + }, + }, nil +} + +// Bot is a deserializes representation of the terraform state for this +// resource. +type Bot struct { + ID types.String `tfsdk:"id"` + Name types.String `tfsdk:"name"` + Roles []types.String `tfsdk:"roles"` + TokenID types.String `tfsdk:"token_id"` + Traits types.Map `tfsdk:"traits"` + TTL types.String `tfsdk:"token_ttl"` + + UserName types.String `tfsdk:"user_name"` + RoleName types.String `tfsdk:"role_name"` +} + +// resourceTeleportBotType is the resource metadata type +type resourceTeleportBotType struct{} + +// GetSchema returns the resource schema +func (r resourceTeleportBotType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + // It's unusual for this provider, but we'll hand-write the schema here as + // bots do not have any server-side resources of their own. + return GenSchemaBot(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportBotType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportBot{ + p: *(p.(*Provider)), + }, nil +} + +// resourceTeleportBot is the resource +type resourceTeleportBot struct { + p Provider +} + +func (r resourceTeleportBot) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan Bot + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var roles []string + for _, role := range plan.Roles { + roles = append(roles, role.Value) + } + + traits := make([]*machineidv1.Trait, 0, len(plan.Traits.Elems)) + for name, e := range plan.Traits.Elems { + l, ok := e.(types.List) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.List", l)) + return + } + + values := make(utils.Strings, len(l.Elems)) + + for i, v := range l.Elems { + s, ok := v.(types.String) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.String", s)) + return + } + + values[i] = s.Value + } + traits = append(traits, &machineidv1.Trait{ + Name: name, + Values: values, + }) + } + + // This is a temporary workaround to fix the provider compilation in v16 (the legacy RPC got removed). + // We must do a breaking change in v16 and rely on the new bot schema and the tf code generator. + response, err := r.p.Client.BotServiceClient().CreateBot(ctx, &machineidv1.CreateBotRequest{Bot: &machineidv1.Bot{ + Metadata: &headerv1.Metadata{ + Name: plan.Name.Value, + }, + Spec: &machineidv1.BotSpec{ + Roles: roles, + Traits: traits, + }, + }}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating Bot", trace.Wrap(err), "bot")) + return + } + + plan.TTL = types.String{Value: ""} + plan.UserName = types.String{Value: response.Status.UserName} + plan.RoleName = types.String{Value: response.Status.RoleName} + + // ID is for terraform-plugin-framework's acctests + plan.ID = types.String{Value: plan.Name.Value} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +func (r resourceTeleportBot) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + // Not much to do here: bots are currently immutable. We'll just check for + // deletion. + + var plan Bot + diags := req.State.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + _, err := r.p.Client.GetUser(ctx, plan.UserName.Value, false) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Bot", trace.Wrap(err), "bot")) + return + } +} + +func (r resourceTeleportBot) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + // Nothing to do here: bots are currently immutable. In the future we'd + // ideally want to add specific RPCs for desired mutable attributes, e.g. + // UpdateBotRoles(), UpdateBotToken(), etc. +} + +func (r resourceTeleportBot) ModifyPlan(ctx context.Context, req tfsdk.ModifyResourcePlanRequest, resp *tfsdk.ModifyResourcePlanResponse) { + // Add .traits to RequiresReplace to ensure changes to this field trigger a + // replacement. We can't set it in the schema as the attribute is generated + // by a helper method. + resp.RequiresReplace = append(resp.RequiresReplace, path.Root("traits")) +} + +func (r resourceTeleportBot) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var name types.String + diags := req.State.GetAttribute(ctx, path.Root("name"), &name) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + _, err := r.p.Client.BotServiceClient().DeleteBot(ctx, &machineidv1.DeleteBotRequest{BotName: name.Value}) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting Bot", trace.Wrap(err), "bot")) + return + } + + resp.State.RemoveResource(ctx) +} diff --git a/integrations/terraform/provider/resource_teleport_cluster_maintenance_config.go b/integrations/terraform/provider/resource_teleport_cluster_maintenance_config.go new file mode 100755 index 0000000000000..f44088bf4ec16 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_cluster_maintenance_config.go @@ -0,0 +1,307 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + "math" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportClusterMaintenanceConfigType is the resource metadata type +type resourceTeleportClusterMaintenanceConfigType struct{} + +// resourceTeleportClusterMaintenanceConfig is the resource +type resourceTeleportClusterMaintenanceConfig struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportClusterMaintenanceConfigType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaClusterMaintenanceConfigV1(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportClusterMaintenanceConfigType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportClusterMaintenanceConfig{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the ClusterMaintenanceConfig +func (r resourceTeleportClusterMaintenanceConfig) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + clusterMaintenanceConfig := &apitypes.ClusterMaintenanceConfigV1{} + diags = tfschema.CopyClusterMaintenanceConfigV1FromTerraform(ctx, plan, clusterMaintenanceConfig) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := clusterMaintenanceConfig.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting ClusterMaintenanceConfig defaults", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + + + clusterMaintenanceConfigBefore, err := r.p.Client.GetClusterMaintenanceConfig(ctx) + if err != nil && !trace.IsNotFound(err) { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + if clusterMaintenanceConfigBefore == nil { + clusterMaintenanceConfigBefore = &apitypes.ClusterMaintenanceConfigV1{} + } + clusterMaintenanceConfig = clusterMaintenanceConfig.WithNonce(math.MaxUint64).(*apitypes.ClusterMaintenanceConfigV1) + + err = r.p.Client.UpdateClusterMaintenanceConfig(ctx, clusterMaintenanceConfig) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + var clusterMaintenanceConfigI apitypes.ClusterMaintenanceConfig + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + clusterMaintenanceConfigI, err = r.p.Client.GetClusterMaintenanceConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + if clusterMaintenanceConfigBefore.GetMetadata().Revision != clusterMaintenanceConfigI.GetMetadata().Revision || true { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(bErr), "cluster_maintenance_config")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading ClusterMaintenanceConfig (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "cluster_maintenance_config") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + clusterMaintenanceConfig, ok := clusterMaintenanceConfigI.(*apitypes.ClusterMaintenanceConfigV1) + if !ok { + resp.Diagnostics.Append( + diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Errorf("Can not convert %T to ClusterMaintenanceConfigV1", clusterMaintenanceConfigI), "cluster_maintenance_config"), + ) + return + } + + diags = tfschema.CopyClusterMaintenanceConfigV1ToTerraform(ctx, clusterMaintenanceConfig, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: "cluster_maintenance_config"} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport ClusterMaintenanceConfig +func (r resourceTeleportClusterMaintenanceConfig) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + clusterMaintenanceConfigI, err := r.p.Client.GetClusterMaintenanceConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + clusterMaintenanceConfig := clusterMaintenanceConfigI.(*apitypes.ClusterMaintenanceConfigV1) + diags = tfschema.CopyClusterMaintenanceConfigV1ToTerraform(ctx, clusterMaintenanceConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport ClusterMaintenanceConfig +func (r resourceTeleportClusterMaintenanceConfig) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + clusterMaintenanceConfig := &apitypes.ClusterMaintenanceConfigV1{} + diags = tfschema.CopyClusterMaintenanceConfigV1FromTerraform(ctx, plan, clusterMaintenanceConfig) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := clusterMaintenanceConfig.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + clusterMaintenanceConfigBefore, err := r.p.Client.GetClusterMaintenanceConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + clusterMaintenanceConfig = clusterMaintenanceConfig.WithNonce(math.MaxUint64).(*apitypes.ClusterMaintenanceConfigV1) + + err = r.p.Client.UpdateClusterMaintenanceConfig(ctx, clusterMaintenanceConfig) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + var clusterMaintenanceConfigI apitypes.ClusterMaintenanceConfig + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + clusterMaintenanceConfigI, err = r.p.Client.GetClusterMaintenanceConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + if clusterMaintenanceConfigBefore.GetMetadata().Revision != clusterMaintenanceConfigI.GetMetadata().Revision || true { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(bErr), "cluster_maintenance_config")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading ClusterMaintenanceConfig (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "cluster_maintenance_config") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + clusterMaintenanceConfig = clusterMaintenanceConfigI.(*apitypes.ClusterMaintenanceConfigV1) + diags = tfschema.CopyClusterMaintenanceConfigV1ToTerraform(ctx, clusterMaintenanceConfig, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport ClusterMaintenanceConfig +func (r resourceTeleportClusterMaintenanceConfig) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + err := r.p.Client.DeleteClusterMaintenanceConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports ClusterMaintenanceConfig state +func (r resourceTeleportClusterMaintenanceConfig) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + clusterMaintenanceConfigI, err := r.p.Client.GetClusterMaintenanceConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating ClusterMaintenanceConfig", trace.Wrap(err), "cluster_maintenance_config")) + return + } + + clusterMaintenanceConfig := clusterMaintenanceConfigI.(*apitypes.ClusterMaintenanceConfigV1) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyClusterMaintenanceConfigV1ToTerraform(ctx, clusterMaintenanceConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + state.Attrs["id"] = types.String{Value: clusterMaintenanceConfig.Metadata.Name} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_cluster_networking_config.go b/integrations/terraform/provider/resource_teleport_cluster_networking_config.go new file mode 100755 index 0000000000000..0f426c9188c23 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_cluster_networking_config.go @@ -0,0 +1,300 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportClusterNetworkingConfigType is the resource metadata type +type resourceTeleportClusterNetworkingConfigType struct{} + +// resourceTeleportClusterNetworkingConfig is the resource +type resourceTeleportClusterNetworkingConfig struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportClusterNetworkingConfigType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaClusterNetworkingConfigV2(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportClusterNetworkingConfigType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportClusterNetworkingConfig{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the ClusterNetworkingConfig +func (r resourceTeleportClusterNetworkingConfig) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + clusterNetworkingConfig := &apitypes.ClusterNetworkingConfigV2{} + diags = tfschema.CopyClusterNetworkingConfigV2FromTerraform(ctx, plan, clusterNetworkingConfig) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := clusterNetworkingConfig.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting ClusterNetworkingConfig defaults", trace.Wrap(err), "cluster_networking_config")) + return + } + + + + clusterNetworkingConfigBefore, err := r.p.Client.GetClusterNetworkingConfig(ctx) + if err != nil && !trace.IsNotFound(err) { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + err = r.p.Client.SetClusterNetworkingConfig(ctx, clusterNetworkingConfig) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + var clusterNetworkingConfigI apitypes.ClusterNetworkingConfig + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + clusterNetworkingConfigI, err = r.p.Client.GetClusterNetworkingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + if clusterNetworkingConfigBefore.GetMetadata().Revision != clusterNetworkingConfigI.GetMetadata().Revision || false { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(bErr), "cluster_networking_config")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading ClusterNetworkingConfig (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "cluster_networking_config") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + clusterNetworkingConfig, ok := clusterNetworkingConfigI.(*apitypes.ClusterNetworkingConfigV2) + if !ok { + resp.Diagnostics.Append( + diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Errorf("Can not convert %T to ClusterNetworkingConfigV2", clusterNetworkingConfigI), "cluster_networking_config"), + ) + return + } + + diags = tfschema.CopyClusterNetworkingConfigV2ToTerraform(ctx, clusterNetworkingConfig, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: "cluster_networking_config"} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport ClusterNetworkingConfig +func (r resourceTeleportClusterNetworkingConfig) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + clusterNetworkingConfigI, err := r.p.Client.GetClusterNetworkingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + clusterNetworkingConfig := clusterNetworkingConfigI.(*apitypes.ClusterNetworkingConfigV2) + diags = tfschema.CopyClusterNetworkingConfigV2ToTerraform(ctx, clusterNetworkingConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport ClusterNetworkingConfig +func (r resourceTeleportClusterNetworkingConfig) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + clusterNetworkingConfig := &apitypes.ClusterNetworkingConfigV2{} + diags = tfschema.CopyClusterNetworkingConfigV2FromTerraform(ctx, plan, clusterNetworkingConfig) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := clusterNetworkingConfig.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + clusterNetworkingConfigBefore, err := r.p.Client.GetClusterNetworkingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + err = r.p.Client.SetClusterNetworkingConfig(ctx, clusterNetworkingConfig) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + var clusterNetworkingConfigI apitypes.ClusterNetworkingConfig + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + clusterNetworkingConfigI, err = r.p.Client.GetClusterNetworkingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + if clusterNetworkingConfigBefore.GetMetadata().Revision != clusterNetworkingConfigI.GetMetadata().Revision || false { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(bErr), "cluster_networking_config")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading ClusterNetworkingConfig (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "cluster_networking_config") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + clusterNetworkingConfig = clusterNetworkingConfigI.(*apitypes.ClusterNetworkingConfigV2) + diags = tfschema.CopyClusterNetworkingConfigV2ToTerraform(ctx, clusterNetworkingConfig, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport ClusterNetworkingConfig +func (r resourceTeleportClusterNetworkingConfig) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + err := r.p.Client.ResetClusterNetworkingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports ClusterNetworkingConfig state +func (r resourceTeleportClusterNetworkingConfig) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + clusterNetworkingConfigI, err := r.p.Client.GetClusterNetworkingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating ClusterNetworkingConfig", trace.Wrap(err), "cluster_networking_config")) + return + } + + clusterNetworkingConfig := clusterNetworkingConfigI.(*apitypes.ClusterNetworkingConfigV2) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyClusterNetworkingConfigV2ToTerraform(ctx, clusterNetworkingConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + state.Attrs["id"] = types.String{Value: clusterNetworkingConfig.Metadata.Name} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_database.go b/integrations/terraform/provider/resource_teleport_database.go new file mode 100755 index 0000000000000..767b0b4971ec9 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_database.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportDatabaseType is the resource metadata type +type resourceTeleportDatabaseType struct{} + +// resourceTeleportDatabase is the resource +type resourceTeleportDatabase struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportDatabaseType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaDatabaseV3(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportDatabaseType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportDatabase{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the Database +func (r resourceTeleportDatabase) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + database := &apitypes.DatabaseV3{} + diags = tfschema.CopyDatabaseV3FromTerraform(ctx, plan, database) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + databaseResource := database + + err = databaseResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting Database defaults", trace.Wrap(err), "db")) + return + } + + id := databaseResource.Metadata.Name + + _, err = r.p.Client.GetDatabase(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("Database exists in Teleport. Either remove it (tctl rm db/%v)"+ + " or import it to the existing state (terraform import teleport_database.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("Database exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Wrap(err), "db")) + return + } + + err = r.p.Client.CreateDatabase(ctx, databaseResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating Database", trace.Wrap(err), "db")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var databaseI apitypes.Database + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + databaseI, err = r.p.Client.GetDatabase(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Wrap(bErr), "db")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading Database (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "db") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Wrap(err), "db")) + return + } + + databaseResource, ok := databaseI.(*apitypes.DatabaseV3) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Errorf("Can not convert %T to DatabaseV3", databaseI), "db")) + return + } + database = databaseResource + + diags = tfschema.CopyDatabaseV3ToTerraform(ctx, database, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: database.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport Database +func (r resourceTeleportDatabase) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + databaseI, err := r.p.Client.GetDatabase(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Wrap(err), "db")) + return + } + + database := databaseI.(*apitypes.DatabaseV3) + diags = tfschema.CopyDatabaseV3ToTerraform(ctx, database, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport Database +func (r resourceTeleportDatabase) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + database := &apitypes.DatabaseV3{} + diags = tfschema.CopyDatabaseV3FromTerraform(ctx, plan, database) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + databaseResource := database + + + if err := databaseResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating Database", err, "db")) + return + } + name := databaseResource.Metadata.Name + + databaseBefore, err := r.p.Client.GetDatabase(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", err, "db")) + return + } + + err = r.p.Client.UpdateDatabase(ctx, databaseResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating Database", err, "db")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var databaseI apitypes.Database + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + databaseI, err = r.p.Client.GetDatabase(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", err, "db")) + return + } + if databaseBefore.GetMetadata().Revision != databaseI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Wrap(err), "db")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading Database (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "db") + return + } + } + + databaseResource, ok := databaseI.(*apitypes.DatabaseV3) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Errorf("Can not convert %T to DatabaseV3", databaseI), "db")) + return + } + diags = tfschema.CopyDatabaseV3ToTerraform(ctx, database, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport Database +func (r resourceTeleportDatabase) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteDatabase(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting DatabaseV3", trace.Wrap(err), "db")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports Database state +func (r resourceTeleportDatabase) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + database, err := r.p.Client.GetDatabase(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Database", trace.Wrap(err), "db")) + return + } + + + databaseResource := database.(*apitypes.DatabaseV3) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyDatabaseV3ToTerraform(ctx, databaseResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := databaseResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_device_trust.go b/integrations/terraform/provider/resource_teleport_device_trust.go new file mode 100755 index 0000000000000..10cd4ad0a08de --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_device_trust.go @@ -0,0 +1,320 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + "github.com/google/uuid" + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + schemav1 "github.com/gravitational/teleport/integrations/terraform/tfschema/devicetrust/v1" +) + +// resourceTeleportDeviceV1Type is the resource metadata type +type resourceTeleportDeviceV1Type struct{} + +// resourceTeleportDeviceV1 is the resource +type resourceTeleportDeviceV1 struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportDeviceV1Type) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return schemav1.GenSchemaDeviceV1(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportDeviceV1Type) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportDeviceV1{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the DeviceV1 +func (r resourceTeleportDeviceV1) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + trustedDevice := &apitypes.DeviceV1{} + diags = schemav1.CopyDeviceV1FromTerraform(ctx, plan, trustedDevice) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + if trustedDevice.Metadata.Name == "" { + trustedDevice.Metadata.Name = uuid.NewString() + } + + trustedDeviceResource := trustedDevice + + + id := trustedDeviceResource.Metadata.Name + + _, err = r.p.Client.GetDeviceResource(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("DeviceV1 exists in Teleport. Either remove it (tctl rm device/%v)"+ + " or import it to the existing state (terraform import teleport_device_trust.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("DeviceV1 exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", trace.Wrap(err), "device")) + return + } + + _, err = r.p.Client.UpsertDeviceResource(ctx, trustedDeviceResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating DeviceV1", trace.Wrap(err), "device")) + return + } + var trustedDeviceI *apitypes.DeviceV1 + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + trustedDeviceI, err = r.p.Client.GetDeviceResource(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", trace.Wrap(bErr), "device")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading DeviceV1 (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "device") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", trace.Wrap(err), "device")) + return + } + + trustedDeviceResource = trustedDeviceI + + trustedDevice = trustedDeviceResource + + diags = schemav1.CopyDeviceV1ToTerraform(ctx, trustedDevice, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: trustedDevice.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport DeviceV1 +func (r resourceTeleportDeviceV1) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + trustedDeviceI, err := r.p.Client.GetDeviceResource(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", trace.Wrap(err), "device")) + return + } + trustedDevice := trustedDeviceI + diags = schemav1.CopyDeviceV1ToTerraform(ctx, trustedDevice, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport DeviceV1 +func (r resourceTeleportDeviceV1) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + trustedDevice := &apitypes.DeviceV1{} + diags = schemav1.CopyDeviceV1FromTerraform(ctx, plan, trustedDevice) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + trustedDeviceResource := trustedDevice + + + + name := trustedDeviceResource.Metadata.Name + + trustedDeviceBefore, err := r.p.Client.GetDeviceResource(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", err, "device")) + return + } + + _, err = r.p.Client.UpsertDeviceResource(ctx, trustedDeviceResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating DeviceV1", err, "device")) + return + } + var trustedDeviceI *apitypes.DeviceV1 + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + trustedDeviceI, err = r.p.Client.GetDeviceResource(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", err, "device")) + return + } + if trustedDeviceBefore.GetMetadata().Revision != trustedDeviceI.GetMetadata().Revision || true { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", trace.Wrap(err), "device")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading DeviceV1 (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "device") + return + } + } + + trustedDeviceResource = trustedDeviceI + + diags = schemav1.CopyDeviceV1ToTerraform(ctx, trustedDevice, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport DeviceV1 +func (r resourceTeleportDeviceV1) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteDeviceResource(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting DeviceV1", trace.Wrap(err), "device")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports DeviceV1 state +func (r resourceTeleportDeviceV1) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + trustedDevice, err := r.p.Client.GetDeviceResource(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading DeviceV1", trace.Wrap(err), "device")) + return + } + + trustedDeviceResource := trustedDevice + + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = schemav1.CopyDeviceV1ToTerraform(ctx, trustedDeviceResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := trustedDevice.Metadata.Name + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_github_connector.go b/integrations/terraform/provider/resource_teleport_github_connector.go new file mode 100755 index 0000000000000..53b958590238a --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_github_connector.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportGithubConnectorType is the resource metadata type +type resourceTeleportGithubConnectorType struct{} + +// resourceTeleportGithubConnector is the resource +type resourceTeleportGithubConnector struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportGithubConnectorType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaGithubConnectorV3(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportGithubConnectorType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportGithubConnector{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the GithubConnector +func (r resourceTeleportGithubConnector) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + githubConnector := &apitypes.GithubConnectorV3{} + diags = tfschema.CopyGithubConnectorV3FromTerraform(ctx, plan, githubConnector) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + githubConnectorResource := githubConnector + + err = githubConnectorResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting GithubConnector defaults", trace.Wrap(err), "github")) + return + } + + id := githubConnectorResource.Metadata.Name + + _, err = r.p.Client.GetGithubConnector(ctx, id, true) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("GithubConnector exists in Teleport. Either remove it (tctl rm github/%v)"+ + " or import it to the existing state (terraform import teleport_github_connector.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("GithubConnector exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Wrap(err), "github")) + return + } + + _, err = r.p.Client.CreateGithubConnector(ctx, githubConnectorResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating GithubConnector", trace.Wrap(err), "github")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var githubConnectorI apitypes.GithubConnector + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + githubConnectorI, err = r.p.Client.GetGithubConnector(ctx, id, true) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Wrap(bErr), "github")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading GithubConnector (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "github") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Wrap(err), "github")) + return + } + + githubConnectorResource, ok := githubConnectorI.(*apitypes.GithubConnectorV3) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Errorf("Can not convert %T to GithubConnectorV3", githubConnectorI), "github")) + return + } + githubConnector = githubConnectorResource + + diags = tfschema.CopyGithubConnectorV3ToTerraform(ctx, githubConnector, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: githubConnector.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport GithubConnector +func (r resourceTeleportGithubConnector) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + githubConnectorI, err := r.p.Client.GetGithubConnector(ctx, id.Value, true) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Wrap(err), "github")) + return + } + + githubConnector := githubConnectorI.(*apitypes.GithubConnectorV3) + diags = tfschema.CopyGithubConnectorV3ToTerraform(ctx, githubConnector, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport GithubConnector +func (r resourceTeleportGithubConnector) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + githubConnector := &apitypes.GithubConnectorV3{} + diags = tfschema.CopyGithubConnectorV3FromTerraform(ctx, plan, githubConnector) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + githubConnectorResource := githubConnector + + + if err := githubConnectorResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating GithubConnector", err, "github")) + return + } + name := githubConnectorResource.Metadata.Name + + githubConnectorBefore, err := r.p.Client.GetGithubConnector(ctx, name, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", err, "github")) + return + } + + _, err = r.p.Client.UpsertGithubConnector(ctx, githubConnectorResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating GithubConnector", err, "github")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var githubConnectorI apitypes.GithubConnector + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + githubConnectorI, err = r.p.Client.GetGithubConnector(ctx, name, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", err, "github")) + return + } + if githubConnectorBefore.GetMetadata().Revision != githubConnectorI.GetMetadata().Revision || true { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Wrap(err), "github")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading GithubConnector (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "github") + return + } + } + + githubConnectorResource, ok := githubConnectorI.(*apitypes.GithubConnectorV3) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Errorf("Can not convert %T to GithubConnectorV3", githubConnectorI), "github")) + return + } + diags = tfschema.CopyGithubConnectorV3ToTerraform(ctx, githubConnector, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport GithubConnector +func (r resourceTeleportGithubConnector) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteGithubConnector(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting GithubConnectorV3", trace.Wrap(err), "github")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports GithubConnector state +func (r resourceTeleportGithubConnector) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + githubConnector, err := r.p.Client.GetGithubConnector(ctx, req.ID, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading GithubConnector", trace.Wrap(err), "github")) + return + } + + + githubConnectorResource := githubConnector.(*apitypes.GithubConnectorV3) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyGithubConnectorV3ToTerraform(ctx, githubConnectorResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := githubConnectorResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_login_rule.go b/integrations/terraform/provider/resource_teleport_login_rule.go new file mode 100755 index 0000000000000..c0bd7e5968da2 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_login_rule.go @@ -0,0 +1,316 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + loginrulev1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/loginrule/v1" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + schemav1 "github.com/gravitational/teleport/integrations/terraform/tfschema/loginrule/v1" +) + +// resourceTeleportLoginRuleType is the resource metadata type +type resourceTeleportLoginRuleType struct{} + +// resourceTeleportLoginRule is the resource +type resourceTeleportLoginRule struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportLoginRuleType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return schemav1.GenSchemaLoginRule(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportLoginRuleType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportLoginRule{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the LoginRule +func (r resourceTeleportLoginRule) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + loginRule := &loginrulev1.LoginRule{} + diags = schemav1.CopyLoginRuleFromTerraform(ctx, plan, loginRule) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + loginRuleResource := loginRule + + + id := loginRuleResource.Metadata.Name + + _, err = r.p.Client.GetLoginRule(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("LoginRule exists in Teleport. Either remove it (tctl rm login_rule/%v)"+ + " or import it to the existing state (terraform import teleport_login_rule.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("LoginRule exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", trace.Wrap(err), "login_rule")) + return + } + + _, err = r.p.Client.UpsertLoginRule(ctx, loginRuleResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating LoginRule", trace.Wrap(err), "login_rule")) + return + } + var loginRuleI *loginrulev1.LoginRule + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + loginRuleI, err = r.p.Client.GetLoginRule(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", trace.Wrap(bErr), "login_rule")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading LoginRule (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "login_rule") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", trace.Wrap(err), "login_rule")) + return + } + + loginRuleResource = loginRuleI + + loginRule = loginRuleResource + + diags = schemav1.CopyLoginRuleToTerraform(ctx, loginRule, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: loginRule.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport LoginRule +func (r resourceTeleportLoginRule) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + loginRuleI, err := r.p.Client.GetLoginRule(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", trace.Wrap(err), "login_rule")) + return + } + loginRule := loginRuleI + diags = schemav1.CopyLoginRuleToTerraform(ctx, loginRule, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport LoginRule +func (r resourceTeleportLoginRule) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + loginRule := &loginrulev1.LoginRule{} + diags = schemav1.CopyLoginRuleFromTerraform(ctx, plan, loginRule) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + loginRuleResource := loginRule + + + + name := loginRuleResource.Metadata.Name + + loginRuleBefore, err := r.p.Client.GetLoginRule(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", err, "login_rule")) + return + } + + _, err = r.p.Client.UpsertLoginRule(ctx, loginRuleResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating LoginRule", err, "login_rule")) + return + } + var loginRuleI *loginrulev1.LoginRule + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + loginRuleI, err = r.p.Client.GetLoginRule(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", err, "login_rule")) + return + } + if loginRuleBefore.GetMetadata().Revision != loginRuleI.GetMetadata().Revision || true { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", trace.Wrap(err), "login_rule")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading LoginRule (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "login_rule") + return + } + } + + loginRuleResource = loginRuleI + + diags = schemav1.CopyLoginRuleToTerraform(ctx, loginRule, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport LoginRule +func (r resourceTeleportLoginRule) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteLoginRule(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting LoginRule", trace.Wrap(err), "login_rule")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports LoginRule state +func (r resourceTeleportLoginRule) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + loginRule, err := r.p.Client.GetLoginRule(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading LoginRule", trace.Wrap(err), "login_rule")) + return + } + + loginRuleResource := loginRule + + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = schemav1.CopyLoginRuleToTerraform(ctx, loginRuleResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := loginRule.Metadata.Name + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_oidc_connector.go b/integrations/terraform/provider/resource_teleport_oidc_connector.go new file mode 100755 index 0000000000000..6b7c4c59490c8 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_oidc_connector.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportOIDCConnectorType is the resource metadata type +type resourceTeleportOIDCConnectorType struct{} + +// resourceTeleportOIDCConnector is the resource +type resourceTeleportOIDCConnector struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportOIDCConnectorType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaOIDCConnectorV3(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportOIDCConnectorType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportOIDCConnector{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the OIDCConnector +func (r resourceTeleportOIDCConnector) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oidcConnector := &apitypes.OIDCConnectorV3{} + diags = tfschema.CopyOIDCConnectorV3FromTerraform(ctx, plan, oidcConnector) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + oidcConnectorResource := oidcConnector + + err = oidcConnectorResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting OIDCConnector defaults", trace.Wrap(err), "oidc")) + return + } + + id := oidcConnectorResource.Metadata.Name + + _, err = r.p.Client.GetOIDCConnector(ctx, id, true) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("OIDCConnector exists in Teleport. Either remove it (tctl rm oidc/%v)"+ + " or import it to the existing state (terraform import teleport_oidc_connector.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("OIDCConnector exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Wrap(err), "oidc")) + return + } + + _, err = r.p.Client.CreateOIDCConnector(ctx, oidcConnectorResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating OIDCConnector", trace.Wrap(err), "oidc")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var oidcConnectorI apitypes.OIDCConnector + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + oidcConnectorI, err = r.p.Client.GetOIDCConnector(ctx, id, true) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Wrap(bErr), "oidc")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading OIDCConnector (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "oidc") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Wrap(err), "oidc")) + return + } + + oidcConnectorResource, ok := oidcConnectorI.(*apitypes.OIDCConnectorV3) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Errorf("Can not convert %T to OIDCConnectorV3", oidcConnectorI), "oidc")) + return + } + oidcConnector = oidcConnectorResource + + diags = tfschema.CopyOIDCConnectorV3ToTerraform(ctx, oidcConnector, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: oidcConnector.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport OIDCConnector +func (r resourceTeleportOIDCConnector) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oidcConnectorI, err := r.p.Client.GetOIDCConnector(ctx, id.Value, true) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Wrap(err), "oidc")) + return + } + + oidcConnector := oidcConnectorI.(*apitypes.OIDCConnectorV3) + diags = tfschema.CopyOIDCConnectorV3ToTerraform(ctx, oidcConnector, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport OIDCConnector +func (r resourceTeleportOIDCConnector) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oidcConnector := &apitypes.OIDCConnectorV3{} + diags = tfschema.CopyOIDCConnectorV3FromTerraform(ctx, plan, oidcConnector) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + oidcConnectorResource := oidcConnector + + + if err := oidcConnectorResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating OIDCConnector", err, "oidc")) + return + } + name := oidcConnectorResource.Metadata.Name + + oidcConnectorBefore, err := r.p.Client.GetOIDCConnector(ctx, name, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", err, "oidc")) + return + } + + _, err = r.p.Client.UpsertOIDCConnector(ctx, oidcConnectorResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating OIDCConnector", err, "oidc")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var oidcConnectorI apitypes.OIDCConnector + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + oidcConnectorI, err = r.p.Client.GetOIDCConnector(ctx, name, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", err, "oidc")) + return + } + if oidcConnectorBefore.GetMetadata().Revision != oidcConnectorI.GetMetadata().Revision || true { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Wrap(err), "oidc")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading OIDCConnector (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "oidc") + return + } + } + + oidcConnectorResource, ok := oidcConnectorI.(*apitypes.OIDCConnectorV3) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Errorf("Can not convert %T to OIDCConnectorV3", oidcConnectorI), "oidc")) + return + } + diags = tfschema.CopyOIDCConnectorV3ToTerraform(ctx, oidcConnector, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport OIDCConnector +func (r resourceTeleportOIDCConnector) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteOIDCConnector(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting OIDCConnectorV3", trace.Wrap(err), "oidc")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports OIDCConnector state +func (r resourceTeleportOIDCConnector) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + oidcConnector, err := r.p.Client.GetOIDCConnector(ctx, req.ID, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OIDCConnector", trace.Wrap(err), "oidc")) + return + } + + + oidcConnectorResource := oidcConnector.(*apitypes.OIDCConnectorV3) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyOIDCConnectorV3ToTerraform(ctx, oidcConnectorResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := oidcConnectorResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_okta_import_rule.go b/integrations/terraform/provider/resource_teleport_okta_import_rule.go new file mode 100755 index 0000000000000..be9bf8b258789 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_okta_import_rule.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportOktaImportRuleType is the resource metadata type +type resourceTeleportOktaImportRuleType struct{} + +// resourceTeleportOktaImportRule is the resource +type resourceTeleportOktaImportRule struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportOktaImportRuleType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaOktaImportRuleV1(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportOktaImportRuleType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportOktaImportRule{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the OktaImportRule +func (r resourceTeleportOktaImportRule) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oktaImportRule := &apitypes.OktaImportRuleV1{} + diags = tfschema.CopyOktaImportRuleV1FromTerraform(ctx, plan, oktaImportRule) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + oktaImportRuleResource := oktaImportRule + + err = oktaImportRuleResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting OktaImportRule defaults", trace.Wrap(err), "okta_import_rule")) + return + } + + id := oktaImportRuleResource.Metadata.Name + + _, err = r.p.Client.OktaClient().GetOktaImportRule(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("OktaImportRule exists in Teleport. Either remove it (tctl rm okta_import_rule/%v)"+ + " or import it to the existing state (terraform import teleport_okta_import_rule.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("OktaImportRule exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + _, err = r.p.Client.OktaClient().CreateOktaImportRule(ctx, oktaImportRuleResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var oktaImportRuleI apitypes.OktaImportRule + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + oktaImportRuleI, err = r.p.Client.OktaClient().GetOktaImportRule(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(bErr), "okta_import_rule")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading OktaImportRule (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "okta_import_rule") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + oktaImportRuleResource, ok := oktaImportRuleI.(*apitypes.OktaImportRuleV1) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Errorf("Can not convert %T to OktaImportRuleV1", oktaImportRuleI), "okta_import_rule")) + return + } + oktaImportRule = oktaImportRuleResource + + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, oktaImportRule, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: oktaImportRule.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport OktaImportRule +func (r resourceTeleportOktaImportRule) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oktaImportRuleI, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + oktaImportRule := oktaImportRuleI.(*apitypes.OktaImportRuleV1) + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, oktaImportRule, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport OktaImportRule +func (r resourceTeleportOktaImportRule) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + oktaImportRule := &apitypes.OktaImportRuleV1{} + diags = tfschema.CopyOktaImportRuleV1FromTerraform(ctx, plan, oktaImportRule) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + oktaImportRuleResource := oktaImportRule + + + if err := oktaImportRuleResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating OktaImportRule", err, "okta_import_rule")) + return + } + name := oktaImportRuleResource.Metadata.Name + + oktaImportRuleBefore, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", err, "okta_import_rule")) + return + } + + _, err = r.p.Client.OktaClient().UpdateOktaImportRule(ctx, oktaImportRuleResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating OktaImportRule", err, "okta_import_rule")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var oktaImportRuleI apitypes.OktaImportRule + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + oktaImportRuleI, err = r.p.Client.OktaClient().GetOktaImportRule(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", err, "okta_import_rule")) + return + } + if oktaImportRuleBefore.GetMetadata().Revision != oktaImportRuleI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading OktaImportRule (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "okta_import_rule") + return + } + } + + oktaImportRuleResource, ok := oktaImportRuleI.(*apitypes.OktaImportRuleV1) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Errorf("Can not convert %T to OktaImportRuleV1", oktaImportRuleI), "okta_import_rule")) + return + } + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, oktaImportRule, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport OktaImportRule +func (r resourceTeleportOktaImportRule) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.OktaClient().DeleteOktaImportRule(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting OktaImportRuleV1", trace.Wrap(err), "okta_import_rule")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports OktaImportRule state +func (r resourceTeleportOktaImportRule) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + oktaImportRule, err := r.p.Client.OktaClient().GetOktaImportRule(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading OktaImportRule", trace.Wrap(err), "okta_import_rule")) + return + } + + + oktaImportRuleResource := oktaImportRule.(*apitypes.OktaImportRuleV1) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyOktaImportRuleV1ToTerraform(ctx, oktaImportRuleResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := oktaImportRuleResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_provision_token.go b/integrations/terraform/provider/resource_teleport_provision_token.go new file mode 100755 index 0000000000000..eed7283bf5849 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_provision_token.go @@ -0,0 +1,347 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "crypto/rand" + "encoding/hex" + "fmt" + "strconv" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportProvisionTokenType is the resource metadata type +type resourceTeleportProvisionTokenType struct{} + +// resourceTeleportProvisionToken is the resource +type resourceTeleportProvisionToken struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportProvisionTokenType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaProvisionTokenV2(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportProvisionTokenType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportProvisionToken{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the ProvisionToken +func (r resourceTeleportProvisionToken) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + provisionToken := &apitypes.ProvisionTokenV2{} + diags = tfschema.CopyProvisionTokenV2FromTerraform(ctx, plan, provisionToken) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + if provisionToken.Metadata.Name == "" { + b := make([]byte, 32) + _, err := rand.Read(b) + if err != nil { + resp.Diagnostics.AddError("Failed to generate random token", err.Error()) + return + } + provisionToken.Metadata.Name = hex.EncodeToString(b) + } + + provisionTokenResource := provisionToken + + err = provisionTokenResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting ProvisionToken defaults", trace.Wrap(err), "token")) + return + } + + id := provisionTokenResource.Metadata.Name + + _, err = r.p.Client.GetToken(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("ProvisionToken exists in Teleport. Either remove it (tctl rm token/%v)"+ + " or import it to the existing state (terraform import teleport_provision_token.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("ProvisionToken exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Wrap(err), "token")) + return + } + + err = r.p.Client.UpsertToken(ctx, provisionTokenResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating ProvisionToken", trace.Wrap(err), "token")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var provisionTokenI apitypes.ProvisionToken + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + provisionTokenI, err = r.p.Client.GetToken(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Wrap(bErr), "token")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading ProvisionToken (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "token") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Wrap(err), "token")) + return + } + + provisionTokenResource, ok := provisionTokenI.(*apitypes.ProvisionTokenV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Errorf("Can not convert %T to ProvisionTokenV2", provisionTokenI), "token")) + return + } + provisionToken = provisionTokenResource + + diags = tfschema.CopyProvisionTokenV2ToTerraform(ctx, provisionToken, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: strconv.FormatInt(provisionToken.Metadata.ID, 10)} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport ProvisionToken +func (r resourceTeleportProvisionToken) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + provisionTokenI, err := r.p.Client.GetToken(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Wrap(err), "token")) + return + } + + provisionToken := provisionTokenI.(*apitypes.ProvisionTokenV2) + diags = tfschema.CopyProvisionTokenV2ToTerraform(ctx, provisionToken, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport ProvisionToken +func (r resourceTeleportProvisionToken) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + provisionToken := &apitypes.ProvisionTokenV2{} + diags = tfschema.CopyProvisionTokenV2FromTerraform(ctx, plan, provisionToken) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + provisionTokenResource := provisionToken + + + if err := provisionTokenResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating ProvisionToken", err, "token")) + return + } + name := provisionTokenResource.Metadata.Name + + provisionTokenBefore, err := r.p.Client.GetToken(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", err, "token")) + return + } + + err = r.p.Client.UpsertToken(ctx, provisionTokenResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating ProvisionToken", err, "token")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var provisionTokenI apitypes.ProvisionToken + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + provisionTokenI, err = r.p.Client.GetToken(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", err, "token")) + return + } + if provisionTokenBefore.GetMetadata().Revision != provisionTokenI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Wrap(err), "token")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading ProvisionToken (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "token") + return + } + } + + provisionTokenResource, ok := provisionTokenI.(*apitypes.ProvisionTokenV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Errorf("Can not convert %T to ProvisionTokenV2", provisionTokenI), "token")) + return + } + diags = tfschema.CopyProvisionTokenV2ToTerraform(ctx, provisionToken, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport ProvisionToken +func (r resourceTeleportProvisionToken) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteToken(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting ProvisionTokenV2", trace.Wrap(err), "token")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports ProvisionToken state +func (r resourceTeleportProvisionToken) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + provisionToken, err := r.p.Client.GetToken(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading ProvisionToken", trace.Wrap(err), "token")) + return + } + + + provisionTokenResource := provisionToken.(*apitypes.ProvisionTokenV2) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyProvisionTokenV2ToTerraform(ctx, provisionTokenResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := provisionTokenResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_role.go b/integrations/terraform/provider/resource_teleport_role.go new file mode 100755 index 0000000000000..f503f29520523 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_role.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportRoleType is the resource metadata type +type resourceTeleportRoleType struct{} + +// resourceTeleportRole is the resource +type resourceTeleportRole struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportRoleType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaRoleV6(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportRoleType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportRole{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the Role +func (r resourceTeleportRole) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + role := &apitypes.RoleV6{} + diags = tfschema.CopyRoleV6FromTerraform(ctx, plan, role) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + roleResource := role + + err = roleResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting Role defaults", trace.Wrap(err), "role")) + return + } + + id := roleResource.Metadata.Name + + _, err = r.p.Client.GetRole(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("Role exists in Teleport. Either remove it (tctl rm role/%v)"+ + " or import it to the existing state (terraform import teleport_role.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("Role exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Wrap(err), "role")) + return + } + + _, err = r.p.Client.CreateRole(ctx, roleResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating Role", trace.Wrap(err), "role")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var roleI apitypes.Role + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + roleI, err = r.p.Client.GetRole(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Wrap(bErr), "role")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading Role (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "role") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Wrap(err), "role")) + return + } + + roleResource, ok := roleI.(*apitypes.RoleV6) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Errorf("Can not convert %T to RoleV6", roleI), "role")) + return + } + role = roleResource + + diags = tfschema.CopyRoleV6ToTerraform(ctx, role, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: role.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport Role +func (r resourceTeleportRole) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + roleI, err := r.p.Client.GetRole(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Wrap(err), "role")) + return + } + + role := roleI.(*apitypes.RoleV6) + diags = tfschema.CopyRoleV6ToTerraform(ctx, role, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport Role +func (r resourceTeleportRole) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + role := &apitypes.RoleV6{} + diags = tfschema.CopyRoleV6FromTerraform(ctx, plan, role) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + roleResource := role + + + if err := roleResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating Role", err, "role")) + return + } + name := roleResource.Metadata.Name + + roleBefore, err := r.p.Client.GetRole(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", err, "role")) + return + } + + _, err = r.p.Client.UpsertRole(ctx, roleResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating Role", err, "role")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var roleI apitypes.Role + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + roleI, err = r.p.Client.GetRole(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", err, "role")) + return + } + if roleBefore.GetMetadata().Revision != roleI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Wrap(err), "role")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading Role (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "role") + return + } + } + + roleResource, ok := roleI.(*apitypes.RoleV6) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Errorf("Can not convert %T to RoleV6", roleI), "role")) + return + } + diags = tfschema.CopyRoleV6ToTerraform(ctx, role, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport Role +func (r resourceTeleportRole) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteRole(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting RoleV6", trace.Wrap(err), "role")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports Role state +func (r resourceTeleportRole) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + role, err := r.p.Client.GetRole(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Role", trace.Wrap(err), "role")) + return + } + + + roleResource := role.(*apitypes.RoleV6) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyRoleV6ToTerraform(ctx, roleResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := roleResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_saml_connector.go b/integrations/terraform/provider/resource_teleport_saml_connector.go new file mode 100755 index 0000000000000..313b01547414f --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_saml_connector.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportSAMLConnectorType is the resource metadata type +type resourceTeleportSAMLConnectorType struct{} + +// resourceTeleportSAMLConnector is the resource +type resourceTeleportSAMLConnector struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportSAMLConnectorType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaSAMLConnectorV2(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportSAMLConnectorType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportSAMLConnector{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the SAMLConnector +func (r resourceTeleportSAMLConnector) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + samlConnector := &apitypes.SAMLConnectorV2{} + diags = tfschema.CopySAMLConnectorV2FromTerraform(ctx, plan, samlConnector) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + samlConnectorResource := samlConnector + + err = samlConnectorResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting SAMLConnector defaults", trace.Wrap(err), "saml")) + return + } + + id := samlConnectorResource.Metadata.Name + + _, err = r.p.Client.GetSAMLConnector(ctx, id, true) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("SAMLConnector exists in Teleport. Either remove it (tctl rm saml/%v)"+ + " or import it to the existing state (terraform import teleport_saml_connector.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("SAMLConnector exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Wrap(err), "saml")) + return + } + + _, err = r.p.Client.CreateSAMLConnector(ctx, samlConnectorResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating SAMLConnector", trace.Wrap(err), "saml")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var samlConnectorI apitypes.SAMLConnector + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + samlConnectorI, err = r.p.Client.GetSAMLConnector(ctx, id, true) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Wrap(bErr), "saml")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading SAMLConnector (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "saml") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Wrap(err), "saml")) + return + } + + samlConnectorResource, ok := samlConnectorI.(*apitypes.SAMLConnectorV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Errorf("Can not convert %T to SAMLConnectorV2", samlConnectorI), "saml")) + return + } + samlConnector = samlConnectorResource + + diags = tfschema.CopySAMLConnectorV2ToTerraform(ctx, samlConnector, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: samlConnector.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport SAMLConnector +func (r resourceTeleportSAMLConnector) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + samlConnectorI, err := r.p.Client.GetSAMLConnector(ctx, id.Value, true) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Wrap(err), "saml")) + return + } + + samlConnector := samlConnectorI.(*apitypes.SAMLConnectorV2) + diags = tfschema.CopySAMLConnectorV2ToTerraform(ctx, samlConnector, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport SAMLConnector +func (r resourceTeleportSAMLConnector) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + samlConnector := &apitypes.SAMLConnectorV2{} + diags = tfschema.CopySAMLConnectorV2FromTerraform(ctx, plan, samlConnector) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + samlConnectorResource := samlConnector + + + if err := samlConnectorResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating SAMLConnector", err, "saml")) + return + } + name := samlConnectorResource.Metadata.Name + + samlConnectorBefore, err := r.p.Client.GetSAMLConnector(ctx, name, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", err, "saml")) + return + } + + _, err = r.p.Client.UpsertSAMLConnector(ctx, samlConnectorResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating SAMLConnector", err, "saml")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var samlConnectorI apitypes.SAMLConnector + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + samlConnectorI, err = r.p.Client.GetSAMLConnector(ctx, name, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", err, "saml")) + return + } + if samlConnectorBefore.GetMetadata().Revision != samlConnectorI.GetMetadata().Revision || true { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Wrap(err), "saml")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading SAMLConnector (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "saml") + return + } + } + + samlConnectorResource, ok := samlConnectorI.(*apitypes.SAMLConnectorV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Errorf("Can not convert %T to SAMLConnectorV2", samlConnectorI), "saml")) + return + } + diags = tfschema.CopySAMLConnectorV2ToTerraform(ctx, samlConnector, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport SAMLConnector +func (r resourceTeleportSAMLConnector) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteSAMLConnector(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting SAMLConnectorV2", trace.Wrap(err), "saml")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports SAMLConnector state +func (r resourceTeleportSAMLConnector) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + samlConnector, err := r.p.Client.GetSAMLConnector(ctx, req.ID, true) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SAMLConnector", trace.Wrap(err), "saml")) + return + } + + + samlConnectorResource := samlConnector.(*apitypes.SAMLConnectorV2) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopySAMLConnectorV2ToTerraform(ctx, samlConnectorResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := samlConnectorResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_server.go b/integrations/terraform/provider/resource_teleport_server.go new file mode 100755 index 0000000000000..e05e6fc6ffb12 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_server.go @@ -0,0 +1,337 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + "github.com/gravitational/teleport/api/defaults" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportServerType is the resource metadata type +type resourceTeleportServerType struct{} + +// resourceTeleportServer is the resource +type resourceTeleportServer struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportServerType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaServerV2(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportServerType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportServer{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the Server +func (r resourceTeleportServer) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + server := &apitypes.ServerV2{} + diags = tfschema.CopyServerV2FromTerraform(ctx, plan, server) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + serverResource := server + + serverResource.Kind = apitypes.KindNode + err = serverResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting Server defaults", trace.Wrap(err), "node")) + return + } + + id := serverResource.Metadata.Name + + _, err = r.p.Client.GetNode(ctx, defaults.Namespace, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("Server exists in Teleport. Either remove it (tctl rm node/%v)"+ + " or import it to the existing state (terraform import teleport_server.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("Server exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Wrap(err), "node")) + return + } + + _, err = r.p.Client.UpsertNode(ctx, serverResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating Server", trace.Wrap(err), "node")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var serverI apitypes.Server + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + serverI, err = r.p.Client.GetNode(ctx, defaults.Namespace, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Wrap(bErr), "node")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading Server (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "node") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Wrap(err), "node")) + return + } + + serverResource, ok := serverI.(*apitypes.ServerV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Errorf("Can not convert %T to ServerV2", serverI), "node")) + return + } + server = serverResource + + diags = tfschema.CopyServerV2ToTerraform(ctx, server, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: server.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport Server +func (r resourceTeleportServer) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + serverI, err := r.p.Client.GetNode(ctx, defaults.Namespace, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Wrap(err), "node")) + return + } + + server := serverI.(*apitypes.ServerV2) + diags = tfschema.CopyServerV2ToTerraform(ctx, server, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport Server +func (r resourceTeleportServer) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + server := &apitypes.ServerV2{} + diags = tfschema.CopyServerV2FromTerraform(ctx, plan, server) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + serverResource := server + + + if err := serverResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating Server", err, "node")) + return + } + name := serverResource.Metadata.Name + + serverBefore, err := r.p.Client.GetNode(ctx, defaults.Namespace, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", err, "node")) + return + } + + _, err = r.p.Client.UpsertNode(ctx, serverResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating Server", err, "node")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var serverI apitypes.Server + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + serverI, err = r.p.Client.GetNode(ctx, defaults.Namespace, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", err, "node")) + return + } + if serverBefore.GetMetadata().Revision != serverI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Wrap(err), "node")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading Server (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "node") + return + } + } + + serverResource, ok := serverI.(*apitypes.ServerV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Errorf("Can not convert %T to ServerV2", serverI), "node")) + return + } + diags = tfschema.CopyServerV2ToTerraform(ctx, server, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport Server +func (r resourceTeleportServer) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteNode(ctx, defaults.Namespace, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting ServerV2", trace.Wrap(err), "node")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports Server state +func (r resourceTeleportServer) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + server, err := r.p.Client.GetNode(ctx, defaults.Namespace, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading Server", trace.Wrap(err), "node")) + return + } + + + serverResource := server.(*apitypes.ServerV2) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyServerV2ToTerraform(ctx, serverResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := serverResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_session_recording_config.go b/integrations/terraform/provider/resource_teleport_session_recording_config.go new file mode 100755 index 0000000000000..ae358f4c01541 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_session_recording_config.go @@ -0,0 +1,300 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportSessionRecordingConfigType is the resource metadata type +type resourceTeleportSessionRecordingConfigType struct{} + +// resourceTeleportSessionRecordingConfig is the resource +type resourceTeleportSessionRecordingConfig struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportSessionRecordingConfigType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaSessionRecordingConfigV2(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportSessionRecordingConfigType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportSessionRecordingConfig{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the SessionRecordingConfig +func (r resourceTeleportSessionRecordingConfig) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + sessionRecordingConfig := &apitypes.SessionRecordingConfigV2{} + diags = tfschema.CopySessionRecordingConfigV2FromTerraform(ctx, plan, sessionRecordingConfig) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := sessionRecordingConfig.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting SessionRecordingConfig defaults", trace.Wrap(err), "session_recording_config")) + return + } + + + + sessionRecordingConfigBefore, err := r.p.Client.GetSessionRecordingConfig(ctx) + if err != nil && !trace.IsNotFound(err) { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + err = r.p.Client.SetSessionRecordingConfig(ctx, sessionRecordingConfig) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + var sessionRecordingConfigI apitypes.SessionRecordingConfig + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + sessionRecordingConfigI, err = r.p.Client.GetSessionRecordingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + if sessionRecordingConfigBefore.GetMetadata().Revision != sessionRecordingConfigI.GetMetadata().Revision || false { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(bErr), "session_recording_config")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading SessionRecordingConfig (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "session_recording_config") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + sessionRecordingConfig, ok := sessionRecordingConfigI.(*apitypes.SessionRecordingConfigV2) + if !ok { + resp.Diagnostics.Append( + diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Errorf("Can not convert %T to SessionRecordingConfigV2", sessionRecordingConfigI), "session_recording_config"), + ) + return + } + + diags = tfschema.CopySessionRecordingConfigV2ToTerraform(ctx, sessionRecordingConfig, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: "session_recording_config"} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport SessionRecordingConfig +func (r resourceTeleportSessionRecordingConfig) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + sessionRecordingConfigI, err := r.p.Client.GetSessionRecordingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + sessionRecordingConfig := sessionRecordingConfigI.(*apitypes.SessionRecordingConfigV2) + diags = tfschema.CopySessionRecordingConfigV2ToTerraform(ctx, sessionRecordingConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport SessionRecordingConfig +func (r resourceTeleportSessionRecordingConfig) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + sessionRecordingConfig := &apitypes.SessionRecordingConfigV2{} + diags = tfschema.CopySessionRecordingConfigV2FromTerraform(ctx, plan, sessionRecordingConfig) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := sessionRecordingConfig.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + sessionRecordingConfigBefore, err := r.p.Client.GetSessionRecordingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + err = r.p.Client.SetSessionRecordingConfig(ctx, sessionRecordingConfig) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + var sessionRecordingConfigI apitypes.SessionRecordingConfig + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + sessionRecordingConfigI, err = r.p.Client.GetSessionRecordingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + if sessionRecordingConfigBefore.GetMetadata().Revision != sessionRecordingConfigI.GetMetadata().Revision || false { + break + } + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(bErr), "session_recording_config")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading SessionRecordingConfig (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "session_recording_config") + return + } + } + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + sessionRecordingConfig = sessionRecordingConfigI.(*apitypes.SessionRecordingConfigV2) + diags = tfschema.CopySessionRecordingConfigV2ToTerraform(ctx, sessionRecordingConfig, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport SessionRecordingConfig +func (r resourceTeleportSessionRecordingConfig) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + err := r.p.Client.ResetSessionRecordingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports SessionRecordingConfig state +func (r resourceTeleportSessionRecordingConfig) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + sessionRecordingConfigI, err := r.p.Client.GetSessionRecordingConfig(ctx) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating SessionRecordingConfig", trace.Wrap(err), "session_recording_config")) + return + } + + sessionRecordingConfig := sessionRecordingConfigI.(*apitypes.SessionRecordingConfigV2) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopySessionRecordingConfigV2ToTerraform(ctx, sessionRecordingConfig, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + state.Attrs["id"] = types.String{Value: sessionRecordingConfig.Metadata.Name} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_trusted_cluster.go b/integrations/terraform/provider/resource_teleport_trusted_cluster.go new file mode 100755 index 0000000000000..00f55774363ef --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_trusted_cluster.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportTrustedClusterType is the resource metadata type +type resourceTeleportTrustedClusterType struct{} + +// resourceTeleportTrustedCluster is the resource +type resourceTeleportTrustedCluster struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportTrustedClusterType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaTrustedClusterV2(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportTrustedClusterType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportTrustedCluster{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the TrustedCluster +func (r resourceTeleportTrustedCluster) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + trustedCluster := &apitypes.TrustedClusterV2{} + diags = tfschema.CopyTrustedClusterV2FromTerraform(ctx, plan, trustedCluster) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + trustedClusterResource := trustedCluster + + err = trustedClusterResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting TrustedCluster defaults", trace.Wrap(err), "trusted_cluster")) + return + } + + id := trustedClusterResource.Metadata.Name + + _, err = r.p.Client.GetTrustedCluster(ctx, id) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("TrustedCluster exists in Teleport. Either remove it (tctl rm trusted_cluster/%v)"+ + " or import it to the existing state (terraform import teleport_trusted_cluster.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("TrustedCluster exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Wrap(err), "trusted_cluster")) + return + } + + _, err = r.p.Client.UpsertTrustedCluster(ctx, trustedClusterResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating TrustedCluster", trace.Wrap(err), "trusted_cluster")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var trustedClusterI apitypes.TrustedCluster + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + trustedClusterI, err = r.p.Client.GetTrustedCluster(ctx, id) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Wrap(bErr), "trusted_cluster")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading TrustedCluster (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "trusted_cluster") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Wrap(err), "trusted_cluster")) + return + } + + trustedClusterResource, ok := trustedClusterI.(*apitypes.TrustedClusterV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Errorf("Can not convert %T to TrustedClusterV2", trustedClusterI), "trusted_cluster")) + return + } + trustedCluster = trustedClusterResource + + diags = tfschema.CopyTrustedClusterV2ToTerraform(ctx, trustedCluster, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: trustedCluster.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport TrustedCluster +func (r resourceTeleportTrustedCluster) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + trustedClusterI, err := r.p.Client.GetTrustedCluster(ctx, id.Value) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Wrap(err), "trusted_cluster")) + return + } + + trustedCluster := trustedClusterI.(*apitypes.TrustedClusterV2) + diags = tfschema.CopyTrustedClusterV2ToTerraform(ctx, trustedCluster, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport TrustedCluster +func (r resourceTeleportTrustedCluster) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + trustedCluster := &apitypes.TrustedClusterV2{} + diags = tfschema.CopyTrustedClusterV2FromTerraform(ctx, plan, trustedCluster) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + trustedClusterResource := trustedCluster + + + if err := trustedClusterResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating TrustedCluster", err, "trusted_cluster")) + return + } + name := trustedClusterResource.Metadata.Name + + trustedClusterBefore, err := r.p.Client.GetTrustedCluster(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", err, "trusted_cluster")) + return + } + + _, err = r.p.Client.UpsertTrustedCluster(ctx, trustedClusterResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating TrustedCluster", err, "trusted_cluster")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var trustedClusterI apitypes.TrustedCluster + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + trustedClusterI, err = r.p.Client.GetTrustedCluster(ctx, name) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", err, "trusted_cluster")) + return + } + if trustedClusterBefore.GetMetadata().Revision != trustedClusterI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Wrap(err), "trusted_cluster")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading TrustedCluster (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "trusted_cluster") + return + } + } + + trustedClusterResource, ok := trustedClusterI.(*apitypes.TrustedClusterV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Errorf("Can not convert %T to TrustedClusterV2", trustedClusterI), "trusted_cluster")) + return + } + diags = tfschema.CopyTrustedClusterV2ToTerraform(ctx, trustedCluster, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport TrustedCluster +func (r resourceTeleportTrustedCluster) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteTrustedCluster(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting TrustedClusterV2", trace.Wrap(err), "trusted_cluster")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports TrustedCluster state +func (r resourceTeleportTrustedCluster) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + trustedCluster, err := r.p.Client.GetTrustedCluster(ctx, req.ID) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading TrustedCluster", trace.Wrap(err), "trusted_cluster")) + return + } + + + trustedClusterResource := trustedCluster.(*apitypes.TrustedClusterV2) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyTrustedClusterV2ToTerraform(ctx, trustedClusterResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := trustedClusterResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/provider/resource_teleport_user.go b/integrations/terraform/provider/resource_teleport_user.go new file mode 100755 index 0000000000000..1c4dd556bc855 --- /dev/null +++ b/integrations/terraform/provider/resource_teleport_user.go @@ -0,0 +1,335 @@ +// Code generated by _gen/main.go DO NOT EDIT +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package provider + +import ( + "context" + "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + + "github.com/gravitational/teleport/integrations/lib/backoff" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/jonboulle/clockwork" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +// resourceTeleportUserType is the resource metadata type +type resourceTeleportUserType struct{} + +// resourceTeleportUser is the resource +type resourceTeleportUser struct { + p Provider +} + +// GetSchema returns the resource schema +func (r resourceTeleportUserType) GetSchema(ctx context.Context) (tfsdk.Schema, diag.Diagnostics) { + return tfschema.GenSchemaUserV2(ctx) +} + +// NewResource creates the empty resource +func (r resourceTeleportUserType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) { + return resourceTeleportUser{ + p: *(p.(*Provider)), + }, nil +} + +// Create creates the User +func (r resourceTeleportUser) Create(ctx context.Context, req tfsdk.CreateResourceRequest, resp *tfsdk.CreateResourceResponse) { + var err error + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + user := &apitypes.UserV2{} + diags = tfschema.CopyUserV2FromTerraform(ctx, plan, user) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + + userResource := user + + err = userResource.CheckAndSetDefaults() + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error setting User defaults", trace.Wrap(err), "user")) + return + } + + id := userResource.Metadata.Name + + _, err = r.p.Client.GetUser(ctx, id, false) + if !trace.IsNotFound(err) { + if err == nil { + existErr := fmt.Sprintf("User exists in Teleport. Either remove it (tctl rm user/%v)"+ + " or import it to the existing state (terraform import teleport_user.%v %v)", id, id, id) + + resp.Diagnostics.Append(diagFromErr("User exists in Teleport", trace.Errorf(existErr))) + return + } + + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Wrap(err), "user")) + return + } + + _, err = r.p.Client.CreateUser(ctx, userResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error creating User", trace.Wrap(err), "user")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var userI apitypes.User + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + userI, err = r.p.Client.GetUser(ctx, id, false) + if trace.IsNotFound(err) { + if bErr := backoff.Do(ctx); bErr != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Wrap(bErr), "user")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading User (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "user") + } + continue + } + break + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Wrap(err), "user")) + return + } + + userResource, ok := userI.(*apitypes.UserV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Errorf("Can not convert %T to UserV2", userI), "user")) + return + } + user = userResource + + diags = tfschema.CopyUserV2ToTerraform(ctx, user, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + plan.Attrs["id"] = types.String{Value: user.Metadata.Name} + + diags = resp.State.Set(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Read reads teleport User +func (r resourceTeleportUser) Read(ctx context.Context, req tfsdk.ReadResourceRequest, resp *tfsdk.ReadResourceResponse) { + var state types.Object + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var id types.String + diags = req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + userI, err := r.p.Client.GetUser(ctx, id.Value, false) + if trace.IsNotFound(err) { + resp.State.RemoveResource(ctx) + return + } + + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Wrap(err), "user")) + return + } + + user := userI.(*apitypes.UserV2) + diags = tfschema.CopyUserV2ToTerraform(ctx, user, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates teleport User +func (r resourceTeleportUser) Update(ctx context.Context, req tfsdk.UpdateResourceRequest, resp *tfsdk.UpdateResourceResponse) { + if !r.p.IsConfigured(resp.Diagnostics) { + return + } + + var plan types.Object + diags := req.Plan.Get(ctx, &plan) + + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + user := &apitypes.UserV2{} + diags = tfschema.CopyUserV2FromTerraform(ctx, plan, user) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + userResource := user + + + if err := userResource.CheckAndSetDefaults(); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating User", err, "user")) + return + } + name := userResource.Metadata.Name + + userBefore, err := r.p.Client.GetUser(ctx, name, false) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", err, "user")) + return + } + + _, err = r.p.Client.UpsertUser(ctx, userResource) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error updating User", err, "user")) + return + } + + // Not really an inferface, just using the same name for easier templating. + var userI apitypes.User + + tries := 0 + backoff := backoff.NewDecorr(r.p.RetryConfig.Base, r.p.RetryConfig.Cap, clockwork.NewRealClock()) + for { + tries = tries + 1 + userI, err = r.p.Client.GetUser(ctx, name, false) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", err, "user")) + return + } + if userBefore.GetMetadata().Revision != userI.GetMetadata().Revision || false { + break + } + + if err := backoff.Do(ctx); err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Wrap(err), "user")) + return + } + if tries >= r.p.RetryConfig.MaxTries { + diagMessage := fmt.Sprintf("Error reading User (tried %d times) - state outdated, please import resource", tries) + resp.Diagnostics.AddError(diagMessage, "user") + return + } + } + + userResource, ok := userI.(*apitypes.UserV2) + if !ok { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Errorf("Can not convert %T to UserV2", userI), "user")) + return + } + diags = tfschema.CopyUserV2ToTerraform(ctx, user, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Delete deletes Teleport User +func (r resourceTeleportUser) Delete(ctx context.Context, req tfsdk.DeleteResourceRequest, resp *tfsdk.DeleteResourceResponse) { + var id types.String + diags := req.State.GetAttribute(ctx, path.Root("metadata").AtName("name"), &id) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + err := r.p.Client.DeleteUser(ctx, id.Value) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error deleting UserV2", trace.Wrap(err), "user")) + return + } + + resp.State.RemoveResource(ctx) +} + +// ImportState imports User state +func (r resourceTeleportUser) ImportState(ctx context.Context, req tfsdk.ImportResourceStateRequest, resp *tfsdk.ImportResourceStateResponse) { + user, err := r.p.Client.GetUser(ctx, req.ID, false) + if err != nil { + resp.Diagnostics.Append(diagFromWrappedErr("Error reading User", trace.Wrap(err), "user")) + return + } + + + userResource := user.(*apitypes.UserV2) + + var state types.Object + + diags := resp.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + diags = tfschema.CopyUserV2ToTerraform(ctx, userResource, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + id := userResource.GetName() + + state.Attrs["id"] = types.String{Value: id} + + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} diff --git a/integrations/terraform/reference.mdx b/integrations/terraform/reference.mdx new file mode 100755 index 0000000000000..ba9121d297cea --- /dev/null +++ b/integrations/terraform/reference.mdx @@ -0,0 +1,2670 @@ +--- +title: Terraform provider resources +description: Terraform provider resources reference +--- + +{/* Content generated by teleport-plugins/terraform/gen/main.go DO NOT EDIT */} + +Supported resources: + +- [teleport_access_list](#teleport_access_list) +- [teleport_app](#teleport_app) +- [teleport_auth_preference](#teleport_auth_preference) +- [teleport_bot](#teleport_bot) +- [teleport_cluster_maintenance_config](#teleport_cluster_maintenance_config) +- [teleport_cluster_networking_config](#teleport_cluster_networking_config) +- [teleport_database](#teleport_database) +- [teleport_github_connector](#teleport_github_connector) +- [teleport_login_rule](#teleport_login_rule) +- [teleport_oidc_connector](#teleport_oidc_connector) +- [teleport_okta_import_rule](#teleport_okta_import_rule) +- [teleport_provision_token](#teleport_provision_token) +- [teleport_role](#teleport_role) +- [teleport_saml_connector](#teleport_saml_connector) +- [teleport_server](#teleport_server) +- [teleport_session_recording_config](#teleport_session_recording_config) +- [teleport_trusted_cluster](#teleport_trusted_cluster) +- [teleport_trusted_device](#teleport_trusted_device) +- [teleport_user](#teleport_user) + +## Provider configuration + +Ensure your Terraform version is v(=terraform.version=) or higher. + +Add the following configuration section to your `terraform` configuration block: + +``` +terraform { + required_providers { + teleport = { + version = "~> (=teleport.major_version=).0" + source = "terraform.releases.teleport.dev/gravitational/teleport" + } + } +} +``` + +The provider supports the following options: + +| Name | Type | Description | Environment Variable | +| ---------------------- | ------ | ------------------------------------------------------------------------------ | ---------------------------------- | +| `addr` | string | Teleport auth or proxy address in "host:port" format. | `TF_TELEPORT_ADDR` | +| `cert_path` | string | Path to Teleport certificate file. | `TF_TELEPORT_CERT` | +| `cert_base64` | string | Teleport certificate as base64. | `TF_TELEPORT_CERT_BASE64` | +| `identity_file_path` | string | Path to Teleport identity file. | `TF_TELEPORT_IDENTITY_FILE_PATH` | +| `identity_file_base64` | string | Teleport identity file as base64. | `TF_TELEPORT_IDENTITY_FILE_BASE64` | +| `key_path` | string | Path to Teleport key file. | `TF_TELEPORT_KEY` | +| `key_base64` | string | Teleport key as base64. | `TF_TELEPORT_KEY_BASE64` | +| `profile_dir` | string | Teleport profile path. | `TF_TELEPORT_PROFILE_PATH` | +| `profile_name` | string | Teleport profile name. | `TF_TELEPORT_PROFILE_NAME` | +| `root_ca_path` | string | Path to Teleport CA file. | `TF_TELEPORT_ROOT_CA` | +| `root_ca_base64` | string | Teleport CA as base64. | `TF_TELEPORT_ROOT_CA_BASE64` | +| `retry_base_duration` | string | Base duration between retries. [Format](https://pkg.go.dev/time#ParseDuration) | `TF_TELEPORT_RETRY_BASE_DURATION` | +| `retry_cap_duration` | string | Max duration between retries. [Format](https://pkg.go.dev/time#ParseDuration) | `TF_TELEPORT_RETRY_CAP_DURATION` | +| `retry_max_tries` | string | Max number of retries. | `TF_TELEPORT_RETRY_MAX_TRIES` | + +You need to specify at least one of: + +- `cert_path`, `key_path`,`root_ca_path` and `addr` to connect using key files. +- `cert_base64`, `key_base64`,`root_ca_base64` and `addr` to connect using a base64-encoded key. +- `identity_file_path` or `identity_file_base64` and `addr` to connect using an identity file. +- `profile_name`, `profile_dir` (both can be empty) and `addr` to connect using current profile from `~/.tsh` + +The `retry_*` values are used to retry the API calls to Teleport when the cache is stale. + +If more than one are provided, they will be tried in the order above until one succeeds. + +Example: + +``` +provider "teleport" { + addr = "localhost:3025" + cert_path = "tf.crt" + key_path = "tf.key" + root_ca_path = "tf.ca" +} +``` + +## Provider resource versioning + +Since Teleport 15, you must set the version on each resource, and version cannot +be changed in-place. Terraform will delete the resource and create a new one if +a version change is required. + +This is not enforced on previous Teleport provider versions, but we recommend doing +so. When the version is not specified, Terraform will pick the latest one by default. +However, version upgrades don't re-apply the resource defaults. This could lead +to different results if you create a new resource or upgrade an existing one. +To mitigate this, you should explicitly set the resource version. + + + Upgrading the Terraform Provider to a new version with `teleport_role` + resources without a specified version can change the role behavior and access + rules. You must set the role version before upgrading to ensure the role + access rules don't change. + + The default role version is the highest supported: + + - v12 default role version is `v5` + - v13 default role version is `v6` + - v14 default role version is `v7` + + For example, before upgrading from v12 to v13, edit every unversioned role + to pin the `v5` version: + + ```hcl + resource "teleport_role" "test" { + version = "v5" + metadata = { + name = "my-role" + } + // ... + } + ``` + + + +## teleport_access_list + +| Name | Type | Required | Description | +|--------|--------|----------|------------------------------------------------| +| header | object | | header is the header for the resource. | +| spec | object | | spec is the specification for the access list. | + +### header + +header is the header for the resource. + +| Name | Type | Required | Description | +|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| kind | string | | kind is a resource kind. | +| metadata | object | | metadata is resource metadata. | +| sub_kind | string | | sub_kind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` | + +#### header.metadata + +metadata is resource metadata. + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | description is object description. | +| expires | RFC3339 time | | | +| labels | map of strings | | labels is a set of labels. | +| name | string | * | name is an object name. | +| namespace | string | | namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +spec is the specification for the access list. + +| Name | Type | Required | Description | +|---------------------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| audit | object | * | audit describes the frequency that this access list must be audited. | +| description | string | | description is an optional plaintext description of the access list. | +| grants | object | * | grants describes the access granted by membership to this access list. | +| membership_requires | object | | membership_requires describes the requirements for a user to be a member of the access list. For a membership to an access list to be effective, the user must meet the requirements of Membership_requires and must be in the members list. | +| owner_grants | object | | owner_grants describes the access granted by owners to this access list. | +| owners | object | * | owners is a list of owners of the access list. | +| ownership_requires | object | | ownership_requires describes the requirements for a user to be an owner of the access list. For ownership of an access list to be effective, the user must meet the requirements of ownership_requires and must be in the owners list. | +| title | string | | title is a plaintext short description of the access list. | + +#### spec.audit + +audit describes the frequency that this access list must be audited. + +| Name | Type | Required | Description | +|-----------------|--------------|----------|---------------------------------------------------------| +| next_audit_date | RFC3339 time | | | +| notifications | object | | notifications is the configuration for notifying users. | +| recurrence | object | * | recurrence is the recurrence definition | + +##### spec.audit.notifications + +notifications is the configuration for notifying users. + +| Name | Type | Required | Description | +|-------|----------|----------|-------------| +| start | duration | | | + +##### spec.audit.recurrence + +recurrence is the recurrence definition + +| Name | Type | Required | Description | +|--------------|--------|----------|-------------------------------------------------------------------------------------------------------------------------------------------| +| day_of_month | number | | day_of_month is the day of month that reviews will be scheduled on. Supported values are 0, 1, 15, and 31. | +| frequency | number | * | frequency is the frequency of reviews. This represents the period in months between two reviews. Supported values are 0, 1, 3, 6, and 12. | + +#### spec.grants + +grants describes the access granted by membership to this access list. + +| Name | Type | Required | Description | +|--------|------------------|----------|-------------------------------------------------------------------------------------| +| roles | array of strings | | roles are the roles that are granted to users who are members of the access list. | +| traits | object | | traits are the traits that are granted to users who are members of the access list. | + +##### spec.grants.traits + +traits are the traits that are granted to users who are members of the access list. + +| Name | Type | Required | Description | +|--------|------------------|----------|-------------------------------------| +| key | string | | key is the name of the trait. | +| values | array of strings | | values is the list of trait values. | + +#### spec.membership_requires + +membership_requires describes the requirements for a user to be a member of the access list. For a membership to an access list to be effective, the user must meet the requirements of Membership_requires and must be in the members list. + +| Name | Type | Required | Description | +|--------|------------------|----------|------------------------------------------------------------------------------| +| roles | array of strings | | roles are the user roles that must be present for the user to obtain access. | +| traits | object | | traits are the traits that must be present for the user to obtain access. | + +##### spec.membership_requires.traits + +traits are the traits that must be present for the user to obtain access. + +| Name | Type | Required | Description | +|--------|------------------|----------|-------------------------------------| +| key | string | | key is the name of the trait. | +| values | array of strings | | values is the list of trait values. | + +#### spec.owner_grants + +owner_grants describes the access granted by owners to this access list. + +| Name | Type | Required | Description | +|--------|------------------|----------|-------------------------------------------------------------------------------------| +| roles | array of strings | | roles are the roles that are granted to users who are members of the access list. | +| traits | object | | traits are the traits that are granted to users who are members of the access list. | + +##### spec.owner_grants.traits + +traits are the traits that are granted to users who are members of the access list. + +| Name | Type | Required | Description | +|--------|------------------|----------|-------------------------------------| +| key | string | | key is the name of the trait. | +| values | array of strings | | values is the list of trait values. | + +#### spec.owners + +owners is a list of owners of the access list. + +| Name | Type | Required | Description | +|-------------|--------|----------|----------------------------------------------------------------------------------| +| description | string | | description is the plaintext description of the owner and why they are an owner. | +| name | string | | name is the username of the owner. | + +#### spec.ownership_requires + +ownership_requires describes the requirements for a user to be an owner of the access list. For ownership of an access list to be effective, the user must meet the requirements of ownership_requires and must be in the owners list. + +| Name | Type | Required | Description | +|--------|------------------|----------|------------------------------------------------------------------------------| +| roles | array of strings | | roles are the user roles that must be present for the user to obtain access. | +| traits | object | | traits are the traits that must be present for the user to obtain access. | + +##### spec.ownership_requires.traits + +traits are the traits that must be present for the user to obtain access. + +| Name | Type | Required | Description | +|--------|------------------|----------|-------------------------------------| +| key | string | | key is the name of the trait. | +| values | array of strings | | values is the list of trait values. | + +Example: + +``` +resource "teleport_access_list" "crane-operation" { + header = { + metadata = { + name = "crane-operation" + labels = { + example = "yes" + } + } + } + spec = { + description = "Used to grant access to the crane." + owners = [ + { + name = "gru" + description = "The supervillain." + } + ] + membership_requires = { + roles = ["minion"] + } + ownership_requires = { + roles = ["supervillain"] + } + grants = { + roles = ["crane-operator"] + traits = [{ + key = "allowed-machines" + values = ["crane", "forklift"] + }] + } + title = "Crane operation" + audit = { + recurrence = { + frequency = 3 # audit every 3 months + day_of_month = 15 # audit happen 15's day of the month. Possible values are 1, 15, and 31. + } + } + } +} + +``` + +## teleport_app + +| Name | Type | Required | Description | +|----------|--------|----------|-----------------------------------------------------------------------------------| +| metadata | object | | Metadata is the app resource metadata. | +| spec | object | | Spec is the app resource spec. | +| sub_kind | string | | SubKind is an optional resource subkind. | +| version | string | * | Version is the resource version. It must be specified. Supported values are:`v3`. | + +### metadata + +Metadata is the app resource metadata. + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is the app resource spec. + +| Name | Type | Required | Description | +|----------------------|------------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| aws | object | | AWS contains additional options for AWS applications. | +| cloud | string | | Cloud identifies the cloud instance the app represents. | +| dynamic_labels | object | | DynamicLabels are the app's command labels. | +| insecure_skip_verify | bool | | InsecureSkipVerify disables app's TLS certificate verification. | +| integration | string | | Integration is the integration name that must be used to access this Application. Only applicable to AWS App Access. If present, the Application must use the Integration's credentials instead of ambient credentials to access Cloud APIs. | +| public_addr | string | | PublicAddr is the public address the application is accessible at. | +| rewrite | object | | Rewrite is a list of rewriting rules to apply to requests and responses. | +| uri | string | | URI is the web app endpoint. | +| user_groups | array of strings | | UserGroups are a list of user group IDs that this app is associated with. | + +#### spec.aws + +AWS contains additional options for AWS applications. + +| Name | Type | Required | Description | +|-------------|--------|----------|-------------------------------------------------------------------------| +| external_id | string | | ExternalID is the AWS External ID used when assuming roles in this app. | + +#### spec.dynamic_labels + +DynamicLabels are the app's command labels. + +| Name | Type | Required | Description | +|---------|------------------|----------|---------------------------------------| +| command | array of strings | | Command is a command to run | +| period | duration | | Period is a time between command runs | +| result | string | | Result captures standard output | + +#### spec.rewrite + +Rewrite is a list of rewriting rules to apply to requests and responses. + +| Name | Type | Required | Description | +|------------|------------------|----------|-------------------------------------------------------------------------------------------------------------------------------------------| +| headers | object | | Headers is a list of headers to inject when passing the request over to the application. | +| jwt_claims | string | | JWTClaims configures whether roles/traits are included in the JWT token. | +| redirect | array of strings | | Redirect defines a list of hosts which will be rewritten to the public address of the application if they occur in the "Location" header. | + +##### spec.rewrite.headers + +Headers is a list of headers to inject when passing the request over to the application. + +| Name | Type | Required | Description | +|-------|--------|----------|---------------------------------| +| name | string | | Name is the http header name. | +| value | string | | Value is the http header value. | + +Example: + +``` +# Teleport App + +resource "teleport_app" "example" { + metadata = { + name = "example" + description = "Test app" + labels = { + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + uri = "localhost:3000" + } +} +``` + +## teleport_auth_preference + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | * | Spec is an AuthPreference specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v2`. | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is an AuthPreference specification + +| Name | Type | Required | Description | +|-------------------------|----------|----------|----------------------------------------------------------------------------------------------------------------------------------------| +| allow_headless | bool | | | +| allow_local_auth | bool | | | +| allow_passwordless | bool | | | +| connector_name | string | | ConnectorName is the name of the OIDC or SAML connector. If this value is not set the first connector in the backend will be used. | +| default_session_ttl | duration | | DefaultSessionTTL is the TTL to use for user certs when an explicit TTL is not requested. | +| device_trust | object | | DeviceTrust holds settings related to trusted device verification. Requires Teleport Enterprise. | +| disconnect_expired_cert | bool | | | +| hardware_key | object | | HardwareKey are the settings for hardware key support. | +| idp | object | | IDP is a set of options related to accessing IdPs within Teleport. Requires Teleport Enterprise. | +| locking_mode | string | | LockingMode is the cluster-wide locking mode default. | +| message_of_the_day | string | | | +| okta | object | | Okta is a set of options related to the Okta service in Teleport. Requires Teleport Enterprise. | +| piv_slot | string | | TODO(Joerger): DELETE IN 17.0.0 Deprecated, replaced by HardwareKey settings. | +| require_session_mfa | number | | RequireMFAType is the type of MFA requirement enforced for this cluster: 0:Off, 1:Session, 2:SessionAndHardwareKey, 3:HardwareKeyTouch | +| second_factor | string | | SecondFactor is the type of second factor. | +| type | string | | Type is the type of authentication. | +| u2f | object | | U2F are the settings for the U2F device. | +| webauthn | object | | Webauthn are the settings for server-side Web Authentication support. | + +#### spec.device_trust + +DeviceTrust holds settings related to trusted device verification. Requires Teleport Enterprise. + +| Name | Type | Required | Description | +|--------------------|------------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| auto_enroll | bool | | Enable device auto-enroll. Auto-enroll lets any user issue a device enrollment token for a known device that is not already enrolled. `tsh` takes advantage of auto-enroll to automatically enroll devices on user login, when appropriate. The effective cluster Mode still applies: AutoEnroll=true is meaningless if Mode="off". | +| ekcert_allowed_cas | array of strings | | Allow list of EKCert CAs in PEM format. If present, only TPM devices that present an EKCert that is signed by a CA specified here may be enrolled (existing enrollments are unchanged). If not present, then the CA of TPM EKCerts will not be checked during enrollment, this allows any device to enroll. | +| mode | string | | Mode of verification for trusted devices. The following modes are supported: - "off": disables both device authentication and authorization. - "optional": allows both device authentication and authorization, but doesn't enforce the presence of device extensions for sensitive endpoints. - "required": enforces the presence of device extensions for sensitive endpoints. Mode is always "off" for OSS. Defaults to "optional" for Enterprise. | + +#### spec.hardware_key + +HardwareKey are the settings for hardware key support. + +| Name | Type | Required | Description | +|--------------------------|--------|----------|---------------------------------------------------------------------------------------------------------------------------------------| +| piv_slot | string | | PIVSlot is a PIV slot that Teleport clients should use instead of the default based on private key policy. For example, "9a" or "9e". | +| serial_number_validation | object | | SerialNumberValidation holds settings for hardware key serial number validation. By default, serial number validation is disabled. | + +##### spec.hardware_key.serial_number_validation + +SerialNumberValidation holds settings for hardware key serial number validation. By default, serial number validation is disabled. + +| Name | Type | Required | Description | +|--------------------------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| enabled | bool | | Enabled indicates whether hardware key serial number validation is enabled. | +| serial_number_trait_name | string | | SerialNumberTraitName is an optional custom user trait name for hardware key serial numbers to replace the default: "hardware_key_serial_numbers". Note: Values for this user trait should be a comma-separated list of serial numbers, or a list of comm-separated lists. e.g ["123", "345,678"] | + +#### spec.idp + +IDP is a set of options related to accessing IdPs within Teleport. Requires Teleport Enterprise. + +| Name | Type | Required | Description | +|------|--------|----------|----------------------------------------------------| +| saml | object | | SAML are options related to the Teleport SAML IdP. | + +##### spec.idp.saml + +SAML are options related to the Teleport SAML IdP. + +| Name | Type | Required | Description | +|---------|------|----------|-------------| +| enabled | bool | | | + +#### spec.okta + +Okta is a set of options related to the Okta service in Teleport. Requires Teleport Enterprise. + +| Name | Type | Required | Description | +|-------------|----------|----------|--------------------------------------------------------------------------| +| sync_period | duration | | SyncPeriod is the duration between synchronization calls in nanoseconds. | + +#### spec.u2f + +U2F are the settings for the U2F device. + +| Name | Type | Required | Description | +|------------------------|------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| app_id | string | | AppID returns the application ID for universal second factor. | +| device_attestation_cas | array of strings | | DeviceAttestationCAs contains the trusted attestation CAs for U2F devices. | +| facets | array of strings | | Facets returns the facets for universal second factor. Deprecated: Kept for backwards compatibility reasons, but Facets have no effect since Teleport v10, when Webauthn replaced the U2F implementation. | + +#### spec.webauthn + +Webauthn are the settings for server-side Web Authentication support. + +| Name | Type | Required | Description | +|-------------------------|------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| attestation_allowed_cas | array of strings | | Allow list of device attestation CAs in PEM format. If present, only devices whose attestation certificates match the certificates specified here may be registered (existing registrations are unchanged). If supplied in conjunction with AttestationDeniedCAs, then both conditions need to be true for registration to be allowed (the device MUST match an allowed CA and MUST NOT match a denied CA). By default all devices are allowed. | +| attestation_denied_cas | array of strings | | Deny list of device attestation CAs in PEM format. If present, only devices whose attestation certificates don't match the certificates specified here may be registered (existing registrations are unchanged). If supplied in conjunction with AttestationAllowedCAs, then both conditions need to be true for registration to be allowed (the device MUST match an allowed CA and MUST NOT match a denied CA). By default no devices are denied. | +| rp_id | string | | RPID is the ID of the Relying Party. It should be set to the domain name of the Teleport installation. IMPORTANT: RPID must never change in the lifetime of the cluster, because it's recorded in the registration data on the WebAuthn device. If the RPID changes, all existing WebAuthn key registrations will become invalid and all users who use WebAuthn as the second factor will need to re-register. | + +Example: + +``` +# AuthPreference resource + +resource "teleport_auth_preference" "example" { + metadata = { + description = "Auth preference" + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + disconnect_expired_cert = true + } +} + +``` + +## teleport_bot + +| Name | Type | Required | Description | +|-----------|----------------------|----------|-------------------------------------------------------------------------------------| +| name | string | * | The name of the bot, i.e. the unprefixed User name | +| role_name | string | | The name of the generated bot role | +| roles | array of strings | * | A list of roles the created bot should be allowed to assume via role impersonation. | +| token_id | string | | Deprecated. This field is not required anymore and has no effect. | +| token_ttl | string | | Deprecated. This field is not required anymore and has no effect. | +| traits | map of string arrays | | | +| user_name | string | | The name of the generated bot user | + +Example: + +``` +# Teleport Machine ID Bot creation example + +locals { + bot_name = "example" +} + +resource "random_password" "bot_token" { + length = 32 + special = false +} + +resource "time_offset" "bot_example_token_expiry" { + offset_hours = 1 +} + +resource "teleport_provision_token" "bot_example" { + metadata = { + expires = time_offset.bot_example_token_expiry.rfc3339 + description = "Bot join token for ${local.bot_name} generated by Terraform" + + name = random_password.bot_token.result + } + + spec = { + roles = ["Bot"] + bot_name = local.bot_name + join_method = "token" + } +} + +resource "teleport_bot" "example" { + name = local.bot_name + token_id = teleport_provision_token.bot_example.metadata.name + roles = ["access"] +} + +``` + +## teleport_cluster_maintenance_config + +| Name | Type | Required | Description | +|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| nonce | number | | Nonce is used to protect against concurrent modification of the maintenance window. Clients should treat nonces as opaque. | +| spec | object | | | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + + + +| Name | Type | Required | Description | +|----------------|--------|----------|-------------------------------------------------| +| agent_upgrades | object | | AgentUpgrades encodes the agent upgrade window. | + +#### spec.agent_upgrades + +AgentUpgrades encodes the agent upgrade window. + +| Name | Type | Required | Description | +|----------------|------------------|----------|-------------------------------------------------------------------------------------------------------| +| utc_start_hour | number | | UTCStartHour is the start hour of the maintenance window in UTC. | +| weekdays | array of strings | | Weekdays is an optional list of weekdays. If not specified, an agent upgrade window occurs every day. | + +Example: + +``` +# Teleport Cluster Networking config + +resource "teleport_cluster_maintenance_config" "example" { + metadata = { + description = "Maintenance config" + } + + spec = { + agent_upgrades = { + utc_start_hour = 1 + weekdays = [ "monday" ] + } + } +} + +``` + +## teleport_cluster_networking_config + +| Name | Type | Required | Description | +|----------|--------|----------|-----------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a ClusterNetworkingConfig specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | | Version is the resource version. It must be specified. Supported values are:`v2`. | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is a ClusterNetworkingConfig specification + +| Name | Type | Required | Description | +|----------------------------------|----------|----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| assist_command_execution_workers | number | | AssistCommandExecutionWorkers determines the number of workers that will execute arbitrary Assist commands on servers in parallel | +| case_insensitive_routing | bool | | CaseInsensitiveRouting causes proxies to use case-insensitive hostname matching. | +| client_idle_timeout | duration | | ClientIdleTimeout sets global cluster default setting for client idle timeouts. | +| idle_timeout_message | string | | ClientIdleTimeoutMessage is the message sent to the user when a connection times out. | +| keep_alive_count_max | number | | KeepAliveCountMax is the number of keep-alive messages that can be missed before the server disconnects the connection to the client. | +| keep_alive_interval | duration | | KeepAliveInterval is the interval at which the server sends keep-alive messages to the client. | +| proxy_listener_mode | number | | ProxyListenerMode is proxy listener mode used by Teleport Proxies. 0 is "separate"; 1 is "multiplex". | +| proxy_ping_interval | duration | | ProxyPingInterval defines in which interval the TLS routing ping message should be sent. This is applicable only when using ping-wrapped connections, regular TLS routing connections are not affected. | +| routing_strategy | number | | RoutingStrategy determines the strategy used to route to nodes. 0 is "unambiguous_match"; 1 is "most_recent". | +| session_control_timeout | duration | | SessionControlTimeout is the session control lease expiry and defines the upper limit of how long a node may be out of contact with the auth server before it begins terminating controlled sessions. | +| tunnel_strategy | object | | TunnelStrategyV1 determines the tunnel strategy used in the cluster. | +| web_idle_timeout | duration | | WebIdleTimeout sets global cluster default setting for the web UI idle timeouts. | + +#### spec.tunnel_strategy + +TunnelStrategyV1 determines the tunnel strategy used in the cluster. + +| Name | Type | Required | Description | +|---------------|--------|----------|-------------| +| agent_mesh | object | | | +| proxy_peering | object | | | + +##### spec.tunnel_strategy.agent_mesh + + + +| Name | Type | Required | Description | +|--------|------|----------|---------------------------------------------------------------| +| active | bool | | Automatically generated field preventing empty message errors | + +##### spec.tunnel_strategy.proxy_peering + + + +| Name | Type | Required | Description | +|------------------------|--------|----------|-------------| +| agent_connection_count | number | | | + +Example: + +``` +# Teleport Cluster Networking config + +resource "teleport_cluster_networking_config" "example" { + metadata = { + description = "Networking config" + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + client_idle_timeout = "1h" + } +} +``` + +## teleport_database + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata is the database metadata. | +| spec | object | | Spec is the database spec. | +| sub_kind | string | | SubKind is an optional resource subkind. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v3`. | + +### metadata + +Metadata is the database metadata. + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is the database spec. + +| Name | Type | Required | Description | +|----------------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------| +| ad | object | | AD is the Active Directory configuration for the database. | +| admin_user | object | | AdminUser is the database admin user for automatic user provisioning. | +| aws | object | | AWS contains AWS specific settings for RDS/Aurora/Redshift databases. | +| azure | object | | Azure contains Azure specific database metadata. | +| ca_cert | string | | CACert is the PEM-encoded database CA certificate. DEPRECATED: Moved to TLS.CACert. DELETE IN 10.0. | +| dynamic_labels | object | | DynamicLabels is the database dynamic labels. | +| gcp | object | | GCP contains parameters specific to GCP Cloud SQL databases. | +| mongo_atlas | object | | MongoAtlas contains Atlas metadata about the database. | +| mysql | object | | MySQL is an additional section with MySQL database options. | +| oracle | object | | Oracle is an additional Oracle configuration options. | +| protocol | string | * | Protocol is the database protocol: postgres, mysql, mongodb, etc. | +| tls | object | | TLS is the TLS configuration used when establishing connection to target database. Allows to provide custom CA cert or override server name. | +| uri | string | * | URI is the database connection endpoint. | + +#### spec.ad + +AD is the Active Directory configuration for the database. + +| Name | Type | Required | Description | +|---------------|--------|----------|-----------------------------------------------------------------------------------------| +| domain | string | | Domain is the Active Directory domain the database resides in. | +| kdc_host_name | string | | KDCHostName is the host name for a KDC for x509 Authentication. | +| keytab_file | string | | KeytabFile is the path to the Kerberos keytab file. | +| krb5_file | string | | Krb5File is the path to the Kerberos configuration file. Defaults to /etc/krb5.conf. | +| ldap_cert | string | | LDAPCert is a certificate from Windows LDAP/AD, optional; only for x509 Authentication. | +| spn | string | | SPN is the service principal name for the database. | + +#### spec.admin_user + +AdminUser is the database admin user for automatic user provisioning. + +| Name | Type | Required | Description | +|------------------|--------|----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| default_database | string | | DefaultDatabase is the database that the privileged database user logs into by default. Depending on the database type, this database may be used to store procedures or data for managing database users. | +| name | string | | Name is the username of the privileged database user. | + +#### spec.aws + +AWS contains AWS specific settings for RDS/Aurora/Redshift databases. + +| Name | Type | Required | Description | +|---------------------|----------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| account_id | string | | AccountID is the AWS account ID this database belongs to. | +| assume_role_arn | string | | AssumeRoleARN is an optional AWS role ARN to assume when accessing a database. Set this field and ExternalID to enable access across AWS accounts. | +| elasticache | object | | ElastiCache contains AWS ElastiCache Redis specific metadata. | +| external_id | string | | ExternalID is an optional AWS external ID used to enable assuming an AWS role across accounts. | +| iam_policy_status | number | | IAMPolicyStatus indicates whether the IAM Policy is configured properly for database access. If not, the user must update the AWS profile identity to allow access to the Database. Eg for an RDS Database: the underlying AWS profile allows for `rds-db:connect` for the Database. | +| memorydb | object | | MemoryDB contains AWS MemoryDB specific metadata. | +| opensearch | object | | OpenSearch contains AWS OpenSearch specific metadata. | +| rds | object | | RDS contains RDS specific metadata. | +| rdsproxy | object | | RDSProxy contains AWS Proxy specific metadata. | +| redshift | object | | Redshift contains Redshift specific metadata. | +| redshift_serverless | object | | RedshiftServerless contains AWS Redshift Serverless specific metadata. | +| region | string | | Region is a AWS cloud region. | +| secret_store | object | | SecretStore contains secret store configurations. | +| session_tags | map of strings | | SessionTags is a list of AWS STS session tags. | + +##### spec.aws.elasticache + +ElastiCache contains AWS ElastiCache Redis specific metadata. + +| Name | Type | Required | Description | +|----------------------------|------------------|----------|------------------------------------------------------------------------------------| +| endpoint_type | string | | EndpointType is the type of the endpoint. | +| replication_group_id | string | | ReplicationGroupID is the Redis replication group ID. | +| transit_encryption_enabled | bool | | TransitEncryptionEnabled indicates whether in-transit encryption (TLS) is enabled. | +| user_group_ids | array of strings | | UserGroupIDs is a list of user group IDs. | + +##### spec.aws.memorydb + +MemoryDB contains AWS MemoryDB specific metadata. + +| Name | Type | Required | Description | +|---------------|--------|----------|----------------------------------------------------------------------| +| acl_name | string | | ACLName is the name of the ACL associated with the cluster. | +| cluster_name | string | | ClusterName is the name of the MemoryDB cluster. | +| endpoint_type | string | | EndpointType is the type of the endpoint. | +| tls_enabled | bool | | TLSEnabled indicates whether in-transit encryption (TLS) is enabled. | + +##### spec.aws.opensearch + +OpenSearch contains AWS OpenSearch specific metadata. + +| Name | Type | Required | Description | +|---------------|--------|----------|-------------------------------------------| +| domain_id | string | | DomainID is the ID of the domain. | +| domain_name | string | | DomainName is the name of the domain. | +| endpoint_type | string | | EndpointType is the type of the endpoint. | + +##### spec.aws.rds + +RDS contains RDS specific metadata. + +| Name | Type | Required | Description | +|-------------|------------------|----------|-------------------------------------------------------------------| +| cluster_id | string | | ClusterID is the RDS cluster (Aurora) identifier. | +| iam_auth | bool | | IAMAuth indicates whether database IAM authentication is enabled. | +| instance_id | string | | InstanceID is the RDS instance identifier. | +| resource_id | string | | ResourceID is the RDS instance resource identifier (db-xxx). | +| subnets | array of strings | | Subnets is a list of subnets for the RDS instance. | +| vpc_id | string | | VPCID is the VPC where the RDS is running. | + +##### spec.aws.rdsproxy + +RDSProxy contains AWS Proxy specific metadata. + +| Name | Type | Required | Description | +|----------------------|--------|----------|-----------------------------------------------------------------------| +| custom_endpoint_name | string | | CustomEndpointName is the identifier of an RDS Proxy custom endpoint. | +| name | string | | Name is the identifier of an RDS Proxy. | +| resource_id | string | | ResourceID is the RDS instance resource identifier (prx-xxx). | + +##### spec.aws.redshift + +Redshift contains Redshift specific metadata. + +| Name | Type | Required | Description | +|------------|--------|----------|-----------------------------------------------| +| cluster_id | string | | ClusterID is the Redshift cluster identifier. | + +##### spec.aws.redshift_serverless + +RedshiftServerless contains AWS Redshift Serverless specific metadata. + +| Name | Type | Required | Description | +|----------------|--------|----------|----------------------------------------| +| endpoint_name | string | | EndpointName is the VPC endpoint name. | +| workgroup_id | string | | WorkgroupID is the workgroup ID. | +| workgroup_name | string | | WorkgroupName is the workgroup name. | + +##### spec.aws.secret_store + +SecretStore contains secret store configurations. + +| Name | Type | Required | Description | +|------------|--------|----------|----------------------------------------------------| +| key_prefix | string | | KeyPrefix specifies the secret key prefix. | +| kms_key_id | string | | KMSKeyID specifies the AWS KMS key for encryption. | + +#### spec.azure + +Azure contains Azure specific database metadata. + +| Name | Type | Required | Description | +|-----------------|--------|----------|--------------------------------------------------------------------| +| is_flexi_server | bool | | IsFlexiServer is true if the database is an Azure Flexible server. | +| name | string | | Name is the Azure database server name. | +| redis | object | | Redis contains Azure Cache for Redis specific database metadata. | +| resource_id | string | | ResourceID is the Azure fully qualified ID for the resource. | + +##### spec.azure.redis + +Redis contains Azure Cache for Redis specific database metadata. + +| Name | Type | Required | Description | +|-------------------|--------|----------|-----------------------------------------------------------------| +| clustering_policy | string | | ClusteringPolicy is the clustering policy for Redis Enterprise. | + +#### spec.dynamic_labels + +DynamicLabels is the database dynamic labels. + +| Name | Type | Required | Description | +|---------|------------------|----------|---------------------------------------| +| command | array of strings | | Command is a command to run | +| period | duration | | Period is a time between command runs | +| result | string | | Result captures standard output | + +#### spec.gcp + +GCP contains parameters specific to GCP Cloud SQL databases. + +| Name | Type | Required | Description | +|-------------|--------|----------|--------------------------------------------------------------------| +| instance_id | string | | InstanceID is the Cloud SQL instance ID. | +| project_id | string | | ProjectID is the GCP project ID the Cloud SQL instance resides in. | + +#### spec.mongo_atlas + +MongoAtlas contains Atlas metadata about the database. + +| Name | Type | Required | Description | +|------|--------|----------|-------------------------------------------| +| name | string | | Name is the Atlas database instance name. | + +#### spec.mysql + +MySQL is an additional section with MySQL database options. + +| Name | Type | Required | Description | +|----------------|--------|----------|-------------------------------------------------------------------------------------------------------| +| server_version | string | | ServerVersion is the server version reported by DB proxy if the runtime information is not available. | + +#### spec.oracle + +Oracle is an additional Oracle configuration options. + +| Name | Type | Required | Description | +|------------|--------|----------|----------------------------------------------------------------------------------------| +| audit_user | string | | AuditUser is the Oracle database user privilege to access internal Oracle audit trail. | + +#### spec.tls + +TLS is the TLS configuration used when establishing connection to target database. Allows to provide custom CA cert or override server name. + +| Name | Type | Required | Description | +|-------------|--------|----------|------------------------------------------------------------------------------------------------------------------------------------| +| ca_cert | string | | CACert is an optional user provided CA certificate used for verifying database TLS connection. | +| mode | number | | Mode is a TLS connection mode. 0 is "verify-full"; 1 is "verify-ca", 2 is "insecure". | +| server_name | string | | ServerName allows to provide custom hostname. This value will override the servername/hostname on a certificate during validation. | + +Example: + +``` +# Teleport Database + +resource "teleport_database" "example" { + metadata = { + name = "example" + description = "Test database" + labels = { + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + protocol = "postgres" + uri = "localhost" + } +} +``` + +## teleport_github_connector + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata holds resource metadata. | +| spec | object | * | Spec is an Github connector specification. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v3`. | + +### metadata + +Metadata holds resource metadata. + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is an Github connector specification. + +| Name | Type | Required | Description | +|------------------|--------|----------|-------------------------------------------------------------------------------------------------------------------------------------| +| api_endpoint_url | string | | APIEndpointURL is the URL of the API endpoint of the Github instance this connector is for. | +| client_id | string | * | ClientID is the Github OAuth app client ID. | +| client_secret | string | * | ClientSecret is the Github OAuth app client secret. | +| display | string | | Display is the connector display name. | +| endpoint_url | string | | EndpointURL is the URL of the GitHub instance this connector is for. | +| redirect_url | string | | RedirectURL is the authorization callback URL. | +| teams_to_logins | object | | TeamsToLogins maps Github team memberships onto allowed logins/roles. DELETE IN 11.0.0 Deprecated: use GithubTeamsToRoles instead. | +| teams_to_roles | object | | TeamsToRoles maps Github team memberships onto allowed roles. | + +#### spec.teams_to_logins + +TeamsToLogins maps Github team memberships onto allowed logins/roles. DELETE IN 11.0.0 Deprecated: use GithubTeamsToRoles instead. + +| Name | Type | Required | Description | +|-------------------|------------------|----------|-----------------------------------------------------------------------------------| +| kubernetes_groups | array of strings | | KubeGroups is a list of allowed kubernetes groups for this org/team. | +| kubernetes_users | array of strings | | KubeUsers is a list of allowed kubernetes users to impersonate for this org/team. | +| logins | array of strings | | Logins is a list of allowed logins for this org/team. | +| organization | string | | Organization is a Github organization a user belongs to. | +| team | string | | Team is a team within the organization a user belongs to. | + +#### spec.teams_to_roles + +TeamsToRoles maps Github team memberships onto allowed roles. + +| Name | Type | Required | Description | +|--------------|------------------|----------|-----------------------------------------------------------| +| organization | string | | Organization is a Github organization a user belongs to. | +| roles | array of strings | | Roles is a list of allowed logins for this org/team. | +| team | string | | Team is a team within the organization a user belongs to. | + +Example: + +``` +# Terraform Github connector + +variable "github_secret" {} + +resource "teleport_github_connector" "github" { + # This section tells Terraform that role example must be created before the GitHub connector + depends_on = [ + teleport_role.example + ] + + metadata = { + name = "example" + labels = { + example = "yes" + } + } + + spec = { + client_id = "client" + client_secret = var.github_secret + + teams_to_roles = [{ + organization = "gravitational" + team = "devs" + roles = ["example"] + }] + } +} + +``` + +## teleport_login_rule + +| Name | Type | Required | Description | +|-------------------|--------|----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata. | +| priority | number | * | Priority is the priority of the login rule relative to other login rules in the same cluster. Login rules with a lower numbered priority will be evaluated first. | +| traits_expression | string | | TraitsExpression is a predicate expression which should return the desired traits for the user upon login. | +| traits_map | object | | TraitsMap is a map of trait keys to lists of predicate expressions which should evaluate to the desired values for that trait. | +| version | string | * | Version is the resource version. | + +### metadata + +Metadata is resource metadata. + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### traits_map + +TraitsMap is a map of trait keys to lists of predicate expressions which should evaluate to the desired values for that trait. + +| Name | Type | Required | Description | +|--------|------------------|----------|-------------| +| values | array of strings | | | + +Example: + +``` +# Teleport Login Rule resource + +resource "teleport_login_rule" "example" { + metadata = { + description = "Example Login Rule" + labels = { + "example" = "yes" + } + } + + version = "v1" + priority = 0 + traits_map = { + "logins" = { + values = [ + "external.logins", + "external.username", + ] + } + "groups" = { + values = [ + "external.groups", + ] + } + } +} + +``` + +## teleport_oidc_connector + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata holds resource metadata. | +| spec | object | * | Spec is an OIDC connector specification. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v3`. | + +### metadata + +Metadata holds resource metadata. + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is an OIDC connector specification. + +| Name | Type | Required | Description | +|----------------------------|------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------| +| acr_values | string | | ACR is an Authentication Context Class Reference value. The meaning of the ACR value is context-specific and varies for identity providers. | +| allow_unverified_email | bool | | AllowUnverifiedEmail tells the connector to accept OIDC users with unverified emails. | +| claims_to_roles | object | | ClaimsToRoles specifies a dynamic mapping from claims to roles. | +| client_id | string | | ClientID is the id of the authentication client (Teleport Auth server). | +| client_secret | string | | ClientSecret is used to authenticate the client. | +| display | string | | Display is the friendly name for this provider. | +| google_admin_email | string | | GoogleAdminEmail is the email of a google admin to impersonate. | +| google_service_account | string | | GoogleServiceAccount is a string containing google service account credentials. | +| google_service_account_uri | string | | GoogleServiceAccountURI is a path to a google service account uri. | +| issuer_url | string | | IssuerURL is the endpoint of the provider, e.g. https://accounts.google.com. | +| max_age | duration | | | +| prompt | string | | Prompt is an optional OIDC prompt. An empty string omits prompt. If not specified, it defaults to select_account for backwards compatibility. | +| provider | string | | Provider is the external identity provider. | +| redirect_url | array of strings | | | +| scope | array of strings | | Scope specifies additional scopes set by provider. | +| username_claim | string | | UsernameClaim specifies the name of the claim from the OIDC connector to be used as the user's username. | + +#### spec.claims_to_roles + +ClaimsToRoles specifies a dynamic mapping from claims to roles. + +| Name | Type | Required | Description | +|-------|------------------|----------|----------------------------------------------------| +| claim | string | | Claim is a claim name. | +| roles | array of strings | | Roles is a list of static teleport roles to match. | +| value | string | | Value is a claim value to match. | + +Example: + +``` +# Teleport OIDC connector +# +# Please note that OIDC connector will work in Enterprise version only. Check the setup docs: +# https://goteleport.com/docs/enterprise/sso/oidc/ + +variable "oidc_secret" {} + +resource "teleport_oidc_connector" "example" { + metadata = { + name = "example" + labels = { + test = "yes" + } + } + + spec = { + client_id = "client" + client_secret = var.oidc_secret + + claims_to_roles = [{ + claim = "test" + roles = ["terraform"] + }] + + redirect_url = ["https://example.com/redirect"] + } +} + +``` + +## teleport_okta_import_rule + +| Name | Type | Required | Description | +|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | * | Spec is the specification for the Okta import rule. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is the specification for the Okta import rule. + +| Name | Type | Required | Description | +|----------|--------|----------|-------------------------------------------------------------------------------------------------------| +| mappings | object | | Mappings is a list of matches that will map match conditions to labels. | +| priority | number | | Priority represents the priority of the rule application. Lower numbered rules will be applied first. | + +#### spec.mappings + +Mappings is a list of matches that will map match conditions to labels. + +| Name | Type | Required | Description | +|------------|----------------|----------|-------------------------------------------------------------------------------------------------------------| +| add_labels | map of strings | | AddLabels specifies which labels to add if any of the previous matches match. | +| match | object | | Match is a set of matching rules for this mapping. If any of these match, then the mapping will be applied. | + +##### spec.mappings.match + +Match is a set of matching rules for this mapping. If any of these match, then the mapping will be applied. + +| Name | Type | Required | Description | +|--------------------|------------------|----------|---------------------------------------------------------------------| +| app_ids | array of strings | | AppIDs is a list of app IDs to match against. | +| app_name_regexes | array of strings | | AppNameRegexes is a list of regexes to match against app names. | +| group_ids | array of strings | | GroupIDs is a list of group IDs to match against. | +| group_name_regexes | array of strings | | GroupNameRegexes is a list of regexes to match against group names. | + +Example: + +``` +# Teleport Okta Import Rule resource + +resource "teleport_okta_import_rule" "example" { + metadata = { + description = "Example Okta Import Rule" + labels = { + "example" = "yes" + } + } + + version = "v1" + + spec = { + priority = 100 + mappings = [ + { + add_labels = { + "label1": "value1" + } + match = [ + { + app_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label2": "value2" + } + match = [ + { + group_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label3" : "value3", + } + match = [ + { + group_name_regexes = ["^.*$"] + }, + ], + }, + { + add_labels = { + "label4" : "value4", + } + match = [ + { + app_name_regexes = ["^.*$"] + }, + ], + } + ] + } +} + +``` + +## teleport_provision_token + +| Name | Type | Required | Description | +|----------|--------|----------|-----------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | * | Spec is a provisioning token V2 spec | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are:`v2`. | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is a provisioning token V2 spec + +| Name | Type | Required | Description | +|--------------------------------|----------------------|----------|---------------------------------------------------------------------------------------------------------------------------------------------------------| +| allow | object | | Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. | +| aws_iid_ttl | duration | | AWSIIDTTL is the TTL to use for AWS EC2 Instance Identity Documents used to join the cluster with this token. | +| azure | object | | Azure allows the configuration of options specific to the "azure" join method. | +| bot_name | string | | BotName is the name of the bot this token grants access to, if any | +| circleci | object | | CircleCI allows the configuration of options specific to the "circleci" join method. | +| gcp | object | | GCP allows the configuration of options specific to the "gcp" join method. | +| github | object | | GitHub allows the configuration of options specific to the "github" join method. | +| gitlab | object | | GitLab allows the configuration of options specific to the "gitlab" join method. | +| join_method | string | | JoinMethod is the joining method required in order to use this token. Supported joining methods include "token", "ec2", and "iam". | +| kubernetes | object | | Kubernetes allows the configuration of options specific to the "kubernetes" join method. | +| roles | array of strings | * | Roles is a list of roles associated with the token, that will be converted to metadata in the SSH and X509 certificates issued to the user of the token | +| spacelift | object | | Spacelift allows the configuration of options specific to the "spacelift" join method. | +| suggested_agent_matcher_labels | map of string arrays | | | +| suggested_labels | map of string arrays | | | + +#### spec.allow + +Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. + +| Name | Type | Required | Description | +|-------------|------------------|----------|-------------------------------------------------------------------------------------------------------------------------------------------| +| aws_account | string | | AWSAccount is the AWS account ID. | +| aws_arn | string | | AWSARN is used for the IAM join method, the AWS identity of joining nodes must match this ARN. Supports wildcards "*" and "?". | +| aws_regions | array of strings | | AWSRegions is used for the EC2 join method and is a list of AWS regions a node is allowed to join from. | +| aws_role | string | | AWSRole is used for the EC2 join method and is the the ARN of the AWS role that the auth server will assume in order to call the ec2 API. | + +#### spec.azure + +Azure allows the configuration of options specific to the "azure" join method. + +| Name | Type | Required | Description | +|-------|--------|----------|-----------------------------------------------------------------------------------------------| +| allow | object | | Allow is a list of Rules, nodes using this token must match one allow rule to use this token. | + +##### spec.azure.allow + +Allow is a list of Rules, nodes using this token must match one allow rule to use this token. + +| Name | Type | Required | Description | +|-----------------|------------------|----------|-------------------------------------------------------------------------------------| +| resource_groups | array of strings | | ResourceGroups is a list of Azure resource groups the node is allowed to join from. | +| subscription | string | | Subscription is the Azure subscription. | + +#### spec.circleci + +CircleCI allows the configuration of options specific to the "circleci" join method. + +| Name | Type | Required | Description | +|-----------------|--------|----------|----------------------------------------------------------------------------------------------------| +| allow | object | | Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. | +| organization_id | string | | | + +##### spec.circleci.allow + +Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. + +| Name | Type | Required | Description | +|------------|--------|----------|-------------| +| context_id | string | | | +| project_id | string | | | + +#### spec.gcp + +GCP allows the configuration of options specific to the "gcp" join method. + +| Name | Type | Required | Description | +|-------|--------|----------|-----------------------------------------------------------------------------------------------| +| allow | object | | Allow is a list of Rules, nodes using this token must match one allow rule to use this token. | + +##### spec.gcp.allow + +Allow is a list of Rules, nodes using this token must match one allow rule to use this token. + +| Name | Type | Required | Description | +|------------------|------------------|----------|----------------------------------------------------------------------------------------------------------------------------| +| locations | array of strings | | Locations is a list of regions (e.g. "us-west1") and/or zones (e.g. "us-west1-b"). | +| project_ids | array of strings | | ProjectIDs is a list of project IDs (e.g. "<example-id-123456>"). | +| service_accounts | array of strings | | ServiceAccounts is a list of service account emails (e.g. "<project-number>-compute@developer.gserviceaccount.com"). | + +#### spec.github + +GitHub allows the configuration of options specific to the "github" join method. + +| Name | Type | Required | Description | +|------------------------|--------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| allow | object | | Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. | +| enterprise_server_host | string | | EnterpriseServerHost allows joining from runners associated with a GitHub Enterprise Server instance. When unconfigured, tokens will be validated against github.com, but when configured to the host of a GHES instance, then the tokens will be validated against host. This value should be the hostname of the GHES instance, and should not include the scheme or a path. The instance must be accessible over HTTPS at this hostname and the certificate must be trusted by the Auth Server. | +| enterprise_slug | string | | EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customized issuer values. | + +##### spec.github.allow + +Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. + +| Name | Type | Required | Description | +|------------------|--------|----------|------------------------------------------------------------------------------------------------------------------------------------------------------------| +| actor | string | | The personal account that initiated the workflow run. | +| environment | string | | The name of the environment used by the job. | +| ref | string | | The git ref that triggered the workflow run. | +| ref_type | string | | The type of ref, for example: "branch". | +| repository | string | | The repository from where the workflow is running. This includes the name of the owner e.g `gravitational/teleport` | +| repository_owner | string | | The name of the organization in which the repository is stored. | +| sub | string | | Sub also known as Subject is a string that roughly uniquely identifies the workload. The format of this varies depending on the type of github action run. | +| workflow | string | | The name of the workflow. | + +#### spec.gitlab + +GitLab allows the configuration of options specific to the "gitlab" join method. + +| Name | Type | Required | Description | +|--------|--------|----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| allow | object | | Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. | +| domain | string | | Domain is the domain of your GitLab instance. This will default to `gitlab.com` - but can be set to the domain of your self-hosted GitLab e.g `gitlab.example.com`. | + +##### spec.gitlab.allow + +Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token. + +| Name | Type | Required | Description | +|-----------------------|--------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| ci_config_ref_uri | string | | CIConfigRefURI is the ref path to the top-level pipeline definition, for example, gitlab.example.com/my-group/my-project//.gitlab-ci.yml@refs/heads/main. | +| ci_config_sha | string | | CIConfigSHA is the git commit SHA for the ci_config_ref_uri. | +| deployment_tier | string | | DeploymentTier is the deployment tier of the environment the job specifies | +| environment | string | | Environment limits access by the environment the job deploys to (if one is associated) | +| environment_protected | bool | | | +| namespace_path | string | | NamespacePath is used to limit access to jobs in a group or user's projects. Example: `mygroup` This field supports simple "glob-style" matching: - Use '*' to match zero or more characters. - Use '?' to match any single character. | +| pipeline_source | string | | PipelineSource limits access by the job pipeline source type. https://docs.gitlab.com/ee/ci/jobs/job_control.html#common-if-clauses-for-rules Example: `web` | +| project_path | string | | ProjectPath is used to limit access to jobs belonging to an individual project. Example: `mygroup/myproject` This field supports simple "glob-style" matching: - Use '*' to match zero or more characters. - Use '?' to match any single character. | +| project_visibility | string | | ProjectVisibility is the visibility of the project where the pipeline is running. Can be internal, private, or public. | +| ref | string | | Ref allows access to be limited to jobs triggered by a specific git ref. Ensure this is used in combination with ref_type. This field supports simple "glob-style" matching: - Use '*' to match zero or more characters. - Use '?' to match any single character. | +| ref_protected | bool | | | +| ref_type | string | | RefType allows access to be limited to jobs triggered by a specific git ref type. Example: `branch` or `tag` | +| sub | string | | Sub roughly uniquely identifies the workload. Example: `project_path:mygroup/my-project:ref_type:branch:ref:main` project_path:GROUP/PROJECT:ref_type:TYPE:ref:BRANCH_NAME This field supports simple "glob-style" matching: - Use '*' to match zero or more characters. - Use '?' to match any single character. | +| user_email | string | | UserEmail is the email of the user executing the job | +| user_id | string | | UserID is the ID of the user executing the job | +| user_login | string | | UserLogin is the username of the user executing the job | + +#### spec.kubernetes + +Kubernetes allows the configuration of options specific to the "kubernetes" join method. + +| Name | Type | Required | Description | +|-------------|--------|----------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| allow | object | | Allow is a list of Rules, nodes using this token must match one allow rule to use this token. | +| static_jwks | object | | StaticJWKS is the configuration specific to the `static_jwks` type. | +| type | string | | Type controls which behavior should be used for validating the Kubernetes Service Account token. Support values: - `in_cluster` - `static_jwks` If unset, this defaults to `in_cluster`. | + +##### spec.kubernetes.allow + +Allow is a list of Rules, nodes using this token must match one allow rule to use this token. + +| Name | Type | Required | Description | +|-----------------|--------|----------|---------------------------------------------------------------------------------------------------------------------| +| service_account | string | | ServiceAccount is the namespaced name of the Kubernetes service account. Its format is "namespace:service-account". | + +##### spec.kubernetes.static_jwks + +StaticJWKS is the configuration specific to the `static_jwks` type. + +| Name | Type | Required | Description | +|------|--------|----------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| jwks | string | | JWKS should be the JSON Web Key Set formatted public keys of that the Kubernetes Cluster uses to sign service account tokens. This can be fetched from /openid/v1/jwks on the Kubernetes API Server. | + +#### spec.spacelift + +Spacelift allows the configuration of options specific to the "spacelift" join method. + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------------------------------------| +| allow | object | | Allow is a list of Rules, nodes using this token must match one allow rule to use this token. | +| hostname | string | | Hostname is the hostname of the Spacelift tenant that tokens will originate from. E.g `example.app.spacelift.io` | + +##### spec.spacelift.allow + +Allow is a list of Rules, nodes using this token must match one allow rule to use this token. + +| Name | Type | Required | Description | +|-------------|--------|----------|-------------------------------------------------------------------------------------------------------------------------------------------| +| caller_id | string | | CallerID is the ID of the caller, ie. the stack or module that generated the run. | +| caller_type | string | | CallerType is the type of the caller, ie. the entity that owns the run - either `stack` or `module`. | +| scope | string | | Scope is the scope of the token - either `read` or `write`. See https://docs.spacelift.io/integrations/cloud-providers/oidc/#about-scopes | +| space_id | string | | SpaceID is the ID of the space in which the run that owns the token was executed. | + +Example: + +``` +# Teleport Provision Token resource + +resource "teleport_provision_token" "example" { + metadata = { + expires = "2022-10-12T07:20:51Z" + description = "Example token" + + labels = { + example = "yes" + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + roles = ["Node", "Auth"] + } +} + +resource "teleport_provision_token" "iam-token" { + metadata = { + name = "iam-token" + } + spec = { + roles = ["Bot"] + bot_name = "mybot" + join_method = "iam" + allow = [{ + aws_account = "123456789012" + }] + } +} + +``` + +## teleport_role + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a role specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v3`, `v4`, `v5`, `v6`, `v7`. | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is a role specification + +| Name | Type | Required | Description | +|---------|--------|----------|-----------------------------------------------------------------------------------------| +| allow | object | | Allow is the set of conditions evaluated to grant access. | +| deny | object | | Deny is the set of conditions evaluated to deny access. Deny takes priority over allow. | +| options | object | | Options is for OpenSSH options like agent forwarding. | + +#### spec.allow + +Allow is the set of conditions evaluated to grant access. + +| Name | Type | Required | Description | +|-----------------------------------|----------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------| +| app_labels | map of string arrays | | | +| app_labels_expression | string | | AppLabelsExpression is a predicate expression used to allow/deny access to Apps. | +| aws_role_arns | array of strings | | AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume. | +| azure_identities | array of strings | | AzureIdentities is a list of Azure identities this role is allowed to assume. | +| cluster_labels | map of string arrays | | | +| cluster_labels_expression | string | | ClusterLabelsExpression is a predicate expression used to allow/deny access to remote Teleport clusters. | +| db_labels | map of string arrays | | | +| db_labels_expression | string | | DatabaseLabelsExpression is a predicate expression used to allow/deny access to Databases. | +| db_names | array of strings | | DatabaseNames is a list of database names this role is allowed to connect to. | +| db_permissions | object | | DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning. | +| db_roles | array of strings | | DatabaseRoles is a list of databases roles for automatic user creation. | +| db_service_labels | map of string arrays | | | +| db_service_labels_expression | string | | DatabaseServiceLabelsExpression is a predicate expression used to allow/deny access to Database Services. | +| db_users | array of strings | | DatabaseUsers is a list of databases users this role is allowed to connect as. | +| desktop_groups | array of strings | | DesktopGroups is a list of groups for created desktop users to be added to | +| gcp_service_accounts | array of strings | | GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume. | +| group_labels | map of string arrays | | | +| group_labels_expression | string | | GroupLabelsExpression is a predicate expression used to allow/deny access to user groups. | +| host_groups | array of strings | | HostGroups is a list of groups for created users to be added to | +| host_sudoers | array of strings | | HostSudoers is a list of entries to include in a users sudoer file | +| impersonate | object | | Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means. | +| join_sessions | object | | JoinSessions specifies policies to allow users to join other sessions. | +| kubernetes_groups | array of strings | | KubeGroups is a list of kubernetes groups | +| kubernetes_labels | map of string arrays | | | +| kubernetes_labels_expression | string | | KubernetesLabelsExpression is a predicate expression used to allow/deny access to kubernetes clusters. | +| kubernetes_resources | object | | KubernetesResources is the Kubernetes Resources this Role grants access to. | +| kubernetes_users | array of strings | | KubeUsers is an optional kubernetes users to impersonate | +| logins | array of strings | | Logins is a list of *nix system logins. | +| node_labels | map of string arrays | | | +| node_labels_expression | string | | NodeLabelsExpression is a predicate expression used to allow/deny access to SSH nodes. | +| request | object | | | +| require_session_join | object | | RequireSessionJoin specifies policies for required users to start a session. | +| review_requests | object | | ReviewRequests defines conditions for submitting access reviews. | +| rules | object | | Rules is a list of rules and their access levels. Rules are a high level construct used for access control. | +| spiffe | object | | SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID. | +| windows_desktop_labels | map of string arrays | | | +| windows_desktop_labels_expression | string | | WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops. | +| windows_desktop_logins | array of strings | | WindowsDesktopLogins is a list of desktop login names allowed/denied for Windows desktops. | + +##### spec.allow.db_permissions + +DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning. + +| Name | Type | Required | Description | +|-------------|----------------------|----------|------------------------------------------------------------------------------------------------------------------| +| match | map of string arrays | | | +| permissions | array of strings | | Permission is the list of string representations of the permission to be given, e.g. SELECT, INSERT, UPDATE, ... | + +##### spec.allow.impersonate + +Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means. + +| Name | Type | Required | Description | +|-------|------------------|----------|----------------------------------------------------------------------------------------------------------------| +| roles | array of strings | | Roles is a list of resources this role is allowed to impersonate | +| users | array of strings | | Users is a list of resources this role is allowed to impersonate, could be an empty list or a Wildcard pattern | +| where | string | | Where specifies optional advanced matcher | + +##### spec.allow.join_sessions + +JoinSessions specifies policies to allow users to join other sessions. + +| Name | Type | Required | Description | +|-------|------------------|----------|-----------------------------------------------------------------| +| kinds | array of strings | | Kinds are the session kinds this policy applies to. | +| modes | array of strings | | Modes is a list of permitted participant modes for this policy. | +| name | string | | Name is the name of the policy. | +| roles | array of strings | | Roles is a list of roles that you can join the session of. | + +##### spec.allow.kubernetes_resources + +KubernetesResources is the Kubernetes Resources this Role grants access to. + +| Name | Type | Required | Description | +|-----------|------------------|----------|-------------------------------------------------------------------------------------| +| kind | string | | Kind specifies the Kubernetes Resource type. At the moment only "pod" is supported. | +| name | string | | Name is the resource name. It supports wildcards. | +| namespace | string | | Namespace is the resource namespace. It supports wildcards. | +| verbs | array of strings | | Verbs are the allowed Kubernetes verbs for the following resource. | + +##### spec.allow.request + + + +| Name | Type | Required | Description | +|---------------------|----------------------|----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| annotations | map of string arrays | | | +| claims_to_roles | object | | ClaimsToRoles specifies a mapping from claims (traits) to teleport roles. | +| max_duration | duration | | MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration is used. | +| roles | array of strings | | Roles is the name of roles which will match the request rule. | +| search_as_roles | array of strings | | SearchAsRoles is a list of extra roles which should apply to a user while they are searching for resources as part of a Resource Access Request, and defines the underlying roles which will be requested as part of any Resource Access Request. | +| suggested_reviewers | array of strings | | SuggestedReviewers is a list of reviewer suggestions. These can be teleport usernames, but that is not a requirement. | +| thresholds | object | | Thresholds is a list of thresholds, one of which must be met in order for reviews to trigger a state-transition. If no thresholds are provided, a default threshold of 1 for approval and denial is used. | + +###### spec.allow.request.claims_to_roles + +ClaimsToRoles specifies a mapping from claims (traits) to teleport roles. + +| Name | Type | Required | Description | +|-------|------------------|----------|----------------------------------------------------| +| claim | string | | Claim is a claim name. | +| roles | array of strings | | Roles is a list of static teleport roles to match. | +| value | string | | Value is a claim value to match. | + +###### spec.allow.request.thresholds + +Thresholds is a list of thresholds, one of which must be met in order for reviews to trigger a state-transition. If no thresholds are provided, a default threshold of 1 for approval and denial is used. + +| Name | Type | Required | Description | +|---------|--------|----------|----------------------------------------------------------------------------------------------| +| approve | number | | Approve is the number of matching approvals needed for state-transition. | +| deny | number | | Deny is the number of denials needed for state-transition. | +| filter | string | | Filter is an optional predicate used to determine which reviews count toward this threshold. | +| name | string | | Name is the optional human-readable name of the threshold. | + +##### spec.allow.require_session_join + +RequireSessionJoin specifies policies for required users to start a session. + +| Name | Type | Required | Description | +|----------|------------------|----------|-------------------------------------------------------------------------------------------------| +| count | number | | Count is the amount of people that need to be matched for this policy to be fulfilled. | +| filter | string | | Filter is a predicate that determines what users count towards this policy. | +| kinds | array of strings | | Kinds are the session kinds this policy applies to. | +| modes | array of strings | | Modes is the list of modes that may be used to fulfill this policy. | +| name | string | | Name is the name of the policy. | +| on_leave | string | | OnLeave is the behaviour that's used when the policy is no longer fulfilled for a live session. | + +##### spec.allow.review_requests + +ReviewRequests defines conditions for submitting access reviews. + +| Name | Type | Required | Description | +|------------------|------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| claims_to_roles | object | | ClaimsToRoles specifies a mapping from claims (traits) to teleport roles. | +| preview_as_roles | array of strings | | PreviewAsRoles is a list of extra roles which should apply to a reviewer while they are viewing a Resource Access Request for the purposes of viewing details such as the hostname and labels of requested resources. | +| roles | array of strings | | Roles is the name of roles which may be reviewed. | +| where | string | | Where is an optional predicate which further limits which requests are reviewable. | + +###### spec.allow.review_requests.claims_to_roles + +ClaimsToRoles specifies a mapping from claims (traits) to teleport roles. + +| Name | Type | Required | Description | +|-------|------------------|----------|----------------------------------------------------| +| claim | string | | Claim is a claim name. | +| roles | array of strings | | Roles is a list of static teleport roles to match. | +| value | string | | Value is a claim value to match. | + +##### spec.allow.rules + +Rules is a list of rules and their access levels. Rules are a high level construct used for access control. + +| Name | Type | Required | Description | +|-----------|------------------|----------|-----------------------------------------------------------------| +| actions | array of strings | | Actions specifies optional actions taken when this rule matches | +| resources | array of strings | | Resources is a list of resources | +| verbs | array of strings | | Verbs is a list of verbs | +| where | string | | Where specifies optional advanced matcher | + +##### spec.allow.spiffe + +SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID. + +| Name | Type | Required | Description | +|----------|------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| dns_sans | array of strings | | DNSSANs specifies matchers for the SPIFFE ID DNS SANs. Each requested DNS SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: *.example.com would match foo.example.com | +| ip_sans | array of strings | | IPSANs specifies matchers for the SPIFFE ID IP SANs. Each requested IP SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matchers should be specified using CIDR notation, it supports IPv4 and IPv6. Examples: - 10.0.0.0/24 would match 10.0.0.0 to 10.255.255.255 - 10.0.0.42/32 would match only 10.0.0.42 | +| path | string | | Path specifies a matcher for the SPIFFE ID path. It should not include the trust domain and should start with a leading slash. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: - /svc/foo/*/bar would match /svc/foo/baz/bar - ^\/svc\/foo\/.*\/bar$ would match /svc/foo/baz/bar | + +#### spec.deny + +Deny is the set of conditions evaluated to deny access. Deny takes priority over allow. + +| Name | Type | Required | Description | +|-----------------------------------|----------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------| +| app_labels | map of string arrays | | | +| app_labels_expression | string | | AppLabelsExpression is a predicate expression used to allow/deny access to Apps. | +| aws_role_arns | array of strings | | AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume. | +| azure_identities | array of strings | | AzureIdentities is a list of Azure identities this role is allowed to assume. | +| cluster_labels | map of string arrays | | | +| cluster_labels_expression | string | | ClusterLabelsExpression is a predicate expression used to allow/deny access to remote Teleport clusters. | +| db_labels | map of string arrays | | | +| db_labels_expression | string | | DatabaseLabelsExpression is a predicate expression used to allow/deny access to Databases. | +| db_names | array of strings | | DatabaseNames is a list of database names this role is allowed to connect to. | +| db_permissions | object | | DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning. | +| db_roles | array of strings | | DatabaseRoles is a list of databases roles for automatic user creation. | +| db_service_labels | map of string arrays | | | +| db_service_labels_expression | string | | DatabaseServiceLabelsExpression is a predicate expression used to allow/deny access to Database Services. | +| db_users | array of strings | | DatabaseUsers is a list of databases users this role is allowed to connect as. | +| desktop_groups | array of strings | | DesktopGroups is a list of groups for created desktop users to be added to | +| gcp_service_accounts | array of strings | | GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume. | +| group_labels | map of string arrays | | | +| group_labels_expression | string | | GroupLabelsExpression is a predicate expression used to allow/deny access to user groups. | +| host_groups | array of strings | | HostGroups is a list of groups for created users to be added to | +| host_sudoers | array of strings | | HostSudoers is a list of entries to include in a users sudoer file | +| impersonate | object | | Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means. | +| join_sessions | object | | JoinSessions specifies policies to allow users to join other sessions. | +| kubernetes_groups | array of strings | | KubeGroups is a list of kubernetes groups | +| kubernetes_labels | map of string arrays | | | +| kubernetes_labels_expression | string | | KubernetesLabelsExpression is a predicate expression used to allow/deny access to kubernetes clusters. | +| kubernetes_resources | object | | KubernetesResources is the Kubernetes Resources this Role grants access to. | +| kubernetes_users | array of strings | | KubeUsers is an optional kubernetes users to impersonate | +| logins | array of strings | | Logins is a list of *nix system logins. | +| node_labels | map of string arrays | | | +| node_labels_expression | string | | NodeLabelsExpression is a predicate expression used to allow/deny access to SSH nodes. | +| request | object | | | +| require_session_join | object | | RequireSessionJoin specifies policies for required users to start a session. | +| review_requests | object | | ReviewRequests defines conditions for submitting access reviews. | +| rules | object | | Rules is a list of rules and their access levels. Rules are a high level construct used for access control. | +| spiffe | object | | SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID. | +| windows_desktop_labels | map of string arrays | | | +| windows_desktop_labels_expression | string | | WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops. | +| windows_desktop_logins | array of strings | | WindowsDesktopLogins is a list of desktop login names allowed/denied for Windows desktops. | + +##### spec.deny.db_permissions + +DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning. + +| Name | Type | Required | Description | +|-------------|----------------------|----------|------------------------------------------------------------------------------------------------------------------| +| match | map of string arrays | | | +| permissions | array of strings | | Permission is the list of string representations of the permission to be given, e.g. SELECT, INSERT, UPDATE, ... | + +##### spec.deny.impersonate + +Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means. + +| Name | Type | Required | Description | +|-------|------------------|----------|----------------------------------------------------------------------------------------------------------------| +| roles | array of strings | | Roles is a list of resources this role is allowed to impersonate | +| users | array of strings | | Users is a list of resources this role is allowed to impersonate, could be an empty list or a Wildcard pattern | +| where | string | | Where specifies optional advanced matcher | + +##### spec.deny.join_sessions + +JoinSessions specifies policies to allow users to join other sessions. + +| Name | Type | Required | Description | +|-------|------------------|----------|-----------------------------------------------------------------| +| kinds | array of strings | | Kinds are the session kinds this policy applies to. | +| modes | array of strings | | Modes is a list of permitted participant modes for this policy. | +| name | string | | Name is the name of the policy. | +| roles | array of strings | | Roles is a list of roles that you can join the session of. | + +##### spec.deny.kubernetes_resources + +KubernetesResources is the Kubernetes Resources this Role grants access to. + +| Name | Type | Required | Description | +|-----------|------------------|----------|-------------------------------------------------------------------------------------| +| kind | string | | Kind specifies the Kubernetes Resource type. At the moment only "pod" is supported. | +| name | string | | Name is the resource name. It supports wildcards. | +| namespace | string | | Namespace is the resource namespace. It supports wildcards. | +| verbs | array of strings | | Verbs are the allowed Kubernetes verbs for the following resource. | + +##### spec.deny.request + + + +| Name | Type | Required | Description | +|---------------------|----------------------|----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| annotations | map of string arrays | | | +| claims_to_roles | object | | ClaimsToRoles specifies a mapping from claims (traits) to teleport roles. | +| max_duration | duration | | MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration is used. | +| roles | array of strings | | Roles is the name of roles which will match the request rule. | +| search_as_roles | array of strings | | SearchAsRoles is a list of extra roles which should apply to a user while they are searching for resources as part of a Resource Access Request, and defines the underlying roles which will be requested as part of any Resource Access Request. | +| suggested_reviewers | array of strings | | SuggestedReviewers is a list of reviewer suggestions. These can be teleport usernames, but that is not a requirement. | +| thresholds | object | | Thresholds is a list of thresholds, one of which must be met in order for reviews to trigger a state-transition. If no thresholds are provided, a default threshold of 1 for approval and denial is used. | + +###### spec.deny.request.claims_to_roles + +ClaimsToRoles specifies a mapping from claims (traits) to teleport roles. + +| Name | Type | Required | Description | +|-------|------------------|----------|----------------------------------------------------| +| claim | string | | Claim is a claim name. | +| roles | array of strings | | Roles is a list of static teleport roles to match. | +| value | string | | Value is a claim value to match. | + +###### spec.deny.request.thresholds + +Thresholds is a list of thresholds, one of which must be met in order for reviews to trigger a state-transition. If no thresholds are provided, a default threshold of 1 for approval and denial is used. + +| Name | Type | Required | Description | +|---------|--------|----------|----------------------------------------------------------------------------------------------| +| approve | number | | Approve is the number of matching approvals needed for state-transition. | +| deny | number | | Deny is the number of denials needed for state-transition. | +| filter | string | | Filter is an optional predicate used to determine which reviews count toward this threshold. | +| name | string | | Name is the optional human-readable name of the threshold. | + +##### spec.deny.require_session_join + +RequireSessionJoin specifies policies for required users to start a session. + +| Name | Type | Required | Description | +|----------|------------------|----------|-------------------------------------------------------------------------------------------------| +| count | number | | Count is the amount of people that need to be matched for this policy to be fulfilled. | +| filter | string | | Filter is a predicate that determines what users count towards this policy. | +| kinds | array of strings | | Kinds are the session kinds this policy applies to. | +| modes | array of strings | | Modes is the list of modes that may be used to fulfill this policy. | +| name | string | | Name is the name of the policy. | +| on_leave | string | | OnLeave is the behaviour that's used when the policy is no longer fulfilled for a live session. | + +##### spec.deny.review_requests + +ReviewRequests defines conditions for submitting access reviews. + +| Name | Type | Required | Description | +|------------------|------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| claims_to_roles | object | | ClaimsToRoles specifies a mapping from claims (traits) to teleport roles. | +| preview_as_roles | array of strings | | PreviewAsRoles is a list of extra roles which should apply to a reviewer while they are viewing a Resource Access Request for the purposes of viewing details such as the hostname and labels of requested resources. | +| roles | array of strings | | Roles is the name of roles which may be reviewed. | +| where | string | | Where is an optional predicate which further limits which requests are reviewable. | + +###### spec.deny.review_requests.claims_to_roles + +ClaimsToRoles specifies a mapping from claims (traits) to teleport roles. + +| Name | Type | Required | Description | +|-------|------------------|----------|----------------------------------------------------| +| claim | string | | Claim is a claim name. | +| roles | array of strings | | Roles is a list of static teleport roles to match. | +| value | string | | Value is a claim value to match. | + +##### spec.deny.rules + +Rules is a list of rules and their access levels. Rules are a high level construct used for access control. + +| Name | Type | Required | Description | +|-----------|------------------|----------|-----------------------------------------------------------------| +| actions | array of strings | | Actions specifies optional actions taken when this rule matches | +| resources | array of strings | | Resources is a list of resources | +| verbs | array of strings | | Verbs is a list of verbs | +| where | string | | Where specifies optional advanced matcher | + +##### spec.deny.spiffe + +SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID. + +| Name | Type | Required | Description | +|----------|------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| dns_sans | array of strings | | DNSSANs specifies matchers for the SPIFFE ID DNS SANs. Each requested DNS SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: *.example.com would match foo.example.com | +| ip_sans | array of strings | | IPSANs specifies matchers for the SPIFFE ID IP SANs. Each requested IP SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matchers should be specified using CIDR notation, it supports IPv4 and IPv6. Examples: - 10.0.0.0/24 would match 10.0.0.0 to 10.255.255.255 - 10.0.0.42/32 would match only 10.0.0.42 | +| path | string | | Path specifies a matcher for the SPIFFE ID path. It should not include the trust domain and should start with a leading slash. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: - /svc/foo/*/bar would match /svc/foo/baz/bar - ^\/svc\/foo\/.*\/bar$ would match /svc/foo/baz/bar | + +#### spec.options + +Options is for OpenSSH options like agent forwarding. + +| Name | Type | Required | Description | +|----------------------------|------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| cert_extensions | object | | CertExtensions specifies the key/values | +| cert_format | string | | CertificateFormat defines the format of the user certificate to allow compatibility with older versions of OpenSSH. | +| client_idle_timeout | duration | | ClientIdleTimeout sets disconnect clients on idle timeout behavior, if set to 0 means do not disconnect, otherwise is set to the idle duration. | +| create_db_user | bool | | | +| create_db_user_mode | number | | CreateDatabaseUserMode allows users to be automatically created on a database when not set to off. 0 is "unspecified", 1 is "off", 2 is "keep", 3 is "best_effort_drop". | +| create_desktop_user | bool | | | +| create_host_user | bool | | | +| create_host_user_mode | number | | CreateHostUserMode allows users to be automatically created on a host when not set to off. 0 is "unspecified"; 1 is "off"; 2 is "drop" (removed for v15 and above), 3 is "keep"; 4 is "insecure-drop". | +| desktop_clipboard | bool | | | +| desktop_directory_sharing | bool | | | +| device_trust_mode | string | | DeviceTrustMode is the device authorization mode used for the resources associated with the role. See DeviceTrust.Mode. Reserved for future use, not yet used by Teleport. | +| disconnect_expired_cert | bool | | DisconnectExpiredCert sets disconnect clients on expired certificates. | +| enhanced_recording | array of strings | | BPF defines what events to record for the BPF-based session recorder. | +| forward_agent | bool | | ForwardAgent is SSH agent forwarding. | +| idp | object | | IDP is a set of options related to accessing IdPs within Teleport. Requires Teleport Enterprise. | +| lock | string | | Lock specifies the locking mode (strict|best_effort) to be applied with the role. | +| max_connections | number | | MaxConnections defines the maximum number of concurrent connections a user may hold. | +| max_kubernetes_connections | number | | MaxKubernetesConnections defines the maximum number of concurrent Kubernetes sessions a user may hold. | +| max_session_ttl | duration | | MaxSessionTTL defines how long a SSH session can last for. | +| max_sessions | number | | MaxSessions defines the maximum number of concurrent sessions per connection. | +| permit_x11_forwarding | bool | | PermitX11Forwarding authorizes use of X11 forwarding. | +| pin_source_ip | bool | | PinSourceIP forces the same client IP for certificate generation and usage | +| port_forwarding | bool | | | +| record_session | object | | RecordDesktopSession indicates whether desktop access sessions should be recorded. It defaults to true unless explicitly set to false. | +| request_access | string | | RequestAccess defines the access request strategy (optional|note|always) where optional is the default. | +| request_prompt | string | | RequestPrompt is an optional message which tells users what they aught to request. | +| require_session_mfa | number | | RequireMFAType is the type of MFA requirement enforced for this role: 0:Off, 1:Session, 2:SessionAndHardwareKey, 3:HardwareKeyTouch | +| ssh_file_copy | bool | | | + +##### spec.options.cert_extensions + +CertExtensions specifies the key/values + +| Name | Type | Required | Description | +|-------|--------|----------|-----------------------------------------------------------------------------------------------------------| +| mode | number | | Mode is the type of extension to be used -- currently critical-option is not supported. 0 is "extension". | +| name | string | | Name specifies the key to be used in the cert extension. | +| type | number | | Type represents the certificate type being extended, only ssh is supported at this time. 0 is "ssh". | +| value | string | | Value specifies the value to be used in the cert extension. | + +##### spec.options.idp + +IDP is a set of options related to accessing IdPs within Teleport. Requires Teleport Enterprise. + +| Name | Type | Required | Description | +|------|--------|----------|----------------------------------------------------| +| saml | object | | SAML are options related to the Teleport SAML IdP. | + +###### spec.options.idp.saml + +SAML are options related to the Teleport SAML IdP. + +| Name | Type | Required | Description | +|---------|------|----------|-------------| +| enabled | bool | | | + +##### spec.options.record_session + +RecordDesktopSession indicates whether desktop access sessions should be recorded. It defaults to true unless explicitly set to false. + +| Name | Type | Required | Description | +|---------|--------|----------|-------------------------------------------------------| +| default | string | | Default indicates the default value for the services. | +| desktop | bool | | | +| ssh | string | | SSH indicates the session mode used on SSH sessions. | + +Example: + +``` +# Teleport Role resource + +resource "teleport_role" "example" { + metadata = { + name = "example" + description = "Example Teleport Role" + expires = "2022-10-12T07:20:51Z" + labels = { + example = "yes" + } + } + + spec = { + options = { + forward_agent = false + max_session_ttl = "7m" + port_forwarding = false + client_idle_timeout = "1h" + disconnect_expired_cert = true + permit_x11_forwarding = false + request_access = "denied" + } + + allow = { + logins = ["example"] + + rules = [{ + resources = ["user", "role"] + verbs = ["list"] + }] + + request = { + roles = ["example"] + claims_to_roles = [{ + claim = "example" + value = "example" + roles = ["example"] + }] + } + + node_labels = { + example = ["yes"] + } + } + + deny = { + logins = ["anonymous"] + } + } +} +``` + +## teleport_saml_connector + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata holds resource metadata. | +| spec | object | * | Spec is an SAML connector specification. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v2`. | + +### metadata + +Metadata holds resource metadata. + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is an SAML connector specification. + +| Name | Type | Required | Description | +|-------------------------|--------|----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| acs | string | * | AssertionConsumerService is a URL for assertion consumer service on the service provider (Teleport's side). | +| allow_idp_initiated | bool | | AllowIDPInitiated is a flag that indicates if the connector can be used for IdP-initiated logins. | +| assertion_key_pair | object | | EncryptionKeyPair is a key pair used for decrypting SAML assertions. | +| attributes_to_roles | object | * | AttributesToRoles is a list of mappings of attribute statements to roles. | +| audience | string | | Audience uniquely identifies our service provider. | +| cert | string | | Cert is the identity provider certificate PEM. IDP signs <Response> responses using this certificate. | +| display | string | | Display controls how this connector is displayed. | +| entity_descriptor | string | | EntityDescriptor is XML with descriptor. It can be used to supply configuration parameters in one XML file rather than supplying them in the individual elements. | +| entity_descriptor_url | string | | EntityDescriptorURL is a URL that supplies a configuration XML. | +| issuer | string | | Issuer is the identity provider issuer. | +| provider | string | | Provider is the external identity provider. | +| service_provider_issuer | string | | ServiceProviderIssuer is the issuer of the service provider (Teleport). | +| signing_key_pair | object | | SigningKeyPair is an x509 key pair used to sign AuthnRequest. | +| sso | string | | SSO is the URL of the identity provider's SSO service. | + +#### spec.assertion_key_pair + +EncryptionKeyPair is a key pair used for decrypting SAML assertions. + +| Name | Type | Required | Description | +|-------------|--------|----------|-----------------------------------------------| +| cert | string | | Cert is a PEM-encoded x509 certificate. | +| private_key | string | | PrivateKey is a PEM encoded x509 private key. | + +#### spec.attributes_to_roles + +AttributesToRoles is a list of mappings of attribute statements to roles. + +| Name | Type | Required | Description | +|-------|------------------|----------|-----------------------------------------------------| +| name | string | | Name is an attribute statement name. | +| roles | array of strings | | Roles is a list of static teleport roles to map to. | +| value | string | | Value is an attribute statement value to match. | + +#### spec.signing_key_pair + +SigningKeyPair is an x509 key pair used to sign AuthnRequest. + +| Name | Type | Required | Description | +|-------------|--------|----------|-----------------------------------------------| +| cert | string | | Cert is a PEM-encoded x509 certificate. | +| private_key | string | | PrivateKey is a PEM encoded x509 private key. | + +Example: + +``` +# Teleport SAML connector +# +# Please note that SAML connector will work in Enterprise version only. Check the setup docs: +# https://goteleport.com/docs/enterprise/sso/okta/ + +resource "teleport_saml_connector" "example" { + # This block will tell Terraform to never update private key from our side if a keys are managed + # from an outside of Terraform. + + # lifecycle { + # ignore_changes = [ + # spec[0].signing_key_pair[0].cert, + # spec[0].signing_key_pair[0].private_key, + # spec[0].assertion_key_pair[0].cert, + # spec[0].assertion_key_pair[0].private_key, + # ] + # } + + # This section tells Terraform that role example must be created before the SAML connector + depends_on = [ + teleport_role.example + ] + + metadata = { + name = "example" + } + + spec = { + attributes_to_roles = [{ + name = "groups" + roles = ["example"] + value = "okta-admin" + }, + { + name = "groups" + roles = ["example"] + value = "okta-dev" + }] + + acs = "https://localhost:3025/v1/webapi/saml/acs" + entity_descriptor = "" + } +} +``` + +## teleport_server + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a server spec | +| sub_kind | string | * | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is version | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is a server spec + +| Name | Type | Required | Description | +|----------------|------------------|----------|-----------------------------------------------------------------------------------------| +| addr | string | | Addr is a host:port address where this server can be reached. | +| cloud_metadata | object | | CloudMetadata contains info about the cloud instance the server is running on, if any. | +| hostname | string | | Hostname is server hostname | +| peer_addr | string | | PeerAddr is the address a proxy server is reachable at by its peer proxies. | +| proxy_ids | array of strings | | ProxyIDs is a list of proxy IDs this server is expected to be connected to. | +| public_addrs | array of strings | | PublicAddrs is a list of public addresses where this server can be reached. | +| rotation | object | | Rotation specifies server rotation | +| use_tunnel | bool | | UseTunnel indicates that connections to this server should occur over a reverse tunnel. | +| version | string | | TeleportVersion is the teleport version that the server is running on | + +#### spec.cloud_metadata + +CloudMetadata contains info about the cloud instance the server is running on, if any. + +| Name | Type | Required | Description | +|------|--------|----------|----------------------------------------------------------| +| aws | object | | AWSInfo contains attributes to match to an EC2 instance. | + +##### spec.cloud_metadata.aws + +AWSInfo contains attributes to match to an EC2 instance. + +| Name | Type | Required | Description | +|-------------|--------|----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| account_id | string | | AccountID is an AWS account ID. | +| instance_id | string | | InstanceID is an EC2 instance ID. | +| integration | string | | Integration is the integration name that added this Node. When connecting to it, it will use this integration to issue AWS API calls in order to set up the connection. This includes sending an SSH Key and then opening a tunnel (EC2 Instance Connect Endpoint) so Teleport can connect to it. | +| region | string | | Region is the AWS EC2 Instance Region. | +| subnet_id | string | | SubnetID is the Subnet ID in use by the instance. | +| vpc_id | string | | VPCID is the AWS VPC ID where the Instance is running. | + +#### spec.rotation + +Rotation specifies server rotation + +| Name | Type | Required | Description | +|--------------|--------------|----------|-------------------------------------------------------------------------------------------------------------------------------| +| current_id | string | | CurrentID is the ID of the rotation operation to differentiate between rotation attempts. | +| grace_period | duration | | GracePeriod is a period during which old and new CA are valid for checking purposes, but only new CA is issuing certificates. | +| last_rotated | RFC3339 time | | LastRotated specifies the last time of the completed rotation. | +| mode | string | | Mode sets manual or automatic rotation mode. | +| phase | string | | Phase is the current rotation phase. | +| schedule | object | | Schedule is a rotation schedule - used in automatic mode to switch between phases. | +| started | RFC3339 time | | Started is set to the time when rotation has been started in case if the state of the rotation is "in_progress". | +| state | string | | State could be one of "init" or "in_progress". | + +##### spec.rotation.schedule + +Schedule is a rotation schedule - used in automatic mode to switch between phases. + +| Name | Type | Required | Description | +|----------------|--------------|----------|-----------------------------------------------------------------------| +| standby | RFC3339 time | | Standby specifies time to switch to the "Standby" phase. | +| update_clients | RFC3339 time | | UpdateClients specifies time to switch to the "Update clients" phase | +| update_servers | RFC3339 time | | UpdateServers specifies time to switch to the "Update servers" phase. | + +Example: + +``` +resource "teleport_server" "ssh_agentless" { + version = "v2" + sub_kind = "openssh" + // Name is not required for servers, this is a special case. + // When a name is not set, an UUID will be generated by Teleport and + // imported back into Terraform. + // Giving unique IDs to servers allows UUID-based dialing (as opposed to + // host-based dialing and IP-based dialing) which is more robust than its + // counterparts as it can point to a specific server if multiple servers + // share the same hostname/ip. + spec = { + addr = "127.0.0.1:22" + hostname = "test.local" + } +} + +resource "teleport_server" "ssh_agentless_eice" { + version = "v2" + sub_kind = "openssh-ec2-ice" + metadata = { + // It is recommended to put the account and instance ID as a name for EC2 Instance Connect + // When dialing to this instance, teleport will detect that this is an + // AWS instance ID an will contact this specific instance. This is more + // robust than host-based and IP-based dialing (because several server + // can have similar hostnames). + name = "123456789012-i-0123456789abcdef" + } + spec = { + addr = "127.0.0.1:22" + hostname = "test.local" + + cloud_metadata = { + aws = { + account_id = "123" + instance_id = "123" + region = "us-east-1" + vpc_id = "123" + integration = "foo" + subnet_id = "123" + } + } + } +} + +``` + +## teleport_session_recording_config + +| Name | Type | Required | Description | +|----------|--------|----------|-----------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a SessionRecordingConfig specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are:`v2`. | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is a SessionRecordingConfig specification + +| Name | Type | Required | Description | +|------------------------|--------|----------|------------------------------------------------------| +| mode | string | | Mode controls where (or if) the session is recorded. | +| proxy_checks_host_keys | bool | | | + +Example: + +``` +# Teleport session recording config + +resource "teleport_session_recording_config" "example" { + metadata = { + description = "Session recording config" + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" // This label is added on Teleport side by default + } + } + + spec = { + proxy_checks_host_keys = true + } +} +``` + +## teleport_trusted_cluster + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata holds resource metadata. | +| spec | object | * | Spec is a Trusted Cluster specification. | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v2`. | + +### metadata + +Metadata holds resource metadata. + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is a Trusted Cluster specification. + +| Name | Type | Required | Description | +|----------------|------------------|----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| enabled | bool | | Enabled is a bool that indicates if the TrustedCluster is enabled or disabled. Setting Enabled to false has a side effect of deleting the user and host certificate authority (CA). | +| role_map | object | | RoleMap specifies role mappings to remote roles. | +| roles | array of strings | | Roles is a list of roles that users will be assuming when connecting to this cluster. | +| token | string | | Token is the authorization token provided by another cluster needed by this cluster to join. | +| tunnel_addr | string | | ReverseTunnelAddress is the address of the SSH proxy server of the cluster to join. If not set, it is derived from <metadata.name>:<default reverse tunnel port>. | +| web_proxy_addr | string | | ProxyAddress is the address of the web proxy server of the cluster to join. If not set, it is derived from <metadata.name>:<default web proxy server port>. | + +#### spec.role_map + +RoleMap specifies role mappings to remote roles. + +| Name | Type | Required | Description | +|--------|------------------|----------|-----------------------------------------------| +| local | array of strings | | Local specifies local roles to map to | +| remote | string | | Remote specifies remote role name to map from | + +Example: + +``` +# Teleport trusted cluster +# +# https://goteleport.com/docs/setup/admin/trustedclusters/ + +resource "teleport_trusted_cluster" "cluster" { + metadata = { + name = "primary" + labels = { + test = "yes" + } + } + + spec = { + enabled = false + role_map = [{ + remote = "test" + local = ["admin"] + }] + proxy_addr = "localhost:3080" + token = "salami" + } +} + +``` + +## teleport_trusted_device + +| Name | Type | Required | Description | +|----------|--------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Specification of the device. | +| version | string | * | Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by "v". For example: `v1` | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|----------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| labels | map of strings | | Labels is a set of labels | +| name | string | | Name is an object name | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Specification of the device. + +| Name | Type | Required | Description | +|---------------|--------|----------|-------------| +| asset_tag | string | * | | +| enroll_status | string | | | +| os_type | string | * | | +| owner | string | | | +| source | object | | | + +#### spec.source + + + +| Name | Type | Required | Description | +|--------|--------|----------|-------------| +| name | string | | | +| origin | string | | | + +Example: + +``` +# Trusted device resource + +resource "teleport_trusted_device" "TESTDEVICE1" { + spec = { + asset_tag = "TESTDEVICE1" + os_type = "macos" + } +} + +``` + +## teleport_user + +| Name | Type | Required | Description | +|----------|--------|----------|------------------------------------------------------------------------------------| +| metadata | object | | Metadata is resource metadata | +| spec | object | | Spec is a user specification | +| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources | +| version | string | * | Version is the resource version. It must be specified. Supported values are: `v2`. | + +### metadata + +Metadata is resource metadata + +| Name | Type | Required | Description | +|-------------|----------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | | Description is object description | +| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. | +| labels | map of strings | | Labels is a set of labels | +| name | string | * | Name is an object name | +| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. | +| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. | + +### spec + +Spec is a user specification + +| Name | Type | Required | Description | +|--------------------|----------------------|----------|---------------------------------------------------------------------------------------------------------------------------------------| +| github_identities | object | | GithubIdentities list associated Github OAuth2 identities that let user log in using externally verified identity | +| oidc_identities | object | | OIDCIdentities lists associated OpenID Connect identities that let user log in using externally verified identity | +| roles | array of strings | | Roles is a list of roles assigned to user | +| saml_identities | object | | SAMLIdentities lists associated SAML identities that let user log in using externally verified identity | +| traits | map of string arrays | | | +| trusted_device_ids | array of strings | | TrustedDeviceIDs contains the IDs of trusted devices enrolled by the user. Managed by the Device Trust subsystem, avoid manual edits. | + +#### spec.github_identities + +GithubIdentities list associated Github OAuth2 identities that let user log in using externally verified identity + +| Name | Type | Required | Description | +|--------------|--------|----------|---------------------------------------------------------------------------| +| connector_id | string | | ConnectorID is id of registered OIDC connector, e.g. 'google-example.com' | +| username | string | | Username is username supplied by external identity provider | + +#### spec.oidc_identities + +OIDCIdentities lists associated OpenID Connect identities that let user log in using externally verified identity + +| Name | Type | Required | Description | +|--------------|--------|----------|---------------------------------------------------------------------------| +| connector_id | string | | ConnectorID is id of registered OIDC connector, e.g. 'google-example.com' | +| username | string | | Username is username supplied by external identity provider | + +#### spec.saml_identities + +SAMLIdentities lists associated SAML identities that let user log in using externally verified identity + +| Name | Type | Required | Description | +|--------------|--------|----------|---------------------------------------------------------------------------| +| connector_id | string | | ConnectorID is id of registered OIDC connector, e.g. 'google-example.com' | +| username | string | | Username is username supplied by external identity provider | + +Example: + +``` +# Teleport User resource + +resource "teleport_user" "example" { + # Tells Terraform that the role could not be destroyed while this user exists + depends_on = [ + teleport_role.example + ] + + metadata = { + name = "example" + description = "Example Teleport User" + + expires = "2022-10-12T07:20:50Z" + + labels = { + example = "yes" + } + } + + spec = { + roles = ["example"] + + oidc_identities = [{ + connector_id = "oidc1" + username = "example" + }] + + traits = { + "logins1" = ["example"] + "logins2" = ["example"] + } + + github_identities = [{ + connector_id = "github" + username = "example" + }] + + saml_identities = [{ + connector_id = "example-saml" + username = "example" + }] + } +} +``` + diff --git a/integrations/terraform/test/access_list_test.go b/integrations/terraform/test/access_list_test.go new file mode 100644 index 0000000000000..55c79c2ee0285 --- /dev/null +++ b/integrations/terraform/test/access_list_test.go @@ -0,0 +1,123 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "github.com/gravitational/teleport/api/client" + "time" + + "github.com/google/go-cmp/cmp" + "github.com/google/go-cmp/cmp/cmpopts" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +type nextAuditDateComparer struct { + client *client.Client + nextAuditDate time.Time +} + +func (c *nextAuditDateComparer) CaptureNextAuditDate(name string) resource.TestCheckFunc { + return func(state *terraform.State) error { + al, err := c.client.AccessListClient().GetAccessList(context.TODO(), name) + if err != nil { + return trace.Wrap(err) + } + c.nextAuditDate = al.Spec.Audit.NextAuditDate + return nil + } +} + +func (c *nextAuditDateComparer) TestNextAuditDateUnchanged(name string) resource.TestCheckFunc { + return func(state *terraform.State) error { + al, err := c.client.AccessListClient().GetAccessList(context.TODO(), name) + if err != nil { + return trace.Wrap(err) + } + diff := cmp.Diff(c.nextAuditDate, al.Spec.Audit.NextAuditDate, cmpopts.EquateApproxTime(2*time.Millisecond)) + if diff != "" { + return trace.CompareFailed("NextAuditDate should not have changed, was %s, is now %s", c.nextAuditDate, al.Spec.Audit.NextAuditDate) + } + return nil + } +} + +func (s *TerraformSuite) TestAccessList() { + if !s.teleportFeatures.GetAdvancedAccessWorkflows() { + s.T().Skip("Doesn't work in OSS version, requires AdvancedWorkflow") + } + checkAccessListDestroyed := func(state *terraform.State) error { + _, err := s.client.AccessListClient().GetAccessList(context.TODO(), "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_access_list.test" + auditDateChecker := nextAuditDateComparer{client: s.client} + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkAccessListDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("access_list_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "header.metadata.name", "test"), + resource.TestCheckResourceAttr(name, "spec.description", "test description"), + resource.TestCheckResourceAttr(name, "spec.owners.0.name", "gru"), + resource.TestCheckResourceAttr(name, "spec.membership_requires.roles.0", "minion"), + resource.TestCheckResourceAttr(name, "spec.grants.roles.0", "crane-operator"), + resource.TestCheckResourceAttr(name, "spec.audit.recurrence.frequency", "3"), + auditDateChecker.CaptureNextAuditDate("test"), + ), + }, + { + Config: s.getFixture("access_list_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("access_list_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "spec.grants.traits.0.key", "allowed-machines"), + resource.TestCheckResourceAttr(name, "spec.grants.traits.0.values.0", "crane"), + resource.TestCheckResourceAttr(name, "spec.grants.traits.0.values.1", "forklift"), + auditDateChecker.TestNextAuditDateUnchanged("test"), + ), + }, + { + Config: s.getFixture("access_list_1_update.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("access_list_2_expiring.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "header.metadata.expires", "2038-01-01T00:00:00Z"), + auditDateChecker.TestNextAuditDateUnchanged("test"), + ), + }, + { + Config: s.getFixture("access_list_2_expiring.tf"), + PlanOnly: true, + }, + }, + }) +} diff --git a/integrations/terraform/test/app_test.go b/integrations/terraform/test/app_test.go new file mode 100644 index 0000000000000..dcabf42460cad --- /dev/null +++ b/integrations/terraform/test/app_test.go @@ -0,0 +1,159 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "time" + + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestApp() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetApp(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_app.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.getFixture("app_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "app"), + resource.TestCheckResourceAttr(name, "spec.uri", "localhost:3000"), + ), + }, + { + Config: s.getFixture("app_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("app_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "app"), + resource.TestCheckResourceAttr(name, "spec.uri", "localhost:3000"), + ), + }, + { + Config: s.getFixture("app_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportApp() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_app" + id := "test_import" + name := r + "." + id + + app := &types.AppV3{ + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.AppSpecV3{ + URI: "localhost:3000/test", + }, + } + err := app.CheckAndSetDefaults() + require.NoError(s.T(), err) + + err = s.client.CreateApp(ctx, app) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + _, err := s.client.GetApp(ctx, app.GetName()) + if trace.IsNotFound(err) { + return false + } + require.NoError(s.T(), err) + return true + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "app") + require.Equal(s.T(), state[0].Attributes["spec.uri"], "localhost:3000/test") + + return nil + }, + }, + }, + }) +} + +func (s *TerraformSuiteWithCache) TestAppWithCache() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetApp(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_app.test_with_cache" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.getFixture("app_0_create_with_cache.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "app"), + resource.TestCheckResourceAttr(name, "spec.uri", "localhost:3000"), + ), + }, + { + Config: s.getFixture("app_0_create_with_cache.tf"), + PlanOnly: true, + }, + }, + }) +} diff --git a/integrations/terraform/test/auth_preference_test.go b/integrations/terraform/test/auth_preference_test.go new file mode 100644 index 0000000000000..59cf0b09f0f3d --- /dev/null +++ b/integrations/terraform/test/auth_preference_test.go @@ -0,0 +1,148 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "time" + + "github.com/gravitational/teleport/api/types" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestAuthPreference() { + name := "teleport_auth_preference.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + PreventPostDestroyRefresh: true, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.getFixture("auth_preference_0_set.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "cluster_auth_preference"), + resource.TestCheckResourceAttr(name, "metadata.labels.example", "yes"), + resource.TestCheckResourceAttr(name, "spec.disconnect_expired_cert", "true"), + ), + }, + { + Config: s.getFixture("auth_preference_0_set.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("auth_preference_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "cluster_auth_preference"), + resource.TestCheckResourceAttr(name, "spec.disconnect_expired_cert", "false"), + ), + }, + { + Config: s.getFixture("auth_preference_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportAuthPreference() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_auth_preference" + id := "test_import" + name := r + "." + id + + authPreference := &types.AuthPreferenceV2{ + Metadata: types.Metadata{}, + Spec: types.AuthPreferenceSpecV2{ + DisconnectExpiredCert: types.NewBoolOption(true), + }, + } + err := authPreference.CheckAndSetDefaults() + require.NoError(s.T(), err) + + authPreferencesBefore, err := s.client.GetAuthPreference(ctx) + require.NoError(s.T(), err) + + err = s.client.SetAuthPreference(ctx, authPreference) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + authPreferencesCurrent, err := s.client.GetAuthPreference(ctx) + require.NoError(s.T(), err) + + return authPreferencesBefore.GetMetadata().ID != authPreferencesCurrent.GetMetadata().ID + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "cluster_auth_preference") + require.Equal(s.T(), state[0].Attributes["spec.disconnect_expired_cert"], "true") + + return nil + }, + }, + }, + }) +} + +func (s *TerraformSuiteWithCache) TestAuthPreferenceAddLabel() { + name := "teleport_auth_preference.cluster_auth_preference" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + PreventPostDestroyRefresh: true, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.getFixture("auth_preference_0_cluster.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "cluster_auth_preference"), + resource.TestCheckNoResourceAttr(name, "metadata.labels"), + resource.TestCheckResourceAttr(name, "spec.type", "oidc"), + ), + }, + { + Config: s.getFixture("auth_preference_0_cluster.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("auth_preference_1_cluster.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "cluster_auth_preference"), + resource.TestCheckResourceAttr(name, "metadata.labels.provisioner", "terraform"), + resource.TestCheckResourceAttr(name, "spec.type", "oidc"), + ), + }, + { + Config: s.getFixture("auth_preference_1_cluster.tf"), + PlanOnly: true, + }, + }, + }) +} diff --git a/integrations/terraform/test/bot_test.go b/integrations/terraform/test/bot_test.go new file mode 100644 index 0000000000000..12c0313f99e18 --- /dev/null +++ b/integrations/terraform/test/bot_test.go @@ -0,0 +1,97 @@ +/* +Copyright 2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +func (s *TerraformSuite) TestBot() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkResourcesDestroyed := func(state *terraform.State) error { + var errs []error + if _, err := s.client.GetToken(ctx, "bot-test"); err != nil { + if !trace.IsNotFound(err) { + errs = append(errs, err) + } + } + + if _, err := s.client.GetUser(ctx, "bot-test", false); err != nil { + if !trace.IsNotFound(err) { + errs = append(errs, err) + } + } + + return trace.NewAggregate(errs...) + } + + tokenName := "teleport_provision_token.bot_test" + botName := "teleport_bot.test" + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkResourcesDestroyed, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.getFixture("bot_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(tokenName, "kind", "token"), + resource.TestCheckResourceAttr(tokenName, "metadata.name", "bot-test"), + resource.TestCheckResourceAttr(tokenName, "spec.roles.0", "Bot"), + resource.TestCheckResourceAttr(botName, "name", "test"), + resource.TestCheckResourceAttr(botName, "user_name", "bot-test"), + resource.TestCheckResourceAttr(botName, "role_name", "bot-test"), + resource.TestCheckResourceAttr(botName, "token_id", "bot-test"), + resource.TestCheckResourceAttr(botName, "roles.0", "terraform"), + resource.TestCheckNoResourceAttr(botName, "spec.traits.logins1"), + ), + }, + { + Config: s.getFixture("bot_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("bot_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(tokenName, "kind", "token"), + resource.TestCheckResourceAttr(tokenName, "metadata.name", "bot-test"), + resource.TestCheckResourceAttr(tokenName, "spec.roles.0", "Bot"), + resource.TestCheckResourceAttr(botName, "name", "test"), + resource.TestCheckResourceAttr(botName, "user_name", "bot-test"), + resource.TestCheckResourceAttr(botName, "role_name", "bot-test"), + resource.TestCheckResourceAttr(botName, "token_id", "bot-test"), + resource.TestCheckResourceAttr(botName, "roles.0", "terraform"), + + // Note: traits are immutable and the plan will not converge + // if the resource is not recreated when traits are + // modified. + resource.TestCheckResourceAttr(botName, "traits.logins1.0", "example"), + ), + }, + { + Config: s.getFixture("bot_1_update.tf"), + PlanOnly: true, + }, + }, + }) + +} diff --git a/integrations/terraform/test/cluster_maintenance_config_test.go b/integrations/terraform/test/cluster_maintenance_config_test.go new file mode 100644 index 0000000000000..fa93561a5e762 --- /dev/null +++ b/integrations/terraform/test/cluster_maintenance_config_test.go @@ -0,0 +1,57 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func (s *TerraformSuite) TestClusterMaintenanceConfig() { + name := "teleport_cluster_maintenance_config.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + PreventPostDestroyRefresh: true, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.getFixture("maintenance_config_0_set.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "cluster_maintenance_config"), + resource.TestCheckResourceAttr(name, "spec.agent_upgrades.utc_start_hour", "1"), + resource.TestCheckResourceAttr(name, "spec.agent_upgrades.weekdays.0", "monday"), + ), + }, + { + Config: s.getFixture("maintenance_config_0_set.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("maintenance_config_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "cluster_maintenance_config"), + resource.TestCheckResourceAttr(name, "spec.agent_upgrades.utc_start_hour", "12"), + resource.TestCheckResourceAttr(name, "spec.agent_upgrades.weekdays.0", "tuesday"), + ), + }, + { + Config: s.getFixture("maintenance_config_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} diff --git a/integrations/terraform/test/cluster_networking_config_test.go b/integrations/terraform/test/cluster_networking_config_test.go new file mode 100644 index 0000000000000..be6a3b9a0d77a --- /dev/null +++ b/integrations/terraform/test/cluster_networking_config_test.go @@ -0,0 +1,113 @@ +/* +Copyright 2023 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "time" + + "github.com/gravitational/teleport/api/types" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestClusterNetworkingConfig() { + name := "teleport_cluster_networking_config.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + PreventPostDestroyRefresh: true, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.getFixture("networking_config_0_set.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "cluster_networking_config"), + resource.TestCheckResourceAttr(name, "metadata.labels.example", "yes"), + resource.TestCheckResourceAttr(name, "spec.client_idle_timeout", "30m"), + ), + }, + { + Config: s.getFixture("networking_config_0_set.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("networking_config_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "cluster_networking_config"), + resource.TestCheckResourceAttr(name, "metadata.labels.example", "no"), + resource.TestCheckResourceAttr(name, "spec.client_idle_timeout", "1h"), + ), + }, + { + Config: s.getFixture("networking_config_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportClusterNetworkingConfig() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_cluster_networking_config" + id := "test_import" + name := r + "." + id + + clusterNetworkingConfig := &types.ClusterNetworkingConfigV2{ + Metadata: types.Metadata{}, + Spec: types.ClusterNetworkingConfigSpecV2{ + ClientIdleTimeout: types.Duration(30 * time.Second), + }, + } + err := clusterNetworkingConfig.CheckAndSetDefaults() + require.NoError(s.T(), err) + + clusterNetworkConfigBefore, err := s.client.GetClusterNetworkingConfig(ctx) + require.NoError(s.T(), err) + + err = s.client.SetClusterNetworkingConfig(ctx, clusterNetworkingConfig) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + clusterNetworkConfigCurrent, err := s.client.GetClusterNetworkingConfig(ctx) + require.NoError(s.T(), err) + + return clusterNetworkConfigBefore.GetMetadata().ID != clusterNetworkConfigCurrent.GetMetadata().ID + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + IsUnitTest: true, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "cluster_networking_config") + require.Equal(s.T(), state[0].Attributes["spec.client_idle_timeout"], "30s") + + return nil + }, + }, + }, + }) +} diff --git a/integrations/terraform/test/configuration_test.go b/integrations/terraform/test/configuration_test.go new file mode 100644 index 0000000000000..93a07b5da20cd --- /dev/null +++ b/integrations/terraform/test/configuration_test.go @@ -0,0 +1,168 @@ +/* +Copyright 2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "encoding/base64" + "os" + "regexp" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) getTLSCerts() { + +} + +func (s *TerraformSuite) TestConfigureAuthBase64() { + name := "teleport_app.test_auth_b64" + + key, err := os.ReadFile(s.teleportConfig.ClientKey) + require.NoError(s.T(), err) + keyBase64 := base64.StdEncoding.EncodeToString(key) + + cert, err := os.ReadFile(s.teleportConfig.ClientCrt) + require.NoError(s.T(), err) + certBase64 := base64.StdEncoding.EncodeToString(cert) + + rootCA, err := os.ReadFile(s.teleportConfig.RootCAs) + require.NoError(s.T(), err) + rootCABase64 := base64.StdEncoding.EncodeToString(rootCA) + + providerConfigUsingB64Auth := ` +provider "teleport" { + addr = "` + s.teleportConfig.Addr + `" + key_base64 = "` + keyBase64 + `" + cert_base64 = "` + certBase64 + `" + root_ca_base64 = "` + rootCABase64 + `" +} + ` + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.getFixtureWithCustomConfig("app_0_create_auth_b64.tf", providerConfigUsingB64Auth), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "app"), + resource.TestCheckResourceAttr(name, "spec.uri", "localhost:3000"), + ), + }, + }, + }) +} + +func (s *TerraformSuite) TestConfigureAuthFiles() { + name := "teleport_app.test_auth_files" + + providerConfigUsingAuthFiles := ` +provider "teleport" { + addr = "` + s.teleportConfig.Addr + `" + key_path = "` + s.teleportConfig.ClientKey + `" + cert_path = "` + s.teleportConfig.ClientCrt + `" + root_ca_path = "` + s.teleportConfig.RootCAs + `" +} + ` + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.getFixtureWithCustomConfig("app_0_create_auth_files.tf", providerConfigUsingAuthFiles), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "app"), + resource.TestCheckResourceAttr(name, "spec.uri", "localhost:3000"), + ), + }, + }, + }) +} + +func (s *TerraformSuite) TestConfigureIdentityFilePath() { + name := "teleport_app.test" + + providerConfigUsingAuthFiles := ` +provider "teleport" { + addr = "` + s.teleportConfig.Addr + `" + identity_file_path = "` + s.teleportConfig.Identity + `" +} + ` + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.getFixtureWithCustomConfig("app_0_create.tf", providerConfigUsingAuthFiles), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "app"), + resource.TestCheckResourceAttr(name, "spec.uri", "localhost:3000"), + ), + }, + }, + }) +} + +func (s *TerraformSuite) TestConfigureIdentityFileBase64() { + name := "teleport_app.test" + + identity, err := os.ReadFile(s.teleportConfig.Identity) + require.NoError(s.T(), err) + identityAsB64 := base64.StdEncoding.EncodeToString(identity) + + providerConfigUsingAuthFiles := ` +provider "teleport" { + addr = "` + s.teleportConfig.Addr + `" + identity_file_base64 = "` + identityAsB64 + `" +} + ` + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.getFixtureWithCustomConfig("app_0_create.tf", providerConfigUsingAuthFiles), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "app"), + resource.TestCheckResourceAttr(name, "spec.uri", "localhost:3000"), + ), + }, + }, + }) +} + +func (s *TerraformSuite) TestConfigureIdentityFileBase64_InvalidBase64() { + identityAsB64 := base64.StdEncoding.EncodeToString([]byte("invalid")) + + providerConfigUsingAuthFiles := ` +provider "teleport" { + addr = "` + s.teleportConfig.Addr + `" + identity_file_base64 = "` + identityAsB64 + `" + dial_timeout_duration = "1s" +} + ` + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.getFixtureWithCustomConfig("app_0_create.tf", providerConfigUsingAuthFiles), + ExpectError: regexp.MustCompile("identity file could not be decoded"), + }, + }, + }) +} diff --git a/integrations/terraform/test/database_test.go b/integrations/terraform/test/database_test.go new file mode 100644 index 0000000000000..43d988675b81a --- /dev/null +++ b/integrations/terraform/test/database_test.go @@ -0,0 +1,129 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "time" + + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestDatabase() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetDatabase(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_database.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("database_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "db"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2032-10-12T07:20:50Z"), + resource.TestCheckResourceAttr(name, "spec.protocol", "postgres"), + resource.TestCheckResourceAttr(name, "spec.uri", "localhost:5432"), + ), + }, + { + Config: s.getFixture("database_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("database_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "db"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2032-10-12T07:20:50Z"), + resource.TestCheckResourceAttr(name, "spec.protocol", "postgres"), + resource.TestCheckResourceAttr(name, "spec.uri", "example.com:5432"), + ), + }, + { + Config: s.getFixture("database_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportDatabase() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_database" + id := "test-import" + name := r + "." + id + + database := &types.DatabaseV3{ + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.DatabaseSpecV3{ + Protocol: "postgres", + URI: "localhost:3000/test", + }, + } + err := database.CheckAndSetDefaults() + require.NoError(s.T(), err) + + err = s.client.CreateDatabase(ctx, database) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + _, err := s.client.GetDatabase(ctx, database.GetName()) + if trace.IsNotFound(err) { + return false + } + require.NoError(s.T(), err) + return true + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "db") + require.Equal(s.T(), state[0].Attributes["spec.uri"], "localhost:3000/test") + require.Equal(s.T(), state[0].Attributes["spec.protocol"], "postgres") + + return nil + }, + }, + }, + }) +} diff --git a/integrations/terraform/test/device_trust_test.go b/integrations/terraform/test/device_trust_test.go new file mode 100644 index 0000000000000..f2e3ceb047c80 --- /dev/null +++ b/integrations/terraform/test/device_trust_test.go @@ -0,0 +1,137 @@ +/* +Copyright 2015-2023 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "fmt" + + // devicepb "github.com/gravitational/teleport/api/gen/proto/go/teleport/devicetrust/v1" + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +func (s *TerraformSuite) TestTrustedDevices() { + if !s.teleportFeatures.GetDeviceTrust().GetEnabled() { + s.T().Skip("Doesn't work in OSS version, requires Device Trust") + } + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + device1 := "teleport_trusted_device.TESTDEVICE1" + device2 := "teleport_trusted_device.TESTDEVICE2" + + allDevices := []string{device1, device2} + + checkDeviceDestroyed := func(state *terraform.State) error { + for _, deviceName := range allDevices { + _, err := s.client.GetDeviceResource(ctx, deviceName) + switch { + case err == nil: + return fmt.Errorf("Device %s was not deleted", deviceName) + case trace.IsNotFound(err): + continue + default: + return err + } + } + return nil + } + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDeviceDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("device_trust_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(device1, "spec.asset_tag", "TESTDEVICE1"), + resource.TestCheckResourceAttr(device1, "spec.os_type", "macos"), + resource.TestCheckResourceAttr(device1, "spec.enroll_status", "enrolled"), + ), + }, + { + Config: s.getFixture("device_trust_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("device_trust_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(device1, "spec.enroll_status", "not_enrolled"), + resource.TestCheckResourceAttr(device2, "spec.asset_tag", "TESTDEVICE2"), + resource.TestCheckResourceAttr(device2, "spec.os_type", "linux"), + resource.TestCheckResourceAttr(device2, "spec.enroll_status", "not_enrolled"), + ), + }, + { + Config: s.getFixture("device_trust_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportTrustedDevices() { + if !s.teleportFeatures.GetDeviceTrust().GetEnabled() { + s.T().Skip("Doesn't work in OSS version, requires Device Trust") + } + ctx := context.Background() + + r := "teleport_trusted_device" + id := "test_device" + deviceID := "1a6d1c46-cccf-4f58-8f67-85e6272ebef1" + name := r + "." + id + + device := &types.DeviceV1{ + ResourceHeader: types.ResourceHeader{ + Kind: "device", + Metadata: types.Metadata{ + Name: deviceID, + }, + }, + Spec: &types.DeviceSpec{ + AssetTag: "DEVICE1", + OsType: "macos", + EnrollStatus: "not_enrolled", + }, + } + + _, err := s.client.CreateDeviceResource(ctx, device) + s.Require().NoError(err) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: deviceID, + ImportStateCheck: func(state []*terraform.InstanceState) error { + s.Require().Equal(state[0].Attributes["metadata.name"], deviceID) + s.Require().Equal(state[0].Attributes["kind"], "device") + s.Require().Equal(state[0].Attributes["spec.asset_tag"], "DEVICE1") + s.Require().Equal(state[0].Attributes["spec.os_type"], "macos") + s.Require().Equal(state[0].Attributes["spec.enroll_status"], "not_enrolled") + return nil + }, + }, + }, + }) +} diff --git a/integrations/terraform/test/fixtures/access_list_0_create.tf b/integrations/terraform/test/fixtures/access_list_0_create.tf new file mode 100644 index 0000000000000..25f1f57eba3ef --- /dev/null +++ b/integrations/terraform/test/fixtures/access_list_0_create.tf @@ -0,0 +1,35 @@ +resource "teleport_access_list" "test" { + header = { + version = "v1" + metadata = { + name = "test" + labels = { + example = "yes" + } + } + } + spec = { + description = "test description" + owners = [ + { + name = "gru" + description = "The supervillain." + } + ] + membership_requires = { + roles = ["minion"] + } + ownership_requires = { + roles = ["supervillain"] + } + grants = { + roles = ["crane-operator"] + } + title = "Hello" + audit = { + recurrence = { + frequency = 3 + } + } + } +} diff --git a/integrations/terraform/test/fixtures/access_list_1_update.tf b/integrations/terraform/test/fixtures/access_list_1_update.tf new file mode 100644 index 0000000000000..98fd070744764 --- /dev/null +++ b/integrations/terraform/test/fixtures/access_list_1_update.tf @@ -0,0 +1,42 @@ +resource "teleport_access_list" "test" { + header = { + version = "v1" + metadata = { + name = "test" + labels = { + example = "yes" + } + } + } + spec = { + description = "test description" + owners = [ + { + name = "gru" + description = "The supervillain." + } + ] + membership_requires = { + roles = ["minion"] + } + ownership_requires = { + roles = ["supervillain"] + } + grants = { + roles = ["crane-operator"] + traits = [{ + key = "allowed-machines" + values = ["crane", "forklift"] + }] + } + title = "Hello" + audit = { + recurrence = { + frequency = 3 + // changing day of the month should not change the next audit date + // it should take effect after the next review + day_of_month = 15 + } + } + } +} diff --git a/integrations/terraform/test/fixtures/access_list_2_expiring.tf b/integrations/terraform/test/fixtures/access_list_2_expiring.tf new file mode 100644 index 0000000000000..bf8db84aa67d1 --- /dev/null +++ b/integrations/terraform/test/fixtures/access_list_2_expiring.tf @@ -0,0 +1,41 @@ +resource "teleport_access_list" "test" { + header = { + version = "v1" + metadata = { + name = "test" + labels = { + example = "yes" + } + expires = "2038-01-01T00:00:00Z" + } + } + spec = { + description = "test description" + owners = [ + { + name = "gru" + description = "The supervillain." + } + ] + membership_requires = { + roles = ["minion"] + } + ownership_requires = { + roles = ["supervillain"] + } + grants = { + roles = ["crane-operator"] + traits = [{ + key = "allowed-machines" + values = ["crane", "forklift"] + }] + } + title = "Hello" + audit = { + recurrence = { + frequency = 3 + day_of_month = 15 + } + } + } +} diff --git a/integrations/terraform/test/fixtures/app_0_create.tf b/integrations/terraform/test/fixtures/app_0_create.tf new file mode 100644 index 0000000000000..4ed0020ddb3aa --- /dev/null +++ b/integrations/terraform/test/fixtures/app_0_create.tf @@ -0,0 +1,15 @@ +resource "teleport_app" "test" { + version = "v3" + metadata = { + name = "example" + description = "Test app" + labels = { + example = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + uri = "localhost:3000" + } +} diff --git a/integrations/terraform/test/fixtures/app_0_create_auth_b64.tf b/integrations/terraform/test/fixtures/app_0_create_auth_b64.tf new file mode 100644 index 0000000000000..099b890f26dc9 --- /dev/null +++ b/integrations/terraform/test/fixtures/app_0_create_auth_b64.tf @@ -0,0 +1,15 @@ +resource "teleport_app" "test_auth_b64" { + version = "v3" + metadata = { + name = "test_auth_b64" + description = "Test app" + labels = { + example = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + uri = "localhost:3000" + } +} diff --git a/integrations/terraform/test/fixtures/app_0_create_auth_files.tf b/integrations/terraform/test/fixtures/app_0_create_auth_files.tf new file mode 100644 index 0000000000000..1c0d04287844b --- /dev/null +++ b/integrations/terraform/test/fixtures/app_0_create_auth_files.tf @@ -0,0 +1,15 @@ +resource "teleport_app" "test_auth_files" { + version = "v3" + metadata = { + name = "test_auth_files" + description = "Test app" + labels = { + example = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + uri = "localhost:3000" + } +} diff --git a/integrations/terraform/test/fixtures/app_0_create_with_cache.tf b/integrations/terraform/test/fixtures/app_0_create_with_cache.tf new file mode 100644 index 0000000000000..886a727cd6859 --- /dev/null +++ b/integrations/terraform/test/fixtures/app_0_create_with_cache.tf @@ -0,0 +1,15 @@ +resource "teleport_app" "test_with_cache" { + version = "v3" + metadata = { + name = "example" + description = "Test app" + labels = { + example = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + uri = "localhost:3000" + } +} diff --git a/integrations/terraform/test/fixtures/app_1_update.tf b/integrations/terraform/test/fixtures/app_1_update.tf new file mode 100644 index 0000000000000..e90516dea97ff --- /dev/null +++ b/integrations/terraform/test/fixtures/app_1_update.tf @@ -0,0 +1,15 @@ +resource "teleport_app" "test" { + version = "v3" + metadata = { + name = "test" + description = "Test app" + labels = { + example = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + uri = "localhost:3000" + } +} diff --git a/integrations/terraform/test/fixtures/auth_preference_0_cluster.tf b/integrations/terraform/test/fixtures/auth_preference_0_cluster.tf new file mode 100644 index 0000000000000..af3f7df1c80d2 --- /dev/null +++ b/integrations/terraform/test/fixtures/auth_preference_0_cluster.tf @@ -0,0 +1,8 @@ +resource "teleport_auth_preference" "cluster_auth_preference" { + version = "v2" + + spec = { + name = "auth_preference" + type = "oidc" + } +} \ No newline at end of file diff --git a/integrations/terraform/test/fixtures/auth_preference_0_set.tf b/integrations/terraform/test/fixtures/auth_preference_0_set.tf new file mode 100644 index 0000000000000..79778b0b817e9 --- /dev/null +++ b/integrations/terraform/test/fixtures/auth_preference_0_set.tf @@ -0,0 +1,13 @@ +resource "teleport_auth_preference" "test" { + version = "v2" + metadata = { + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + disconnect_expired_cert = true + } +} diff --git a/integrations/terraform/test/fixtures/auth_preference_1_cluster.tf b/integrations/terraform/test/fixtures/auth_preference_1_cluster.tf new file mode 100644 index 0000000000000..fbe4a4e3c986e --- /dev/null +++ b/integrations/terraform/test/fixtures/auth_preference_1_cluster.tf @@ -0,0 +1,15 @@ +resource "teleport_auth_preference" "cluster_auth_preference" { + version = "v2" + + metadata = { + labels = { + provisioner = "terraform" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + name = "auth_preference" + type = "oidc" + } +} \ No newline at end of file diff --git a/integrations/terraform/test/fixtures/auth_preference_1_update.tf b/integrations/terraform/test/fixtures/auth_preference_1_update.tf new file mode 100644 index 0000000000000..443a6cbfb4918 --- /dev/null +++ b/integrations/terraform/test/fixtures/auth_preference_1_update.tf @@ -0,0 +1,12 @@ +resource "teleport_auth_preference" "test" { + version = "v2" + metadata = { + labels = { + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + disconnect_expired_cert = false + } +} diff --git a/integrations/terraform/test/fixtures/bot_0_create.tf b/integrations/terraform/test/fixtures/bot_0_create.tf new file mode 100644 index 0000000000000..46df14a9e3902 --- /dev/null +++ b/integrations/terraform/test/fixtures/bot_0_create.tf @@ -0,0 +1,27 @@ +locals { + bot_name = "test" +} + +resource "teleport_provision_token" "bot_test" { + version = "v2" + metadata = { + expires = "2038-01-01T00:00:00Z" + name = "bot-test" + } + + spec = { + roles = ["Bot"] + bot_name = local.bot_name + join_method = "token" + } +} + +resource "teleport_bot" "test" { + name = local.bot_name + token_id = "bot-test" + roles = ["terraform"] + + depends_on = [ + teleport_provision_token.bot_test + ] +} diff --git a/integrations/terraform/test/fixtures/bot_1_update.tf b/integrations/terraform/test/fixtures/bot_1_update.tf new file mode 100644 index 0000000000000..8aedf3c9453a1 --- /dev/null +++ b/integrations/terraform/test/fixtures/bot_1_update.tf @@ -0,0 +1,32 @@ +locals { + bot_name = "test" +} + +resource "teleport_provision_token" "bot_test" { + version = "v2" + metadata = { + expires = "2038-01-01T00:00:00Z" + name = "bot-test" + } + + spec = { + roles = ["Bot"] + bot_name = local.bot_name + join_method = "token" + } +} + +resource "teleport_bot" "test" { + name = local.bot_name + token_id = "bot-test" + roles = ["terraform"] + + depends_on = [ + teleport_provision_token.bot_test + ] + + traits = { + logins1 = ["example"] + logins2 = ["example"] + } +} diff --git a/integrations/terraform/test/fixtures/database_0_create.tf b/integrations/terraform/test/fixtures/database_0_create.tf new file mode 100644 index 0000000000000..1c464fbad8190 --- /dev/null +++ b/integrations/terraform/test/fixtures/database_0_create.tf @@ -0,0 +1,16 @@ +resource "teleport_database" "test" { + version = "v3" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + protocol = "postgres" + uri = "localhost:5432" + } +} diff --git a/integrations/terraform/test/fixtures/database_1_update.tf b/integrations/terraform/test/fixtures/database_1_update.tf new file mode 100644 index 0000000000000..6f221968a1f88 --- /dev/null +++ b/integrations/terraform/test/fixtures/database_1_update.tf @@ -0,0 +1,16 @@ +resource "teleport_database" "test" { + version = "v3" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + "teleport.dev/origin" = "dynamic" + example = "yes" + } + } + + spec = { + protocol = "postgres" + uri = "example.com:5432" + } +} diff --git a/integrations/terraform/test/fixtures/device_trust_0_create.tf b/integrations/terraform/test/fixtures/device_trust_0_create.tf new file mode 100644 index 0000000000000..316c4db16c62e --- /dev/null +++ b/integrations/terraform/test/fixtures/device_trust_0_create.tf @@ -0,0 +1,8 @@ +resource "teleport_trusted_device" "TESTDEVICE1" { + version = "v1" + spec = { + asset_tag = "TESTDEVICE1" + os_type = "macos" + enroll_status = "enrolled" + } +} diff --git a/integrations/terraform/test/fixtures/device_trust_1_update.tf b/integrations/terraform/test/fixtures/device_trust_1_update.tf new file mode 100644 index 0000000000000..a886946e33cc6 --- /dev/null +++ b/integrations/terraform/test/fixtures/device_trust_1_update.tf @@ -0,0 +1,17 @@ +resource "teleport_trusted_device" "TESTDEVICE1" { + version = "v1" + spec = { + asset_tag = "TESTDEVICE1" + os_type = "macos" + enroll_status = "not_enrolled" + } +} + +resource "teleport_trusted_device" "TESTDEVICE2" { + version = "v1" + spec = { + asset_tag = "TESTDEVICE2" + os_type = "linux" + enroll_status = "not_enrolled" + } +} diff --git a/integrations/terraform/test/fixtures/github_connector_0_create.tf b/integrations/terraform/test/fixtures/github_connector_0_create.tf new file mode 100644 index 0000000000000..73c43fe0c6768 --- /dev/null +++ b/integrations/terraform/test/fixtures/github_connector_0_create.tf @@ -0,0 +1,21 @@ +resource "teleport_github_connector" "test" { + version = "v3" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + client_id = "Iv1.3386eee92ff932a4" + client_secret = "secret" + + teams_to_logins = [{ + organization = "evilmartians" + team = "devs" + logins = ["terraform"] + }] + } +} diff --git a/integrations/terraform/test/fixtures/github_connector_1_update.tf b/integrations/terraform/test/fixtures/github_connector_1_update.tf new file mode 100644 index 0000000000000..0b147a456dba9 --- /dev/null +++ b/integrations/terraform/test/fixtures/github_connector_1_update.tf @@ -0,0 +1,21 @@ +resource "teleport_github_connector" "test" { + version = "v3" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + client_id = "Iv1.3386eee92ff932a4" + client_secret = "secret" + + teams_to_logins = [{ + organization = "octocat" + team = "devs" + logins = ["terraform"] + }] + } +} diff --git a/integrations/terraform/test/fixtures/github_connector_teams_to_roles.tf b/integrations/terraform/test/fixtures/github_connector_teams_to_roles.tf new file mode 100644 index 0000000000000..5a70476c17445 --- /dev/null +++ b/integrations/terraform/test/fixtures/github_connector_teams_to_roles.tf @@ -0,0 +1,36 @@ +resource "teleport_role" "myrole" { + metadata = { + name = "test" + } + + spec = { + allow = { + logins = ["anonymous"] + } + } + + version = "v6" +} + + +resource "teleport_github_connector" "test" { + version = "v3" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + client_id = "Iv1.3386eee92ff932a4" + client_secret = "secret" + + teams_to_roles = [{ + organization = "evilmartians" + team = "devs" + roles = ["myrole"] + }] + } +} diff --git a/integrations/terraform/test/fixtures/github_connector_without_mapping.tf b/integrations/terraform/test/fixtures/github_connector_without_mapping.tf new file mode 100644 index 0000000000000..fde49de4b3cef --- /dev/null +++ b/integrations/terraform/test/fixtures/github_connector_without_mapping.tf @@ -0,0 +1,18 @@ +resource "teleport_github_connector" "test" { + version = "v3" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + client_id = "Iv1.3386eee92ff932a4" + client_secret = "secret" + + teams_to_roles = [] + teams_to_logins = [] + } +} diff --git a/integrations/terraform/test/fixtures/login_rule_0_create.tf b/integrations/terraform/test/fixtures/login_rule_0_create.tf new file mode 100644 index 0000000000000..8f6a07677473b --- /dev/null +++ b/integrations/terraform/test/fixtures/login_rule_0_create.tf @@ -0,0 +1,32 @@ +resource "teleport_login_rule" "expression_rule" { + metadata = { + name = "expression_rule" + labels = { + "env" = "test" + } + } + + version = "v1" + priority = 1 + traits_expression = "external" +} + +resource "teleport_login_rule" "map_rule" { + metadata = { + name = "map_rule" + labels = { + "env" = "test" + } + } + + version = "v1" + priority = 2 + traits_map = { + "logins" = { + values = [ + "external.logins", + "external.username", + ] + } + } +} diff --git a/integrations/terraform/test/fixtures/login_rule_0_update.tf b/integrations/terraform/test/fixtures/login_rule_0_update.tf new file mode 100644 index 0000000000000..bd5e947c1d9b6 --- /dev/null +++ b/integrations/terraform/test/fixtures/login_rule_0_update.tf @@ -0,0 +1,31 @@ +resource "teleport_login_rule" "expression_rule" { + metadata = { + name = "expression_rule" + labels = { + "env" = "test" + } + } + + version = "v1" + priority = 1 + traits_expression = "external.put(\"logins\", external.logins.add(\"external.username\"))" +} + +resource "teleport_login_rule" "map_rule" { + metadata = { + name = "map_rule" + labels = { + "env" = "test" + } + } + + version = "v1" + priority = 2 + traits_map = { + "kube_groups" = { + values = [ + "\"system:masters\"", + ] + } + } +} diff --git a/integrations/terraform/test/fixtures/maintenance_config_0_set.tf b/integrations/terraform/test/fixtures/maintenance_config_0_set.tf new file mode 100644 index 0000000000000..acd14cea9611c --- /dev/null +++ b/integrations/terraform/test/fixtures/maintenance_config_0_set.tf @@ -0,0 +1,13 @@ +resource "teleport_cluster_maintenance_config" "test" { + version = "v1" + metadata = { + description = "Maintenance config" + } + + spec = { + agent_upgrades = { + utc_start_hour = 1 + weekdays = ["monday"] + } + } +} diff --git a/integrations/terraform/test/fixtures/maintenance_config_1_update.tf b/integrations/terraform/test/fixtures/maintenance_config_1_update.tf new file mode 100644 index 0000000000000..4f46c9d1b4cc3 --- /dev/null +++ b/integrations/terraform/test/fixtures/maintenance_config_1_update.tf @@ -0,0 +1,13 @@ +resource "teleport_cluster_maintenance_config" "test" { + version = "v1" + metadata = { + description = "Maintenance config" + } + + spec = { + agent_upgrades = { + utc_start_hour = 12 + weekdays = ["tuesday"] + } + } +} diff --git a/integrations/terraform/test/fixtures/networking_config_0_set.tf b/integrations/terraform/test/fixtures/networking_config_0_set.tf new file mode 100644 index 0000000000000..5986f6588bef8 --- /dev/null +++ b/integrations/terraform/test/fixtures/networking_config_0_set.tf @@ -0,0 +1,13 @@ +resource "teleport_cluster_networking_config" "test" { + version = "v2" + metadata = { + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + client_idle_timeout = "30m" + } +} diff --git a/integrations/terraform/test/fixtures/networking_config_1_update.tf b/integrations/terraform/test/fixtures/networking_config_1_update.tf new file mode 100644 index 0000000000000..9eaec836a5817 --- /dev/null +++ b/integrations/terraform/test/fixtures/networking_config_1_update.tf @@ -0,0 +1,13 @@ +resource "teleport_cluster_networking_config" "test" { + version = "v2" + metadata = { + labels = { + "example" = "no" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + client_idle_timeout = "1h" + } +} diff --git a/integrations/terraform/test/fixtures/oidc_connector_0_create.tf b/integrations/terraform/test/fixtures/oidc_connector_0_create.tf new file mode 100644 index 0000000000000..1aa2f761a2f69 --- /dev/null +++ b/integrations/terraform/test/fixtures/oidc_connector_0_create.tf @@ -0,0 +1,22 @@ +resource "teleport_oidc_connector" "test" { + version = "v3" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + client_id = "client" + client_secret = "value" + + claims_to_roles = [{ + claim = "test" + roles = ["terraform"] + }] + + redirect_url = ["https://example.com/redirect"] + } +} diff --git a/integrations/terraform/test/fixtures/oidc_connector_1_update.tf b/integrations/terraform/test/fixtures/oidc_connector_1_update.tf new file mode 100644 index 0000000000000..23ca59048fb85 --- /dev/null +++ b/integrations/terraform/test/fixtures/oidc_connector_1_update.tf @@ -0,0 +1,23 @@ +resource "teleport_oidc_connector" "test" { + version = "v3" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + client_id = "client" + client_secret = "value" + + claims_to_roles = [{ + claim = "test" + roles = ["teleport"] + }] + + redirect_url = ["https://example.com/redirect"] + max_age = "5m0s" + } +} diff --git a/integrations/terraform/test/fixtures/oidc_connector_without_max_age.tf b/integrations/terraform/test/fixtures/oidc_connector_without_max_age.tf new file mode 100644 index 0000000000000..0a573d9f5f7fb --- /dev/null +++ b/integrations/terraform/test/fixtures/oidc_connector_without_max_age.tf @@ -0,0 +1,19 @@ +resource "teleport_oidc_connector" "test_max_age" { + version = "v3" + metadata = { + name = "test_max_age" + expires = "2032-10-12T07:20:50Z" + } + + spec = { + client_id = "client" + client_secret = "value" + + claims_to_roles = [{ + claim = "test" + roles = ["teleport"] + }] + + redirect_url = ["https://example.com/redirect"] + } +} diff --git a/integrations/terraform/test/fixtures/okta_import_rule_0_create.tf b/integrations/terraform/test/fixtures/okta_import_rule_0_create.tf new file mode 100644 index 0000000000000..d19a869cab6e6 --- /dev/null +++ b/integrations/terraform/test/fixtures/okta_import_rule_0_create.tf @@ -0,0 +1,57 @@ +resource "teleport_okta_import_rule" "test" { + version = "v1" + metadata = { + name = "example" + description = "Test Okta Import Rule" + labels = { + example = "yes" + "teleport.dev/origin" = "okta" + } + } + + spec = { + priority = 100 + mappings = [ + { + add_labels = { + "label1" : "value1", + } + match = [ + { + app_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label2" : "value2", + } + match = [ + { + group_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label3" : "value3", + } + match = [ + { + group_name_regexes = ["^.*$"] + }, + ], + }, + { + add_labels = { + "label4" : "value4", + } + match = [ + { + app_name_regexes = ["^.*$"] + }, + ], + } + ] + } +} diff --git a/integrations/terraform/test/fixtures/okta_import_rule_1_update.tf b/integrations/terraform/test/fixtures/okta_import_rule_1_update.tf new file mode 100644 index 0000000000000..c8ca4bdcafffc --- /dev/null +++ b/integrations/terraform/test/fixtures/okta_import_rule_1_update.tf @@ -0,0 +1,47 @@ +resource "teleport_okta_import_rule" "test" { + version = "v1" + metadata = { + name = "example" + description = "Test Okta Import Rule" + labels = { + example = "yes" + "teleport.dev/origin" = "okta" + } + } + + spec = { + priority = 100 + mappings = [ + { + add_labels = { + "label1" : "value1", + } + match = [ + { + app_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label2" : "value2", + } + match = [ + { + group_ids = ["1", "2", "3"] + }, + ], + }, + { + add_labels = { + "label3" : "value3", + } + match = [ + { + group_ids = ["1", "2", "3"] + }, + ], + } + ] + } +} diff --git a/integrations/terraform/test/fixtures/provision_token_0_create.tf b/integrations/terraform/test/fixtures/provision_token_0_create.tf new file mode 100644 index 0000000000000..2f5185a00ea33 --- /dev/null +++ b/integrations/terraform/test/fixtures/provision_token_0_create.tf @@ -0,0 +1,13 @@ +resource "teleport_provision_token" "test" { + version = "v2" + metadata = { + name = "test" + expires = "2038-01-01T00:00:00Z" + labels = { + example = "yes" + } + } + spec = { + roles = ["Node", "Auth"] + } +} diff --git a/integrations/terraform/test/fixtures/provision_token_1_update.tf b/integrations/terraform/test/fixtures/provision_token_1_update.tf new file mode 100644 index 0000000000000..63bf5e19d71ad --- /dev/null +++ b/integrations/terraform/test/fixtures/provision_token_1_update.tf @@ -0,0 +1,10 @@ +resource "teleport_provision_token" "test" { + version = "v2" + metadata = { + name = "test" + expires = "2038-01-01T00:00:00Z" + } + spec = { + roles = ["Node"] + } +} diff --git a/integrations/terraform/test/fixtures/provision_token_iam_create.tf b/integrations/terraform/test/fixtures/provision_token_iam_create.tf new file mode 100644 index 0000000000000..c17db4b077005 --- /dev/null +++ b/integrations/terraform/test/fixtures/provision_token_iam_create.tf @@ -0,0 +1,14 @@ +resource "teleport_provision_token" "iam-token" { + version = "v2" + metadata = { + name = "iam-token" + } + spec = { + roles = ["Bot"] + bot_name = "mybot" + join_method = "iam" + allow = [{ + aws_account = "123456789012" + }] + } +} diff --git a/integrations/terraform/test/fixtures/provision_token_no_expiry_0_create.tf b/integrations/terraform/test/fixtures/provision_token_no_expiry_0_create.tf new file mode 100644 index 0000000000000..35e55ea32b58f --- /dev/null +++ b/integrations/terraform/test/fixtures/provision_token_no_expiry_0_create.tf @@ -0,0 +1,12 @@ +resource "teleport_provision_token" "test" { + version = "v2" + metadata = { + name = "test" + labels = { + example = "yes" + } + } + spec = { + roles = ["Node", "Auth"] + } +} diff --git a/integrations/terraform/test/fixtures/provision_token_secret_0_create.tf b/integrations/terraform/test/fixtures/provision_token_secret_0_create.tf new file mode 100644 index 0000000000000..7564477f67c8b --- /dev/null +++ b/integrations/terraform/test/fixtures/provision_token_secret_0_create.tf @@ -0,0 +1,13 @@ +resource "teleport_provision_token" "test" { + version = "v2" + metadata = { + name = "thisisasecretandmustnotbelogged" + expires = "2038-01-01T00:00:00Z" + labels = { + example = "yes" + } + } + spec = { + roles = ["Node", "Auth"] + } +} diff --git a/integrations/terraform/test/fixtures/provision_token_v2_0_create.tf b/integrations/terraform/test/fixtures/provision_token_v2_0_create.tf new file mode 100644 index 0000000000000..612187b3fea4a --- /dev/null +++ b/integrations/terraform/test/fixtures/provision_token_v2_0_create.tf @@ -0,0 +1,18 @@ +resource "teleport_provision_token" "test2" { + version = "v2" + metadata = { + name = "test2" + expires = "2038-01-01T00:00:00Z" + labels = { + example = "yes" + } + } + spec = { + roles = ["Node", "Auth"] + join_method = "iam" + allow = [ + { + aws_account = "1234567890" + }] + } +} diff --git a/integrations/terraform/test/fixtures/provision_token_v2_1_update.tf b/integrations/terraform/test/fixtures/provision_token_v2_1_update.tf new file mode 100644 index 0000000000000..b124986545693 --- /dev/null +++ b/integrations/terraform/test/fixtures/provision_token_v2_1_update.tf @@ -0,0 +1,21 @@ +resource "teleport_provision_token" "test2" { + version = "v2" + metadata = { + name = "test2" + expires = "2038-01-01T00:00:00Z" + labels = { + example = "yes" + } + } + spec = { + roles = ["Node", "Auth"] + join_method = "iam" + allow = [ + { + aws_account = "1234567890" + }, + { + aws_account = "1111111111" + }] + } +} diff --git a/integrations/terraform/test/fixtures/role_0_create.tf b/integrations/terraform/test/fixtures/role_0_create.tf new file mode 100644 index 0000000000000..fe772e0dd37b1 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_0_create.tf @@ -0,0 +1,12 @@ +resource "teleport_role" "test" { + version = "v7" + metadata = { + name = "test" + } + + spec = { + allow = { + logins = ["anonymous"] + } + } +} diff --git a/integrations/terraform/test/fixtures/role_1_update.tf b/integrations/terraform/test/fixtures/role_1_update.tf new file mode 100644 index 0000000000000..32b5f653cc70b --- /dev/null +++ b/integrations/terraform/test/fixtures/role_1_update.tf @@ -0,0 +1,32 @@ +resource "teleport_role" "test" { + version = "v7" + metadata = { + name = "test" + description = "" + expires = "2032-12-12T00:00:00Z" + } + + spec = { + options = { + forward_agent = true + max_session_ttl = "2h3m" + } + allow = { + logins = ["known", "anonymous"] + request = { + roles = ["example"] + claims_to_roles = [ + { + claim = "example" + value = "example" + roles = ["example"] + }, + ] + } + + node_labels = { + "example" = ["yes", "no"] + } + } + } +} diff --git a/integrations/terraform/test/fixtures/role_2_update.tf b/integrations/terraform/test/fixtures/role_2_update.tf new file mode 100644 index 0000000000000..affecea591de5 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_2_update.tf @@ -0,0 +1,31 @@ +resource "teleport_role" "test" { + version = "v7" + metadata = { + name = "test" + description = "Test role" + expires = "2032-12-12T00:00:00Z" + } + + spec = { + options = {} + + allow = { + logins = ["anonymous"] + request = { + roles = ["example", "terraform"] + claims_to_roles = [ + { + claim = "example" + value = "example" + roles = ["example"] + }, + ] + } + + node_labels = { + "example" = ["no"] + "sample" = ["yes", "no"] + } + } + } +} diff --git a/integrations/terraform/test/fixtures/role_3_update.tf b/integrations/terraform/test/fixtures/role_3_update.tf new file mode 100644 index 0000000000000..8de2044117233 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_3_update.tf @@ -0,0 +1,15 @@ +resource "teleport_role" "test" { + version = "v7" + metadata = { + name = "test" + expires = "2032-12-12T00:00:00Z" + } + + spec = { + allow = { + logins = ["anonymous"] + request = {} + node_labels = {} + } + } +} diff --git a/integrations/terraform/test/fixtures/role_drift_0.tf b/integrations/terraform/test/fixtures/role_drift_0.tf new file mode 100644 index 0000000000000..76acae3c0c399 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_drift_0.tf @@ -0,0 +1,12 @@ +resource "teleport_role" "splitbrain" { + version = "v7" + metadata = { + name = "splitbrain" + } + + spec = { + allow = { + logins = ["one"] + } + } +} diff --git a/integrations/terraform/test/fixtures/role_no_version.tf b/integrations/terraform/test/fixtures/role_no_version.tf new file mode 100644 index 0000000000000..5fae1e107749d --- /dev/null +++ b/integrations/terraform/test/fixtures/role_no_version.tf @@ -0,0 +1,11 @@ +resource "teleport_role" "test" { + metadata = { + name = "test" + } + + spec = { + allow = { + logins = ["anonymous"] + } + } +} diff --git a/integrations/terraform/test/fixtures/role_reviewers_0_two_roles.tf b/integrations/terraform/test/fixtures/role_reviewers_0_two_roles.tf new file mode 100644 index 0000000000000..5ee1e58dd3b58 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_reviewers_0_two_roles.tf @@ -0,0 +1,16 @@ +resource "teleport_role" "test_decrease_reviewers" { + metadata = { + name = "test_decrease_reviewers" + } + + spec = { + allow = { + logins = ["anonymous"] + review_requests = { + roles = ["rolea", "roleb"] + } + } + } + + version = "v6" +} diff --git a/integrations/terraform/test/fixtures/role_reviewers_1_one_role.tf b/integrations/terraform/test/fixtures/role_reviewers_1_one_role.tf new file mode 100644 index 0000000000000..7ea34ce6fd3bc --- /dev/null +++ b/integrations/terraform/test/fixtures/role_reviewers_1_one_role.tf @@ -0,0 +1,16 @@ +resource "teleport_role" "test_decrease_reviewers" { + metadata = { + name = "test_decrease_reviewers" + } + + spec = { + allow = { + logins = ["anonymous"] + review_requests = { + roles = ["roleb"] + } + } + } + + version = "v6" +} diff --git a/integrations/terraform/test/fixtures/role_upgrade_v4.tf b/integrations/terraform/test/fixtures/role_upgrade_v4.tf new file mode 100644 index 0000000000000..0fea0bf7e770f --- /dev/null +++ b/integrations/terraform/test/fixtures/role_upgrade_v4.tf @@ -0,0 +1,16 @@ +resource "teleport_role" "upgrade" { + metadata = { + name = "upgrade" + } + + spec = { + allow = { + logins = ["onev4"] + kubernetes_labels = { + env = ["dev", "prod"] + } + } + } + + version = "v4" +} diff --git a/integrations/terraform/test/fixtures/role_upgrade_v5.tf b/integrations/terraform/test/fixtures/role_upgrade_v5.tf new file mode 100644 index 0000000000000..ce97ec24925f2 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_upgrade_v5.tf @@ -0,0 +1,16 @@ +resource "teleport_role" "upgrade" { + metadata = { + name = "upgrade" + } + + spec = { + allow = { + logins = ["onev5"] + kubernetes_labels = { + env = ["dev", "prod"] + } + } + } + + version = "v5" +} diff --git a/integrations/terraform/test/fixtures/role_upgrade_v6.tf b/integrations/terraform/test/fixtures/role_upgrade_v6.tf new file mode 100644 index 0000000000000..fbcda8d910c00 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_upgrade_v6.tf @@ -0,0 +1,16 @@ +resource "teleport_role" "upgrade" { + metadata = { + name = "upgrade" + } + + spec = { + allow = { + logins = ["onev6"] + kubernetes_labels = { + env = ["dev", "prod"] + } + } + } + + version = "v6" +} diff --git a/integrations/terraform/test/fixtures/role_upgrade_v7.tf b/integrations/terraform/test/fixtures/role_upgrade_v7.tf new file mode 100644 index 0000000000000..2e79d4a3d98d6 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_upgrade_v7.tf @@ -0,0 +1,16 @@ +resource "teleport_role" "upgrade" { + metadata = { + name = "upgrade" + } + + spec = { + allow = { + logins = ["onev7"] + kubernetes_labels = { + env = ["dev", "prod"] + } + } + } + + version = "v7" +} diff --git a/integrations/terraform/test/fixtures/role_with_kube_resources.tf b/integrations/terraform/test/fixtures/role_with_kube_resources.tf new file mode 100644 index 0000000000000..d54390b748ccd --- /dev/null +++ b/integrations/terraform/test/fixtures/role_with_kube_resources.tf @@ -0,0 +1,23 @@ +resource "teleport_role" "upgrade" { + metadata = { + name = "upgrade" + } + + spec = { + allow = { + logins = ["onev6"] + kubernetes_labels = { + env = ["dev", "prod"] + } + kubernetes_resources = [ + { + kind = "pod" + name = "*" + namespace = "myns" + } + ] + } + } + + version = "v6" +} diff --git a/integrations/terraform/test/fixtures/role_with_kube_verbs.tf b/integrations/terraform/test/fixtures/role_with_kube_verbs.tf new file mode 100644 index 0000000000000..7a083142150a3 --- /dev/null +++ b/integrations/terraform/test/fixtures/role_with_kube_verbs.tf @@ -0,0 +1,21 @@ +resource "teleport_role" "kube_verbs" { + metadata = { + name = "kube_verbs" + } + + spec = { + allow = { + logins = ["onev6"] + kubernetes_resources = [ + { + kind = "pod" + name = "*" + namespace = "myns" + verbs = ["get", "watch", "list"] + } + ] + } + } + + version = "v7" +} diff --git a/integrations/terraform/test/fixtures/saml_connector_0_create.tf b/integrations/terraform/test/fixtures/saml_connector_0_create.tf new file mode 100644 index 0000000000000..1fef149a93038 --- /dev/null +++ b/integrations/terraform/test/fixtures/saml_connector_0_create.tf @@ -0,0 +1,50 @@ +resource "teleport_role" "admin" { + version = "v7" + metadata = { + name = "admin" + description = "admin role" + expires = "2032-12-12T00:00:00Z" + } + + spec = { + options = {} + allow = {} + } +} + +resource "teleport_saml_connector" "test" { + version = "v2" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + attributes_to_roles = [{ + name = "groups" + roles = ["admin"] + value = "okta-admin" + }] + + acs = "https://example.com/v1/webapi/saml/acs" + entity_descriptor = < + + + + +--- + + + +urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + + + + +EOT + } +} diff --git a/integrations/terraform/test/fixtures/saml_connector_0_create_with_entitydescriptorurl.tf b/integrations/terraform/test/fixtures/saml_connector_0_create_with_entitydescriptorurl.tf new file mode 100644 index 0000000000000..18d4e7b17f6e2 --- /dev/null +++ b/integrations/terraform/test/fixtures/saml_connector_0_create_with_entitydescriptorurl.tf @@ -0,0 +1,35 @@ +resource "teleport_role" "admin" { + version = "v7" + metadata = { + name = "admin" + description = "admin role" + expires = "2032-12-12T00:00:00Z" + } + + spec = { + options = {} + allow = {} + } +} + +resource "teleport_saml_connector" "test" { + version = "v2" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + attributes_to_roles = [{ + name = "groups" + roles = ["admin"] + value = "okta-admin" + }] + + acs = "https://example.com/v1/webapi/saml/acs" + entity_descriptor_url = "%v/app/exk4d7tmnz9DEaEw85d7/sso/saml/metadata" + } +} diff --git a/integrations/terraform/test/fixtures/saml_connector_0_create_without_entitydescriptor.tf b/integrations/terraform/test/fixtures/saml_connector_0_create_without_entitydescriptor.tf new file mode 100644 index 0000000000000..cda230b9a2c35 --- /dev/null +++ b/integrations/terraform/test/fixtures/saml_connector_0_create_without_entitydescriptor.tf @@ -0,0 +1,34 @@ +resource "teleport_role" "admin" { + version = "v7" + metadata = { + name = "admin" + description = "admin role" + expires = "2032-12-12T00:00:00Z" + } + + spec = { + options = {} + allow = {} + } +} + +resource "teleport_saml_connector" "test" { + version = "v2" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + attributes_to_roles = [{ + name = "groups" + roles = ["admin"] + value = "okta-admin" + }] + + acs = "https://example.com/v1/webapi/saml/acs" + } +} diff --git a/integrations/terraform/test/fixtures/saml_connector_1_update.tf b/integrations/terraform/test/fixtures/saml_connector_1_update.tf new file mode 100644 index 0000000000000..99dad8973c496 --- /dev/null +++ b/integrations/terraform/test/fixtures/saml_connector_1_update.tf @@ -0,0 +1,50 @@ +resource "teleport_role" "admin" { + version = "v7" + metadata = { + name = "admin" + description = "admin role" + expires = "2032-12-12T00:00:00Z" + } + + spec = { + options = {} + allow = {} + } +} + +resource "teleport_saml_connector" "test" { + version = "v2" + metadata = { + name = "test" + expires = "2032-10-12T07:20:50Z" + labels = { + example = "no" + } + } + + spec = { + attributes_to_roles = [{ + name = "groups" + roles = ["admin"] + value = "okta-admin" + }] + + acs = "https://example.com/v1/webapi/saml/acs" + entity_descriptor = < + + + + +--- + + + +urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + + + + +EOT + } +} diff --git a/integrations/terraform/test/fixtures/server_openssh_0_create.tf b/integrations/terraform/test/fixtures/server_openssh_0_create.tf new file mode 100644 index 0000000000000..459c6bdc39d40 --- /dev/null +++ b/integrations/terraform/test/fixtures/server_openssh_0_create.tf @@ -0,0 +1,11 @@ +resource "teleport_server" "test" { + version = "v2" + sub_kind = "openssh" + metadata = { + name = "test" + } + spec = { + addr = "127.0.0.1:22" + hostname = "test.local" + } +} diff --git a/integrations/terraform/test/fixtures/server_openssh_1_update.tf b/integrations/terraform/test/fixtures/server_openssh_1_update.tf new file mode 100644 index 0000000000000..a92143d5bb1db --- /dev/null +++ b/integrations/terraform/test/fixtures/server_openssh_1_update.tf @@ -0,0 +1,11 @@ +resource "teleport_server" "test" { + version = "v2" + sub_kind = "openssh" + metadata = { + name = "test" + } + spec = { + addr = "127.0.0.1:23" + hostname = "test.local" + } +} diff --git a/integrations/terraform/test/fixtures/server_openssh_nameless_0_create.tf b/integrations/terraform/test/fixtures/server_openssh_nameless_0_create.tf new file mode 100644 index 0000000000000..e0865e03780ca --- /dev/null +++ b/integrations/terraform/test/fixtures/server_openssh_nameless_0_create.tf @@ -0,0 +1,8 @@ +resource "teleport_server" "test" { + version = "v2" + sub_kind = "openssh" + spec = { + addr = "127.0.0.1:22" + hostname = "test.local" + } +} diff --git a/integrations/terraform/test/fixtures/server_openssh_nameless_1_update.tf b/integrations/terraform/test/fixtures/server_openssh_nameless_1_update.tf new file mode 100644 index 0000000000000..d50a428130f0d --- /dev/null +++ b/integrations/terraform/test/fixtures/server_openssh_nameless_1_update.tf @@ -0,0 +1,8 @@ +resource "teleport_server" "test" { + version = "v2" + sub_kind = "openssh" + spec = { + addr = "127.0.0.1:23" + hostname = "test.local" + } +} diff --git a/integrations/terraform/test/fixtures/server_openssheice_0_create.tf b/integrations/terraform/test/fixtures/server_openssheice_0_create.tf new file mode 100644 index 0000000000000..37828070ba68b --- /dev/null +++ b/integrations/terraform/test/fixtures/server_openssheice_0_create.tf @@ -0,0 +1,21 @@ +resource "teleport_server" "test" { + version = "v2" + sub_kind = "openssh-ec2-ice" + metadata = { + name = "test" + } + spec = { + addr = "127.0.0.1:22" + hostname = "test.local" + cloud_metadata = { + aws = { + account_id = "123" + instance_id = "123" + region = "us-east-1" + vpc_id = "123" + integration = "foo" + subnet_id = "123" + } + } + } +} diff --git a/integrations/terraform/test/fixtures/server_openssheice_1_update.tf b/integrations/terraform/test/fixtures/server_openssheice_1_update.tf new file mode 100644 index 0000000000000..100d25364b1c9 --- /dev/null +++ b/integrations/terraform/test/fixtures/server_openssheice_1_update.tf @@ -0,0 +1,21 @@ +resource "teleport_server" "test" { + version = "v2" + sub_kind = "openssh-ec2-ice" + metadata = { + name = "test" + } + spec = { + addr = "127.0.0.1:23" + hostname = "test.local" + cloud_metadata = { + aws = { + account_id = "123" + instance_id = "123" + region = "us-east-1" + vpc_id = "123" + integration = "foo" + subnet_id = "123" + } + } + } +} diff --git a/integrations/terraform/test/fixtures/session_recording_config_0_set.tf b/integrations/terraform/test/fixtures/session_recording_config_0_set.tf new file mode 100644 index 0000000000000..892adf9ba82a1 --- /dev/null +++ b/integrations/terraform/test/fixtures/session_recording_config_0_set.tf @@ -0,0 +1,14 @@ +resource "teleport_session_recording_config" "test" { + version = "v2" + metadata = { + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + mode = "node" + proxy_checks_host_keys = true + } +} diff --git a/integrations/terraform/test/fixtures/session_recording_config_1_update.tf b/integrations/terraform/test/fixtures/session_recording_config_1_update.tf new file mode 100644 index 0000000000000..0a5b0eab08c52 --- /dev/null +++ b/integrations/terraform/test/fixtures/session_recording_config_1_update.tf @@ -0,0 +1,14 @@ +resource "teleport_session_recording_config" "test" { + version = "v2" + metadata = { + labels = { + "example" = "yes" + "teleport.dev/origin" = "dynamic" + } + } + + spec = { + mode = "off" + proxy_checks_host_keys = true + } +} diff --git a/integrations/terraform/test/fixtures/user_0_create.tf b/integrations/terraform/test/fixtures/user_0_create.tf new file mode 100644 index 0000000000000..ac76973170972 --- /dev/null +++ b/integrations/terraform/test/fixtures/user_0_create.tf @@ -0,0 +1,34 @@ +resource "teleport_user" "test" { + version = "v2" + metadata = { + name = "test" + expires = "2035-10-12T07:20:50Z" + labels = { + example = "yes" + } + } + + spec = { + roles = ["terraform"] + + traits = { + logins1 = ["example"] + logins2 = ["example"] + } + + oidc_identities = [{ + connector_id = "oidc" + username = "example" + }] + + github_identities = [{ + connector_id = "github" + username = "example" + }] + + saml_identities = [{ + connector_id = "saml" + username = "example" + }] + } +} diff --git a/integrations/terraform/test/fixtures/user_1_update.tf b/integrations/terraform/test/fixtures/user_1_update.tf new file mode 100644 index 0000000000000..0e54a3286e6a9 --- /dev/null +++ b/integrations/terraform/test/fixtures/user_1_update.tf @@ -0,0 +1,23 @@ +resource "teleport_user" "test" { + version = "v2" + metadata = { + name = "test" + expires = "2035-10-12T07:20:52Z" + labels = { + example = "yes" + } + } + + spec = { + roles = ["terraform"] + + traits = { + logins2 = ["example"] + } + + oidc_identities = [{ + connector_id = "oidc-2" + username = "example" + }] + } +} diff --git a/integrations/terraform/test/github_connector_test.go b/integrations/terraform/test/github_connector_test.go new file mode 100644 index 0000000000000..45190272aaccd --- /dev/null +++ b/integrations/terraform/test/github_connector_test.go @@ -0,0 +1,197 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "regexp" + + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestGithubConnector() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetGithubConnector(ctx, "test", false) + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_github_connector.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("github_connector_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "github"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2032-10-12T07:20:50Z"), + resource.TestCheckResourceAttr(name, "spec.client_id", "Iv1.3386eee92ff932a4"), + resource.TestCheckResourceAttr(name, "spec.teams_to_logins.0.organization", "evilmartians"), + resource.TestCheckResourceAttr(name, "spec.teams_to_logins.0.team", "devs"), + resource.TestCheckResourceAttr(name, "spec.teams_to_logins.0.logins.0", "terraform"), + ), + }, + { + Config: s.getFixture("github_connector_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("github_connector_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "github"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2032-10-12T07:20:50Z"), + resource.TestCheckResourceAttr(name, "spec.client_id", "Iv1.3386eee92ff932a4"), + resource.TestCheckResourceAttr(name, "spec.teams_to_logins.0.organization", "octocat"), + resource.TestCheckResourceAttr(name, "spec.teams_to_logins.0.team", "devs"), + resource.TestCheckResourceAttr(name, "spec.teams_to_logins.0.logins.0", "terraform"), + ), + }, + { + Config: s.getFixture("github_connector_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportGithubConnector() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_github_connector" + id := "test_import" + name := r + "." + id + + githubConnector := &types.GithubConnectorV3{ + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.GithubConnectorSpecV3{ + ClientID: "Iv1.3386eee92ff932a4", + ClientSecret: "secret", + TeamsToLogins: []types.TeamMapping{ + { + Organization: "evilmartians", + Team: "devs", + Logins: []string{"terraform"}, + }, + }, + }, + } + + err := githubConnector.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.UpsertGithubConnector(ctx, githubConnector) + require.NoError(s.T(), err) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "github") + require.Equal(s.T(), state[0].Attributes["spec.client_id"], "Iv1.3386eee92ff932a4") + require.Equal(s.T(), state[0].Attributes["spec.teams_to_logins.0.organization"], "evilmartians") + require.Equal(s.T(), state[0].Attributes["spec.teams_to_logins.0.team"], "devs") + require.Equal(s.T(), state[0].Attributes["spec.teams_to_logins.0.logins.0"], "terraform") + + return nil + }, + }, + }, + }) +} + +func (s *TerraformSuite) TestGithubConnectorTeamsToRoles() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetGithubConnector(ctx, "test", false) + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_github_connector.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("github_connector_teams_to_roles.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "github"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2032-10-12T07:20:50Z"), + resource.TestCheckResourceAttr(name, "spec.client_id", "Iv1.3386eee92ff932a4"), + resource.TestCheckResourceAttr(name, "spec.teams_to_roles.0.organization", "evilmartians"), + resource.TestCheckResourceAttr(name, "spec.teams_to_roles.0.team", "devs"), + resource.TestCheckResourceAttr(name, "spec.teams_to_roles.0.roles.0", "myrole"), + ), + }, + { + Config: s.getFixture("github_connector_teams_to_roles.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestGithubConnectorWithoutMapping() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetGithubConnector(ctx, "test", false) + if trace.IsNotFound(err) { + return nil + } + + return err + } + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("github_connector_without_mapping.tf"), + ExpectError: regexp.MustCompile("team_to_logins or team_to_roles mapping is invalid, no mappings defined"), + }, + }, + }) +} diff --git a/integrations/terraform/test/loginrule_test.go b/integrations/terraform/test/loginrule_test.go new file mode 100644 index 0000000000000..25ee53718998f --- /dev/null +++ b/integrations/terraform/test/loginrule_test.go @@ -0,0 +1,145 @@ +// Copyright 2023 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package test + +import ( + "context" + "fmt" + + loginrulepb "github.com/gravitational/teleport/api/gen/proto/go/teleport/loginrule/v1" + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +func (s *TerraformSuite) TestLoginRule() { + if !(s.teleportFeatures.GetOIDC() || s.teleportFeatures.GetSAML()) { + s.T().Skip("Doesn't work in OSS version, requires OIDC or SAML") + } + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + expressionRuleName := "teleport_login_rule.expression_rule" + mapRuleName := "teleport_login_rule.map_rule" + allRules := []string{expressionRuleName, mapRuleName} + + checkDestroyed := func(state *terraform.State) error { + for _, ruleName := range allRules { + _, err := s.client.GetLoginRule(ctx, ruleName) + switch { + case err == nil: + return fmt.Errorf("login rule %s was not deleted", ruleName) + case trace.IsNotFound(err): + continue + default: + return err + } + } + return nil + } + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("login_rule_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(expressionRuleName, "metadata.name", "expression_rule"), + resource.TestCheckResourceAttr(expressionRuleName, "metadata.labels.env", "test"), + resource.TestCheckResourceAttr(expressionRuleName, "version", "v1"), + resource.TestCheckResourceAttr(expressionRuleName, "priority", "1"), + resource.TestCheckResourceAttr(expressionRuleName, "traits_expression", "external"), + resource.TestCheckNoResourceAttr(expressionRuleName, "traits_map"), + resource.TestCheckResourceAttr(mapRuleName, "metadata.name", "map_rule"), + resource.TestCheckResourceAttr(mapRuleName, "metadata.labels.env", "test"), + resource.TestCheckResourceAttr(mapRuleName, "version", "v1"), + resource.TestCheckResourceAttr(mapRuleName, "priority", "2"), + resource.TestCheckResourceAttr(mapRuleName, "traits_map.logins.values.0", "external.logins"), + resource.TestCheckResourceAttr(mapRuleName, "traits_map.logins.values.1", "external.username"), + resource.TestCheckNoResourceAttr(mapRuleName, "traits_expression"), + ), + }, + { + Config: s.getFixture("login_rule_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("login_rule_0_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(expressionRuleName, "metadata.name", "expression_rule"), + resource.TestCheckResourceAttr(expressionRuleName, "metadata.labels.env", "test"), + resource.TestCheckResourceAttr(expressionRuleName, "version", "v1"), + resource.TestCheckResourceAttr(expressionRuleName, "priority", "1"), + resource.TestCheckResourceAttr(expressionRuleName, "traits_expression", `external.put("logins", external.logins.add("external.username"))`), + resource.TestCheckNoResourceAttr(expressionRuleName, "traits_map"), + resource.TestCheckResourceAttr(mapRuleName, "metadata.name", "map_rule"), + resource.TestCheckResourceAttr(mapRuleName, "metadata.labels.env", "test"), + resource.TestCheckResourceAttr(mapRuleName, "version", "v1"), + resource.TestCheckResourceAttr(mapRuleName, "priority", "2"), + resource.TestCheckResourceAttr(mapRuleName, "traits_map.kube_groups.values.0", `"system:masters"`), + resource.TestCheckNoResourceAttr(mapRuleName, "traits_map.logins"), + resource.TestCheckNoResourceAttr(mapRuleName, "traits_expression"), + ), + }, + { + Config: s.getFixture("login_rule_0_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportLoginRule() { + if !(s.teleportFeatures.GetOIDC() || s.teleportFeatures.GetSAML()) { + s.T().Skip("Doesn't work in OSS version, requires OIDC or SAML") + } + ctx := context.Background() + + r := "teleport_login_rule" + id := "test_import" + name := r + "." + id + + rule := &loginrulepb.LoginRule{ + Metadata: &types.Metadata{ + Name: id, + }, + Version: types.V1, + Priority: 1, + TraitsExpression: "external", + } + + _, err := s.client.CreateLoginRule(ctx, rule) + s.Require().NoError(err) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + s.Require().Equal(state[0].Attributes["metadata.name"], id) + s.Require().Equal(state[0].Attributes["priority"], "1") + s.Require().Equal(state[0].Attributes["traits_expression"], rule.TraitsExpression) + return nil + }, + }, + }, + }) +} diff --git a/integrations/terraform/test/main_test.go b/integrations/terraform/test/main_test.go new file mode 100644 index 0000000000000..d0fc4a9f76770 --- /dev/null +++ b/integrations/terraform/test/main_test.go @@ -0,0 +1,235 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "embed" + "fmt" + "github.com/gravitational/teleport/api/client" + "github.com/gravitational/teleport/api/constants" + "github.com/gravitational/teleport/lib/auth" + libclient "github.com/gravitational/teleport/lib/client" + "github.com/gravitational/teleport/lib/client/identityfile" + "os" + "path/filepath" + "testing" + "time" + + "github.com/gravitational/teleport/api/client/proto" + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/api/utils" + "github.com/gravitational/teleport/integrations/lib" + "github.com/gravitational/teleport/integrations/lib/testing/integration" + "github.com/hashicorp/terraform-plugin-framework/providerserver" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-go/tfprotov6" + "github.com/stretchr/testify/require" + "github.com/stretchr/testify/suite" + + "github.com/gravitational/teleport/integrations/terraform/provider" +) + +//go:embed fixtures/* +var fixtures embed.FS + +type TerraformBaseSuite struct { + suite.Suite + AuthHelper integration.AuthHelper + // client represents plugin client + client *client.Client + // teleportConfig represents Teleport configuration + teleportConfig lib.TeleportConfig + // teleportFeatures represents enabled Teleport feature flags + teleportFeatures *proto.Features + // plugin represents plugin user name + plugin string + // terraformConfig represents Terraform provider configuration + terraformConfig string + // terraformProvider represents an instance of a Terraform provider + terraformProvider tfsdk.Provider + // terraformProviders represents an array of provider factories that Terraform will use to instantiate the provider(s) under test. + terraformProviders map[string]func() (tfprotov6.ProviderServer, error) +} + +type TerraformSuiteWithCache struct { + TerraformBaseSuite +} +type TerraformSuite struct { + TerraformBaseSuite +} + +func TestTerraform(t *testing.T) { + suite.Run(t, &TerraformSuite{ + TerraformBaseSuite: TerraformBaseSuite{ + AuthHelper: &integration.OSSAuthHelper{}, + }, + }) +} + +func TestTerraformWithCache(t *testing.T) { + suite.Run(t, &TerraformSuiteWithCache{ + TerraformBaseSuite: TerraformBaseSuite{ + AuthHelper: &integration.OSSAuthHelper{ + AuthConfig: auth.TestAuthServerConfig{CacheEnabled: true}, + }, + }, + }) +} + +func (s *TerraformBaseSuite) SetupSuite() { + var err error + t := s.T() + + os.Setenv("TF_ACC", "true") + ctx, cancel := context.WithCancel(context.Background()) + t.Cleanup(cancel) + s.client = s.AuthHelper.StartServer(t) + + pong, err := s.client.Ping(ctx) + require.NoError(t, err) + s.teleportFeatures = pong.GetServerFeatures() + + unrestricted := []string{"list", "create", "read", "update", "delete"} + tfRole, err := types.NewRole("terraform", types.RoleSpecV6{ + Allow: types.RoleConditions{ + DatabaseLabels: map[string]utils.Strings{"*": []string{"*"}}, + AppLabels: map[string]utils.Strings{"*": []string{"*"}}, + NodeLabels: map[string]utils.Strings{"*": []string{"*"}}, + Rules: []types.Rule{ + types.NewRule("token", unrestricted), + types.NewRule("role", unrestricted), + types.NewRule("user", unrestricted), + types.NewRule("cluster_auth_preference", unrestricted), + types.NewRule("cluster_networking_config", unrestricted), + types.NewRule("cluster_maintenance_config", unrestricted), + types.NewRule("session_recording_config", unrestricted), + types.NewRule("db", unrestricted), + types.NewRule("app", unrestricted), + types.NewRule("github", unrestricted), + types.NewRule("oidc", unrestricted), + types.NewRule("okta_import_rule", unrestricted), + types.NewRule("saml", unrestricted), + types.NewRule("login_rule", unrestricted), + types.NewRule("device", unrestricted), + types.NewRule("access_list", unrestricted), + types.NewRule("node", unrestricted), + types.NewRule("bot", unrestricted), + }, + }, + }) + require.NoError(t, err) + + tfRole, err = s.client.CreateRole(ctx, tfRole) + require.NoError(t, err) + + tfUser, err := types.NewUser("terraform") + require.NoError(t, err) + tfUser.SetRoles([]string{tfRole.GetName()}) + tfUser, err = s.client.CreateUser(ctx, tfUser) + + // Sign an identity for the access plugin and generate its configuration + s.teleportConfig.Addr = s.AuthHelper.ServerAddr() + s.teleportConfig.Identity = s.AuthHelper.SignIdentityForUser(t, ctx, tfUser) + + s.terraformConfig = ` + provider "teleport" { + addr = "` + s.teleportConfig.Addr + `" + identity_file = file("` + s.teleportConfig.Identity + `") + retry_base_duration = "900ms" + retry_cap_duration = "4s" + retry_max_tries = "12" + } + ` + // TLS creds are not used by regular config, but some tests check + // how the provider works with TLS creds and direct auth connection + credsPath := filepath.Join(t.TempDir(), "credentials") + s.getTLSCreds(ctx, tfUser, credsPath) + s.teleportConfig.ClientCrt = credsPath + ".crt" + s.teleportConfig.ClientKey = credsPath + ".key" + s.teleportConfig.RootCAs = credsPath + ".cas" + + s.terraformProvider = provider.New() + s.terraformProviders = make(map[string]func() (tfprotov6.ProviderServer, error)) + s.terraformProviders["teleport"] = func() (tfprotov6.ProviderServer, error) { + // Terraform configures provider on every test step, but does not clean up previous one, which produces + // to "too many open files" at some point. + // + // With this statement we try to forcefully close previously opened client, which stays cached in + // the provider variable. + s.closeClient() + return providerserver.NewProtocol6(s.terraformProvider)(), nil + } +} + +func (s *TerraformBaseSuite) getTLSCreds(ctx context.Context, user types.User, outputPath string) { + key, err := libclient.GenerateRSAKey() + require.NoError(s.T(), err) + + certs, err := s.client.GenerateUserCerts(ctx, proto.UserCertsRequest{ + PublicKey: key.MarshalSSHPublicKey(), + Username: user.GetName(), + Expires: time.Now().Add(time.Hour), + Format: constants.CertificateFormatStandard, + }) + require.NoError(s.T(), err) + key.Cert = certs.SSH + key.TLSCert = certs.TLS + + hostCAs, err := s.client.GetCertAuthorities(ctx, types.HostCA, false) + require.NoError(s.T(), err) + key.TrustedCerts = auth.AuthoritiesToTrustedCerts(hostCAs) + + // write the cert+private key to the output: + _, err = identityfile.Write(ctx, identityfile.WriteConfig{ + OutputPath: outputPath, + Key: key, + Format: identityfile.FormatTLS, + OverwriteDestination: false, + Writer: &identityfile.StandardConfigWriter{}, + }) + require.NoError(s.T(), err) +} + +func (s *TerraformBaseSuite) AfterTest(suiteName, testName string) { + s.closeClient() +} + +func (s *TerraformBaseSuite) SetupTest() { +} + +func (s *TerraformBaseSuite) closeClient() { + p, ok := s.terraformProvider.(*provider.Provider) + require.True(s.T(), ok) + if p != nil && p.Client != nil { + require.NoError(s.T(), p.Client.Close()) + } +} + +// getFixture loads fixture and returns it as string or if failed +func (s *TerraformBaseSuite) getFixture(name string, formatArgs ...any) string { + return s.getFixtureWithCustomConfig(name, s.terraformConfig, formatArgs...) +} + +// getFixtureWithCustomConfig loads fixture and returns it as string or if failed +func (s *TerraformBaseSuite) getFixtureWithCustomConfig(name, config string, formatArgs ...any) string { + b, err := fixtures.ReadFile(filepath.Join("fixtures", name)) + if err != nil { + return fmt.Sprintf("", name) + } + return config + "\n" + fmt.Sprintf(string(b), formatArgs...) +} diff --git a/integrations/terraform/test/oidc_connector_test.go b/integrations/terraform/test/oidc_connector_test.go new file mode 100644 index 0000000000000..39d4c90bcfef5 --- /dev/null +++ b/integrations/terraform/test/oidc_connector_test.go @@ -0,0 +1,247 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "time" + + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/api/types/wrappers" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestOIDCConnector() { + if !s.teleportFeatures.GetOIDC() { + s.T().Skip("Doesn't work in OSS version, requires OIDC") + } + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetOIDCConnector(ctx, "test", false) + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_oidc_connector.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("oidc_connector_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "oidc"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2032-10-12T07:20:50Z"), + resource.TestCheckResourceAttr(name, "spec.client_id", "client"), + resource.TestCheckResourceAttr(name, "spec.claims_to_roles.0.claim", "test"), + resource.TestCheckResourceAttr(name, "spec.claims_to_roles.0.roles.0", "terraform"), + ), + }, + { + Config: s.getFixture("oidc_connector_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("oidc_connector_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "oidc"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2032-10-12T07:20:50Z"), + resource.TestCheckResourceAttr(name, "spec.client_id", "client"), + resource.TestCheckResourceAttr(name, "spec.claims_to_roles.0.claim", "test"), + resource.TestCheckResourceAttr(name, "spec.claims_to_roles.0.roles.0", "teleport"), + resource.TestCheckResourceAttr(name, "spec.max_age", "5m0s"), + ), + }, + { + Config: s.getFixture("oidc_connector_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportOIDCConnector() { + if !s.teleportFeatures.GetOIDC() { + s.T().Skip("Doesn't work in OSS version, requires OIDC") + } + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_oidc_connector" + id := "test_import" + name := r + "." + id + + oidcConnector := &types.OIDCConnectorV3{ + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.OIDCConnectorSpecV3{ + ClientID: "Iv1.3386eee92ff932a4", + ClientSecret: "secret", + ClaimsToRoles: []types.ClaimMapping{ + { + Claim: "test", + Roles: []string{"terraform"}, + }, + }, + RedirectURLs: wrappers.Strings{ + "https://example.com/redirect", + }, + MaxAge: &types.MaxAge{ + Value: types.Duration(5 * time.Minute), + }, + }, + } + + err := oidcConnector.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.UpsertOIDCConnector(ctx, oidcConnector) + require.NoError(s.T(), err) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "oidc") + require.Equal(s.T(), state[0].Attributes["spec.client_id"], "Iv1.3386eee92ff932a4") + require.Equal(s.T(), state[0].Attributes["spec.claims_to_roles.0.claim"], "test") + require.Equal(s.T(), state[0].Attributes["spec.claims_to_roles.0.roles.0"], "terraform") + require.Equal(s.T(), state[0].Attributes["spec.max_age"], "5m0s") + + return nil + }, + }, + }, + }) +} + +func (s *TerraformSuite) TestOIDCConnectorWithoutMaxAge() { + if !s.teleportFeatures.GetOIDC() { + s.T().Skip("Doesn't work in OSS version, requires OIDC") + } + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + connectorName := "test_max_age" + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetOIDCConnector(ctx, connectorName, false) + if trace.IsNotFound(err) { + return nil + } + + return err + } + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("oidc_connector_without_max_age.tf"), + Check: resource.ComposeTestCheckFunc( + func(_ *terraform.State) error { + connector, err := s.client.GetOIDCConnector(ctx, connectorName, false) + if err != nil { + return err + } + + _, maxAgeWasSet := connector.GetMaxAge() + if maxAgeWasSet { + return trace.Errorf("max age was set but it is not part of the terraform definition") + } + + return nil + }, + ), + }, + }, + }) +} + +func (s *TerraformSuite) TestImportOIDCConnectorWithoutMaxAge() { + if !s.teleportFeatures.GetOIDC() { + s.T().Skip("Doesn't work in OSS version, requires OIDC") + } + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_oidc_connector" + id := "test_import" + name := r + "." + id + + oidcConnector := &types.OIDCConnectorV3{ + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.OIDCConnectorSpecV3{ + ClientID: "Iv1.3386eee92ff932a4", + ClientSecret: "secret", + ClaimsToRoles: []types.ClaimMapping{ + { + Claim: "test", + Roles: []string{"terraform"}, + }, + }, + RedirectURLs: wrappers.Strings{ + "https://example.com/redirect", + }, + }, + } + + err := oidcConnector.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.UpsertOIDCConnector(ctx, oidcConnector) + require.NoError(s.T(), err) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "oidc") + require.Equal(s.T(), state[0].Attributes["spec.client_id"], "Iv1.3386eee92ff932a4") + require.Equal(s.T(), state[0].Attributes["spec.claims_to_roles.0.claim"], "test") + require.Equal(s.T(), state[0].Attributes["spec.claims_to_roles.0.roles.0"], "terraform") + require.NotContains(s.T(), state[0].Attributes, "spec.max_age") + + return nil + }, + }, + }, + }) +} diff --git a/integrations/terraform/test/okta_import_rule_test.go b/integrations/terraform/test/okta_import_rule_test.go new file mode 100644 index 0000000000000..facde69623d5d --- /dev/null +++ b/integrations/terraform/test/okta_import_rule_test.go @@ -0,0 +1,168 @@ +// Copyright 2023 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package test + +import ( + "context" + "time" + + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestOktaImportRule() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.OktaClient().GetOktaImportRule(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_okta_import_rule.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("okta_import_rule_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "okta_import_rule"), + resource.TestCheckResourceAttr(name, "spec.priority", "100"), + resource.TestCheckResourceAttr(name, "spec.mappings.0.add_labels.label1", "value1"), + resource.TestCheckResourceAttr(name, "spec.mappings.0.match.0.app_ids.0", "1"), + resource.TestCheckResourceAttr(name, "spec.mappings.0.match.0.app_ids.1", "2"), + resource.TestCheckResourceAttr(name, "spec.mappings.0.match.0.app_ids.2", "3"), + resource.TestCheckResourceAttr(name, "spec.mappings.1.add_labels.label2", "value2"), + resource.TestCheckResourceAttr(name, "spec.mappings.1.match.0.group_ids.0", "1"), + resource.TestCheckResourceAttr(name, "spec.mappings.1.match.0.group_ids.1", "2"), + resource.TestCheckResourceAttr(name, "spec.mappings.1.match.0.group_ids.2", "3"), + resource.TestCheckResourceAttr(name, "spec.mappings.2.add_labels.label3", "value3"), + resource.TestCheckResourceAttr(name, "spec.mappings.2.match.0.group_name_regexes.0", "^.*$"), + resource.TestCheckResourceAttr(name, "spec.mappings.3.add_labels.label4", "value4"), + resource.TestCheckResourceAttr(name, "spec.mappings.3.match.0.app_name_regexes.0", "^.*$"), + ), + }, + { + Config: s.getFixture("okta_import_rule_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("okta_import_rule_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "okta_import_rule"), + resource.TestCheckResourceAttr(name, "spec.priority", "100"), + resource.TestCheckResourceAttr(name, "spec.mappings.0.add_labels.label1", "value1"), + resource.TestCheckResourceAttr(name, "spec.mappings.0.match.0.app_ids.0", "1"), + resource.TestCheckResourceAttr(name, "spec.mappings.0.match.0.app_ids.1", "2"), + resource.TestCheckResourceAttr(name, "spec.mappings.0.match.0.app_ids.2", "3"), + resource.TestCheckResourceAttr(name, "spec.mappings.1.add_labels.label2", "value2"), + resource.TestCheckResourceAttr(name, "spec.mappings.1.match.0.group_ids.0", "1"), + resource.TestCheckResourceAttr(name, "spec.mappings.1.match.0.group_ids.1", "2"), + resource.TestCheckResourceAttr(name, "spec.mappings.1.match.0.group_ids.2", "3"), + resource.TestCheckResourceAttr(name, "spec.mappings.2.add_labels.label3", "value3"), + resource.TestCheckResourceAttr(name, "spec.mappings.2.match.0.group_ids.0", "1"), + resource.TestCheckResourceAttr(name, "spec.mappings.2.match.0.group_ids.1", "2"), + resource.TestCheckResourceAttr(name, "spec.mappings.2.match.0.group_ids.2", "3"), + ), + }, + { + Config: s.getFixture("okta_import_rule_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportOktaImportRule() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_okta_import_rule" + id := "test_import" + name := r + "." + id + + oir := &types.OktaImportRuleV1{ + ResourceHeader: types.ResourceHeader{ + Metadata: types.Metadata{ + Name: id, + }, + }, + Spec: types.OktaImportRuleSpecV1{ + Priority: 100, + Mappings: []*types.OktaImportRuleMappingV1{ + { + AddLabels: map[string]string{ + "label1": "value1", + }, + Match: []*types.OktaImportRuleMatchV1{ + { + AppIDs: []string{"1", "2", "3"}, + }, + }, + }, + { + AddLabels: map[string]string{ + "label2": "value2", + }, + Match: []*types.OktaImportRuleMatchV1{ + { + GroupIDs: []string{"1", "2", "3"}, + }, + }, + }, + }, + }, + } + err := oir.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.OktaClient().CreateOktaImportRule(ctx, oir) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + _, err := s.client.OktaClient().GetOktaImportRule(ctx, oir.GetName()) + if trace.IsNotFound(err) { + return false + } + require.NoError(s.T(), err) + return true + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "okta_import_rule") + + return nil + }, + }, + }, + }) +} diff --git a/integrations/terraform/test/provision_token_test.go b/integrations/terraform/test/provision_token_test.go new file mode 100644 index 0000000000000..e6c8483dc7d5d --- /dev/null +++ b/integrations/terraform/test/provision_token_test.go @@ -0,0 +1,314 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "fmt" + + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestProvisionToken() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkRoleDestroyed := func(state *terraform.State) error { + _, err := s.client.GetToken(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_provision_token.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkRoleDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("provision_token_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "token"), + resource.TestCheckResourceAttr(name, "metadata.name", "test"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2038-01-01T00:00:00Z"), + resource.TestCheckResourceAttr(name, "metadata.labels.example", "yes"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "Node"), + resource.TestCheckResourceAttr(name, "spec.roles.1", "Auth"), + + resource.TestCheckResourceAttr(name, "version", "v2"), + ), + }, + { + Config: s.getFixture("provision_token_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("provision_token_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "token"), + resource.TestCheckResourceAttr(name, "metadata.name", "test"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2038-01-01T00:00:00Z"), + resource.TestCheckNoResourceAttr(name, "metadata.labels.example"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "Node"), + resource.TestCheckNoResourceAttr(name, "spec.roles.1"), + + resource.TestCheckResourceAttr(name, "version", "v2"), + ), + }, + { + Config: s.getFixture("provision_token_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestProvisionTokenV2() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkRoleDestroyed := func(state *terraform.State) error { + _, err := s.client.GetToken(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_provision_token.test2" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkRoleDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("provision_token_v2_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "token"), + resource.TestCheckResourceAttr(name, "metadata.name", "test2"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2038-01-01T00:00:00Z"), + resource.TestCheckResourceAttr(name, "metadata.labels.example", "yes"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "Node"), + resource.TestCheckResourceAttr(name, "spec.roles.1", "Auth"), + resource.TestCheckResourceAttr(name, "spec.join_method", "iam"), + resource.TestCheckResourceAttr(name, "spec.allow.0.aws_account", "1234567890"), + + resource.TestCheckResourceAttr(name, "version", "v2"), + ), + }, + { + Config: s.getFixture("provision_token_v2_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("provision_token_v2_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "token"), + resource.TestCheckResourceAttr(name, "metadata.name", "test2"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2038-01-01T00:00:00Z"), + resource.TestCheckResourceAttr(name, "metadata.labels.example", "yes"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "Node"), + resource.TestCheckResourceAttr(name, "spec.roles.1", "Auth"), + resource.TestCheckResourceAttr(name, "spec.join_method", "iam"), + resource.TestCheckResourceAttr(name, "spec.allow.0.aws_account", "1234567890"), + resource.TestCheckResourceAttr(name, "spec.allow.1.aws_account", "1111111111"), + + resource.TestCheckResourceAttr(name, "version", "v2"), + ), + }, + { + Config: s.getFixture("provision_token_v2_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportProvisionToken() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_provision_token" + id := "test_import" + name := r + "." + id + + token := &types.ProvisionTokenV2{ + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.ProvisionTokenSpecV2{ + Roles: []types.SystemRole{"Node", "Auth"}, + }, + } + err := token.CheckAndSetDefaults() + require.NoError(s.T(), err) + + err = s.client.UpsertToken(ctx, token) + require.NoError(s.T(), err) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "token") + require.Equal(s.T(), state[0].Attributes["metadata.name"], "test_import") + + return nil + }, + }, + }, + }) +} + +func (s *TerraformSuite) TestProvisionTokenDoesNotLeakSensitiveData() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkRoleDestroyed := func(state *terraform.State) error { + _, err := s.client.GetToken(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_provision_token.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkRoleDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("provision_token_secret_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "token"), + resource.TestCheckResourceAttr(name, "metadata.name", "thisisasecretandmustnotbelogged"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2038-01-01T00:00:00Z"), + resource.TestCheckResourceAttr(name, "metadata.labels.example", "yes"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "Node"), + resource.TestCheckResourceAttr(name, "spec.roles.1", "Auth"), + resource.TestCheckResourceAttr(name, "version", "v2"), + func(s *terraform.State) error { + tokenResource := s.RootModule().Resources[name] + tokenID := tokenResource.Primary.Attributes["id"] + tokenName := tokenResource.Primary.Attributes["metadata.name"] + if tokenID == tokenName { + return fmt.Errorf("token id must not include the name because the name is the actual token secret") + } + + return nil + }, + ), + }, + { + Config: s.getFixture("provision_token_secret_0_create.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestProvisionTokenWithoutExpiration() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkRoleDestroyed := func(state *terraform.State) error { + _, err := s.client.GetToken(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_provision_token.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkRoleDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("provision_token_no_expiry_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "token"), + resource.TestCheckResourceAttr(name, "metadata.name", "test"), + resource.TestCheckResourceAttr(name, "metadata.labels.example", "yes"), + resource.TestCheckNoResourceAttr(name, "metadata.expiry"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "Node"), + resource.TestCheckResourceAttr(name, "spec.roles.1", "Auth"), + resource.TestCheckResourceAttr(name, "version", "v2"), + ), + }, + { + Config: s.getFixture("provision_token_no_expiry_0_create.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestProvisionTokenIAMToken() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkRoleDestroyed := func(state *terraform.State) error { + _, err := s.client.GetToken(ctx, "iam-token") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_provision_token.iam-token" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkRoleDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("provision_token_iam_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "token"), + resource.TestCheckResourceAttr(name, "metadata.name", "iam-token"), + resource.TestCheckNoResourceAttr(name, "metadata.expiry"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "Bot"), + resource.TestCheckResourceAttr(name, "spec.join_method", "iam"), + resource.TestCheckResourceAttr(name, "version", "v2"), + ), + }, + { + Config: s.getFixture("provision_token_iam_create.tf"), + PlanOnly: true, + }, + }, + }) +} diff --git a/integrations/terraform/test/role_test.go b/integrations/terraform/test/role_test.go new file mode 100644 index 0000000000000..4b07f94534279 --- /dev/null +++ b/integrations/terraform/test/role_test.go @@ -0,0 +1,494 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "regexp" + + "github.com/google/go-cmp/cmp" + "github.com/google/go-cmp/cmp/cmpopts" + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestRole() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetRole(ctx, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_role.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("role_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckNoResourceAttr(name, "spec.options"), + resource.TestCheckResourceAttr(name, "version", "v7"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "anonymous"), + ), + }, + { + Config: s.getFixture("role_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("role_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "spec.options.forward_agent", "true"), + resource.TestCheckResourceAttr(name, "spec.options.max_session_ttl", "2h3m"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "known"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.1", "anonymous"), + resource.TestCheckResourceAttr(name, "spec.allow.request.roles.0", "example"), + resource.TestCheckResourceAttr(name, "spec.allow.request.claims_to_roles.0.claim", "example"), + resource.TestCheckResourceAttr(name, "spec.allow.request.claims_to_roles.0.value", "example"), + resource.TestCheckResourceAttr(name, "spec.allow.request.claims_to_roles.0.roles.0", "example"), + resource.TestCheckResourceAttr(name, "spec.allow.node_labels.example.0", "yes"), + resource.TestCheckResourceAttr(name, "spec.allow.node_labels.example.1", "no"), + + resource.TestCheckResourceAttr(name, "version", "v7"), + ), + }, + { + Config: s.getFixture("role_1_update.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("role_2_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckNoResourceAttr(name, "spec.options"), + resource.TestCheckResourceAttr(name, "spec.allow.node_labels.example.0", "no"), + resource.TestCheckResourceAttr(name, "spec.allow.node_labels.sample.0", "yes"), + resource.TestCheckResourceAttr(name, "spec.allow.node_labels.sample.1", "no"), + ), + }, + { + Config: s.getFixture("role_2_update.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("role_3_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckNoResourceAttr(name, "spec.options"), + ), + }, + { + Config: s.getFixture("role_3_update.tf"), // Check that there is no state drift + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuiteWithCache) TestRoleMultipleReviewers() { + if !s.teleportFeatures.GetAdvancedAccessWorkflows() { + s.T().Skip("Doesn't work in OSS version, requires Advanced Access Workflows") + } + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetRole(ctx, "test_multiple_reviewers") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_role.test_decrease_reviewers" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("role_reviewers_0_two_roles.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckNoResourceAttr(name, "spec.options"), + resource.TestCheckResourceAttr(name, "spec.allow.review_requests.roles.0", "rolea"), + resource.TestCheckResourceAttr(name, "spec.allow.review_requests.roles.1", "roleb"), + ), + }, + { + Config: s.getFixture("role_reviewers_1_one_role.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckNoResourceAttr(name, "spec.options"), + resource.TestCheckResourceAttr(name, "spec.allow.review_requests.roles.0", "roleb"), + resource.TestCheckNoResourceAttr(name, "spec.allow.review_requests.roles.1"), + ), + }, + }, + }) +} + +func (s *TerraformSuite) TestImportRole() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_role" + id := "test_import" + name := r + "." + id + + role := &types.RoleV6{ + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.RoleSpecV6{}, + } + err := role.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.UpsertRole(ctx, role) + require.NoError(s.T(), err) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "role") + require.Equal(s.T(), state[0].Attributes["metadata.name"], "test_import") + + return nil + }, + }, + }, + }) +} + +func (s *TerraformSuite) TestRoleLoginsSplitBrain() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetRole(ctx, "splitbrain") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_role.splitbrain" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("role_drift_0.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v7"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "one"), + ), + }, + { + Config: s.getFixture("role_drift_0.tf"), + PlanOnly: true, + }, + { + // Step to add an extra login + PreConfig: func() { + currentRole, err := s.client.GetRole(ctx, "splitbrain") + require.NoError(s.T(), err) + + logins := currentRole.GetLogins(types.Allow) + logins = append(logins, "extraOne") + currentRole.SetLogins(types.Allow, logins) + + _, err = s.client.UpsertRole(ctx, currentRole) + require.NoError(s.T(), err) + }, + Config: s.getFixture("role_drift_0.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v7"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "one"), + ), + }, + }, + }) +} + +func (s *TerraformSuite) TestRoleVersionUpgrade() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + // We had a bug in v14 and below that caused the defaults to be badly computed. + // We tried to fix this bug in v15 but it was too aggressive (forcing replacement is too destructive). + // In v16 we'll push a new plan modifier to fix this issue, this might be a + // breaking change for users who relied on the bug. + s.T().Skip("Test temporarily disabled until v16") + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetRole(ctx, "upgrade") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + var noAccess []types.KubernetesResource + + defaultV5Wildcard := []types.KubernetesResource{ + { + Kind: "pod", + Namespace: types.Wildcard, + Name: types.Wildcard, + Verbs: []string{types.Wildcard}, + }, + } + + defaultV7Wildcard := []types.KubernetesResource{ + { + Kind: types.Wildcard, + Namespace: types.Wildcard, + Name: types.Wildcard, + Verbs: []string{types.Wildcard}, + }, + } + + customWildcard := []types.KubernetesResource{ + { + Kind: types.KindKubePod, + Namespace: "myns", + Name: types.Wildcard, + Verbs: []string{types.Wildcard}, + }, + } + + checkRoleResource := func(version string, expected []types.KubernetesResource) resource.TestCheckFunc { + return func(state *terraform.State) error { + role, err := s.client.GetRole(ctx, "upgrade") + if err != nil { + return trace.Wrap(err) + } + + if role.GetVersion() != version { + return trace.CompareFailed("wrong role version, was expecting %q, got %q", version, role.GetVersion()) + } + + rolev6, ok := (role).(*types.RoleV6) + if !ok { + return trace.CompareFailed("failed to convert role to rolve6") + } + + diff := cmp.Diff(expected, rolev6.Spec.Allow.KubernetesResources, cmpopts.EquateEmpty()) + if diff != "" { + return trace.CompareFailed("kube resources allow rules differs from expected result: %s", diff) + } + return nil + } + } + + name := "teleport_role.upgrade" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("role_upgrade_v4.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v4"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev4"), + checkRoleResource(types.V4, defaultV5Wildcard), + ), + }, + { + Config: s.getFixture("role_upgrade_v4.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("role_upgrade_v5.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v5"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev5"), + checkRoleResource(types.V5, defaultV5Wildcard), + ), + }, + { + Config: s.getFixture("role_upgrade_v5.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("role_upgrade_v6.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v6"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev6"), + checkRoleResource(types.V6, noAccess), + ), + }, + { + Config: s.getFixture("role_upgrade_v6.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("role_with_kube_resources.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v6"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev6"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.kind", "pod"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.name", "*"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.namespace", "myns"), + checkRoleResource(types.V6, customWildcard), + ), + }, + { + Config: s.getFixture("role_with_kube_resources.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("role_upgrade_v7.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v7"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev7"), + checkRoleResource(types.V7, defaultV7Wildcard), + ), + }, + { + Config: s.getFixture("role_upgrade_v7.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestRoleWithKubernetesResources() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetRole(ctx, "upgrade") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_role.upgrade" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("role_with_kube_resources.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v6"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev6"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.kind", "pod"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.name", "*"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.namespace", "myns"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.verbs.0", "*"), + ), + }, + { + Config: s.getFixture("role_with_kube_resources.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestRoleWithKubernetesVerbs() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetRole(ctx, "kube_verbs") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_role.kube_verbs" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("role_with_kube_verbs.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "role"), + resource.TestCheckResourceAttr(name, "version", "v7"), + resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev6"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.kind", "pod"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.name", "*"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.namespace", "myns"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.verbs.0", "get"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.verbs.1", "watch"), + resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.verbs.2", "list"), + ), + }, + { + Config: s.getFixture("role_with_kube_verbs.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestRoleNoVersion() { + re, err := regexp.Compile(".*The argument \"version\" is required, but no definition was found.*") + require.NoError(s.T(), err) + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.getFixture("role_no_version.tf"), + ExpectError: re, + }, + }, + }) +} diff --git a/integrations/terraform/test/saml_connector_test.go b/integrations/terraform/test/saml_connector_test.go new file mode 100644 index 0000000000000..d041a9f303a14 --- /dev/null +++ b/integrations/terraform/test/saml_connector_test.go @@ -0,0 +1,215 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "fmt" + "net/http" + "net/http/httptest" + "regexp" + + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestSAMLConnector() { + if !s.teleportFeatures.GetSAML() { + s.T().Skip("Doesn't work in OSS version, requires SAML") + } + + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkDestroyed := func(state *terraform.State) error { + _, err := s.client.GetSAMLConnector(ctx, "test", false) + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_saml_connector.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("saml_connector_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "saml"), + resource.TestCheckResourceAttr(name, "spec.acs", "https://example.com/v1/webapi/saml/acs"), + resource.TestCheckResourceAttr(name, "spec.attributes_to_roles.0.name", "groups"), + resource.TestCheckResourceAttr(name, "spec.attributes_to_roles.0.roles.0", "admin"), + resource.TestCheckResourceAttr(name, "spec.attributes_to_roles.0.value", "okta-admin"), + ), + }, + { + Config: s.getFixture("saml_connector_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("saml_connector_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "saml"), + resource.TestCheckResourceAttr(name, "spec.acs", "https://example.com/v1/webapi/saml/acs"), + resource.TestCheckResourceAttr(name, "spec.attributes_to_roles.0.name", "groups"), + resource.TestCheckResourceAttr(name, "spec.attributes_to_roles.0.roles.0", "admin"), + resource.TestCheckResourceAttr(name, "spec.attributes_to_roles.0.value", "okta-admin"), + ), + }, + { + Config: s.getFixture("saml_connector_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportSAMLConnector() { + if !s.teleportFeatures.GetSAML() { + s.T().Skip("Doesn't work in OSS version, requires SAML") + } + + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_saml_connector" + id := "test_import" + name := r + "." + id + + // Set up role. + roleName := "rolex" + rolexSpec, err := types.NewRole(roleName, types.RoleSpecV6{}) + require.NoError(s.T(), err) + + _, err = s.client.UpsertRole(ctx, rolexSpec) + require.NoError(s.T(), err) + + samlConnector := &types.SAMLConnectorV2{ + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.SAMLConnectorSpecV2{ + AssertionConsumerService: "https://example.com/v1/webapi/saml/acs", + EntityDescriptor: ` + + + + + +--- + + + +urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + + + + +`, + AttributesToRoles: []types.AttributeMapping{ + { + Name: "map attrx to rolex", + Value: "attrx", + Roles: []string{roleName}, + }, + }, + }, + } + + err = samlConnector.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.UpsertSAMLConnector(ctx, samlConnector) + require.NoError(s.T(), err) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "saml") + require.Equal(s.T(), state[0].Attributes["spec.acs"], "https://example.com/v1/webapi/saml/acs") + + return nil + }, + }, + }, + }) +} + +func (s *TerraformSuite) TestSAMLConnectorWithEntityDescriptorURL() { + if !s.teleportFeatures.GetSAML() { + s.T().Skip("Doesn't work in OSS version, requires SAML") + } + // Start test HTTP server that returns SAML descriptor. + httpServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + fmt.Fprintln(w, testDescriptor) + })) + s.T().Cleanup(httpServer.Close) + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.getFixture("saml_connector_0_create_with_entitydescriptorurl.tf", httpServer.URL), + }, + }, + }) +} + +func (s *TerraformSuite) TestSAMLConnectorWithoutEntityDescriptor() { + if !s.teleportFeatures.GetSAML() { + s.T().Skip("Doesn't work in OSS version, requires SAML") + } + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.getFixture("saml_connector_0_create_without_entitydescriptor.tf"), + ExpectError: regexp.MustCompile("AnyOf 'entity_descriptor, entity_descriptor_url' keys must be present"), + }, + }, + }) +} + +var testDescriptor = `MIIDujCCAqKgAwIBAgIGAYXAcx/eMA0GCSqGSIb3DQEBCwUAMIGdMQswCQYDVQQGEwJVUzETMBEG +A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU +MBIGA1UECwwLU1NPUHJvdmlkZXIxHjAcBgNVBAMMFWdyYXZpdGF0aW9uYWwtcHJldmlldzEcMBoG +CSqGSIb3DQEJARYNaW5mb0Bva3RhLmNvbTAeFw0yMzAxMTcxNTU2MjhaFw0zMzAxMTcxNTU3Mjha +MIGdMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5j +aXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxHjAcBgNVBAMMFWdyYXZp +dGF0aW9uYWwtcHJldmlldzEcMBoGCSqGSIb3DQEJARYNaW5mb0Bva3RhLmNvbTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBALoIr14BqjPFRJGJOsVQ8RWKkhYzdP3foRRLZTQLHlv50afF +UZCgng3HV8n5rFoZgSLEeVYs4+9RIQKctPCYQ9YE+dtQrU6ZkxEixvwvpxtFEfAK1KriQdPjBNxM +EyTr4+khUckbS4cPNPy5/Bjw/TakCQCC5P/7r7GRcesEsuPnOnHPiIOdeEZ+DEpgndf0kwalgKs9 +xJWepooOLH9cWtFQXHM15PVbvFxW1fpt6LzXXxiW0UZxGP+744qY92KY9kIyV+gbtH4xOjQVftvc +GIsxdr8pZ9PSDW+Ivx6KaR8zv+Kt6HRg6Svi8CJ8iA6uAPrbw0FxSlwuh0/GCWF2rTkCAwEAATAN +BgkqhkiG9w0BAQsFAAOCAQEAFPtGtJNd2E95wTV5++FLelUaWCwZfChhOyBmNZc4y/aCHEMMApbQ +ZdmVO08rv/E96e8xguURSHNUSctFe3sM/8ZDNVYI4MPt1Tz4PafVmQ0C8qrgNM2/nWlXHih7BXwH +zWWhkLclbcBUszNCRuF9FeIDCOUXTP5qHcnM3cWTci6MWssIHe0uj4pPXFCPPvl6Pe200y6l9coz +lAA/ybt7fxOF+iw1lDHPydVKP1diu0mJMS1jcytW3D9pAD9J23q3N6kT3ZpKBlr0HGQhCmuLNqj/ +ENwliNq8+0Ouew4Ww08DP+a1HdK4F1POi4MpJyyeAlaXvhGizIR1d9jV4hlqVQ==urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` diff --git a/integrations/terraform/test/server_test.go b/integrations/terraform/test/server_test.go new file mode 100644 index 0000000000000..cea7f1d11d1b4 --- /dev/null +++ b/integrations/terraform/test/server_test.go @@ -0,0 +1,322 @@ +/* +Copyright 2024 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "time" + + "github.com/gravitational/teleport/api/defaults" + "github.com/gravitational/teleport/api/types" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestOpenSSHServer() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkServerDestroyed := func(state *terraform.State) error { + _, err := s.client.GetNode(ctx, defaults.Namespace, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_server.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkServerDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("server_openssh_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", types.KindNode), + resource.TestCheckResourceAttr(name, "sub_kind", types.SubKindOpenSSHNode), + resource.TestCheckResourceAttr(name, "version", "v2"), + resource.TestCheckResourceAttr(name, "spec.addr", "127.0.0.1:22"), + resource.TestCheckResourceAttr(name, "spec.hostname", "test.local"), + ), + }, + { + Config: s.getFixture("server_openssh_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("server_openssh_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", types.KindNode), + resource.TestCheckResourceAttr(name, "sub_kind", types.SubKindOpenSSHNode), + resource.TestCheckResourceAttr(name, "version", "v2"), + resource.TestCheckResourceAttr(name, "spec.addr", "127.0.0.1:23"), + resource.TestCheckResourceAttr(name, "spec.hostname", "test.local"), + ), + }, + { + Config: s.getFixture("server_openssh_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestOpenSSHServerNameless() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkServerDestroyed := func(state *terraform.State) error { + // The name is a UUID but we can lookup by hostname as well. + _, err := s.client.GetNode(ctx, defaults.Namespace, "test.local") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_server.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkServerDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("server_openssh_nameless_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", types.KindNode), + resource.TestCheckResourceAttr(name, "sub_kind", types.SubKindOpenSSHNode), + resource.TestCheckResourceAttr(name, "version", "v2"), + resource.TestCheckResourceAttr(name, "spec.addr", "127.0.0.1:22"), + resource.TestCheckResourceAttr(name, "spec.hostname", "test.local"), + ), + }, + { + Config: s.getFixture("server_openssh_nameless_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("server_openssh_nameless_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", types.KindNode), + resource.TestCheckResourceAttr(name, "sub_kind", types.SubKindOpenSSHNode), + resource.TestCheckResourceAttr(name, "version", "v2"), + resource.TestCheckResourceAttr(name, "spec.addr", "127.0.0.1:23"), + resource.TestCheckResourceAttr(name, "spec.hostname", "test.local"), + ), + }, + { + Config: s.getFixture("server_openssh_nameless_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportOpenSSHServer() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_server" + id := "test_import" + name := r + "." + id + + server := &types.ServerV2{ + Kind: types.KindNode, + SubKind: types.SubKindOpenSSHNode, + Version: types.V2, + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.ServerSpecV2{ + Addr: "127.0.0.1:22", + Hostname: "foobar", + }, + } + err := server.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.UpsertNode(ctx, server) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + _, err = s.client.GetNode(ctx, defaults.Namespace, server.GetName()) + if trace.IsNotFound(err) { + return false + } + require.NoError(s.T(), err) + return true + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], types.KindNode) + require.Equal(s.T(), state[0].Attributes["sub_kind"], types.SubKindOpenSSHNode) + require.Equal(s.T(), state[0].Attributes["spec.addr"], "127.0.0.1:22") + require.Equal(s.T(), state[0].Attributes["spec.hostname"], "foobar") + + return nil + }, + }, + }, + }) +} + +func (s *TerraformSuite) TestOpenSSHEICEServer() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkServerDestroyed := func(state *terraform.State) error { + _, err := s.client.GetNode(ctx, defaults.Namespace, "test") + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_server.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkServerDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("server_openssheice_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", types.KindNode), + resource.TestCheckResourceAttr(name, "sub_kind", types.SubKindOpenSSHEICENode), + resource.TestCheckResourceAttr(name, "version", "v2"), + resource.TestCheckResourceAttr(name, "spec.addr", "127.0.0.1:22"), + resource.TestCheckResourceAttr(name, "spec.hostname", "test.local"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.account_id", "123"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.instance_id", "123"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.region", "us-east-1"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.vpc_id", "123"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.integration", "foo"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.subnet_id", "123"), + ), + }, + { + Config: s.getFixture("server_openssheice_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("server_openssheice_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", types.KindNode), + resource.TestCheckResourceAttr(name, "sub_kind", types.SubKindOpenSSHEICENode), + resource.TestCheckResourceAttr(name, "version", "v2"), + resource.TestCheckResourceAttr(name, "spec.addr", "127.0.0.1:23"), + resource.TestCheckResourceAttr(name, "spec.hostname", "test.local"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.account_id", "123"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.instance_id", "123"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.region", "us-east-1"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.vpc_id", "123"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.integration", "foo"), + resource.TestCheckResourceAttr(name, "spec.cloud_metadata.aws.subnet_id", "123"), + ), + }, + { + Config: s.getFixture("server_openssheice_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportOpenSSHEICEServer() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_server" + id := "test_import" + name := r + "." + id + + server := &types.ServerV2{ + Kind: types.KindNode, + SubKind: types.SubKindOpenSSHEICENode, + Version: types.V2, + Metadata: types.Metadata{ + Name: id, + }, + Spec: types.ServerSpecV2{ + Addr: "127.0.0.1:22", + Hostname: "foobar", + CloudMetadata: &types.CloudMetadata{ + AWS: &types.AWSInfo{ + AccountID: "123", + InstanceID: "123", + Region: "us-east-1", + VPCID: "123", + Integration: "foo", + SubnetID: "123", + }, + }, + }, + } + err := server.CheckAndSetDefaults() + require.NoError(s.T(), err) + + _, err = s.client.UpsertNode(ctx, server) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + _, err = s.client.GetNode(ctx, defaults.Namespace, server.GetName()) + if trace.IsNotFound(err) { + return false + } + require.NoError(s.T(), err) + return true + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], types.KindNode) + require.Equal(s.T(), state[0].Attributes["sub_kind"], types.SubKindOpenSSHEICENode) + require.Equal(s.T(), state[0].Attributes["spec.addr"], "127.0.0.1:22") + require.Equal(s.T(), state[0].Attributes["spec.hostname"], "foobar") + require.Equal(s.T(), state[0].Attributes["spec.cloud_metadata.aws.account_id"], "123") + require.Equal(s.T(), state[0].Attributes["spec.cloud_metadata.aws.instance_id"], "123") + require.Equal(s.T(), state[0].Attributes["spec.cloud_metadata.aws.region"], "us-east-1") + require.Equal(s.T(), state[0].Attributes["spec.cloud_metadata.aws.vpc_id"], "123") + require.Equal(s.T(), state[0].Attributes["spec.cloud_metadata.aws.integration"], "foo") + require.Equal(s.T(), state[0].Attributes["spec.cloud_metadata.aws.subnet_id"], "123") + return nil + }, + }, + }, + }) +} diff --git a/integrations/terraform/test/session_recording_config_test.go b/integrations/terraform/test/session_recording_config_test.go new file mode 100644 index 0000000000000..fe13c228163da --- /dev/null +++ b/integrations/terraform/test/session_recording_config_test.go @@ -0,0 +1,109 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "time" + + "github.com/gravitational/teleport/api/types" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/stretchr/testify/require" +) + +func (s *TerraformSuite) TestSessionRecordingConfig() { + name := "teleport_session_recording_config.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + PreventPostDestroyRefresh: true, + Steps: []resource.TestStep{ + { + Config: s.getFixture("session_recording_config_0_set.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "session_recording_config"), + resource.TestCheckResourceAttr(name, "spec.mode", "node"), + ), + }, + { + Config: s.getFixture("session_recording_config_0_set.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("session_recording_config_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "session_recording_config"), + resource.TestCheckResourceAttr(name, "spec.mode", "off"), + ), + }, + { + Config: s.getFixture("session_recording_config_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} + +func (s *TerraformSuite) TestImportSessionRecordingConfig() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + r := "teleport_session_recording_config" + id := "test_import" + name := r + "." + id + + sessionrRecordingConfig := &types.SessionRecordingConfigV2{ + Metadata: types.Metadata{}, + Spec: types.SessionRecordingConfigSpecV2{ + Mode: "off", + }, + } + err := sessionrRecordingConfig.CheckAndSetDefaults() + require.NoError(s.T(), err) + + recordingConfigBefore, err := s.client.GetSessionRecordingConfig(ctx) + require.NoError(s.T(), err) + + err = s.client.SetSessionRecordingConfig(ctx, sessionrRecordingConfig) + require.NoError(s.T(), err) + + require.Eventually(s.T(), func() bool { + recordingConfigCurrent, err := s.client.GetSessionRecordingConfig(ctx) + require.NoError(s.T(), err) + + return recordingConfigBefore.GetMetadata().ID != recordingConfigCurrent.GetMetadata().ID + }, 5*time.Second, time.Second) + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + Steps: []resource.TestStep{ + { + Config: s.terraformConfig + "\n" + `resource "` + r + `" "` + id + `" { }`, + ResourceName: name, + ImportState: true, + ImportStateId: id, + ImportStateCheck: func(state []*terraform.InstanceState) error { + require.Equal(s.T(), state[0].Attributes["kind"], "session_recording_config") + require.Equal(s.T(), state[0].Attributes["spec.mode"], "off") + + return nil + }, + }, + }, + }) +} diff --git a/integrations/terraform/test/user_test.go b/integrations/terraform/test/user_test.go new file mode 100644 index 0000000000000..2aacb724403d7 --- /dev/null +++ b/integrations/terraform/test/user_test.go @@ -0,0 +1,86 @@ +/* +Copyright 2015-2021 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package test + +import ( + "context" + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" +) + +func (s *TerraformSuite) TestUser() { + ctx, cancel := context.WithCancel(context.Background()) + s.T().Cleanup(cancel) + + checkUserDestroyed := func(state *terraform.State) error { + _, err := s.client.GetUser(ctx, "test", false) + if trace.IsNotFound(err) { + return nil + } + + return err + } + + name := "teleport_user.test" + + resource.Test(s.T(), resource.TestCase{ + ProtoV6ProviderFactories: s.terraformProviders, + CheckDestroy: checkUserDestroyed, + Steps: []resource.TestStep{ + { + Config: s.getFixture("user_0_create.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "user"), + resource.TestCheckResourceAttr(name, "version", "v2"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2035-10-12T07:20:50Z"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "terraform"), + resource.TestCheckResourceAttr(name, "spec.traits.logins1.0", "example"), + resource.TestCheckResourceAttr(name, "spec.traits.logins2.0", "example"), + resource.TestCheckResourceAttr(name, "spec.oidc_identities.0.connector_id", "oidc"), + resource.TestCheckResourceAttr(name, "spec.oidc_identities.0.username", "example"), + resource.TestCheckResourceAttr(name, "spec.github_identities.0.connector_id", "github"), + resource.TestCheckResourceAttr(name, "spec.github_identities.0.username", "example"), + resource.TestCheckResourceAttr(name, "spec.saml_identities.0.connector_id", "saml"), + resource.TestCheckResourceAttr(name, "spec.saml_identities.0.username", "example"), + ), + }, + { + Config: s.getFixture("user_0_create.tf"), + PlanOnly: true, + }, + { + Config: s.getFixture("user_1_update.tf"), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, "kind", "user"), + resource.TestCheckResourceAttr(name, "metadata.expires", "2035-10-12T07:20:52Z"), + resource.TestCheckResourceAttr(name, "spec.roles.0", "terraform"), + resource.TestCheckResourceAttr(name, "spec.traits.logins2.0", "example"), + resource.TestCheckNoResourceAttr(name, "spec.traits.logins1"), + resource.TestCheckResourceAttr(name, "spec.oidc_identities.0.connector_id", "oidc-2"), + resource.TestCheckResourceAttr(name, "spec.oidc_identities.0.username", "example"), + resource.TestCheckNoResourceAttr(name, "spec.github_identities"), + resource.TestCheckNoResourceAttr(name, "spec.saml_identities"), + ), + }, + { + Config: s.getFixture("user_1_update.tf"), + PlanOnly: true, + }, + }, + }) +} diff --git a/integrations/terraform/tfschema/accesslist/v1/accesslist_terraform.go b/integrations/terraform/tfschema/accesslist/v1/accesslist_terraform.go new file mode 100644 index 0000000000000..8683faf239d31 --- /dev/null +++ b/integrations/terraform/tfschema/accesslist/v1/accesslist_terraform.go @@ -0,0 +1,2769 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: teleport/accesslist/v1/accesslist.proto + +package v1 + +import ( + context "context" + fmt "fmt" + math "math" + + proto "github.com/gogo/protobuf/proto" + github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/accesslist/v1" + _ "github.com/gravitational/teleport/api/gen/proto/go/teleport/header/v1" + github_com_gravitational_teleport_api_gen_proto_go_teleport_header_v1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/header/v1" + _ "github.com/gravitational/teleport/api/gen/proto/go/teleport/trait/v1" + github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/trait/v1" + github_com_hashicorp_terraform_plugin_framework_attr "github.com/hashicorp/terraform-plugin-framework/attr" + github_com_hashicorp_terraform_plugin_framework_diag "github.com/hashicorp/terraform-plugin-framework/diag" + github_com_hashicorp_terraform_plugin_framework_tfsdk "github.com/hashicorp/terraform-plugin-framework/tfsdk" + github_com_hashicorp_terraform_plugin_framework_types "github.com/hashicorp/terraform-plugin-framework/types" + github_com_hashicorp_terraform_plugin_go_tftypes "github.com/hashicorp/terraform-plugin-go/tftypes" + _ "google.golang.org/protobuf/types/known/durationpb" + _ "google.golang.org/protobuf/types/known/timestamppb" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// GenSchemaAccessList returns tfsdk.Schema definition for AccessList +func GenSchemaAccessList(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "header": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "kind": { + Description: "kind is a resource kind.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "description is object description.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": GenSchemaTimestamp(ctx), + "labels": { + Description: "labels is a set of labels.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "name is an object name.", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "metadata is resource metadata.", + Optional: true, + }, + "sub_kind": { + Description: "sub_kind is an optional resource sub kind, used in some resources.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by \"v\". For example: `v1`", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "header is the header for the resource.", + Optional: true, + }, + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "audit": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "next_audit_date": GenSchemaTimestamp(ctx), + "notifications": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"start": GenSchemaDuration(ctx)}), + Description: "notifications is the configuration for notifying users.", + Optional: true, + }, + "recurrence": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "day_of_month": { + Description: "day_of_month is the day of month that reviews will be scheduled on. Supported values are 0, 1, 15, and 31.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "frequency": { + Description: "frequency is the frequency of reviews. This represents the period in months between two reviews. Supported values are 0, 1, 3, 6, and 12.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + }), + Description: "recurrence is the recurrence definition", + Required: true, + }, + }), + Description: "audit describes the frequency that this access list must be audited.", + Required: true, + }, + "description": { + Description: "description is an optional plaintext description of the access list.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "grants": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "roles": { + Description: "roles are the roles that are granted to users who are members of the access list.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "traits": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "key": { + Description: "key is the name of the trait.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "values": { + Description: "values is the list of trait values.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "traits are the traits that are granted to users who are members of the access list.", + Optional: true, + }, + }), + Description: "grants describes the access granted by membership to this access list.", + Required: true, + }, + "membership_requires": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "roles": { + Description: "roles are the user roles that must be present for the user to obtain access.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "traits": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "key": { + Description: "key is the name of the trait.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "values": { + Description: "values is the list of trait values.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "traits are the traits that must be present for the user to obtain access.", + Optional: true, + }, + }), + Description: "membership_requires describes the requirements for a user to be a member of the access list. For a membership to an access list to be effective, the user must meet the requirements of Membership_requires and must be in the members list.", + Optional: true, + }, + "owner_grants": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "roles": { + Description: "roles are the roles that are granted to users who are members of the access list.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "traits": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "key": { + Description: "key is the name of the trait.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "values": { + Description: "values is the list of trait values.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "traits are the traits that are granted to users who are members of the access list.", + Optional: true, + }, + }), + Description: "owner_grants describes the access granted by owners to this access list.", + Optional: true, + }, + "owners": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "description is the plaintext description of the owner and why they are an owner.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "name": { + Description: "name is the username of the owner.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "owners is a list of owners of the access list.", + Required: true, + }, + "ownership_requires": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "roles": { + Description: "roles are the user roles that must be present for the user to obtain access.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "traits": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "key": { + Description: "key is the name of the trait.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "values": { + Description: "values is the list of trait values.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "traits are the traits that must be present for the user to obtain access.", + Optional: true, + }, + }), + Description: "ownership_requires describes the requirements for a user to be an owner of the access list. For ownership of an access list to be effective, the user must meet the requirements of ownership_requires and must be in the owners list.", + Optional: true, + }, + "title": { + Description: "title is a plaintext short description of the access list.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "spec is the specification for the access list.", + Optional: true, + }, + }}, nil +} + +// CopyAccessListFromTerraform copies contents of the source Terraform object into a target struct +func CopyAccessListFromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessList) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["header"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Header = nil + if !v.Null && !v.Unknown { + tf := v + obj.Header = &github_com_gravitational_teleport_api_gen_proto_go_teleport_header_v1.ResourceHeader{} + obj := obj.Header + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.sub_kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.sub_kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = nil + if !v.Null && !v.Unknown { + tf := v + obj.Metadata = &github_com_gravitational_teleport_api_gen_proto_go_teleport_header_v1.Metadata{} + obj := obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.metadata.name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.metadata.name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.metadata.namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.metadata.namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.metadata.description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.metadata.description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.metadata.labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.metadata.labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.metadata.labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.metadata.expires"}) + } + CopyFromTimestamp(diags, a, &obj.Expires) + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.header.metadata.revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.header.metadata.revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = nil + if !v.Null && !v.Unknown { + tf := v + obj.Spec = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListSpec{} + obj := obj.Spec + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["owners"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.owners"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owners", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Owners = make([]*github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListOwner, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owners", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListOwner + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListOwner{} + obj := t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.owners.name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owners.name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.owners.description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owners.description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + } + obj.Owners[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["audit"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.audit"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.audit", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Audit = nil + if !v.Null && !v.Unknown { + tf := v + obj.Audit = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListAudit{} + obj := obj.Audit + { + a, ok := tf.Attrs["next_audit_date"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.audit.next_audit_date"}) + } + CopyFromTimestamp(diags, a, &obj.NextAuditDate) + } + { + a, ok := tf.Attrs["recurrence"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.audit.recurrence"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.audit.recurrence", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Recurrence = nil + if !v.Null && !v.Unknown { + tf := v + obj.Recurrence = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.Recurrence{} + obj := obj.Recurrence + { + a, ok := tf.Attrs["frequency"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.audit.recurrence.frequency"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.audit.recurrence.frequency", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.ReviewFrequency + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.ReviewFrequency(v.Value) + } + obj.Frequency = t + } + } + } + { + a, ok := tf.Attrs["day_of_month"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.audit.recurrence.day_of_month"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.audit.recurrence.day_of_month", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.ReviewDayOfMonth + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.ReviewDayOfMonth(v.Value) + } + obj.DayOfMonth = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["notifications"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.audit.notifications"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.audit.notifications", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Notifications = nil + if !v.Null && !v.Unknown { + tf := v + obj.Notifications = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.Notifications{} + obj := obj.Notifications + { + a, ok := tf.Attrs["start"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.audit.notifications.start"}) + } + CopyFromDuration(diags, a, &obj.Start) + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["membership_requires"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.membership_requires"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.membership_requires", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.MembershipRequires = nil + if !v.Null && !v.Unknown { + tf := v + obj.MembershipRequires = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListRequires{} + obj := obj.MembershipRequires + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.membership_requires.roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.membership_requires.roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.membership_requires.roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["traits"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.membership_requires.traits"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.membership_requires.traits", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Traits = make([]*github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.membership_requires.traits", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait{} + obj := t + { + a, ok := tf.Attrs["key"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.membership_requires.traits.key"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.membership_requires.traits.key", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Key = t + } + } + } + { + a, ok := tf.Attrs["values"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.membership_requires.traits.values"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.membership_requires.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Values = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.membership_requires.traits.values", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Values[k] = t + } + } + } + } + } + } + } + obj.Traits[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["ownership_requires"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.ownership_requires"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.ownership_requires", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.OwnershipRequires = nil + if !v.Null && !v.Unknown { + tf := v + obj.OwnershipRequires = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListRequires{} + obj := obj.OwnershipRequires + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.ownership_requires.roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.ownership_requires.roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.ownership_requires.roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["traits"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.ownership_requires.traits"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.ownership_requires.traits", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Traits = make([]*github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.ownership_requires.traits", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait{} + obj := t + { + a, ok := tf.Attrs["key"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.ownership_requires.traits.key"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.ownership_requires.traits.key", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Key = t + } + } + } + { + a, ok := tf.Attrs["values"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.ownership_requires.traits.values"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.ownership_requires.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Values = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.ownership_requires.traits.values", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Values[k] = t + } + } + } + } + } + } + } + obj.Traits[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["grants"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.grants"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.grants", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Grants = nil + if !v.Null && !v.Unknown { + tf := v + obj.Grants = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListGrants{} + obj := obj.Grants + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.grants.roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.grants.roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.grants.roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["traits"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.grants.traits"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.grants.traits", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Traits = make([]*github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.grants.traits", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait{} + obj := t + { + a, ok := tf.Attrs["key"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.grants.traits.key"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.grants.traits.key", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Key = t + } + } + } + { + a, ok := tf.Attrs["values"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.grants.traits.values"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.grants.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Values = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.grants.traits.values", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Values[k] = t + } + } + } + } + } + } + } + obj.Traits[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["title"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.title"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.title", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Title = t + } + } + } + { + a, ok := tf.Attrs["owner_grants"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.owner_grants"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owner_grants", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.OwnerGrants = nil + if !v.Null && !v.Unknown { + tf := v + obj.OwnerGrants = &github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessListGrants{} + obj := obj.OwnerGrants + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.owner_grants.roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owner_grants.roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owner_grants.roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["traits"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.owner_grants.traits"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owner_grants.traits", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Traits = make([]*github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owner_grants.traits", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_gen_proto_go_teleport_trait_v1.Trait{} + obj := t + { + a, ok := tf.Attrs["key"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.owner_grants.traits.key"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owner_grants.traits.key", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Key = t + } + } + } + { + a, ok := tf.Attrs["values"] + if !ok { + diags.Append(attrReadMissingDiag{"AccessList.spec.owner_grants.traits.values"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owner_grants.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Values = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AccessList.spec.owner_grants.traits.values", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Values[k] = t + } + } + } + } + } + } + } + obj.Traits[k] = t + } + } + } + } + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyAccessListToTerraform copies contents of the source Terraform object into a target struct +func CopyAccessListToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1.AccessList, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + a, ok := tf.AttrTypes["header"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["header"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Header == nil { + v.Null = true + } else { + obj := obj.Header + tf := &v + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.header.kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.sub_kind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.header.sub_kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.sub_kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.header.version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Metadata == nil { + v.Null = true + } else { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.metadata.name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.header.metadata.name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.metadata.name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.metadata.namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.header.metadata.namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.metadata.namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.metadata.description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.header.metadata.description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.metadata.description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.metadata.labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.metadata.labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.header.metadata.labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.metadata.labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.metadata.expires"}) + } else { + v := CopyToTimestamp(diags, obj.Expires, t, tf.Attrs["expires"]) + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.header.metadata.revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.header.metadata.revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.header.metadata.revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["header"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Spec == nil { + v.Null = true + } else { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["owners"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.owners"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owners", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["owners"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Owners)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Owners)) + } + } + if obj.Owners != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Owners) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Owners)) + } + for k, a := range obj.Owners { + v, ok := tf.Attrs["owners"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.owners.name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.owners.name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owners.name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.owners.description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.owners.description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owners.description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Owners) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["owners"] = c + } + } + } + { + a, ok := tf.AttrTypes["audit"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.audit"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.audit", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["audit"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Audit == nil { + v.Null = true + } else { + obj := obj.Audit + tf := &v + { + t, ok := tf.AttrTypes["next_audit_date"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.audit.next_audit_date"}) + } else { + v := CopyToTimestamp(diags, obj.NextAuditDate, t, tf.Attrs["next_audit_date"]) + tf.Attrs["next_audit_date"] = v + } + } + { + a, ok := tf.AttrTypes["recurrence"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.audit.recurrence"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.audit.recurrence", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["recurrence"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Recurrence == nil { + v.Null = true + } else { + obj := obj.Recurrence + tf := &v + { + t, ok := tf.AttrTypes["frequency"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.audit.recurrence.frequency"}) + } else { + v, ok := tf.Attrs["frequency"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.audit.recurrence.frequency", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.audit.recurrence.frequency", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Frequency) == 0 + } + v.Value = int64(obj.Frequency) + v.Unknown = false + tf.Attrs["frequency"] = v + } + } + { + t, ok := tf.AttrTypes["day_of_month"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.audit.recurrence.day_of_month"}) + } else { + v, ok := tf.Attrs["day_of_month"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.audit.recurrence.day_of_month", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.audit.recurrence.day_of_month", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.DayOfMonth) == 0 + } + v.Value = int64(obj.DayOfMonth) + v.Unknown = false + tf.Attrs["day_of_month"] = v + } + } + } + v.Unknown = false + tf.Attrs["recurrence"] = v + } + } + } + { + a, ok := tf.AttrTypes["notifications"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.audit.notifications"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.audit.notifications", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["notifications"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Notifications == nil { + v.Null = true + } else { + obj := obj.Notifications + tf := &v + { + t, ok := tf.AttrTypes["start"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.audit.notifications.start"}) + } else { + v := CopyToDuration(diags, obj.Start, t, tf.Attrs["start"]) + tf.Attrs["start"] = v + } + } + } + v.Unknown = false + tf.Attrs["notifications"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["audit"] = v + } + } + } + { + a, ok := tf.AttrTypes["membership_requires"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.membership_requires"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.membership_requires", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["membership_requires"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.MembershipRequires == nil { + v.Null = true + } else { + obj := obj.MembershipRequires + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.membership_requires.roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.membership_requires.roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.membership_requires.roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.membership_requires.roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["traits"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.membership_requires.traits"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.membership_requires.traits", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["traits"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)) + } + } + if obj.Traits != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Traits) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)) + } + for k, a := range obj.Traits { + v, ok := tf.Attrs["traits"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["key"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.membership_requires.traits.key"}) + } else { + v, ok := tf.Attrs["key"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.membership_requires.traits.key", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.membership_requires.traits.key", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Key) == "" + } + v.Value = string(obj.Key) + v.Unknown = false + tf.Attrs["key"] = v + } + } + { + a, ok := tf.AttrTypes["values"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.membership_requires.traits.values"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.membership_requires.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + } + if obj.Values != nil { + t := o.ElemType + if len(obj.Values) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + for k, a := range obj.Values { + v, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.membership_requires.traits.values", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.membership_requires.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Values) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["values"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Traits) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["traits"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["membership_requires"] = v + } + } + } + { + a, ok := tf.AttrTypes["ownership_requires"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.ownership_requires"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.ownership_requires", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["ownership_requires"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.OwnershipRequires == nil { + v.Null = true + } else { + obj := obj.OwnershipRequires + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.ownership_requires.roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.ownership_requires.roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.ownership_requires.roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.ownership_requires.roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["traits"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.ownership_requires.traits"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.ownership_requires.traits", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["traits"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)) + } + } + if obj.Traits != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Traits) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)) + } + for k, a := range obj.Traits { + v, ok := tf.Attrs["traits"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["key"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.ownership_requires.traits.key"}) + } else { + v, ok := tf.Attrs["key"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.ownership_requires.traits.key", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.ownership_requires.traits.key", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Key) == "" + } + v.Value = string(obj.Key) + v.Unknown = false + tf.Attrs["key"] = v + } + } + { + a, ok := tf.AttrTypes["values"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.ownership_requires.traits.values"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.ownership_requires.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + } + if obj.Values != nil { + t := o.ElemType + if len(obj.Values) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + for k, a := range obj.Values { + v, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.ownership_requires.traits.values", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.ownership_requires.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Values) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["values"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Traits) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["traits"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["ownership_requires"] = v + } + } + } + { + a, ok := tf.AttrTypes["grants"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.grants"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.grants", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["grants"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Grants == nil { + v.Null = true + } else { + obj := obj.Grants + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.grants.roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.grants.roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.grants.roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.grants.roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["traits"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.grants.traits"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.grants.traits", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["traits"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)) + } + } + if obj.Traits != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Traits) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)) + } + for k, a := range obj.Traits { + v, ok := tf.Attrs["traits"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["key"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.grants.traits.key"}) + } else { + v, ok := tf.Attrs["key"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.grants.traits.key", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.grants.traits.key", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Key) == "" + } + v.Value = string(obj.Key) + v.Unknown = false + tf.Attrs["key"] = v + } + } + { + a, ok := tf.AttrTypes["values"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.grants.traits.values"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.grants.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + } + if obj.Values != nil { + t := o.ElemType + if len(obj.Values) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + for k, a := range obj.Values { + v, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.grants.traits.values", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.grants.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Values) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["values"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Traits) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["traits"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["grants"] = v + } + } + } + { + t, ok := tf.AttrTypes["title"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.title"}) + } else { + v, ok := tf.Attrs["title"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.title", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.title", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Title) == "" + } + v.Value = string(obj.Title) + v.Unknown = false + tf.Attrs["title"] = v + } + } + { + a, ok := tf.AttrTypes["owner_grants"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.owner_grants"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owner_grants", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["owner_grants"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.OwnerGrants == nil { + v.Null = true + } else { + obj := obj.OwnerGrants + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.owner_grants.roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owner_grants.roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.owner_grants.roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owner_grants.roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["traits"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.owner_grants.traits"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owner_grants.traits", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["traits"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)) + } + } + if obj.Traits != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Traits) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Traits)) + } + for k, a := range obj.Traits { + v, ok := tf.Attrs["traits"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["key"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.owner_grants.traits.key"}) + } else { + v, ok := tf.Attrs["key"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.owner_grants.traits.key", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owner_grants.traits.key", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Key) == "" + } + v.Value = string(obj.Key) + v.Unknown = false + tf.Attrs["key"] = v + } + } + { + a, ok := tf.AttrTypes["values"] + if !ok { + diags.Append(attrWriteMissingDiag{"AccessList.spec.owner_grants.traits.values"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owner_grants.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + } + if obj.Values != nil { + t := o.ElemType + if len(obj.Values) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + for k, a := range obj.Values { + v, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AccessList.spec.owner_grants.traits.values", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AccessList.spec.owner_grants.traits.values", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Values) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["values"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Traits) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["traits"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["owner_grants"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// attrReadMissingDiag represents diagnostic message on an attribute missing in the source object +type attrReadMissingDiag struct { + Path string +} + +func (d attrReadMissingDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrReadMissingDiag) Summary() string { + return "Error reading from Terraform object" +} + +func (d attrReadMissingDiag) Detail() string { + return fmt.Sprintf("A value for %v is missing in the source Terraform object Attrs", d.Path) +} + +func (d attrReadMissingDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrReadConversionFailureDiag represents diagnostic message on a failed type conversion on read +type attrReadConversionFailureDiag struct { + Path string + Type string +} + +func (d attrReadConversionFailureDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrReadConversionFailureDiag) Summary() string { + return "Error reading from Terraform object" +} + +func (d attrReadConversionFailureDiag) Detail() string { + return fmt.Sprintf("A value for %v can not be converted to %v", d.Path, d.Type) +} + +func (d attrReadConversionFailureDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteMissingDiag represents diagnostic message on an attribute missing in the target object +type attrWriteMissingDiag struct { + Path string +} + +func (d attrWriteMissingDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteMissingDiag) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteMissingDiag) Detail() string { + return fmt.Sprintf("A value for %v is missing in the source Terraform object AttrTypes", d.Path) +} + +func (d attrWriteMissingDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteConversionFailureDiag represents diagnostic message on a failed type conversion on write +type attrWriteConversionFailureDiag struct { + Path string + Type string +} + +func (d attrWriteConversionFailureDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteConversionFailureDiag) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteConversionFailureDiag) Detail() string { + return fmt.Sprintf("A value for %v can not be converted to %v", d.Path, d.Type) +} + +func (d attrWriteConversionFailureDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteGeneralError represents diagnostic message on a generic error on write +type attrWriteGeneralError struct { + Path string + Err error +} + +func (d attrWriteGeneralError) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteGeneralError) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteGeneralError) Detail() string { + return fmt.Sprintf("%s: %s", d.Path, d.Err.Error()) +} + +func (d attrWriteGeneralError) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} diff --git a/integrations/terraform/tfschema/accesslist/v1/custom_types.go b/integrations/terraform/tfschema/accesslist/v1/custom_types.go new file mode 100644 index 0000000000000..3f20d59778f7f --- /dev/null +++ b/integrations/terraform/tfschema/accesslist/v1/custom_types.go @@ -0,0 +1,100 @@ +/* +Copyright 2023 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +import ( + "context" + "fmt" + + "github.com/hashicorp/terraform-plugin-framework/attr" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "google.golang.org/protobuf/types/known/durationpb" + "google.golang.org/protobuf/types/known/timestamppb" + + "github.com/gravitational/teleport/integrations/terraform/tfschema" +) + +func GenSchemaTimestamp(_ context.Context) tfsdk.Attribute { + return tfsdk.Attribute{ + Optional: true, + Type: tfschema.UseRFC3339Time(), + } +} + +func CopyFromTimestamp(diags diag.Diagnostics, v attr.Value, o **timestamppb.Timestamp) { + value, ok := v.(tfschema.TimeValue) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to String", v)) + return + } + + if value.IsNull() { + *o = nil + } else { + *o = timestamppb.New(value.Value) + } +} + +func CopyToTimestamp(diags diag.Diagnostics, o *timestamppb.Timestamp, t attr.Type, v attr.Value) attr.Value { + value, ok := v.(tfschema.TimeValue) + if !ok { + value = tfschema.TimeValue{} + } + + if o == nil { + value.Null = true + return value + } + + value.Value = (*o).AsTime() + + return value +} + +func GenSchemaDuration(_ context.Context) tfsdk.Attribute { + return tfsdk.Attribute{ + Optional: true, + Type: tfschema.DurationType{}, + } +} + +func CopyFromDuration(diags diag.Diagnostics, v attr.Value, o **durationpb.Duration) { + value, ok := v.(tfschema.DurationValue) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to String", v)) + return + } + + *o = durationpb.New(value.Value) +} + +func CopyToDuration(diags diag.Diagnostics, o *durationpb.Duration, t attr.Type, v attr.Value) attr.Value { + value, ok := v.(tfschema.DurationValue) + if !ok { + value = tfschema.DurationValue{} + } + + if o == nil { + value.Null = true + return value + } + + value.Value = (*o).AsDuration() + + return value +} diff --git a/integrations/terraform/tfschema/custom_types.go b/integrations/terraform/tfschema/custom_types.go new file mode 100644 index 0000000000000..2be6955787be9 --- /dev/null +++ b/integrations/terraform/tfschema/custom_types.go @@ -0,0 +1,248 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package tfschema + +import ( + "context" + fmt "fmt" + + apitypes "github.com/gravitational/teleport/api/types" + "github.com/gravitational/teleport/api/types/wrappers" + "github.com/gravitational/teleport/api/utils" + "github.com/hashicorp/terraform-plugin-framework/attr" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" +) + +// GenSchemaBoolOptions returns Terraform schema for BoolOption type +func GenSchemaBoolOption(_ context.Context) tfsdk.Attribute { + return tfsdk.Attribute{ + Optional: true, + Type: types.BoolType, + } +} + +// GenSchemaBoolOptions returns Terraform schema for Traits type +func GenSchemaTraits(_ context.Context) tfsdk.Attribute { + return tfsdk.Attribute{ + Optional: true, + Type: types.MapType{ + ElemType: types.ListType{ + ElemType: types.StringType, + }, + }, + } +} + +// GenSchemaBoolOptions returns Terraform schema for Labels type +func GenSchemaLabels(ctx context.Context) tfsdk.Attribute { + return GenSchemaTraits(ctx) +} + +func CopyFromBoolOption(diags diag.Diagnostics, tf attr.Value, o **apitypes.BoolOption) { + v, ok := tf.(types.Bool) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.Bool", tf)) + return + } + value := apitypes.BoolOption{Value: v.Value} + *o = &value +} + +func CopyToBoolOption(diags diag.Diagnostics, o *apitypes.BoolOption, t attr.Type, v attr.Value) attr.Value { + value, ok := v.(types.Bool) + if !ok { + value = types.Bool{} + } + + if o == nil { + value.Null = true + return value + } + + value.Value = o.Value + + return value +} + +func CopyFromLabels(diags diag.Diagnostics, v attr.Value, o *apitypes.Labels) { + value, ok := v.(types.Map) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.Map", v)) + return + } + + *o = make(map[string]utils.Strings, len(value.Elems)) + for k, e := range value.Elems { + l, ok := e.(types.List) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.List", l)) + return + } + + (*o)[k] = make(utils.Strings, len(l.Elems)) + + for i, v := range l.Elems { + s, ok := v.(types.String) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.String", s)) + return + } + + (*o)[k][i] = s.Value + } + } +} + +func CopyToLabels(diags diag.Diagnostics, o apitypes.Labels, t attr.Type, v attr.Value) attr.Value { + typ := t.(types.MapType) // By the convention, t comes type-asserted so there would be no failure + + value, ok := v.(types.Map) + if !ok { + value = types.Map{ElemType: typ.ElemType} + } + + if value.Elems == nil { + value.Elems = make(map[string]attr.Value, len(o)) + } + + for k, l := range o { + row := types.List{ + ElemType: types.StringType, + Elems: make([]attr.Value, len(l)), + } + + for i, e := range l { + row.Elems[i] = types.String{Value: e} + } + + value.Elems[k] = row + } + + return value +} + +func CopyFromTraits(diags diag.Diagnostics, v attr.Value, o *wrappers.Traits) { + value, ok := v.(types.Map) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.Map", v)) + return + } + + *o = make(wrappers.Traits, len(value.Elems)) + for k, e := range value.Elems { + l, ok := e.(types.List) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.List", l)) + return + } + + (*o)[k] = make(utils.Strings, len(l.Elems)) + + for i, v := range l.Elems { + s, ok := v.(types.String) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.String", s)) + return + } + + (*o)[k][i] = s.Value + } + } +} + +func CopyToTraits(diags diag.Diagnostics, o wrappers.Traits, t attr.Type, v attr.Value) attr.Value { + typ := t.(types.MapType) // By the convention, t comes type-asserted so there would be no failure + + value, ok := v.(types.Map) + if !ok { + value = types.Map{ElemType: typ.ElemType} + } + + if value.Elems == nil { + value.Elems = make(map[string]attr.Value, len(o)) + } + + for k, l := range o { + row := types.List{ + ElemType: types.StringType, + Elems: make([]attr.Value, len(l)), + } + + for i, e := range l { + row.Elems[i] = types.String{Value: e} + } + + value.Elems[k] = row + } + + return value +} + +// GenSchemaStrings returns Terraform schema for Strings type +func GenSchemaStrings(_ context.Context) tfsdk.Attribute { + return tfsdk.Attribute{ + Optional: true, + Type: types.ListType{ + ElemType: types.StringType, + }, + } +} + +// CopyFromStrings converts from a Terraform value into a Teleport wrappers.Strings +// The received value must be of List type +func CopyFromStrings(diags diag.Diagnostics, v attr.Value, o *wrappers.Strings) { + value, ok := v.(types.List) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.List", v)) + return + } + + *o = make(wrappers.Strings, len(value.Elems)) + for i, tfValue := range value.Elems { + tfString, ok := tfValue.(types.String) + if !ok { + diags.AddError("Error reading from Terraform object", fmt.Sprintf("Can not convert %T to types.String", tfValue)) + return + } + + (*o)[i] = tfString.Value + } +} + +// CopyFromStrings converts from a Teleport wrappers.Strings into a Terraform List with ElemType of String +func CopyToStrings(diags diag.Diagnostics, o wrappers.Strings, t attr.Type, v attr.Value) attr.Value { + typ := t.(types.ListType) // By the convention, t comes type-asserted so there would be no failure + + value, ok := v.(types.List) + if !ok { + value = types.List{ElemType: typ.ElemType} + } + + if value.Elems == nil { + value.Elems = make([]attr.Value, len(o)) + } + + for k, l := range o { + value.Elems[k] = types.String{ + Value: l, + } + } + + return value +} diff --git a/integrations/terraform/tfschema/custom_types_test.go b/integrations/terraform/tfschema/custom_types_test.go new file mode 100644 index 0000000000000..b2d3cc457077d --- /dev/null +++ b/integrations/terraform/tfschema/custom_types_test.go @@ -0,0 +1,65 @@ +/* +Copyright 2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package tfschema + +import ( + "testing" + + "github.com/gravitational/teleport/api/types/wrappers" + "github.com/hashicorp/terraform-plugin-framework/attr" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/stretchr/testify/require" +) + +func TestStringsCopyTo(t *testing.T) { + t.Parallel() + + diags := diag.Diagnostics{} + input := wrappers.Strings{"hello", "world"} + expected := []attr.Value{ + types.String{Value: "hello"}, + types.String{Value: "world"}, + } + terraformType := types.ListType{} + valueInitial := types.List{} + + value := CopyToStrings(diags, input, terraformType, valueInitial) + + require.Empty(t, diags) + require.ElementsMatch(t, expected, value.(types.List).Elems) +} + +func TestStringsCopyFrom(t *testing.T) { + t.Parallel() + + diags := diag.Diagnostics{} + input := types.List{ + ElemType: types.StringType, + Elems: []attr.Value{ + types.String{Value: "hello"}, + types.String{Value: "world"}, + }, + } + expected := wrappers.Strings{"hello", "world"} + got := wrappers.Strings{} + + CopyFromStrings(diags, input, &got) + + require.Empty(t, diags) + require.ElementsMatch(t, expected, got) +} diff --git a/integrations/terraform/tfschema/devicetrust/v1/device_terraform.go b/integrations/terraform/tfschema/devicetrust/v1/device_terraform.go new file mode 100644 index 0000000000000..dcc2c5280ecfe --- /dev/null +++ b/integrations/terraform/tfschema/devicetrust/v1/device_terraform.go @@ -0,0 +1,874 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: teleport/legacy/types/device.proto + +package v1 + +import ( + context "context" + fmt "fmt" + math "math" + time "time" + + _ "github.com/gogo/protobuf/gogoproto" + proto "github.com/gogo/protobuf/proto" + github_com_gravitational_teleport_api_types "github.com/gravitational/teleport/api/types" + github_com_hashicorp_terraform_plugin_framework_attr "github.com/hashicorp/terraform-plugin-framework/attr" + github_com_hashicorp_terraform_plugin_framework_diag "github.com/hashicorp/terraform-plugin-framework/diag" + github_com_hashicorp_terraform_plugin_framework_tfsdk "github.com/hashicorp/terraform-plugin-framework/tfsdk" + github_com_hashicorp_terraform_plugin_framework_types "github.com/hashicorp/terraform-plugin-framework/types" + github_com_hashicorp_terraform_plugin_go_tftypes "github.com/hashicorp/terraform-plugin-go/tftypes" + _ "google.golang.org/protobuf/types/known/timestamppb" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf +var _ = time.Kitchen + +// GenSchemaDeviceV1 returns tfsdk.Schema definition for DeviceV1 +func GenSchemaDeviceV1(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Computed: true, + Description: "Metadata is resource metadata", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "asset_tag": { + Description: "", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "enroll_status": { + Computed: true, + Description: "", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "os_type": { + Description: "", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "owner": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "source": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "name": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "origin": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "", + Optional: true, + }, + }), + Description: "Specification of the device.", + Optional: true, + }, + "version": { + Description: "Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by \"v\". For example: `v1`", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }}, nil +} + +// CopyDeviceV1FromTerraform copies contents of the source Terraform object into a target struct +func CopyDeviceV1FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.DeviceV1) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = nil + if !v.Null && !v.Unknown { + tf := v + obj.Spec = &github_com_gravitational_teleport_api_types.DeviceSpec{} + obj := obj.Spec + { + a, ok := tf.Attrs["os_type"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.spec.os_type"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.os_type", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.OsType = t + } + } + } + { + a, ok := tf.Attrs["asset_tag"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.spec.asset_tag"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.asset_tag", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AssetTag = t + } + } + } + { + a, ok := tf.Attrs["enroll_status"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.spec.enroll_status"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.enroll_status", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EnrollStatus = t + } + } + } + { + a, ok := tf.Attrs["source"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.spec.source"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.source", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Source = nil + if !v.Null && !v.Unknown { + tf := v + obj.Source = &github_com_gravitational_teleport_api_types.DeviceSource{} + obj := obj.Source + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.spec.source.name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.source.name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["origin"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.spec.source.origin"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.source.origin", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Origin = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["owner"] + if !ok { + diags.Append(attrReadMissingDiag{"DeviceV1.spec.owner"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.owner", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Owner = t + } + } + } + } + } + } + } + return diags +} + +// CopyDeviceV1ToTerraform copies contents of the source Terraform object into a target struct +func CopyDeviceV1ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.DeviceV1, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Spec == nil { + v.Null = true + } else { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["os_type"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.spec.os_type"}) + } else { + v, ok := tf.Attrs["os_type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.spec.os_type", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.os_type", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.OsType) == "" + } + v.Value = string(obj.OsType) + v.Unknown = false + tf.Attrs["os_type"] = v + } + } + { + t, ok := tf.AttrTypes["asset_tag"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.spec.asset_tag"}) + } else { + v, ok := tf.Attrs["asset_tag"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.spec.asset_tag", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.asset_tag", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AssetTag) == "" + } + v.Value = string(obj.AssetTag) + v.Unknown = false + tf.Attrs["asset_tag"] = v + } + } + { + t, ok := tf.AttrTypes["enroll_status"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.spec.enroll_status"}) + } else { + v, ok := tf.Attrs["enroll_status"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.spec.enroll_status", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.enroll_status", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EnrollStatus) == "" + } + v.Value = string(obj.EnrollStatus) + v.Unknown = false + tf.Attrs["enroll_status"] = v + } + } + { + a, ok := tf.AttrTypes["source"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.spec.source"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.source", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["source"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Source == nil { + v.Null = true + } else { + obj := obj.Source + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.spec.source.name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.spec.source.name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.source.name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["origin"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.spec.source.origin"}) + } else { + v, ok := tf.Attrs["origin"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.spec.source.origin", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.source.origin", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Origin) == "" + } + v.Value = string(obj.Origin) + v.Unknown = false + tf.Attrs["origin"] = v + } + } + } + v.Unknown = false + tf.Attrs["source"] = v + } + } + } + { + t, ok := tf.AttrTypes["owner"] + if !ok { + diags.Append(attrWriteMissingDiag{"DeviceV1.spec.owner"}) + } else { + v, ok := tf.Attrs["owner"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DeviceV1.spec.owner", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.owner", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Owner) == "" + } + v.Value = string(obj.Owner) + v.Unknown = false + tf.Attrs["owner"] = v + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// attrReadMissingDiag represents diagnostic message on an attribute missing in the source object +type attrReadMissingDiag struct { + Path string +} + +func (d attrReadMissingDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrReadMissingDiag) Summary() string { + return "Error reading from Terraform object" +} + +func (d attrReadMissingDiag) Detail() string { + return fmt.Sprintf("A value for %v is missing in the source Terraform object Attrs", d.Path) +} + +func (d attrReadMissingDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrReadConversionFailureDiag represents diagnostic message on a failed type conversion on read +type attrReadConversionFailureDiag struct { + Path string + Type string +} + +func (d attrReadConversionFailureDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrReadConversionFailureDiag) Summary() string { + return "Error reading from Terraform object" +} + +func (d attrReadConversionFailureDiag) Detail() string { + return fmt.Sprintf("A value for %v can not be converted to %v", d.Path, d.Type) +} + +func (d attrReadConversionFailureDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteMissingDiag represents diagnostic message on an attribute missing in the target object +type attrWriteMissingDiag struct { + Path string +} + +func (d attrWriteMissingDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteMissingDiag) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteMissingDiag) Detail() string { + return fmt.Sprintf("A value for %v is missing in the source Terraform object AttrTypes", d.Path) +} + +func (d attrWriteMissingDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteConversionFailureDiag represents diagnostic message on a failed type conversion on write +type attrWriteConversionFailureDiag struct { + Path string + Type string +} + +func (d attrWriteConversionFailureDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteConversionFailureDiag) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteConversionFailureDiag) Detail() string { + return fmt.Sprintf("A value for %v can not be converted to %v", d.Path, d.Type) +} + +func (d attrWriteConversionFailureDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteGeneralError represents diagnostic message on a generic error on write +type attrWriteGeneralError struct { + Path string + Err error +} + +func (d attrWriteGeneralError) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteGeneralError) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteGeneralError) Detail() string { + return fmt.Sprintf("%s: %s", d.Path, d.Err.Error()) +} + +func (d attrWriteGeneralError) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} diff --git a/integrations/terraform/tfschema/duration_type.go b/integrations/terraform/tfschema/duration_type.go new file mode 100644 index 0000000000000..25434f77002cb --- /dev/null +++ b/integrations/terraform/tfschema/duration_type.go @@ -0,0 +1,171 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package tfschema + +import ( + "context" + fmt "fmt" + time "time" + + "github.com/gravitational/trace" + "github.com/hashicorp/terraform-plugin-framework/attr" + tftypes "github.com/hashicorp/terraform-plugin-go/tftypes" +) + +// DurationType represents time.Time Terraform type which is stored in RFC3339 format, nanoseconds truncated +type DurationType struct { + attr.Type +} + +// DurationValue represents Terraform value of type DurationType +type DurationValue struct { + // Unknown will be true if the value is not yet known. + Unknown bool + // Null will be true if the value was not set, or was explicitly set to null. + Null bool + // Value contains the set value, as long as Unknown and Null are both false. + Value time.Duration + // rawValue represents the string original string value of a Value + rawValue string +} + +// ApplyTerraform5AttributePathStep is not implemented for DurationType +func (t DurationType) ApplyTerraform5AttributePathStep(step tftypes.AttributePathStep) (interface{}, error) { + return nil, fmt.Errorf("cannot apply AttributePathStep %T to %s", step, t.String()) +} + +// String returns string representation of DurationType +func (t DurationType) String() string { + return "DurationType" +} + +// Equal returns type equality +func (t DurationType) Equal(o attr.Type) bool { + other, ok := o.(DurationType) + if !ok { + return false + } + return t == other +} + +// TerraformType returns type which is used in Terraform status (time is stored as string) +func (t DurationType) TerraformType(_ context.Context) tftypes.Type { + return tftypes.String +} + +// ValueFromTerraform decodes terraform value and returns it as DurationType +func (t DurationType) ValueFromTerraform(ctx context.Context, in tftypes.Value) (attr.Value, error) { + if !in.IsKnown() { + return DurationValue{Unknown: true}, nil + } + if in.IsNull() { + return DurationValue{Null: true}, nil + } + + var raw string + err := in.As(&raw) + if err != nil { + return nil, err + } + + // Error is deliberately silenced here. If a value is corrupted, this would be caught in Validate() method which + // for some reason is called after ValueFromTerraform(). + current, err := time.ParseDuration(raw) + if err != nil { + return nil, err + } + + return DurationValue{Value: current, rawValue: raw}, nil +} + +// Type returns value type +func (t DurationValue) Type(_ context.Context) attr.Type { + return DurationType{} +} + +// ToTerraformValue returns the data contained in the *String as a string. If +// Unknown is true, it returns a tftypes.UnknownValue. If Null is true, it +// returns nil. +func (t DurationValue) ToTerraformValue(ctx context.Context) (tftypes.Value, error) { + if t.Null { + return tftypes.NewValue(tftypes.String, nil), nil + } + if t.Unknown { + return tftypes.NewValue(tftypes.String, tftypes.UnknownValue), nil + } + + value := t.Value.String() + + // NOTE: + // Non-empty rawValue means that we have just parsed it and need to return back the same string representation. + // Otherwise, if the value was written as "2s" in the config, t.Value.String() would generate "0h2s" + // and it, in turn, would lead to state drift. + // String value must stay the same until value gets explicitly changed. + // This possibly would be fixed in future Terraform framework releases because. + // It acts as in-step cache. + // The reason behind this is possibly because plan diff calculator does not use Eual() + if t.rawValue != "" { + currentRawValue, err := time.ParseDuration(t.rawValue) + if err != nil { + return tftypes.NewValue(tftypes.String, tftypes.UnknownValue), trace.Wrap(err) + } + + if currentRawValue == t.Value { + value = t.rawValue + } + } + + return tftypes.NewValue(tftypes.String, value), nil +} + +// Equal returns true if `other` if durations are equal +func (t DurationValue) Equal(other attr.Value) bool { + o, ok := other.(DurationValue) + if !ok { + return false + } + if t.Unknown != o.Unknown { + return false + } + if t.Null != o.Null { + return false + } + return t.Value == o.Value +} + +// IsNull returns true if receiver is null +func (t DurationValue) IsNull() bool { + return t.Null +} + +// IsUnknown returns true if receiver is unknown +func (t DurationValue) IsUnknown() bool { + return t.Unknown +} + +// String returns the string representation of the receiver +func (t DurationValue) String() string { + if t.Unknown { + return attr.UnknownValueString + } + + if t.Null { + return attr.NullValueString + } + + return t.Value.String() +} diff --git a/integrations/terraform/tfschema/loginrule/v1/loginrule_terraform.go b/integrations/terraform/tfschema/loginrule/v1/loginrule_terraform.go new file mode 100644 index 0000000000000..7c7f7feb9bc5e --- /dev/null +++ b/integrations/terraform/tfschema/loginrule/v1/loginrule_terraform.go @@ -0,0 +1,855 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: teleport/loginrule/v1/loginrule.proto + +package v1 + +import ( + context "context" + fmt "fmt" + math "math" + time "time" + + proto "github.com/gogo/protobuf/proto" + github_com_gravitational_teleport_api_gen_proto_go_teleport_loginrule_v1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/loginrule/v1" + _ "github.com/gravitational/teleport/api/types" + github_com_gravitational_teleport_api_types "github.com/gravitational/teleport/api/types" + github_com_gravitational_teleport_api_types_wrappers "github.com/gravitational/teleport/api/types/wrappers" + github_com_gravitational_teleport_integrations_terraform_tfschema "github.com/gravitational/teleport/integrations/terraform/tfschema" + github_com_hashicorp_terraform_plugin_framework_attr "github.com/hashicorp/terraform-plugin-framework/attr" + github_com_hashicorp_terraform_plugin_framework_diag "github.com/hashicorp/terraform-plugin-framework/diag" + github_com_hashicorp_terraform_plugin_framework_tfsdk "github.com/hashicorp/terraform-plugin-framework/tfsdk" + github_com_hashicorp_terraform_plugin_framework_types "github.com/hashicorp/terraform-plugin-framework/types" + github_com_hashicorp_terraform_plugin_go_tftypes "github.com/hashicorp/terraform-plugin-go/tftypes" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf +var _ = time.Kitchen + +// GenSchemaLoginRule returns tfsdk.Schema definition for LoginRule +func GenSchemaLoginRule(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: github_com_gravitational_teleport_integrations_terraform_tfschema.UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{github_com_gravitational_teleport_integrations_terraform_tfschema.MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata.", + Optional: true, + }, + "priority": { + Description: "Priority is the priority of the login rule relative to other login rules in the same cluster. Login rules with a lower numbered priority will be evaluated first.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "traits_expression": { + Description: "TraitsExpression is a predicate expression which should return the desired traits for the user upon login.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "traits_map": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.MapNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"values": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }}), + Description: "TraitsMap is a map of trait keys to lists of predicate expressions which should evaluate to the desired values for that trait.", + Optional: true, + }, + "version": { + Description: "Version is the resource version.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }}, nil +} + +// CopyLoginRuleFromTerraform copies contents of the source Terraform object into a target struct +func CopyLoginRuleFromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_gen_proto_go_teleport_loginrule_v1.LoginRule) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = nil + if !v.Null && !v.Unknown { + tf := v + obj.Metadata = &github_com_gravitational_teleport_api_types.Metadata{} + obj := obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.metadata.Expires"}) + } else { + v, ok := a.(github_com_gravitational_teleport_integrations_terraform_tfschema.TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.metadata.Expires", "github.com/gravitational/teleport/integrations/terraform/tfschema.TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["priority"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.priority"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.priority", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int32 + if !v.Null && !v.Unknown { + t = int32(v.Value) + } + obj.Priority = t + } + } + } + { + a, ok := tf.Attrs["traits_map"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.traits_map"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.traits_map", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.TraitsMap = make(map[string]*github_com_gravitational_teleport_api_types_wrappers.StringValues, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.traits_map", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types_wrappers.StringValues + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types_wrappers.StringValues{} + obj := t + { + a, ok := tf.Attrs["values"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.traits_map.Values"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.traits_map.Values", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Values = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.traits_map.Values", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Values[k] = t + } + } + } + } + } + } + } + obj.TraitsMap[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["traits_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"LoginRule.traits_expression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"LoginRule.traits_expression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.TraitsExpression = t + } + } + } + return diags +} + +// CopyLoginRuleToTerraform copies contents of the source Terraform object into a target struct +func CopyLoginRuleToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_gen_proto_go_teleport_loginrule_v1.LoginRule, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Metadata == nil { + v.Null = true + } else { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(github_com_gravitational_teleport_integrations_terraform_tfschema.TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.metadata.Expires", err}) + } + v, ok = i.(github_com_gravitational_teleport_integrations_terraform_tfschema.TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.metadata.Expires", "github.com/gravitational/teleport/integrations/terraform/tfschema.TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + t, ok := tf.AttrTypes["priority"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.priority"}) + } else { + v, ok := tf.Attrs["priority"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.priority", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.priority", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Priority) == 0 + } + v.Value = int64(obj.Priority) + v.Unknown = false + tf.Attrs["priority"] = v + } + } + { + a, ok := tf.AttrTypes["traits_map"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.traits_map"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.traits_map", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["traits_map"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TraitsMap)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TraitsMap)) + } + } + if obj.TraitsMap != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + for k, a := range obj.TraitsMap { + v, ok := tf.Attrs["traits_map"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["values"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.traits_map.Values"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.traits_map.Values", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + } + if obj.Values != nil { + t := o.ElemType + if len(obj.Values) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Values)) + } + for k, a := range obj.Values { + v, ok := tf.Attrs["values"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.traits_map.Values", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.traits_map.Values", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Values) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["values"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.TraitsMap) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["traits_map"] = c + } + } + } + { + t, ok := tf.AttrTypes["traits_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"LoginRule.traits_expression"}) + } else { + v, ok := tf.Attrs["traits_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"LoginRule.traits_expression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"LoginRule.traits_expression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.TraitsExpression) == "" + } + v.Value = string(obj.TraitsExpression) + v.Unknown = false + tf.Attrs["traits_expression"] = v + } + } + return diags +} + +// attrReadMissingDiag represents diagnostic message on an attribute missing in the source object +type attrReadMissingDiag struct { + Path string +} + +func (d attrReadMissingDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrReadMissingDiag) Summary() string { + return "Error reading from Terraform object" +} + +func (d attrReadMissingDiag) Detail() string { + return fmt.Sprintf("A value for %v is missing in the source Terraform object Attrs", d.Path) +} + +func (d attrReadMissingDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrReadConversionFailureDiag represents diagnostic message on a failed type conversion on read +type attrReadConversionFailureDiag struct { + Path string + Type string +} + +func (d attrReadConversionFailureDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrReadConversionFailureDiag) Summary() string { + return "Error reading from Terraform object" +} + +func (d attrReadConversionFailureDiag) Detail() string { + return fmt.Sprintf("A value for %v can not be converted to %v", d.Path, d.Type) +} + +func (d attrReadConversionFailureDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteMissingDiag represents diagnostic message on an attribute missing in the target object +type attrWriteMissingDiag struct { + Path string +} + +func (d attrWriteMissingDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteMissingDiag) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteMissingDiag) Detail() string { + return fmt.Sprintf("A value for %v is missing in the source Terraform object AttrTypes", d.Path) +} + +func (d attrWriteMissingDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteConversionFailureDiag represents diagnostic message on a failed type conversion on write +type attrWriteConversionFailureDiag struct { + Path string + Type string +} + +func (d attrWriteConversionFailureDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteConversionFailureDiag) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteConversionFailureDiag) Detail() string { + return fmt.Sprintf("A value for %v can not be converted to %v", d.Path, d.Type) +} + +func (d attrWriteConversionFailureDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteGeneralError represents diagnostic message on a generic error on write +type attrWriteGeneralError struct { + Path string + Err error +} + +func (d attrWriteGeneralError) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteGeneralError) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteGeneralError) Detail() string { + return fmt.Sprintf("%s: %s", d.Path, d.Err.Error()) +} + +func (d attrWriteGeneralError) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} diff --git a/integrations/terraform/tfschema/time_type.go b/integrations/terraform/tfschema/time_type.go new file mode 100644 index 0000000000000..d2873898c2b61 --- /dev/null +++ b/integrations/terraform/tfschema/time_type.go @@ -0,0 +1,221 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package tfschema + +import ( + "context" + fmt "fmt" + time "time" + + "github.com/hashicorp/terraform-plugin-framework/attr" + diag "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" + tftypes "github.com/hashicorp/terraform-plugin-go/tftypes" +) + +const ( + // timeThreshold represents time rounding threshold (nanoseconds would be cut off) + timeThreshold = time.Nanosecond +) + +// TimeType represents time.Time Terraform type which is stored in RFC3339 format, nanoseconds truncated +type TimeType struct { + attr.Type + Format string +} + +// Time represents Terraform value of type TimeType +type TimeValue struct { + // Unknown will be true if the value is not yet known. + Unknown bool + // Null will be true if the value was not set, or was explicitly set to null + Null bool + // Value contains the set value, as long as Unknown and Null are both false + Value time.Time + // Format is time.Time format used to parse/encode + Format string +} + +// UseRFC3339Time creates TimeType for rfc3339 +func UseRFC3339Time() TimeType { + return TimeType{Format: time.RFC3339} +} + +// ApplyTerraform5AttributePathStep is not implemented for TimeType +func (t TimeType) ApplyTerraform5AttributePathStep(step tftypes.AttributePathStep) (interface{}, error) { + return nil, fmt.Errorf("cannot apply AttributePathStep %T to %s", step, t.String()) +} + +// String returns string representation of TimeType +func (t TimeType) String() string { + return "TimeType(" + t.Format + ")" +} + +// Equal returns type equality +func (t TimeType) Equal(o attr.Type) bool { + other, ok := o.(TimeType) + if !ok { + return false + } + return t == other +} + +// TerraformType returns type which is used in Terraform status (time is stored as string) +func (t TimeType) TerraformType(_ context.Context) tftypes.Type { + return tftypes.String +} + +// ValueFromTerraform decodes terraform value and returns it as TimeType +func (t TimeType) ValueFromTerraform(ctx context.Context, in tftypes.Value) (attr.Value, error) { + if !in.IsKnown() { + return TimeValue{Unknown: true, Format: t.Format}, nil + } + if in.IsNull() { + return TimeValue{Null: true, Format: t.Format}, nil + } + var raw string + err := in.As(&raw) + if err != nil { + return nil, err + } + + // Error is deliberately silenced here. If a value is corrupted, this would be caught in Validate() method which + // for some reason is called after ValueFromTerraform(). + current, err := time.Parse(t.Format, raw) + if err != nil { + return nil, err + } + + return TimeValue{Value: current, Format: t.Format}, nil +} + +// Validate validates Terraform Time valud +func (t TimeType) Validate(ctx context.Context, in tftypes.Value, path path.Path) diag.Diagnostics { + var diags diag.Diagnostics + + if in.Type() == nil { + return diags + } + + if !in.Type().Is(tftypes.String) { + diags.AddAttributeError( + path, + "Time Type Validation Error", + "An unexpected error was encountered trying to validate an attribute value. This is always an error in the provider. Please report the following to the provider developer:\n\n"+ + fmt.Sprintf("Expected Time value, received %T with value: %v", in, in), + ) + return diags + } + + if !in.IsKnown() || in.IsNull() { + return diags + } + + var s string + err := in.As(&s) + + if err != nil { + diags.AddAttributeError( + path, + "Time Type Validation Error", + "An unexpected error was encountered trying to validate an attribute value. This is always an error in the provider. Please report the following to the provider developer:\n\n"+ + fmt.Sprintf("Cannot convert value to Time: %s", err), + ) + return diags + } + + current, err := time.Parse(t.Format, s) + if err != nil { + diags.AddAttributeError( + path, + "Time Type Validation Error", + "An unexpected error was encountered trying to validate an attribute value. This is always an error in the provider. Please report the following to the provider developer:\n\n"+ + fmt.Sprintf("Cannot parse value as Time in format RFC3339: %s", err), + ) + return diags + } + + if current.Nanosecond() > 0 { + diags.AddAttributeError( + path, + "Time Type Validation Error", + "An unexpected error was encountered trying to validate an attribute value. This is always an error in the provider. Please report the following to the provider developer:\n\n"+ + "Time must not contain nanoseconds", + ) + return diags + } + + return diags +} + +// Type returns value type +func (t TimeValue) Type(_ context.Context) attr.Type { + return TimeType{Format: t.Format} +} + +// ToTerraformValue returns the data contained in the *String as a string. If +// Unknown is true, it returns a tftypes.UnknownValue. If Null is true, it +// returns nil. +func (t TimeValue) ToTerraformValue(ctx context.Context) (tftypes.Value, error) { + if t.Null { + return tftypes.NewValue(tftypes.String, nil), nil + } + if t.Unknown { + return tftypes.NewValue(tftypes.String, tftypes.UnknownValue), nil + } + + return tftypes.NewValue(tftypes.String, t.Value.Truncate(timeThreshold).Format(t.Format)), nil +} + +// Equal returns true if `other` is a *String and has the same value as `s`. +func (t TimeValue) Equal(other attr.Value) bool { + o, ok := other.(TimeValue) + if !ok { + return false + } + if t.Unknown != o.Unknown { + return false + } + if t.Null != o.Null { + return false + } + + return t.Value == o.Value +} + +// IsNull returns true if receiver is null +func (t TimeValue) IsNull() bool { + return t.Null +} + +// IsUnknown returns true if receiver is unknown +func (t TimeValue) IsUnknown() bool { + return t.Unknown +} + +// String returns the string representation of the receiver +func (t TimeValue) String() string { + if t.Unknown { + return attr.UnknownValueString + } + + if t.Null { + return attr.NullValueString + } + + return t.Value.String() +} diff --git a/integrations/terraform/tfschema/types_terraform.go b/integrations/terraform/tfschema/types_terraform.go new file mode 100644 index 0000000000000..185b589c3df26 --- /dev/null +++ b/integrations/terraform/tfschema/types_terraform.go @@ -0,0 +1,38298 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: teleport/legacy/types/types.proto + +package tfschema + +import ( + context "context" + fmt "fmt" + math "math" + time "time" + + _ "github.com/gogo/protobuf/gogoproto" + proto "github.com/gogo/protobuf/proto" + github_com_gravitational_teleport_api_constants "github.com/gravitational/teleport/api/constants" + _ "github.com/gravitational/teleport/api/gen/proto/go/attestation/v1" + github_com_gravitational_teleport_api_types "github.com/gravitational/teleport/api/types" + github_com_hashicorp_terraform_plugin_framework_attr "github.com/hashicorp/terraform-plugin-framework/attr" + github_com_hashicorp_terraform_plugin_framework_diag "github.com/hashicorp/terraform-plugin-framework/diag" + github_com_hashicorp_terraform_plugin_framework_tfsdk "github.com/hashicorp/terraform-plugin-framework/tfsdk" + github_com_hashicorp_terraform_plugin_framework_types "github.com/hashicorp/terraform-plugin-framework/types" + github_com_hashicorp_terraform_plugin_go_tftypes "github.com/hashicorp/terraform-plugin-go/tftypes" + _ "google.golang.org/protobuf/types/known/timestamppb" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf +var _ = time.Kitchen + +// GenSchemaDatabaseV3 returns tfsdk.Schema definition for DatabaseV3 +func GenSchemaDatabaseV3(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is the database resource kind.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseMapKeysPresentValidator("teleport.dev/origin")}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is the database metadata.", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "ad": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "domain": { + Description: "Domain is the Active Directory domain the database resides in.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kdc_host_name": { + Description: "KDCHostName is the host name for a KDC for x509 Authentication.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "keytab_file": { + Description: "KeytabFile is the path to the Kerberos keytab file.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "krb5_file": { + Description: "Krb5File is the path to the Kerberos configuration file. Defaults to /etc/krb5.conf.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "ldap_cert": { + Description: "LDAPCert is a certificate from Windows LDAP/AD, optional; only for x509 Authentication.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "spn": { + Description: "SPN is the service principal name for the database.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "AD is the Active Directory configuration for the database.", + Optional: true, + }, + "admin_user": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "default_database": { + Description: "DefaultDatabase is the database that the privileged database user logs into by default. Depending on the database type, this database may be used to store procedures or data for managing database users.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "name": { + Description: "Name is the username of the privileged database user.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "AdminUser is the database admin user for automatic user provisioning.", + Optional: true, + }, + "aws": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "account_id": { + Description: "AccountID is the AWS account ID this database belongs to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "assume_role_arn": { + Description: "AssumeRoleARN is an optional AWS role ARN to assume when accessing a database. Set this field and ExternalID to enable access across AWS accounts.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "elasticache": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "endpoint_type": { + Description: "EndpointType is the type of the endpoint.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "replication_group_id": { + Description: "ReplicationGroupID is the Redis replication group ID.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "transit_encryption_enabled": { + Description: "TransitEncryptionEnabled indicates whether in-transit encryption (TLS) is enabled.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "user_group_ids": { + Description: "UserGroupIDs is a list of user group IDs.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "ElastiCache contains AWS ElastiCache Redis specific metadata.", + Optional: true, + }, + "external_id": { + Description: "ExternalID is an optional AWS external ID used to enable assuming an AWS role across accounts.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "iam_policy_status": { + Description: "IAMPolicyStatus indicates whether the IAM Policy is configured properly for database access. If not, the user must update the AWS profile identity to allow access to the Database. Eg for an RDS Database: the underlying AWS profile allows for `rds-db:connect` for the Database.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "memorydb": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "acl_name": { + Description: "ACLName is the name of the ACL associated with the cluster.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "cluster_name": { + Description: "ClusterName is the name of the MemoryDB cluster.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "endpoint_type": { + Description: "EndpointType is the type of the endpoint.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "tls_enabled": { + Description: "TLSEnabled indicates whether in-transit encryption (TLS) is enabled.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + }), + Description: "MemoryDB contains AWS MemoryDB specific metadata.", + Optional: true, + }, + "opensearch": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "domain_id": { + Description: "DomainID is the ID of the domain.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "domain_name": { + Description: "DomainName is the name of the domain.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "endpoint_type": { + Description: "EndpointType is the type of the endpoint.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "OpenSearch contains AWS OpenSearch specific metadata.", + Optional: true, + }, + "rds": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "cluster_id": { + Description: "ClusterID is the RDS cluster (Aurora) identifier.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "iam_auth": { + Description: "IAMAuth indicates whether database IAM authentication is enabled.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "instance_id": { + Description: "InstanceID is the RDS instance identifier.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "resource_id": { + Description: "ResourceID is the RDS instance resource identifier (db-xxx).", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "subnets": { + Description: "Subnets is a list of subnets for the RDS instance.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "vpc_id": { + Description: "VPCID is the VPC where the RDS is running.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "RDS contains RDS specific metadata.", + Optional: true, + }, + "rdsproxy": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "custom_endpoint_name": { + Description: "CustomEndpointName is the identifier of an RDS Proxy custom endpoint.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "name": { + Description: "Name is the identifier of an RDS Proxy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "resource_id": { + Description: "ResourceID is the RDS instance resource identifier (prx-xxx).", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "RDSProxy contains AWS Proxy specific metadata.", + Optional: true, + }, + "redshift": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"cluster_id": { + Description: "ClusterID is the Redshift cluster identifier.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }}), + Description: "Redshift contains Redshift specific metadata.", + Optional: true, + }, + "redshift_serverless": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "endpoint_name": { + Description: "EndpointName is the VPC endpoint name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "workgroup_id": { + Description: "WorkgroupID is the workgroup ID.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "workgroup_name": { + Description: "WorkgroupName is the workgroup name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "RedshiftServerless contains AWS Redshift Serverless specific metadata.", + Optional: true, + }, + "region": { + Description: "Region is a AWS cloud region.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "secret_store": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "key_prefix": { + Description: "KeyPrefix specifies the secret key prefix.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kms_key_id": { + Description: "KMSKeyID specifies the AWS KMS key for encryption.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "SecretStore contains secret store configurations.", + Optional: true, + }, + "session_tags": { + Description: "SessionTags is a list of AWS STS session tags.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "AWS contains AWS specific settings for RDS/Aurora/Redshift databases.", + Optional: true, + }, + "azure": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "is_flexi_server": { + Description: "IsFlexiServer is true if the database is an Azure Flexible server.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "name": { + Description: "Name is the Azure database server name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "redis": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"clustering_policy": { + Description: "ClusteringPolicy is the clustering policy for Redis Enterprise.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }}), + Description: "Redis contains Azure Cache for Redis specific database metadata.", + Optional: true, + }, + "resource_id": { + Description: "ResourceID is the Azure fully qualified ID for the resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Azure contains Azure specific database metadata.", + Optional: true, + }, + "ca_cert": { + Description: "CACert is the PEM-encoded database CA certificate. DEPRECATED: Moved to TLS.CACert. DELETE IN 10.0.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "dynamic_labels": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.MapNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "command": { + Description: "Command is a command to run", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "period": { + Description: "Period is a time between command runs", + Optional: true, + Type: DurationType{}, + }, + "result": { + Description: "Result captures standard output", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "DynamicLabels is the database dynamic labels.", + Optional: true, + }, + "gcp": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "instance_id": { + Description: "InstanceID is the Cloud SQL instance ID.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "project_id": { + Description: "ProjectID is the GCP project ID the Cloud SQL instance resides in.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "GCP contains parameters specific to GCP Cloud SQL databases.", + Optional: true, + }, + "mongo_atlas": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"name": { + Description: "Name is the Atlas database instance name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }}), + Description: "MongoAtlas contains Atlas metadata about the database.", + Optional: true, + }, + "mysql": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"server_version": { + Description: "ServerVersion is the server version reported by DB proxy if the runtime information is not available.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }}), + Description: "MySQL is an additional section with MySQL database options.", + Optional: true, + }, + "oracle": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"audit_user": { + Description: "AuditUser is the Oracle database user privilege to access internal Oracle audit trail.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }}), + Description: "Oracle is an additional Oracle configuration options.", + Optional: true, + }, + "protocol": { + Description: "Protocol is the database protocol: postgres, mysql, mongodb, etc.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "tls": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "ca_cert": { + Description: "CACert is an optional user provided CA certificate used for verifying database TLS connection.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "mode": { + Description: "Mode is a TLS connection mode. 0 is \"verify-full\"; 1 is \"verify-ca\", 2 is \"insecure\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "server_name": { + Description: "ServerName allows to provide custom hostname. This value will override the servername/hostname on a certificate during validation.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "TLS is the TLS configuration used when establishing connection to target database. Allows to provide custom CA cert or override server name.", + Optional: true, + }, + "uri": { + Description: "URI is the database connection endpoint.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Spec is the database spec.", + Optional: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource subkind.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are: `v3`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 3)}, + }, + }}, nil +} + +// GenSchemaServerV2 returns tfsdk.Schema definition for ServerV2 +func GenSchemaServerV2(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Computed: true, + Description: "Name is an object name", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Computed: true, + Description: "Metadata is resource metadata", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "addr": { + Description: "Addr is a host:port address where this server can be reached.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "cloud_metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"aws": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "account_id": { + Description: "AccountID is an AWS account ID.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "instance_id": { + Description: "InstanceID is an EC2 instance ID.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "integration": { + Description: "Integration is the integration name that added this Node. When connecting to it, it will use this integration to issue AWS API calls in order to set up the connection. This includes sending an SSH Key and then opening a tunnel (EC2 Instance Connect Endpoint) so Teleport can connect to it.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "region": { + Description: "Region is the AWS EC2 Instance Region.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "subnet_id": { + Description: "SubnetID is the Subnet ID in use by the instance.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "vpc_id": { + Description: "VPCID is the AWS VPC ID where the Instance is running.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "AWSInfo contains attributes to match to an EC2 instance.", + Optional: true, + }}), + Description: "CloudMetadata contains info about the cloud instance the server is running on, if any.", + Optional: true, + }, + "hostname": { + Description: "Hostname is server hostname", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "peer_addr": { + Description: "PeerAddr is the address a proxy server is reachable at by its peer proxies.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "proxy_ids": { + Description: "ProxyIDs is a list of proxy IDs this server is expected to be connected to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "public_addrs": { + Description: "PublicAddrs is a list of public addresses where this server can be reached.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "rotation": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "current_id": { + Description: "CurrentID is the ID of the rotation operation to differentiate between rotation attempts.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "grace_period": { + Description: "GracePeriod is a period during which old and new CA are valid for checking purposes, but only new CA is issuing certificates.", + Optional: true, + Type: DurationType{}, + }, + "last_rotated": { + Description: "LastRotated specifies the last time of the completed rotation.", + Optional: true, + Type: UseRFC3339Time(), + }, + "mode": { + Description: "Mode sets manual or automatic rotation mode.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "phase": { + Description: "Phase is the current rotation phase.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "schedule": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "standby": { + Description: "Standby specifies time to switch to the \"Standby\" phase.", + Optional: true, + Type: UseRFC3339Time(), + }, + "update_clients": { + Description: "UpdateClients specifies time to switch to the \"Update clients\" phase", + Optional: true, + Type: UseRFC3339Time(), + }, + "update_servers": { + Description: "UpdateServers specifies time to switch to the \"Update servers\" phase.", + Optional: true, + Type: UseRFC3339Time(), + }, + }), + Description: "Schedule is a rotation schedule - used in automatic mode to switch between phases.", + Optional: true, + }, + "started": { + Description: "Started is set to the time when rotation has been started in case if the state of the rotation is \"in_progress\".", + Optional: true, + Type: UseRFC3339Time(), + }, + "state": { + Description: "State could be one of \"init\" or \"in_progress\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Rotation specifies server rotation", + Optional: true, + }, + "use_tunnel": { + Description: "UseTunnel indicates that connections to this server should occur over a reverse tunnel.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "version": { + Description: "TeleportVersion is the teleport version that the server is running on", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Spec is a server spec", + Optional: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseValueIn("openssh", "openssh-ec2-ice")}, + }, + "version": { + Description: "Version is version", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)}, + }, + }}, nil +} + +// GenSchemaAppV3 returns tfsdk.Schema definition for AppV3 +func GenSchemaAppV3(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is the app resource kind. Always \"app\".", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Computed: true, + Description: "Labels is a set of labels", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is the app resource metadata.", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "aws": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"external_id": { + Description: "ExternalID is the AWS External ID used when assuming roles in this app.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }}), + Description: "AWS contains additional options for AWS applications.", + Optional: true, + }, + "cloud": { + Description: "Cloud identifies the cloud instance the app represents.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "dynamic_labels": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.MapNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "command": { + Description: "Command is a command to run", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "period": { + Description: "Period is a time between command runs", + Optional: true, + Type: DurationType{}, + }, + "result": { + Description: "Result captures standard output", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "DynamicLabels are the app's command labels.", + Optional: true, + }, + "insecure_skip_verify": { + Description: "InsecureSkipVerify disables app's TLS certificate verification.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "integration": { + Description: "Integration is the integration name that must be used to access this Application. Only applicable to AWS App Access. If present, the Application must use the Integration's credentials instead of ambient credentials to access Cloud APIs.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "public_addr": { + Description: "PublicAddr is the public address the application is accessible at.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "rewrite": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "headers": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "name": { + Description: "Name is the http header name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "value": { + Description: "Value is the http header value.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Headers is a list of headers to inject when passing the request over to the application.", + Optional: true, + }, + "jwt_claims": { + Description: "JWTClaims configures whether roles/traits are included in the JWT token.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "redirect": { + Description: "Redirect defines a list of hosts which will be rewritten to the public address of the application if they occur in the \"Location\" header.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "Rewrite is a list of rewriting rules to apply to requests and responses.", + Optional: true, + }, + "uri": { + Description: "URI is the web app endpoint.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "user_groups": { + Description: "UserGroups are a list of user group IDs that this app is associated with.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "Spec is the app resource spec.", + Optional: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource subkind.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are:`v3`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 3)}, + }, + }}, nil +} + +// GenSchemaProvisionTokenV2 returns tfsdk.Schema definition for ProvisionTokenV2 +func GenSchemaProvisionTokenV2(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Computed: true, + Description: "Name is an object name", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace(), github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "aws_account": { + Description: "AWSAccount is the AWS account ID.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "aws_arn": { + Description: "AWSARN is used for the IAM join method, the AWS identity of joining nodes must match this ARN. Supports wildcards \"*\" and \"?\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "aws_regions": { + Description: "AWSRegions is used for the EC2 join method and is a list of AWS regions a node is allowed to join from.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "aws_role": { + Description: "AWSRole is used for the EC2 join method and is the the ARN of the AWS role that the auth server will assume in order to call the ec2 API.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token.", + Optional: true, + }, + "aws_iid_ttl": { + Computed: true, + Description: "AWSIIDTTL is the TTL to use for AWS EC2 Instance Identity Documents used to join the cluster with this token.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: DurationType{}, + }, + "azure": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "resource_groups": { + Description: "ResourceGroups is a list of Azure resource groups the node is allowed to join from.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "subscription": { + Description: "Subscription is the Azure subscription.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Allow is a list of Rules, nodes using this token must match one allow rule to use this token.", + Optional: true, + }}), + Description: "Azure allows the configuration of options specific to the \"azure\" join method.", + Optional: true, + }, + "bot_name": { + Description: "BotName is the name of the bot this token grants access to, if any", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "circleci": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "context_id": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "project_id": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token.", + Optional: true, + }, + "organization_id": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "CircleCI allows the configuration of options specific to the \"circleci\" join method.", + Optional: true, + }, + "gcp": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "locations": { + Description: "Locations is a list of regions (e.g. \"us-west1\") and/or zones (e.g. \"us-west1-b\").", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "project_ids": { + Description: "ProjectIDs is a list of project IDs (e.g. \"\").", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "service_accounts": { + Description: "ServiceAccounts is a list of service account emails (e.g. \"-compute@developer.gserviceaccount.com\").", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "Allow is a list of Rules, nodes using this token must match one allow rule to use this token.", + Optional: true, + }}), + Description: "GCP allows the configuration of options specific to the \"gcp\" join method.", + Optional: true, + }, + "github": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "actor": { + Description: "The personal account that initiated the workflow run.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "environment": { + Description: "The name of the environment used by the job.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "ref": { + Description: "The git ref that triggered the workflow run.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "ref_type": { + Description: "The type of ref, for example: \"branch\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "repository": { + Description: "The repository from where the workflow is running. This includes the name of the owner e.g `gravitational/teleport`", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "repository_owner": { + Description: "The name of the organization in which the repository is stored.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "sub": { + Description: "Sub also known as Subject is a string that roughly uniquely identifies the workload. The format of this varies depending on the type of github action run.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "workflow": { + Description: "The name of the workflow.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token.", + Optional: true, + }, + "enterprise_server_host": { + Description: "EnterpriseServerHost allows joining from runners associated with a GitHub Enterprise Server instance. When unconfigured, tokens will be validated against github.com, but when configured to the host of a GHES instance, then the tokens will be validated against host. This value should be the hostname of the GHES instance, and should not include the scheme or a path. The instance must be accessible over HTTPS at this hostname and the certificate must be trusted by the Auth Server.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "enterprise_slug": { + Description: "EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customized issuer values.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "GitHub allows the configuration of options specific to the \"github\" join method.", + Optional: true, + }, + "gitlab": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "ci_config_ref_uri": { + Description: "CIConfigRefURI is the ref path to the top-level pipeline definition, for example, gitlab.example.com/my-group/my-project//.gitlab-ci.yml@refs/heads/main.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "ci_config_sha": { + Description: "CIConfigSHA is the git commit SHA for the ci_config_ref_uri.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "deployment_tier": { + Description: "DeploymentTier is the deployment tier of the environment the job specifies", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "environment": { + Description: "Environment limits access by the environment the job deploys to (if one is associated)", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "environment_protected": GenSchemaBoolOption(ctx), + "namespace_path": { + Description: "NamespacePath is used to limit access to jobs in a group or user's projects. Example: `mygroup` This field supports simple \"glob-style\" matching: - Use '*' to match zero or more characters. - Use '?' to match any single character.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "pipeline_source": { + Description: "PipelineSource limits access by the job pipeline source type. https://docs.gitlab.com/ee/ci/jobs/job_control.html#common-if-clauses-for-rules Example: `web`", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "project_path": { + Description: "ProjectPath is used to limit access to jobs belonging to an individual project. Example: `mygroup/myproject` This field supports simple \"glob-style\" matching: - Use '*' to match zero or more characters. - Use '?' to match any single character.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "project_visibility": { + Description: "ProjectVisibility is the visibility of the project where the pipeline is running. Can be internal, private, or public.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "ref": { + Description: "Ref allows access to be limited to jobs triggered by a specific git ref. Ensure this is used in combination with ref_type. This field supports simple \"glob-style\" matching: - Use '*' to match zero or more characters. - Use '?' to match any single character.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "ref_protected": GenSchemaBoolOption(ctx), + "ref_type": { + Description: "RefType allows access to be limited to jobs triggered by a specific git ref type. Example: `branch` or `tag`", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "sub": { + Description: "Sub roughly uniquely identifies the workload. Example: `project_path:mygroup/my-project:ref_type:branch:ref:main` project_path:GROUP/PROJECT:ref_type:TYPE:ref:BRANCH_NAME This field supports simple \"glob-style\" matching: - Use '*' to match zero or more characters. - Use '?' to match any single character.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "user_email": { + Description: "UserEmail is the email of the user executing the job", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "user_id": { + Description: "UserID is the ID of the user executing the job", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "user_login": { + Description: "UserLogin is the username of the user executing the job", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Allow is a list of TokenRules, nodes using this token must match one allow rule to use this token.", + Optional: true, + }, + "domain": { + Description: "Domain is the domain of your GitLab instance. This will default to `gitlab.com` - but can be set to the domain of your self-hosted GitLab e.g `gitlab.example.com`.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "GitLab allows the configuration of options specific to the \"gitlab\" join method.", + Optional: true, + }, + "join_method": { + Description: "JoinMethod is the joining method required in order to use this token. Supported joining methods include \"token\", \"ec2\", and \"iam\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kubernetes": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"service_account": { + Description: "ServiceAccount is the namespaced name of the Kubernetes service account. Its format is \"namespace:service-account\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }}), + Description: "Allow is a list of Rules, nodes using this token must match one allow rule to use this token.", + Optional: true, + }, + "static_jwks": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"jwks": { + Description: "JWKS should be the JSON Web Key Set formatted public keys of that the Kubernetes Cluster uses to sign service account tokens. This can be fetched from /openid/v1/jwks on the Kubernetes API Server.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }}), + Description: "StaticJWKS is the configuration specific to the `static_jwks` type.", + Optional: true, + }, + "type": { + Description: "Type controls which behavior should be used for validating the Kubernetes Service Account token. Support values: - `in_cluster` - `static_jwks` If unset, this defaults to `in_cluster`.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Kubernetes allows the configuration of options specific to the \"kubernetes\" join method.", + Optional: true, + }, + "roles": { + Description: "Roles is a list of roles associated with the token, that will be converted to metadata in the SSH and X509 certificates issued to the user of the token", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "spacelift": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "caller_id": { + Description: "CallerID is the ID of the caller, ie. the stack or module that generated the run.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "caller_type": { + Description: "CallerType is the type of the caller, ie. the entity that owns the run - either `stack` or `module`.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "scope": { + Description: "Scope is the scope of the token - either `read` or `write`. See https://docs.spacelift.io/integrations/cloud-providers/oidc/#about-scopes", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "space_id": { + Description: "SpaceID is the ID of the space in which the run that owns the token was executed.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Allow is a list of Rules, nodes using this token must match one allow rule to use this token.", + Optional: true, + }, + "hostname": { + Description: "Hostname is the hostname of the Spacelift tenant that tokens will originate from. E.g `example.app.spacelift.io`", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Spacelift allows the configuration of options specific to the \"spacelift\" join method.", + Optional: true, + }, + "suggested_agent_matcher_labels": GenSchemaLabels(ctx), + "suggested_labels": GenSchemaLabels(ctx), + }), + Description: "Spec is a provisioning token V2 spec", + Required: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are:`v2`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)}, + }, + }}, nil +} + +// GenSchemaClusterNetworkingConfigV2 returns tfsdk.Schema definition for ClusterNetworkingConfigV2 +func GenSchemaClusterNetworkingConfigV2(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseMapKeysPresentValidator("teleport.dev/origin")}, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "assist_command_execution_workers": { + Description: "AssistCommandExecutionWorkers determines the number of workers that will execute arbitrary Assist commands on servers in parallel", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "case_insensitive_routing": { + Description: "CaseInsensitiveRouting causes proxies to use case-insensitive hostname matching.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "client_idle_timeout": { + Description: "ClientIdleTimeout sets global cluster default setting for client idle timeouts.", + Optional: true, + Type: DurationType{}, + }, + "idle_timeout_message": { + Description: "ClientIdleTimeoutMessage is the message sent to the user when a connection times out.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "keep_alive_count_max": { + Computed: true, + Description: "KeepAliveCountMax is the number of keep-alive messages that can be missed before the server disconnects the connection to the client.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "keep_alive_interval": { + Computed: true, + Description: "KeepAliveInterval is the interval at which the server sends keep-alive messages to the client.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: DurationType{}, + }, + "proxy_listener_mode": { + Description: "ProxyListenerMode is proxy listener mode used by Teleport Proxies. 0 is \"separate\"; 1 is \"multiplex\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "proxy_ping_interval": { + Description: "ProxyPingInterval defines in which interval the TLS routing ping message should be sent. This is applicable only when using ping-wrapped connections, regular TLS routing connections are not affected.", + Optional: true, + Type: DurationType{}, + }, + "routing_strategy": { + Description: "RoutingStrategy determines the strategy used to route to nodes. 0 is \"unambiguous_match\"; 1 is \"most_recent\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "session_control_timeout": { + Description: "SessionControlTimeout is the session control lease expiry and defines the upper limit of how long a node may be out of contact with the auth server before it begins terminating controlled sessions.", + Optional: true, + Type: DurationType{}, + }, + "tunnel_strategy": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "agent_mesh": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"active": { + Computed: true, + Description: "Automatically generated field preventing empty message errors", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }}), + Description: "", + Optional: true, + }, + "proxy_peering": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"agent_connection_count": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }}), + Description: "", + Optional: true, + }, + }), + Description: "TunnelStrategyV1 determines the tunnel strategy used in the cluster.", + Optional: true, + }, + "web_idle_timeout": { + Description: "WebIdleTimeout sets global cluster default setting for the web UI idle timeouts.", + Optional: true, + Type: DurationType{}, + }, + }), + Description: "Spec is a ClusterNetworkingConfig specification", + Optional: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Computed: true, + Description: "Version is the resource version. It must be specified. Supported values are:`v2`.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)}, + }, + }}, nil +} + +// GenSchemaSessionRecordingConfigV2 returns tfsdk.Schema definition for SessionRecordingConfigV2 +func GenSchemaSessionRecordingConfigV2(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseMapKeysPresentValidator("teleport.dev/origin")}, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "mode": { + Computed: true, + Description: "Mode controls where (or if) the session is recorded.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "proxy_checks_host_keys": GenSchemaBoolOption(ctx), + }), + Description: "Spec is a SessionRecordingConfig specification", + Optional: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are:`v2`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)}, + }, + }}, nil +} + +// GenSchemaAuthPreferenceV2 returns tfsdk.Schema definition for AuthPreferenceV2 +func GenSchemaAuthPreferenceV2(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Computed: true, + Description: "Labels is a set of labels", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseMapKeysPresentValidator("teleport.dev/origin")}, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "allow_headless": GenSchemaBoolOption(ctx), + "allow_local_auth": GenSchemaBoolOption(ctx), + "allow_passwordless": GenSchemaBoolOption(ctx), + "connector_name": { + Description: "ConnectorName is the name of the OIDC or SAML connector. If this value is not set the first connector in the backend will be used.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "default_session_ttl": { + Description: "DefaultSessionTTL is the TTL to use for user certs when an explicit TTL is not requested.", + Optional: true, + Type: DurationType{}, + }, + "device_trust": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "auto_enroll": { + Description: "Enable device auto-enroll. Auto-enroll lets any user issue a device enrollment token for a known device that is not already enrolled. `tsh` takes advantage of auto-enroll to automatically enroll devices on user login, when appropriate. The effective cluster Mode still applies: AutoEnroll=true is meaningless if Mode=\"off\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "ekcert_allowed_cas": { + Description: "Allow list of EKCert CAs in PEM format. If present, only TPM devices that present an EKCert that is signed by a CA specified here may be enrolled (existing enrollments are unchanged). If not present, then the CA of TPM EKCerts will not be checked during enrollment, this allows any device to enroll.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "mode": { + Description: "Mode of verification for trusted devices. The following modes are supported: - \"off\": disables both device authentication and authorization. - \"optional\": allows both device authentication and authorization, but doesn't enforce the presence of device extensions for sensitive endpoints. - \"required\": enforces the presence of device extensions for sensitive endpoints. Mode is always \"off\" for OSS. Defaults to \"optional\" for Enterprise.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "DeviceTrust holds settings related to trusted device verification. Requires Teleport Enterprise.", + Optional: true, + }, + "disconnect_expired_cert": GenSchemaBoolOption(ctx), + "hardware_key": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "piv_slot": { + Description: "PIVSlot is a PIV slot that Teleport clients should use instead of the default based on private key policy. For example, \"9a\" or \"9e\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "serial_number_validation": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "enabled": { + Description: "Enabled indicates whether hardware key serial number validation is enabled.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "serial_number_trait_name": { + Description: "SerialNumberTraitName is an optional custom user trait name for hardware key serial numbers to replace the default: \"hardware_key_serial_numbers\". Note: Values for this user trait should be a comma-separated list of serial numbers, or a list of comm-separated lists. e.g [\"123\", \"345,678\"]", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "SerialNumberValidation holds settings for hardware key serial number validation. By default, serial number validation is disabled.", + Optional: true, + }, + }), + Description: "HardwareKey are the settings for hardware key support.", + Optional: true, + }, + "idp": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"saml": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"enabled": GenSchemaBoolOption(ctx)}), + Description: "SAML are options related to the Teleport SAML IdP.", + Optional: true, + }}), + Description: "IDP is a set of options related to accessing IdPs within Teleport. Requires Teleport Enterprise.", + Optional: true, + }, + "locking_mode": { + Computed: true, + Description: "LockingMode is the cluster-wide locking mode default.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "message_of_the_day": { + Description: "", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "okta": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"sync_period": { + Description: "SyncPeriod is the duration between synchronization calls in nanoseconds.", + Optional: true, + Type: DurationType{}, + }}), + Description: "Okta is a set of options related to the Okta service in Teleport. Requires Teleport Enterprise.", + Optional: true, + }, + "piv_slot": { + Description: "TODO(Joerger): DELETE IN 17.0.0 Deprecated, replaced by HardwareKey settings.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "require_session_mfa": { + Description: "RequireMFAType is the type of MFA requirement enforced for this cluster. 0 is \"OFF\", 1 is \"SESSION\", 2 is \"SESSION_AND_HARDWARE_KEY\", 3 is \"HARDWARE_KEY_TOUCH\", 4 is \"HARDWARE_KEY_PIN\", 5 is \"HARDWARE_KEY_TOUCH_AND_PIN\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "second_factor": { + Computed: true, + Description: "SecondFactor is the type of second factor.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "type": { + Computed: true, + Description: "Type is the type of authentication.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "u2f": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "app_id": { + Description: "AppID returns the application ID for universal second factor.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "device_attestation_cas": { + Description: "DeviceAttestationCAs contains the trusted attestation CAs for U2F devices.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "facets": { + Description: "Facets returns the facets for universal second factor. Deprecated: Kept for backwards compatibility reasons, but Facets have no effect since Teleport v10, when Webauthn replaced the U2F implementation.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "U2F are the settings for the U2F device.", + Optional: true, + }, + "webauthn": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "attestation_allowed_cas": { + Description: "Allow list of device attestation CAs in PEM format. If present, only devices whose attestation certificates match the certificates specified here may be registered (existing registrations are unchanged). If supplied in conjunction with AttestationDeniedCAs, then both conditions need to be true for registration to be allowed (the device MUST match an allowed CA and MUST NOT match a denied CA). By default all devices are allowed.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "attestation_denied_cas": { + Description: "Deny list of device attestation CAs in PEM format. If present, only devices whose attestation certificates don't match the certificates specified here may be registered (existing registrations are unchanged). If supplied in conjunction with AttestationAllowedCAs, then both conditions need to be true for registration to be allowed (the device MUST match an allowed CA and MUST NOT match a denied CA). By default no devices are denied.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "rp_id": { + Description: "RPID is the ID of the Relying Party. It should be set to the domain name of the Teleport installation. IMPORTANT: RPID must never change in the lifetime of the cluster, because it's recorded in the registration data on the WebAuthn device. If the RPID changes, all existing WebAuthn key registrations will become invalid and all users who use WebAuthn as the second factor will need to re-register.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Webauthn are the settings for server-side Web Authentication support.", + Optional: true, + }, + }), + Description: "Spec is an AuthPreference specification", + Required: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are: `v2`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)}, + }, + }}, nil +} + +// GenSchemaRoleV6 returns tfsdk.Schema definition for RoleV6 +func GenSchemaRoleV6(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "allow": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "app_labels": GenSchemaLabels(ctx), + "app_labels_expression": { + Description: "AppLabelsExpression is a predicate expression used to allow/deny access to Apps.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "aws_role_arns": { + Description: "AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "azure_identities": { + Description: "AzureIdentities is a list of Azure identities this role is allowed to assume.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "cluster_labels": GenSchemaLabels(ctx), + "cluster_labels_expression": { + Description: "ClusterLabelsExpression is a predicate expression used to allow/deny access to remote Teleport clusters.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "db_labels": GenSchemaLabels(ctx), + "db_labels_expression": { + Description: "DatabaseLabelsExpression is a predicate expression used to allow/deny access to Databases.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "db_names": { + Description: "DatabaseNames is a list of database names this role is allowed to connect to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "db_permissions": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "match": GenSchemaLabels(ctx), + "permissions": { + Description: "Permission is the list of string representations of the permission to be given, e.g. SELECT, INSERT, UPDATE, ...", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning.", + Optional: true, + }, + "db_roles": { + Description: "DatabaseRoles is a list of databases roles for automatic user creation.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "db_service_labels": GenSchemaLabels(ctx), + "db_service_labels_expression": { + Description: "DatabaseServiceLabelsExpression is a predicate expression used to allow/deny access to Database Services.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "db_users": { + Description: "DatabaseUsers is a list of databases users this role is allowed to connect as.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "desktop_groups": { + Description: "DesktopGroups is a list of groups for created desktop users to be added to", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "gcp_service_accounts": { + Description: "GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "group_labels": GenSchemaLabels(ctx), + "group_labels_expression": { + Description: "GroupLabelsExpression is a predicate expression used to allow/deny access to user groups.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "host_groups": { + Description: "HostGroups is a list of groups for created users to be added to", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "host_sudoers": { + Description: "HostSudoers is a list of entries to include in a users sudoer file", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "impersonate": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "roles": { + Description: "Roles is a list of resources this role is allowed to impersonate", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "users": { + Description: "Users is a list of resources this role is allowed to impersonate, could be an empty list or a Wildcard pattern", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "where": { + Description: "Where specifies optional advanced matcher", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means.", + Optional: true, + }, + "join_sessions": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "kinds": { + Description: "Kinds are the session kinds this policy applies to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "modes": { + Description: "Modes is a list of permitted participant modes for this policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is the name of the policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of roles that you can join the session of.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "JoinSessions specifies policies to allow users to join other sessions.", + Optional: true, + }, + "kubernetes_groups": { + Description: "KubeGroups is a list of kubernetes groups", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "kubernetes_labels": GenSchemaLabels(ctx), + "kubernetes_labels_expression": { + Description: "KubernetesLabelsExpression is a predicate expression used to allow/deny access to kubernetes clusters.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kubernetes_resources": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "kind": { + Description: "Kind specifies the Kubernetes Resource type. At the moment only \"pod\" is supported.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "name": { + Description: "Name is the resource name. It supports wildcards.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Description: "Namespace is the resource namespace. It supports wildcards.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "verbs": { + Computed: true, + Description: "Verbs are the allowed Kubernetes verbs for the following resource.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Computed: true, + Description: "KubernetesResources is the Kubernetes Resources this Role grants access to.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + }, + "kubernetes_users": { + Description: "KubeUsers is an optional kubernetes users to impersonate", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "logins": { + Description: "Logins is a list of *nix system logins.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "node_labels": GenSchemaLabels(ctx), + "node_labels_expression": { + Description: "NodeLabelsExpression is a predicate expression used to allow/deny access to SSH nodes.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "request": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "annotations": GenSchemaTraits(ctx), + "claims_to_roles": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "claim": { + Description: "Claim is a claim name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of static teleport roles to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "value": { + Description: "Value is a claim value to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "ClaimsToRoles specifies a mapping from claims (traits) to teleport roles.", + Optional: true, + }, + "max_duration": { + Description: "MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration is used.", + Optional: true, + Type: DurationType{}, + }, + "roles": { + Description: "Roles is the name of roles which will match the request rule.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "search_as_roles": { + Description: "SearchAsRoles is a list of extra roles which should apply to a user while they are searching for resources as part of a Resource Access Request, and defines the underlying roles which will be requested as part of any Resource Access Request.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "suggested_reviewers": { + Description: "SuggestedReviewers is a list of reviewer suggestions. These can be teleport usernames, but that is not a requirement.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "thresholds": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "approve": { + Description: "Approve is the number of matching approvals needed for state-transition.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "deny": { + Description: "Deny is the number of denials needed for state-transition.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "filter": { + Description: "Filter is an optional predicate used to determine which reviews count toward this threshold.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "name": { + Description: "Name is the optional human-readable name of the threshold.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Thresholds is a list of thresholds, one of which must be met in order for reviews to trigger a state-transition. If no thresholds are provided, a default threshold of 1 for approval and denial is used.", + Optional: true, + }, + }), + Description: "", + Optional: true, + }, + "require_session_join": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "count": { + Description: "Count is the amount of people that need to be matched for this policy to be fulfilled.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "filter": { + Description: "Filter is a predicate that determines what users count towards this policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kinds": { + Description: "Kinds are the session kinds this policy applies to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "modes": { + Description: "Modes is the list of modes that may be used to fulfill this policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is the name of the policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "on_leave": { + Description: "OnLeave is the behaviour that's used when the policy is no longer fulfilled for a live session.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "RequireSessionJoin specifies policies for required users to start a session.", + Optional: true, + }, + "review_requests": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "claims_to_roles": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "claim": { + Description: "Claim is a claim name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of static teleport roles to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "value": { + Description: "Value is a claim value to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "ClaimsToRoles specifies a mapping from claims (traits) to teleport roles.", + Optional: true, + }, + "preview_as_roles": { + Description: "PreviewAsRoles is a list of extra roles which should apply to a reviewer while they are viewing a Resource Access Request for the purposes of viewing details such as the hostname and labels of requested resources.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "roles": { + Description: "Roles is the name of roles which may be reviewed.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "where": { + Description: "Where is an optional predicate which further limits which requests are reviewable.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "ReviewRequests defines conditions for submitting access reviews.", + Optional: true, + }, + "rules": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "actions": { + Description: "Actions specifies optional actions taken when this rule matches", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "resources": { + Description: "Resources is a list of resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "verbs": { + Description: "Verbs is a list of verbs", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "where": { + Description: "Where specifies optional advanced matcher", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Rules is a list of rules and their access levels. Rules are a high level construct used for access control.", + Optional: true, + }, + "spiffe": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "dns_sans": { + Description: "DNSSANs specifies matchers for the SPIFFE ID DNS SANs. Each requested DNS SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: *.example.com would match foo.example.com", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "ip_sans": { + Description: "IPSANs specifies matchers for the SPIFFE ID IP SANs. Each requested IP SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matchers should be specified using CIDR notation, it supports IPv4 and IPv6. Examples: - 10.0.0.0/24 would match 10.0.0.0 to 10.255.255.255 - 10.0.0.42/32 would match only 10.0.0.42", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "path": { + Description: "Path specifies a matcher for the SPIFFE ID path. It should not include the trust domain and should start with a leading slash. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: - /svc/foo/*/bar would match /svc/foo/baz/bar - ^\\/svc\\/foo\\/.*\\/bar$ would match /svc/foo/baz/bar", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID.", + Optional: true, + }, + "windows_desktop_labels": GenSchemaLabels(ctx), + "windows_desktop_labels_expression": { + Description: "WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "windows_desktop_logins": { + Description: "WindowsDesktopLogins is a list of desktop login names allowed/denied for Windows desktops.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "Allow is the set of conditions evaluated to grant access.", + Optional: true, + }, + "deny": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "app_labels": GenSchemaLabels(ctx), + "app_labels_expression": { + Description: "AppLabelsExpression is a predicate expression used to allow/deny access to Apps.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "aws_role_arns": { + Description: "AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "azure_identities": { + Description: "AzureIdentities is a list of Azure identities this role is allowed to assume.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "cluster_labels": GenSchemaLabels(ctx), + "cluster_labels_expression": { + Description: "ClusterLabelsExpression is a predicate expression used to allow/deny access to remote Teleport clusters.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "db_labels": GenSchemaLabels(ctx), + "db_labels_expression": { + Description: "DatabaseLabelsExpression is a predicate expression used to allow/deny access to Databases.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "db_names": { + Description: "DatabaseNames is a list of database names this role is allowed to connect to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "db_permissions": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "match": GenSchemaLabels(ctx), + "permissions": { + Description: "Permission is the list of string representations of the permission to be given, e.g. SELECT, INSERT, UPDATE, ...", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "DatabasePermissions specifies a set of permissions that will be granted to the database user when using automatic database user provisioning.", + Optional: true, + }, + "db_roles": { + Description: "DatabaseRoles is a list of databases roles for automatic user creation.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "db_service_labels": GenSchemaLabels(ctx), + "db_service_labels_expression": { + Description: "DatabaseServiceLabelsExpression is a predicate expression used to allow/deny access to Database Services.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "db_users": { + Description: "DatabaseUsers is a list of databases users this role is allowed to connect as.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "desktop_groups": { + Description: "DesktopGroups is a list of groups for created desktop users to be added to", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "gcp_service_accounts": { + Description: "GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "group_labels": GenSchemaLabels(ctx), + "group_labels_expression": { + Description: "GroupLabelsExpression is a predicate expression used to allow/deny access to user groups.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "host_groups": { + Description: "HostGroups is a list of groups for created users to be added to", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "host_sudoers": { + Description: "HostSudoers is a list of entries to include in a users sudoer file", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "impersonate": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "roles": { + Description: "Roles is a list of resources this role is allowed to impersonate", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "users": { + Description: "Users is a list of resources this role is allowed to impersonate, could be an empty list or a Wildcard pattern", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "where": { + Description: "Where specifies optional advanced matcher", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Impersonate specifies what users and roles this role is allowed to impersonate by issuing certificates or other possible means.", + Optional: true, + }, + "join_sessions": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "kinds": { + Description: "Kinds are the session kinds this policy applies to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "modes": { + Description: "Modes is a list of permitted participant modes for this policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is the name of the policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of roles that you can join the session of.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "JoinSessions specifies policies to allow users to join other sessions.", + Optional: true, + }, + "kubernetes_groups": { + Description: "KubeGroups is a list of kubernetes groups", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "kubernetes_labels": GenSchemaLabels(ctx), + "kubernetes_labels_expression": { + Description: "KubernetesLabelsExpression is a predicate expression used to allow/deny access to kubernetes clusters.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kubernetes_resources": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "kind": { + Description: "Kind specifies the Kubernetes Resource type. At the moment only \"pod\" is supported.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "name": { + Description: "Name is the resource name. It supports wildcards.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Description: "Namespace is the resource namespace. It supports wildcards.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "verbs": { + Description: "Verbs are the allowed Kubernetes verbs for the following resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "KubernetesResources is the Kubernetes Resources this Role grants access to.", + Optional: true, + }, + "kubernetes_users": { + Description: "KubeUsers is an optional kubernetes users to impersonate", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "logins": { + Description: "Logins is a list of *nix system logins.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "node_labels": GenSchemaLabels(ctx), + "node_labels_expression": { + Description: "NodeLabelsExpression is a predicate expression used to allow/deny access to SSH nodes.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "request": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "annotations": GenSchemaTraits(ctx), + "claims_to_roles": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "claim": { + Description: "Claim is a claim name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of static teleport roles to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "value": { + Description: "Value is a claim value to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "ClaimsToRoles specifies a mapping from claims (traits) to teleport roles.", + Optional: true, + }, + "max_duration": { + Description: "MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration is used.", + Optional: true, + Type: DurationType{}, + }, + "roles": { + Description: "Roles is the name of roles which will match the request rule.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "search_as_roles": { + Description: "SearchAsRoles is a list of extra roles which should apply to a user while they are searching for resources as part of a Resource Access Request, and defines the underlying roles which will be requested as part of any Resource Access Request.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "suggested_reviewers": { + Description: "SuggestedReviewers is a list of reviewer suggestions. These can be teleport usernames, but that is not a requirement.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "thresholds": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "approve": { + Description: "Approve is the number of matching approvals needed for state-transition.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "deny": { + Description: "Deny is the number of denials needed for state-transition.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "filter": { + Description: "Filter is an optional predicate used to determine which reviews count toward this threshold.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "name": { + Description: "Name is the optional human-readable name of the threshold.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Thresholds is a list of thresholds, one of which must be met in order for reviews to trigger a state-transition. If no thresholds are provided, a default threshold of 1 for approval and denial is used.", + Optional: true, + }, + }), + Description: "", + Optional: true, + }, + "require_session_join": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "count": { + Description: "Count is the amount of people that need to be matched for this policy to be fulfilled.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "filter": { + Description: "Filter is a predicate that determines what users count towards this policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kinds": { + Description: "Kinds are the session kinds this policy applies to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "modes": { + Description: "Modes is the list of modes that may be used to fulfill this policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is the name of the policy.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "on_leave": { + Description: "OnLeave is the behaviour that's used when the policy is no longer fulfilled for a live session.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "RequireSessionJoin specifies policies for required users to start a session.", + Optional: true, + }, + "review_requests": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "claims_to_roles": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "claim": { + Description: "Claim is a claim name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of static teleport roles to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "value": { + Description: "Value is a claim value to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "ClaimsToRoles specifies a mapping from claims (traits) to teleport roles.", + Optional: true, + }, + "preview_as_roles": { + Description: "PreviewAsRoles is a list of extra roles which should apply to a reviewer while they are viewing a Resource Access Request for the purposes of viewing details such as the hostname and labels of requested resources.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "roles": { + Description: "Roles is the name of roles which may be reviewed.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "where": { + Description: "Where is an optional predicate which further limits which requests are reviewable.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "ReviewRequests defines conditions for submitting access reviews.", + Optional: true, + }, + "rules": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "actions": { + Description: "Actions specifies optional actions taken when this rule matches", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "resources": { + Description: "Resources is a list of resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "verbs": { + Description: "Verbs is a list of verbs", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "where": { + Description: "Where specifies optional advanced matcher", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Rules is a list of rules and their access levels. Rules are a high level construct used for access control.", + Optional: true, + }, + "spiffe": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "dns_sans": { + Description: "DNSSANs specifies matchers for the SPIFFE ID DNS SANs. Each requested DNS SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: *.example.com would match foo.example.com", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "ip_sans": { + Description: "IPSANs specifies matchers for the SPIFFE ID IP SANs. Each requested IP SAN is compared against all matchers configured and if any match, the condition is considered to be met. The matchers should be specified using CIDR notation, it supports IPv4 and IPv6. Examples: - 10.0.0.0/24 would match 10.0.0.0 to 10.255.255.255 - 10.0.0.42/32 would match only 10.0.0.42", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "path": { + Description: "Path specifies a matcher for the SPIFFE ID path. It should not include the trust domain and should start with a leading slash. The matcher by default allows '*' to be used to indicate zero or more of any character. Prepend '^' and append '$' to instead switch to matching using the Go regex syntax. Example: - /svc/foo/*/bar would match /svc/foo/baz/bar - ^\\/svc\\/foo\\/.*\\/bar$ would match /svc/foo/baz/bar", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "SPIFFE is used to allow or deny access to a role holder to generating a SPIFFE SVID.", + Optional: true, + }, + "windows_desktop_labels": GenSchemaLabels(ctx), + "windows_desktop_labels_expression": { + Description: "WindowsDesktopLabelsExpression is a predicate expression used to allow/deny access to Windows desktops.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "windows_desktop_logins": { + Description: "WindowsDesktopLogins is a list of desktop login names allowed/denied for Windows desktops.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "Deny is the set of conditions evaluated to deny access. Deny takes priority over allow.", + Optional: true, + }, + "options": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "cert_extensions": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "mode": { + Description: "Mode is the type of extension to be used -- currently critical-option is not supported. 0 is \"extension\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "name": { + Description: "Name specifies the key to be used in the cert extension.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "type": { + Description: "Type represents the certificate type being extended, only ssh is supported at this time. 0 is \"ssh\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "value": { + Description: "Value specifies the value to be used in the cert extension.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "CertExtensions specifies the key/values", + Optional: true, + }, + "cert_format": { + Computed: true, + Description: "CertificateFormat defines the format of the user certificate to allow compatibility with older versions of OpenSSH.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "client_idle_timeout": { + Description: "ClientIdleTimeout sets disconnect clients on idle timeout behavior, if set to 0 means do not disconnect, otherwise is set to the idle duration.", + Optional: true, + Type: DurationType{}, + }, + "create_db_user": GenSchemaBoolOption(ctx), + "create_db_user_mode": { + Description: "CreateDatabaseUserMode allows users to be automatically created on a database when not set to off. 0 is \"unspecified\", 1 is \"off\", 2 is \"keep\", 3 is \"best_effort_drop\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "create_desktop_user": GenSchemaBoolOption(ctx), + "create_host_user": GenSchemaBoolOption(ctx), + "create_host_user_mode": { + Description: "CreateHostUserMode allows users to be automatically created on a host when not set to off. 0 is \"unspecified\"; 1 is \"off\"; 2 is \"drop\" (removed for v15 and above), 3 is \"keep\"; 4 is \"insecure-drop\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "desktop_clipboard": GenSchemaBoolOption(ctx), + "desktop_directory_sharing": GenSchemaBoolOption(ctx), + "device_trust_mode": { + Description: "DeviceTrustMode is the device authorization mode used for the resources associated with the role. See DeviceTrust.Mode. Reserved for future use, not yet used by Teleport.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "disconnect_expired_cert": { + Description: "DisconnectExpiredCert sets disconnect clients on expired certificates.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "enhanced_recording": { + Computed: true, + Description: "BPF defines what events to record for the BPF-based session recorder.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "forward_agent": { + Description: "ForwardAgent is SSH agent forwarding.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "idp": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"saml": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"enabled": GenSchemaBoolOption(ctx)}), + Description: "SAML are options related to the Teleport SAML IdP.", + Optional: true, + }}), + Description: "IDP is a set of options related to accessing IdPs within Teleport. Requires Teleport Enterprise.", + Optional: true, + }, + "lock": { + Description: "Lock specifies the locking mode (strict|best_effort) to be applied with the role.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "max_connections": { + Description: "MaxConnections defines the maximum number of concurrent connections a user may hold.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "max_kubernetes_connections": { + Description: "MaxKubernetesConnections defines the maximum number of concurrent Kubernetes sessions a user may hold.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "max_session_ttl": { + Computed: true, + Description: "MaxSessionTTL defines how long a SSH session can last for.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: DurationType{}, + }, + "max_sessions": { + Description: "MaxSessions defines the maximum number of concurrent sessions per connection.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "permit_x11_forwarding": { + Description: "PermitX11Forwarding authorizes use of X11 forwarding.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "pin_source_ip": { + Description: "PinSourceIP forces the same client IP for certificate generation and usage", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "port_forwarding": GenSchemaBoolOption(ctx), + "record_session": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "default": { + Description: "Default indicates the default value for the services.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "desktop": GenSchemaBoolOption(ctx), + "ssh": { + Description: "SSH indicates the session mode used on SSH sessions.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "RecordDesktopSession indicates whether desktop access sessions should be recorded. It defaults to true unless explicitly set to false.", + Optional: true, + }, + "request_access": { + Description: "RequestAccess defines the access request strategy (optional|note|always) where optional is the default.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "request_prompt": { + Description: "RequestPrompt is an optional message which tells users what they aught to request.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "require_session_mfa": { + Description: "RequireMFAType is the type of MFA requirement enforced for this user. 0 is \"OFF\", 1 is \"SESSION\", 2 is \"SESSION_AND_HARDWARE_KEY\", 3 is \"HARDWARE_KEY_TOUCH\", 4 is \"HARDWARE_KEY_PIN\", 5 is \"HARDWARE_KEY_TOUCH_AND_PIN\".", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "ssh_file_copy": GenSchemaBoolOption(ctx), + }), + Description: "Options is for OpenSSH options like agent forwarding.", + Optional: true, + }, + }), + Description: "Spec is a role specification", + Optional: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are: `v3`, `v4`, `v5`, `v6`, `v7`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 7)}, + }, + }}, nil +} + +// GenSchemaUserV2 returns tfsdk.Schema definition for UserV2 +func GenSchemaUserV2(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "github_identities": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "connector_id": { + Description: "ConnectorID is id of registered OIDC connector, e.g. 'google-example.com'", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "username": { + Description: "Username is username supplied by external identity provider", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "GithubIdentities list associated Github OAuth2 identities that let user log in using externally verified identity", + Optional: true, + }, + "oidc_identities": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "connector_id": { + Description: "ConnectorID is id of registered OIDC connector, e.g. 'google-example.com'", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "username": { + Description: "Username is username supplied by external identity provider", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "OIDCIdentities lists associated OpenID Connect identities that let user log in using externally verified identity", + Optional: true, + }, + "roles": { + Description: "Roles is a list of roles assigned to user", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "saml_identities": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "connector_id": { + Description: "ConnectorID is id of registered OIDC connector, e.g. 'google-example.com'", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "username": { + Description: "Username is username supplied by external identity provider", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "SAMLIdentities lists associated SAML identities that let user log in using externally verified identity", + Optional: true, + }, + "traits": GenSchemaTraits(ctx), + "trusted_device_ids": { + Description: "TrustedDeviceIDs contains the IDs of trusted devices enrolled by the user. Managed by the Device Trust subsystem, avoid manual edits.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "Spec is a user specification", + Optional: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are: `v2`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)}, + }, + }}, nil +} + +// GenSchemaOIDCConnectorV3 returns tfsdk.Schema definition for OIDCConnectorV3 +func GenSchemaOIDCConnectorV3(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata holds resource metadata.", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "acr_values": { + Description: "ACR is an Authentication Context Class Reference value. The meaning of the ACR value is context-specific and varies for identity providers.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "allow_unverified_email": { + Description: "AllowUnverifiedEmail tells the connector to accept OIDC users with unverified emails.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "claims_to_roles": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "claim": { + Description: "Claim is a claim name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of static teleport roles to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "value": { + Description: "Value is a claim value to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "ClaimsToRoles specifies a dynamic mapping from claims to roles.", + Optional: true, + }, + "client_id": { + Description: "ClientID is the id of the authentication client (Teleport Auth server).", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "client_secret": { + Description: "ClientSecret is used to authenticate the client.", + Optional: true, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "display": { + Description: "Display is the friendly name for this provider.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "google_admin_email": { + Description: "GoogleAdminEmail is the email of a google admin to impersonate.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "google_service_account": { + Description: "GoogleServiceAccount is a string containing google service account credentials.", + Optional: true, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "google_service_account_uri": { + Description: "GoogleServiceAccountURI is a path to a google service account uri.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "issuer_url": { + Description: "IssuerURL is the endpoint of the provider, e.g. https://accounts.google.com.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "max_age": { + Description: "", + Optional: true, + Type: DurationType{}, + }, + "prompt": { + Description: "Prompt is an optional OIDC prompt. An empty string omits prompt. If not specified, it defaults to select_account for backwards compatibility.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "provider": { + Description: "Provider is the external identity provider.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "redirect_url": GenSchemaStrings(ctx), + "scope": { + Description: "Scope specifies additional scopes set by provider.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "username_claim": { + Description: "UsernameClaim specifies the name of the claim from the OIDC connector to be used as the user's username.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Spec is an OIDC connector specification.", + Required: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are: `v3`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 3)}, + }, + }}, nil +} + +// GenSchemaSAMLConnectorV2 returns tfsdk.Schema definition for SAMLConnectorV2 +func GenSchemaSAMLConnectorV2(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata holds resource metadata.", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "acs": { + Description: "AssertionConsumerService is a URL for assertion consumer service on the service provider (Teleport's side).", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "allow_idp_initiated": { + Description: "AllowIDPInitiated is a flag that indicates if the connector can be used for IdP-initiated logins.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "assertion_key_pair": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "cert": { + Computed: true, + Description: "Cert is a PEM-encoded x509 certificate.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "private_key": { + Computed: true, + Description: "PrivateKey is a PEM encoded x509 private key.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "EncryptionKeyPair is a key pair used for decrypting SAML assertions.", + Optional: true, + }, + "attributes_to_roles": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "name": { + Description: "Name is an attribute statement name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of static teleport roles to map to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "value": { + Description: "Value is an attribute statement value to match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "AttributesToRoles is a list of mappings of attribute statements to roles.", + Required: true, + }, + "audience": { + Computed: true, + Description: "Audience uniquely identifies our service provider.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "cert": { + Description: "Cert is the identity provider certificate PEM. IDP signs responses using this certificate.", + Optional: true, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "display": { + Description: "Display controls how this connector is displayed.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "entity_descriptor": { + Description: "EntityDescriptor is XML with descriptor. It can be used to supply configuration parameters in one XML file rather than supplying them in the individual elements.", + Optional: true, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "entity_descriptor_url": { + Description: "EntityDescriptorURL is a URL that supplies a configuration XML.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "issuer": { + Computed: true, + Description: "Issuer is the identity provider issuer.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "provider": { + Description: "Provider is the external identity provider.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "service_provider_issuer": { + Computed: true, + Description: "ServiceProviderIssuer is the issuer of the service provider (Teleport).", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "signing_key_pair": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "cert": { + Computed: true, + Description: "Cert is a PEM-encoded x509 certificate.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "private_key": { + Computed: true, + Description: "PrivateKey is a PEM encoded x509 private key.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Computed: true, + Description: "SigningKeyPair is an x509 key pair used to sign AuthnRequest.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + }, + "sso": { + Computed: true, + Description: "SSO is the URL of the identity provider's SSO service.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Spec is an SAML connector specification.", + Required: true, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseAnyOfValidator("entity_descriptor", "entity_descriptor_url")}, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are: `v2`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)}, + }, + }}, nil +} + +// GenSchemaGithubConnectorV3 returns tfsdk.Schema definition for GithubConnectorV3 +func GenSchemaGithubConnectorV3(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata holds resource metadata.", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "api_endpoint_url": { + Description: "APIEndpointURL is the URL of the API endpoint of the Github instance this connector is for.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "client_id": { + Description: "ClientID is the Github OAuth app client ID.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "client_secret": { + Description: "ClientSecret is the Github OAuth app client secret.", + Required: true, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "display": { + Description: "Display is the connector display name.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "endpoint_url": { + Description: "EndpointURL is the URL of the GitHub instance this connector is for.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "redirect_url": { + Description: "RedirectURL is the authorization callback URL.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "teams_to_logins": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "kubernetes_groups": { + Description: "KubeGroups is a list of allowed kubernetes groups for this org/team.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "kubernetes_users": { + Description: "KubeUsers is a list of allowed kubernetes users to impersonate for this org/team.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "logins": { + Description: "Logins is a list of allowed logins for this org/team.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "organization": { + Description: "Organization is a Github organization a user belongs to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "team": { + Description: "Team is a team within the organization a user belongs to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "TeamsToLogins maps Github team memberships onto allowed logins/roles. DELETE IN 11.0.0 Deprecated: use GithubTeamsToRoles instead.", + Optional: true, + }, + "teams_to_roles": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "organization": { + Description: "Organization is a Github organization a user belongs to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "roles": { + Description: "Roles is a list of allowed logins for this org/team.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "team": { + Description: "Team is a team within the organization a user belongs to.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "TeamsToRoles maps Github team memberships onto allowed roles.", + Optional: true, + }, + }), + Description: "Spec is an Github connector specification.", + Required: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are: `v3`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 3)}, + }, + }}, nil +} + +// GenSchemaTrustedClusterV2 returns tfsdk.Schema definition for TrustedClusterV2 +func GenSchemaTrustedClusterV2(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata holds resource metadata.", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "enabled": { + Description: "Enabled is a bool that indicates if the TrustedCluster is enabled or disabled. Setting Enabled to false has a side effect of deleting the user and host certificate authority (CA).", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.BoolType, + }, + "role_map": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "local": { + Description: "Local specifies local roles to map to", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "remote": { + Description: "Remote specifies remote role name to map from", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "RoleMap specifies role mappings to remote roles.", + Optional: true, + }, + "roles": { + Description: "Roles is a list of roles that users will be assuming when connecting to this cluster.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "token": { + Description: "Token is the authorization token provided by another cluster needed by this cluster to join.", + Optional: true, + Sensitive: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "tunnel_addr": { + Description: "ReverseTunnelAddress is the address of the SSH proxy server of the cluster to join. If not set, it is derived from :.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "web_proxy_addr": { + Description: "ProxyAddress is the address of the web proxy server of the cluster to join. If not set, it is derived from :.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Spec is a Trusted Cluster specification.", + Required: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the resource version. It must be specified. Supported values are: `v2`.", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }}, nil +} + +// GenSchemaClusterMaintenanceConfigV1 returns tfsdk.Schema definition for ClusterMaintenanceConfigV1 +func GenSchemaClusterMaintenanceConfigV1(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "nonce": { + Description: "Nonce is used to protect against concurrent modification of the maintenance window. Clients should treat nonces as opaque.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{"agent_upgrades": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "utc_start_hour": { + Description: "UTCStartHour is the start hour of the maintenance window in UTC.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + "weekdays": { + Description: "Weekdays is an optional list of weekdays. If not specified, an agent upgrade window occurs every day.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "AgentUpgrades encodes the agent upgrade window.", + Optional: true, + }}), + Description: "", + Optional: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by \"v\". For example: `v1`", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(1, 1)}, + }, + }}, nil +} + +// GenSchemaOktaImportRuleV1 returns tfsdk.Schema definition for OktaImportRuleV1 +func GenSchemaOktaImportRuleV1(ctx context.Context) (github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema, github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics) { + return github_com_hashicorp_terraform_plugin_framework_tfsdk.Schema{Attributes: map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "id": { + Computed: true, + Optional: false, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Required: false, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "kind": { + Computed: true, + Description: "Kind is a resource kind", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "metadata": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "description": { + Description: "Description is object description", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "expires": { + Description: "Expires is a global expiry time header can be set on any resource in the system.", + Optional: true, + Type: UseRFC3339Time(), + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{MustTimeBeInFuture()}, + }, + "labels": { + Description: "Labels is a set of labels", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "name": { + Description: "Name is an object name", + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()}, + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "namespace": { + Computed: true, + Description: "Namespace is object namespace. The field should be called \"namespace\" when it returns in Teleport 2.4.", + Optional: true, + PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()}, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "revision": { + Description: "Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + }), + Description: "Metadata is resource metadata", + Optional: true, + }, + "spec": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "mappings": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "add_labels": { + Description: "AddLabels specifies which labels to add if any of the previous matches match.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.MapType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "match": { + Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.ListNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{ + "app_ids": { + Description: "AppIDs is a list of app IDs to match against.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "app_name_regexes": { + Description: "AppNameRegexes is a list of regexes to match against app names.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "group_ids": { + Description: "GroupIDs is a list of group IDs to match against.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + "group_name_regexes": { + Description: "GroupNameRegexes is a list of regexes to match against group names.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType}, + }, + }), + Description: "Match is a set of matching rules for this mapping. If any of these match, then the mapping will be applied.", + Optional: true, + }, + }), + Description: "Mappings is a list of matches that will map match conditions to labels.", + Optional: true, + }, + "priority": { + Description: "Priority represents the priority of the rule application. Lower numbered rules will be applied first.", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type, + }, + }), + Description: "Spec is the specification for the Okta import rule.", + Required: true, + }, + "sub_kind": { + Description: "SubKind is an optional resource sub kind, used in some resources", + Optional: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + }, + "version": { + Description: "Version is the API version used to create the resource. It must be specified. Based on this version, Teleport will apply different defaults on resource creation or deletion. It must be an integer prefixed by \"v\". For example: `v1`", + Required: true, + Type: github_com_hashicorp_terraform_plugin_framework_types.StringType, + Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(1, 1)}, + }, + }}, nil +} + +// CopyDatabaseV3FromTerraform copies contents of the source Terraform object into a target struct +func CopyDatabaseV3FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.DatabaseV3) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.DatabaseSpecV3{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["protocol"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Protocol"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Protocol", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Protocol = t + } + } + } + { + a, ok := tf.Attrs["uri"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.URI"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.URI", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.URI = t + } + } + } + { + a, ok := tf.Attrs["ca_cert"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.CACert"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.CACert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CACert = t + } + } + } + { + a, ok := tf.Attrs["dynamic_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.DynamicLabels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.DynamicLabels = make(map[string]github_com_gravitational_teleport_api_types.CommandLabelV2, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.CommandLabelV2 + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["period"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.DynamicLabels.Period"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels.Period", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.Period = t + } + } + } + { + a, ok := tf.Attrs["command"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.DynamicLabels.Command"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels.Command", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Command = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels.Command", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Command[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["result"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.DynamicLabels.Result"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels.Result", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Result = t + } + } + } + } + obj.DynamicLabels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["aws"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.AWS = github_com_gravitational_teleport_api_types.AWS{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.AWS + { + a, ok := tf.Attrs["region"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.Region"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.Region", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Region = t + } + } + } + { + a, ok := tf.Attrs["redshift"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.Redshift"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.Redshift", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Redshift = github_com_gravitational_teleport_api_types.Redshift{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Redshift + { + a, ok := tf.Attrs["cluster_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.Redshift.ClusterID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.Redshift.ClusterID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClusterID = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["rds"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDS"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.RDS = github_com_gravitational_teleport_api_types.RDS{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.RDS + { + a, ok := tf.Attrs["instance_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDS.InstanceID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.InstanceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.InstanceID = t + } + } + } + { + a, ok := tf.Attrs["cluster_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDS.ClusterID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.ClusterID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClusterID = t + } + } + } + { + a, ok := tf.Attrs["resource_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDS.ResourceID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.ResourceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ResourceID = t + } + } + } + { + a, ok := tf.Attrs["iam_auth"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDS.IAMAuth"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.IAMAuth", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.IAMAuth = t + } + } + } + { + a, ok := tf.Attrs["subnets"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDS.Subnets"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.Subnets", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Subnets = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.Subnets", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Subnets[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["vpc_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDS.VPCID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.VPCID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.VPCID = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["account_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.AccountID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.AccountID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AccountID = t + } + } + } + { + a, ok := tf.Attrs["elasticache"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.ElastiCache = github_com_gravitational_teleport_api_types.ElastiCache{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.ElastiCache + { + a, ok := tf.Attrs["replication_group_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache.ReplicationGroupID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.ReplicationGroupID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ReplicationGroupID = t + } + } + } + { + a, ok := tf.Attrs["user_group_ids"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache.UserGroupIDs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.UserGroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.UserGroupIDs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.UserGroupIDs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.UserGroupIDs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["transit_encryption_enabled"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache.TransitEncryptionEnabled"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.TransitEncryptionEnabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.TransitEncryptionEnabled = t + } + } + } + { + a, ok := tf.Attrs["endpoint_type"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache.EndpointType"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.EndpointType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EndpointType = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["secret_store"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.SecretStore"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.SecretStore", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.SecretStore = github_com_gravitational_teleport_api_types.SecretStore{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.SecretStore + { + a, ok := tf.Attrs["key_prefix"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.SecretStore.KeyPrefix"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.SecretStore.KeyPrefix", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KeyPrefix = t + } + } + } + { + a, ok := tf.Attrs["kms_key_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.SecretStore.KMSKeyID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.SecretStore.KMSKeyID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KMSKeyID = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["memorydb"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.MemoryDB = github_com_gravitational_teleport_api_types.MemoryDB{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.MemoryDB + { + a, ok := tf.Attrs["cluster_name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB.ClusterName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB.ClusterName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClusterName = t + } + } + } + { + a, ok := tf.Attrs["acl_name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB.ACLName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB.ACLName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ACLName = t + } + } + } + { + a, ok := tf.Attrs["tls_enabled"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB.TLSEnabled"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB.TLSEnabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.TLSEnabled = t + } + } + } + { + a, ok := tf.Attrs["endpoint_type"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB.EndpointType"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB.EndpointType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EndpointType = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["rdsproxy"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDSProxy"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDSProxy", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.RDSProxy = github_com_gravitational_teleport_api_types.RDSProxy{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.RDSProxy + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDSProxy.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDSProxy.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["custom_endpoint_name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDSProxy.CustomEndpointName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDSProxy.CustomEndpointName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CustomEndpointName = t + } + } + } + { + a, ok := tf.Attrs["resource_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RDSProxy.ResourceID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RDSProxy.ResourceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ResourceID = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["redshift_serverless"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RedshiftServerless"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RedshiftServerless", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.RedshiftServerless = github_com_gravitational_teleport_api_types.RedshiftServerless{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.RedshiftServerless + { + a, ok := tf.Attrs["workgroup_name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.WorkgroupName = t + } + } + } + { + a, ok := tf.Attrs["endpoint_name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.EndpointName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.EndpointName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EndpointName = t + } + } + } + { + a, ok := tf.Attrs["workgroup_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.WorkgroupID = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["external_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.ExternalID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.ExternalID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ExternalID = t + } + } + } + { + a, ok := tf.Attrs["assume_role_arn"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.AssumeRoleARN"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.AssumeRoleARN", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AssumeRoleARN = t + } + } + } + { + a, ok := tf.Attrs["opensearch"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.OpenSearch"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.OpenSearch", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.OpenSearch = github_com_gravitational_teleport_api_types.OpenSearch{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.OpenSearch + { + a, ok := tf.Attrs["domain_name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.OpenSearch.DomainName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.OpenSearch.DomainName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DomainName = t + } + } + } + { + a, ok := tf.Attrs["domain_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.OpenSearch.DomainID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.OpenSearch.DomainID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DomainID = t + } + } + } + { + a, ok := tf.Attrs["endpoint_type"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.OpenSearch.EndpointType"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.OpenSearch.EndpointType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EndpointType = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["iam_policy_status"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.IAMPolicyStatus"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.IAMPolicyStatus", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.IAMPolicyStatus + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.IAMPolicyStatus(v.Value) + } + obj.IAMPolicyStatus = t + } + } + } + { + a, ok := tf.Attrs["session_tags"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AWS.SessionTags"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.SessionTags", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.SessionTags = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AWS.SessionTags", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SessionTags[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["gcp"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.GCP"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.GCP", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.GCP = github_com_gravitational_teleport_api_types.GCPCloudSQL{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.GCP + { + a, ok := tf.Attrs["project_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.GCP.ProjectID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.GCP.ProjectID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ProjectID = t + } + } + } + { + a, ok := tf.Attrs["instance_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.GCP.InstanceID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.GCP.InstanceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.InstanceID = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["azure"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Azure"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Azure", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Azure = github_com_gravitational_teleport_api_types.Azure{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Azure + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Azure.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Azure.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["resource_id"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Azure.ResourceID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Azure.ResourceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ResourceID = t + } + } + } + { + a, ok := tf.Attrs["redis"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Azure.Redis"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Azure.Redis", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Redis = github_com_gravitational_teleport_api_types.AzureRedis{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Redis + { + a, ok := tf.Attrs["clustering_policy"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Azure.Redis.ClusteringPolicy"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Azure.Redis.ClusteringPolicy", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClusteringPolicy = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["is_flexi_server"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Azure.IsFlexiServer"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Azure.IsFlexiServer", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.IsFlexiServer = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["tls"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.TLS"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.TLS", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.TLS = github_com_gravitational_teleport_api_types.DatabaseTLS{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.TLS + { + a, ok := tf.Attrs["mode"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.TLS.Mode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.TLS.Mode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.DatabaseTLSMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.DatabaseTLSMode(v.Value) + } + obj.Mode = t + } + } + } + { + a, ok := tf.Attrs["ca_cert"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.TLS.CACert"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.TLS.CACert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CACert = t + } + } + } + { + a, ok := tf.Attrs["server_name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.TLS.ServerName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.TLS.ServerName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ServerName = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["ad"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AD"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AD", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.AD = github_com_gravitational_teleport_api_types.AD{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.AD + { + a, ok := tf.Attrs["keytab_file"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AD.KeytabFile"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AD.KeytabFile", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KeytabFile = t + } + } + } + { + a, ok := tf.Attrs["krb5_file"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AD.Krb5File"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AD.Krb5File", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Krb5File = t + } + } + } + { + a, ok := tf.Attrs["domain"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AD.Domain"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AD.Domain", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Domain = t + } + } + } + { + a, ok := tf.Attrs["spn"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AD.SPN"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AD.SPN", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SPN = t + } + } + } + { + a, ok := tf.Attrs["ldap_cert"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AD.LDAPCert"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AD.LDAPCert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.LDAPCert = t + } + } + } + { + a, ok := tf.Attrs["kdc_host_name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AD.KDCHostName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AD.KDCHostName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KDCHostName = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["mysql"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.MySQL"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.MySQL", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.MySQL = github_com_gravitational_teleport_api_types.MySQLOptions{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.MySQL + { + a, ok := tf.Attrs["server_version"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.MySQL.ServerVersion"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.MySQL.ServerVersion", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ServerVersion = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["admin_user"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AdminUser"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AdminUser", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.AdminUser = nil + if !v.Null && !v.Unknown { + tf := v + obj.AdminUser = &github_com_gravitational_teleport_api_types.DatabaseAdminUser{} + obj := obj.AdminUser + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AdminUser.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AdminUser.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["default_database"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.AdminUser.DefaultDatabase"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.AdminUser.DefaultDatabase", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DefaultDatabase = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["mongo_atlas"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.MongoAtlas"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.MongoAtlas", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.MongoAtlas = github_com_gravitational_teleport_api_types.MongoAtlas{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.MongoAtlas + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.MongoAtlas.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.MongoAtlas.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["oracle"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Oracle"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Oracle", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Oracle = github_com_gravitational_teleport_api_types.OracleOptions{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Oracle + { + a, ok := tf.Attrs["audit_user"] + if !ok { + diags.Append(attrReadMissingDiag{"DatabaseV3.Spec.Oracle.AuditUser"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"DatabaseV3.Spec.Oracle.AuditUser", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AuditUser = t + } + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyDatabaseV3ToTerraform copies contents of the source Terraform object into a target struct +func CopyDatabaseV3ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.DatabaseV3, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["protocol"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Protocol"}) + } else { + v, ok := tf.Attrs["protocol"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.Protocol", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Protocol", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Protocol) == "" + } + v.Value = string(obj.Protocol) + v.Unknown = false + tf.Attrs["protocol"] = v + } + } + { + t, ok := tf.AttrTypes["uri"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.URI"}) + } else { + v, ok := tf.Attrs["uri"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.URI", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.URI", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.URI) == "" + } + v.Value = string(obj.URI) + v.Unknown = false + tf.Attrs["uri"] = v + } + } + { + t, ok := tf.AttrTypes["ca_cert"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.CACert"}) + } else { + v, ok := tf.Attrs["ca_cert"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.CACert", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.CACert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CACert) == "" + } + v.Value = string(obj.CACert) + v.Unknown = false + tf.Attrs["ca_cert"] = v + } + } + { + a, ok := tf.AttrTypes["dynamic_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.DynamicLabels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["dynamic_labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DynamicLabels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DynamicLabels)) + } + } + if obj.DynamicLabels != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + for k, a := range obj.DynamicLabels { + v, ok := tf.Attrs["dynamic_labels"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["period"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.DynamicLabels.Period"}) + } else { + v, ok := tf.Attrs["period"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.DynamicLabels.Period", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels.Period", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.Period) + v.Unknown = false + tf.Attrs["period"] = v + } + } + { + a, ok := tf.AttrTypes["command"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.DynamicLabels.Command"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels.Command", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["command"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Command)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Command)) + } + } + if obj.Command != nil { + t := o.ElemType + if len(obj.Command) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Command)) + } + for k, a := range obj.Command { + v, ok := tf.Attrs["command"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.DynamicLabels.Command", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels.Command", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Command) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["command"] = c + } + } + } + { + t, ok := tf.AttrTypes["result"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.DynamicLabels.Result"}) + } else { + v, ok := tf.Attrs["result"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.DynamicLabels.Result", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.DynamicLabels.Result", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Result) == "" + } + v.Value = string(obj.Result) + v.Unknown = false + tf.Attrs["result"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DynamicLabels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["dynamic_labels"] = c + } + } + } + { + a, ok := tf.AttrTypes["aws"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["aws"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.AWS + tf := &v + { + t, ok := tf.AttrTypes["region"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.Region"}) + } else { + v, ok := tf.Attrs["region"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.Region", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.Region", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Region) == "" + } + v.Value = string(obj.Region) + v.Unknown = false + tf.Attrs["region"] = v + } + } + { + a, ok := tf.AttrTypes["redshift"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.Redshift"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.Redshift", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["redshift"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Redshift + tf := &v + { + t, ok := tf.AttrTypes["cluster_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.Redshift.ClusterID"}) + } else { + v, ok := tf.Attrs["cluster_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.Redshift.ClusterID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.Redshift.ClusterID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClusterID) == "" + } + v.Value = string(obj.ClusterID) + v.Unknown = false + tf.Attrs["cluster_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["redshift"] = v + } + } + } + { + a, ok := tf.AttrTypes["rds"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDS"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["rds"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.RDS + tf := &v + { + t, ok := tf.AttrTypes["instance_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDS.InstanceID"}) + } else { + v, ok := tf.Attrs["instance_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDS.InstanceID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.InstanceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.InstanceID) == "" + } + v.Value = string(obj.InstanceID) + v.Unknown = false + tf.Attrs["instance_id"] = v + } + } + { + t, ok := tf.AttrTypes["cluster_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDS.ClusterID"}) + } else { + v, ok := tf.Attrs["cluster_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDS.ClusterID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.ClusterID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClusterID) == "" + } + v.Value = string(obj.ClusterID) + v.Unknown = false + tf.Attrs["cluster_id"] = v + } + } + { + t, ok := tf.AttrTypes["resource_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDS.ResourceID"}) + } else { + v, ok := tf.Attrs["resource_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDS.ResourceID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.ResourceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ResourceID) == "" + } + v.Value = string(obj.ResourceID) + v.Unknown = false + tf.Attrs["resource_id"] = v + } + } + { + t, ok := tf.AttrTypes["iam_auth"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDS.IAMAuth"}) + } else { + v, ok := tf.Attrs["iam_auth"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDS.IAMAuth", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.IAMAuth", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.IAMAuth) == false + } + v.Value = bool(obj.IAMAuth) + v.Unknown = false + tf.Attrs["iam_auth"] = v + } + } + { + a, ok := tf.AttrTypes["subnets"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDS.Subnets"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.Subnets", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["subnets"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Subnets)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Subnets)) + } + } + if obj.Subnets != nil { + t := o.ElemType + if len(obj.Subnets) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Subnets)) + } + for k, a := range obj.Subnets { + v, ok := tf.Attrs["subnets"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDS.Subnets", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.Subnets", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Subnets) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["subnets"] = c + } + } + } + { + t, ok := tf.AttrTypes["vpc_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDS.VPCID"}) + } else { + v, ok := tf.Attrs["vpc_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDS.VPCID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDS.VPCID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.VPCID) == "" + } + v.Value = string(obj.VPCID) + v.Unknown = false + tf.Attrs["vpc_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["rds"] = v + } + } + } + { + t, ok := tf.AttrTypes["account_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.AccountID"}) + } else { + v, ok := tf.Attrs["account_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.AccountID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.AccountID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AccountID) == "" + } + v.Value = string(obj.AccountID) + v.Unknown = false + tf.Attrs["account_id"] = v + } + } + { + a, ok := tf.AttrTypes["elasticache"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["elasticache"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.ElastiCache + tf := &v + { + t, ok := tf.AttrTypes["replication_group_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache.ReplicationGroupID"}) + } else { + v, ok := tf.Attrs["replication_group_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.ElastiCache.ReplicationGroupID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.ReplicationGroupID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ReplicationGroupID) == "" + } + v.Value = string(obj.ReplicationGroupID) + v.Unknown = false + tf.Attrs["replication_group_id"] = v + } + } + { + a, ok := tf.AttrTypes["user_group_ids"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache.UserGroupIDs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.UserGroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["user_group_ids"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.UserGroupIDs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.UserGroupIDs)) + } + } + if obj.UserGroupIDs != nil { + t := o.ElemType + if len(obj.UserGroupIDs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.UserGroupIDs)) + } + for k, a := range obj.UserGroupIDs { + v, ok := tf.Attrs["user_group_ids"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.ElastiCache.UserGroupIDs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.UserGroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.UserGroupIDs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["user_group_ids"] = c + } + } + } + { + t, ok := tf.AttrTypes["transit_encryption_enabled"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache.TransitEncryptionEnabled"}) + } else { + v, ok := tf.Attrs["transit_encryption_enabled"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.ElastiCache.TransitEncryptionEnabled", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.TransitEncryptionEnabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.TransitEncryptionEnabled) == false + } + v.Value = bool(obj.TransitEncryptionEnabled) + v.Unknown = false + tf.Attrs["transit_encryption_enabled"] = v + } + } + { + t, ok := tf.AttrTypes["endpoint_type"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.ElastiCache.EndpointType"}) + } else { + v, ok := tf.Attrs["endpoint_type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.ElastiCache.EndpointType", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.ElastiCache.EndpointType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EndpointType) == "" + } + v.Value = string(obj.EndpointType) + v.Unknown = false + tf.Attrs["endpoint_type"] = v + } + } + } + v.Unknown = false + tf.Attrs["elasticache"] = v + } + } + } + { + a, ok := tf.AttrTypes["secret_store"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.SecretStore"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.SecretStore", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["secret_store"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.SecretStore + tf := &v + { + t, ok := tf.AttrTypes["key_prefix"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.SecretStore.KeyPrefix"}) + } else { + v, ok := tf.Attrs["key_prefix"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.SecretStore.KeyPrefix", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.SecretStore.KeyPrefix", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.KeyPrefix) == "" + } + v.Value = string(obj.KeyPrefix) + v.Unknown = false + tf.Attrs["key_prefix"] = v + } + } + { + t, ok := tf.AttrTypes["kms_key_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.SecretStore.KMSKeyID"}) + } else { + v, ok := tf.Attrs["kms_key_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.SecretStore.KMSKeyID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.SecretStore.KMSKeyID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.KMSKeyID) == "" + } + v.Value = string(obj.KMSKeyID) + v.Unknown = false + tf.Attrs["kms_key_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["secret_store"] = v + } + } + } + { + a, ok := tf.AttrTypes["memorydb"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["memorydb"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.MemoryDB + tf := &v + { + t, ok := tf.AttrTypes["cluster_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB.ClusterName"}) + } else { + v, ok := tf.Attrs["cluster_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.MemoryDB.ClusterName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB.ClusterName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClusterName) == "" + } + v.Value = string(obj.ClusterName) + v.Unknown = false + tf.Attrs["cluster_name"] = v + } + } + { + t, ok := tf.AttrTypes["acl_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB.ACLName"}) + } else { + v, ok := tf.Attrs["acl_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.MemoryDB.ACLName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB.ACLName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ACLName) == "" + } + v.Value = string(obj.ACLName) + v.Unknown = false + tf.Attrs["acl_name"] = v + } + } + { + t, ok := tf.AttrTypes["tls_enabled"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB.TLSEnabled"}) + } else { + v, ok := tf.Attrs["tls_enabled"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.MemoryDB.TLSEnabled", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB.TLSEnabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.TLSEnabled) == false + } + v.Value = bool(obj.TLSEnabled) + v.Unknown = false + tf.Attrs["tls_enabled"] = v + } + } + { + t, ok := tf.AttrTypes["endpoint_type"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.MemoryDB.EndpointType"}) + } else { + v, ok := tf.Attrs["endpoint_type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.MemoryDB.EndpointType", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.MemoryDB.EndpointType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EndpointType) == "" + } + v.Value = string(obj.EndpointType) + v.Unknown = false + tf.Attrs["endpoint_type"] = v + } + } + } + v.Unknown = false + tf.Attrs["memorydb"] = v + } + } + } + { + a, ok := tf.AttrTypes["rdsproxy"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDSProxy"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDSProxy", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["rdsproxy"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.RDSProxy + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDSProxy.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDSProxy.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDSProxy.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["custom_endpoint_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDSProxy.CustomEndpointName"}) + } else { + v, ok := tf.Attrs["custom_endpoint_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDSProxy.CustomEndpointName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDSProxy.CustomEndpointName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CustomEndpointName) == "" + } + v.Value = string(obj.CustomEndpointName) + v.Unknown = false + tf.Attrs["custom_endpoint_name"] = v + } + } + { + t, ok := tf.AttrTypes["resource_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RDSProxy.ResourceID"}) + } else { + v, ok := tf.Attrs["resource_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RDSProxy.ResourceID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RDSProxy.ResourceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ResourceID) == "" + } + v.Value = string(obj.ResourceID) + v.Unknown = false + tf.Attrs["resource_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["rdsproxy"] = v + } + } + } + { + a, ok := tf.AttrTypes["redshift_serverless"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RedshiftServerless"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RedshiftServerless", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["redshift_serverless"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.RedshiftServerless + tf := &v + { + t, ok := tf.AttrTypes["workgroup_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupName"}) + } else { + v, ok := tf.Attrs["workgroup_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.WorkgroupName) == "" + } + v.Value = string(obj.WorkgroupName) + v.Unknown = false + tf.Attrs["workgroup_name"] = v + } + } + { + t, ok := tf.AttrTypes["endpoint_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.EndpointName"}) + } else { + v, ok := tf.Attrs["endpoint_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RedshiftServerless.EndpointName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.EndpointName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EndpointName) == "" + } + v.Value = string(obj.EndpointName) + v.Unknown = false + tf.Attrs["endpoint_name"] = v + } + } + { + t, ok := tf.AttrTypes["workgroup_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupID"}) + } else { + v, ok := tf.Attrs["workgroup_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.RedshiftServerless.WorkgroupID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.WorkgroupID) == "" + } + v.Value = string(obj.WorkgroupID) + v.Unknown = false + tf.Attrs["workgroup_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["redshift_serverless"] = v + } + } + } + { + t, ok := tf.AttrTypes["external_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.ExternalID"}) + } else { + v, ok := tf.Attrs["external_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.ExternalID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.ExternalID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ExternalID) == "" + } + v.Value = string(obj.ExternalID) + v.Unknown = false + tf.Attrs["external_id"] = v + } + } + { + t, ok := tf.AttrTypes["assume_role_arn"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.AssumeRoleARN"}) + } else { + v, ok := tf.Attrs["assume_role_arn"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.AssumeRoleARN", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.AssumeRoleARN", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AssumeRoleARN) == "" + } + v.Value = string(obj.AssumeRoleARN) + v.Unknown = false + tf.Attrs["assume_role_arn"] = v + } + } + { + a, ok := tf.AttrTypes["opensearch"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.OpenSearch"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.OpenSearch", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["opensearch"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.OpenSearch + tf := &v + { + t, ok := tf.AttrTypes["domain_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.OpenSearch.DomainName"}) + } else { + v, ok := tf.Attrs["domain_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.OpenSearch.DomainName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.OpenSearch.DomainName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DomainName) == "" + } + v.Value = string(obj.DomainName) + v.Unknown = false + tf.Attrs["domain_name"] = v + } + } + { + t, ok := tf.AttrTypes["domain_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.OpenSearch.DomainID"}) + } else { + v, ok := tf.Attrs["domain_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.OpenSearch.DomainID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.OpenSearch.DomainID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DomainID) == "" + } + v.Value = string(obj.DomainID) + v.Unknown = false + tf.Attrs["domain_id"] = v + } + } + { + t, ok := tf.AttrTypes["endpoint_type"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.OpenSearch.EndpointType"}) + } else { + v, ok := tf.Attrs["endpoint_type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.OpenSearch.EndpointType", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.OpenSearch.EndpointType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EndpointType) == "" + } + v.Value = string(obj.EndpointType) + v.Unknown = false + tf.Attrs["endpoint_type"] = v + } + } + } + v.Unknown = false + tf.Attrs["opensearch"] = v + } + } + } + { + t, ok := tf.AttrTypes["iam_policy_status"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.IAMPolicyStatus"}) + } else { + v, ok := tf.Attrs["iam_policy_status"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.IAMPolicyStatus", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.IAMPolicyStatus", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.IAMPolicyStatus) == 0 + } + v.Value = int64(obj.IAMPolicyStatus) + v.Unknown = false + tf.Attrs["iam_policy_status"] = v + } + } + { + a, ok := tf.AttrTypes["session_tags"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AWS.SessionTags"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.SessionTags", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["session_tags"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SessionTags)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SessionTags)) + } + } + if obj.SessionTags != nil { + t := o.ElemType + for k, a := range obj.SessionTags { + v, ok := tf.Attrs["session_tags"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AWS.SessionTags", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AWS.SessionTags", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SessionTags) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["session_tags"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["aws"] = v + } + } + } + { + a, ok := tf.AttrTypes["gcp"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.GCP"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.GCP", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["gcp"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.GCP + tf := &v + { + t, ok := tf.AttrTypes["project_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.GCP.ProjectID"}) + } else { + v, ok := tf.Attrs["project_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.GCP.ProjectID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.GCP.ProjectID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ProjectID) == "" + } + v.Value = string(obj.ProjectID) + v.Unknown = false + tf.Attrs["project_id"] = v + } + } + { + t, ok := tf.AttrTypes["instance_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.GCP.InstanceID"}) + } else { + v, ok := tf.Attrs["instance_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.GCP.InstanceID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.GCP.InstanceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.InstanceID) == "" + } + v.Value = string(obj.InstanceID) + v.Unknown = false + tf.Attrs["instance_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["gcp"] = v + } + } + } + { + a, ok := tf.AttrTypes["azure"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Azure"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Azure", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["azure"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Azure + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Azure.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.Azure.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Azure.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["resource_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Azure.ResourceID"}) + } else { + v, ok := tf.Attrs["resource_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.Azure.ResourceID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Azure.ResourceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ResourceID) == "" + } + v.Value = string(obj.ResourceID) + v.Unknown = false + tf.Attrs["resource_id"] = v + } + } + { + a, ok := tf.AttrTypes["redis"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Azure.Redis"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Azure.Redis", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["redis"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Redis + tf := &v + { + t, ok := tf.AttrTypes["clustering_policy"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Azure.Redis.ClusteringPolicy"}) + } else { + v, ok := tf.Attrs["clustering_policy"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.Azure.Redis.ClusteringPolicy", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Azure.Redis.ClusteringPolicy", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClusteringPolicy) == "" + } + v.Value = string(obj.ClusteringPolicy) + v.Unknown = false + tf.Attrs["clustering_policy"] = v + } + } + } + v.Unknown = false + tf.Attrs["redis"] = v + } + } + } + { + t, ok := tf.AttrTypes["is_flexi_server"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Azure.IsFlexiServer"}) + } else { + v, ok := tf.Attrs["is_flexi_server"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.Azure.IsFlexiServer", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Azure.IsFlexiServer", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.IsFlexiServer) == false + } + v.Value = bool(obj.IsFlexiServer) + v.Unknown = false + tf.Attrs["is_flexi_server"] = v + } + } + } + v.Unknown = false + tf.Attrs["azure"] = v + } + } + } + { + a, ok := tf.AttrTypes["tls"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.TLS"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.TLS", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["tls"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.TLS + tf := &v + { + t, ok := tf.AttrTypes["mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.TLS.Mode"}) + } else { + v, ok := tf.Attrs["mode"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.TLS.Mode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.TLS.Mode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Mode) == 0 + } + v.Value = int64(obj.Mode) + v.Unknown = false + tf.Attrs["mode"] = v + } + } + { + t, ok := tf.AttrTypes["ca_cert"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.TLS.CACert"}) + } else { + v, ok := tf.Attrs["ca_cert"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.TLS.CACert", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.TLS.CACert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CACert) == "" + } + v.Value = string(obj.CACert) + v.Unknown = false + tf.Attrs["ca_cert"] = v + } + } + { + t, ok := tf.AttrTypes["server_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.TLS.ServerName"}) + } else { + v, ok := tf.Attrs["server_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.TLS.ServerName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.TLS.ServerName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ServerName) == "" + } + v.Value = string(obj.ServerName) + v.Unknown = false + tf.Attrs["server_name"] = v + } + } + } + v.Unknown = false + tf.Attrs["tls"] = v + } + } + } + { + a, ok := tf.AttrTypes["ad"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AD"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AD", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["ad"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.AD + tf := &v + { + t, ok := tf.AttrTypes["keytab_file"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AD.KeytabFile"}) + } else { + v, ok := tf.Attrs["keytab_file"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AD.KeytabFile", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AD.KeytabFile", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.KeytabFile) == "" + } + v.Value = string(obj.KeytabFile) + v.Unknown = false + tf.Attrs["keytab_file"] = v + } + } + { + t, ok := tf.AttrTypes["krb5_file"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AD.Krb5File"}) + } else { + v, ok := tf.Attrs["krb5_file"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AD.Krb5File", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AD.Krb5File", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Krb5File) == "" + } + v.Value = string(obj.Krb5File) + v.Unknown = false + tf.Attrs["krb5_file"] = v + } + } + { + t, ok := tf.AttrTypes["domain"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AD.Domain"}) + } else { + v, ok := tf.Attrs["domain"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AD.Domain", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AD.Domain", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Domain) == "" + } + v.Value = string(obj.Domain) + v.Unknown = false + tf.Attrs["domain"] = v + } + } + { + t, ok := tf.AttrTypes["spn"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AD.SPN"}) + } else { + v, ok := tf.Attrs["spn"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AD.SPN", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AD.SPN", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SPN) == "" + } + v.Value = string(obj.SPN) + v.Unknown = false + tf.Attrs["spn"] = v + } + } + { + t, ok := tf.AttrTypes["ldap_cert"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AD.LDAPCert"}) + } else { + v, ok := tf.Attrs["ldap_cert"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AD.LDAPCert", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AD.LDAPCert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.LDAPCert) == "" + } + v.Value = string(obj.LDAPCert) + v.Unknown = false + tf.Attrs["ldap_cert"] = v + } + } + { + t, ok := tf.AttrTypes["kdc_host_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AD.KDCHostName"}) + } else { + v, ok := tf.Attrs["kdc_host_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AD.KDCHostName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AD.KDCHostName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.KDCHostName) == "" + } + v.Value = string(obj.KDCHostName) + v.Unknown = false + tf.Attrs["kdc_host_name"] = v + } + } + } + v.Unknown = false + tf.Attrs["ad"] = v + } + } + } + { + a, ok := tf.AttrTypes["mysql"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.MySQL"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.MySQL", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["mysql"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.MySQL + tf := &v + { + t, ok := tf.AttrTypes["server_version"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.MySQL.ServerVersion"}) + } else { + v, ok := tf.Attrs["server_version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.MySQL.ServerVersion", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.MySQL.ServerVersion", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ServerVersion) == "" + } + v.Value = string(obj.ServerVersion) + v.Unknown = false + tf.Attrs["server_version"] = v + } + } + } + v.Unknown = false + tf.Attrs["mysql"] = v + } + } + } + { + a, ok := tf.AttrTypes["admin_user"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AdminUser"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AdminUser", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["admin_user"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.AdminUser == nil { + v.Null = true + } else { + obj := obj.AdminUser + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AdminUser.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AdminUser.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AdminUser.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["default_database"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.AdminUser.DefaultDatabase"}) + } else { + v, ok := tf.Attrs["default_database"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.AdminUser.DefaultDatabase", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.AdminUser.DefaultDatabase", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DefaultDatabase) == "" + } + v.Value = string(obj.DefaultDatabase) + v.Unknown = false + tf.Attrs["default_database"] = v + } + } + } + v.Unknown = false + tf.Attrs["admin_user"] = v + } + } + } + { + a, ok := tf.AttrTypes["mongo_atlas"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.MongoAtlas"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.MongoAtlas", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["mongo_atlas"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.MongoAtlas + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.MongoAtlas.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.MongoAtlas.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.MongoAtlas.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + } + v.Unknown = false + tf.Attrs["mongo_atlas"] = v + } + } + } + { + a, ok := tf.AttrTypes["oracle"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Oracle"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Oracle", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["oracle"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Oracle + tf := &v + { + t, ok := tf.AttrTypes["audit_user"] + if !ok { + diags.Append(attrWriteMissingDiag{"DatabaseV3.Spec.Oracle.AuditUser"}) + } else { + v, ok := tf.Attrs["audit_user"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"DatabaseV3.Spec.Oracle.AuditUser", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"DatabaseV3.Spec.Oracle.AuditUser", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AuditUser) == "" + } + v.Value = string(obj.AuditUser) + v.Unknown = false + tf.Attrs["audit_user"] = v + } + } + } + v.Unknown = false + tf.Attrs["oracle"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyServerV2FromTerraform copies contents of the source Terraform object into a target struct +func CopyServerV2FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.ServerV2) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.ServerSpecV2{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["addr"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Addr"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Addr", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Addr = t + } + } + } + { + a, ok := tf.Attrs["hostname"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Hostname"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Hostname", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Hostname = t + } + } + } + { + a, ok := tf.Attrs["rotation"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Rotation = github_com_gravitational_teleport_api_types.Rotation{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Rotation + { + a, ok := tf.Attrs["state"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.State"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.State", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.State = t + } + } + } + { + a, ok := tf.Attrs["phase"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.Phase"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.Phase", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Phase = t + } + } + } + { + a, ok := tf.Attrs["mode"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.Mode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.Mode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Mode = t + } + } + } + { + a, ok := tf.Attrs["current_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.CurrentID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.CurrentID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CurrentID = t + } + } + } + { + a, ok := tf.Attrs["started"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.Started"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.Started", "TimeValue"}) + } else { + var t time.Time + if !v.Null && !v.Unknown { + t = time.Time(v.Value) + } + obj.Started = t + } + } + } + { + a, ok := tf.Attrs["grace_period"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.GracePeriod"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.GracePeriod", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.GracePeriod = t + } + } + } + { + a, ok := tf.Attrs["last_rotated"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.LastRotated"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.LastRotated", "TimeValue"}) + } else { + var t time.Time + if !v.Null && !v.Unknown { + t = time.Time(v.Value) + } + obj.LastRotated = t + } + } + } + { + a, ok := tf.Attrs["schedule"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.Schedule"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.Schedule", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Schedule = github_com_gravitational_teleport_api_types.RotationSchedule{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Schedule + { + a, ok := tf.Attrs["update_clients"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.Schedule.UpdateClients"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.Schedule.UpdateClients", "TimeValue"}) + } else { + var t time.Time + if !v.Null && !v.Unknown { + t = time.Time(v.Value) + } + obj.UpdateClients = t + } + } + } + { + a, ok := tf.Attrs["update_servers"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.Schedule.UpdateServers"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.Schedule.UpdateServers", "TimeValue"}) + } else { + var t time.Time + if !v.Null && !v.Unknown { + t = time.Time(v.Value) + } + obj.UpdateServers = t + } + } + } + { + a, ok := tf.Attrs["standby"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Rotation.Schedule.Standby"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Rotation.Schedule.Standby", "TimeValue"}) + } else { + var t time.Time + if !v.Null && !v.Unknown { + t = time.Time(v.Value) + } + obj.Standby = t + } + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["use_tunnel"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.UseTunnel"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.UseTunnel", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.UseTunnel = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["peer_addr"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.PeerAddr"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.PeerAddr", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PeerAddr = t + } + } + } + { + a, ok := tf.Attrs["proxy_ids"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.ProxyIDs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.ProxyIDs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ProxyIDs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.ProxyIDs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ProxyIDs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["public_addrs"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.public_addrs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.public_addrs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.PublicAddrs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.public_addrs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PublicAddrs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["cloud_metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.CloudMetadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.CloudMetadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.CloudMetadata = nil + if !v.Null && !v.Unknown { + tf := v + obj.CloudMetadata = &github_com_gravitational_teleport_api_types.CloudMetadata{} + obj := obj.CloudMetadata + { + a, ok := tf.Attrs["aws"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.CloudMetadata.AWS"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.AWS = nil + if !v.Null && !v.Unknown { + tf := v + obj.AWS = &github_com_gravitational_teleport_api_types.AWSInfo{} + obj := obj.AWS + { + a, ok := tf.Attrs["account_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.AccountID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.AccountID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AccountID = t + } + } + } + { + a, ok := tf.Attrs["instance_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.InstanceID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.InstanceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.InstanceID = t + } + } + } + { + a, ok := tf.Attrs["region"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.Region"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.Region", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Region = t + } + } + } + { + a, ok := tf.Attrs["vpc_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.VPCID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.VPCID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.VPCID = t + } + } + } + { + a, ok := tf.Attrs["integration"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.Integration"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.Integration", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Integration = t + } + } + } + { + a, ok := tf.Attrs["subnet_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.SubnetID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.SubnetID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubnetID = t + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyServerV2ToTerraform copies contents of the source Terraform object into a target struct +func CopyServerV2ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.ServerV2, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["addr"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Addr"}) + } else { + v, ok := tf.Attrs["addr"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Addr", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Addr", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Addr) == "" + } + v.Value = string(obj.Addr) + v.Unknown = false + tf.Attrs["addr"] = v + } + } + { + t, ok := tf.AttrTypes["hostname"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Hostname"}) + } else { + v, ok := tf.Attrs["hostname"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Hostname", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Hostname", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Hostname) == "" + } + v.Value = string(obj.Hostname) + v.Unknown = false + tf.Attrs["hostname"] = v + } + } + { + a, ok := tf.AttrTypes["rotation"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["rotation"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Rotation + tf := &v + { + t, ok := tf.AttrTypes["state"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.State"}) + } else { + v, ok := tf.Attrs["state"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.State", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.State", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.State) == "" + } + v.Value = string(obj.State) + v.Unknown = false + tf.Attrs["state"] = v + } + } + { + t, ok := tf.AttrTypes["phase"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.Phase"}) + } else { + v, ok := tf.Attrs["phase"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.Phase", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.Phase", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Phase) == "" + } + v.Value = string(obj.Phase) + v.Unknown = false + tf.Attrs["phase"] = v + } + } + { + t, ok := tf.AttrTypes["mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.Mode"}) + } else { + v, ok := tf.Attrs["mode"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.Mode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.Mode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Mode) == "" + } + v.Value = string(obj.Mode) + v.Unknown = false + tf.Attrs["mode"] = v + } + } + { + t, ok := tf.AttrTypes["current_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.CurrentID"}) + } else { + v, ok := tf.Attrs["current_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.CurrentID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.CurrentID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CurrentID) == "" + } + v.Value = string(obj.CurrentID) + v.Unknown = false + tf.Attrs["current_id"] = v + } + } + { + t, ok := tf.AttrTypes["started"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.Started"}) + } else { + v, ok := tf.Attrs["started"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.Started", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.Started", "TimeValue"}) + } + v.Null = false + } + v.Value = time.Time(obj.Started) + v.Unknown = false + tf.Attrs["started"] = v + } + } + { + t, ok := tf.AttrTypes["grace_period"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.GracePeriod"}) + } else { + v, ok := tf.Attrs["grace_period"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.GracePeriod", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.GracePeriod", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.GracePeriod) + v.Unknown = false + tf.Attrs["grace_period"] = v + } + } + { + t, ok := tf.AttrTypes["last_rotated"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.LastRotated"}) + } else { + v, ok := tf.Attrs["last_rotated"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.LastRotated", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.LastRotated", "TimeValue"}) + } + v.Null = false + } + v.Value = time.Time(obj.LastRotated) + v.Unknown = false + tf.Attrs["last_rotated"] = v + } + } + { + a, ok := tf.AttrTypes["schedule"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.Schedule"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.Schedule", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["schedule"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Schedule + tf := &v + { + t, ok := tf.AttrTypes["update_clients"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.Schedule.UpdateClients"}) + } else { + v, ok := tf.Attrs["update_clients"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.Schedule.UpdateClients", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.Schedule.UpdateClients", "TimeValue"}) + } + v.Null = false + } + v.Value = time.Time(obj.UpdateClients) + v.Unknown = false + tf.Attrs["update_clients"] = v + } + } + { + t, ok := tf.AttrTypes["update_servers"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.Schedule.UpdateServers"}) + } else { + v, ok := tf.Attrs["update_servers"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.Schedule.UpdateServers", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.Schedule.UpdateServers", "TimeValue"}) + } + v.Null = false + } + v.Value = time.Time(obj.UpdateServers) + v.Unknown = false + tf.Attrs["update_servers"] = v + } + } + { + t, ok := tf.AttrTypes["standby"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Rotation.Schedule.Standby"}) + } else { + v, ok := tf.Attrs["standby"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Rotation.Schedule.Standby", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Rotation.Schedule.Standby", "TimeValue"}) + } + v.Null = false + } + v.Value = time.Time(obj.Standby) + v.Unknown = false + tf.Attrs["standby"] = v + } + } + } + v.Unknown = false + tf.Attrs["schedule"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["rotation"] = v + } + } + } + { + t, ok := tf.AttrTypes["use_tunnel"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.UseTunnel"}) + } else { + v, ok := tf.Attrs["use_tunnel"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.UseTunnel", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.UseTunnel", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.UseTunnel) == false + } + v.Value = bool(obj.UseTunnel) + v.Unknown = false + tf.Attrs["use_tunnel"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + t, ok := tf.AttrTypes["peer_addr"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.PeerAddr"}) + } else { + v, ok := tf.Attrs["peer_addr"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.PeerAddr", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.PeerAddr", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.PeerAddr) == "" + } + v.Value = string(obj.PeerAddr) + v.Unknown = false + tf.Attrs["peer_addr"] = v + } + } + { + a, ok := tf.AttrTypes["proxy_ids"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.ProxyIDs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.ProxyIDs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["proxy_ids"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ProxyIDs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ProxyIDs)) + } + } + if obj.ProxyIDs != nil { + t := o.ElemType + if len(obj.ProxyIDs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ProxyIDs)) + } + for k, a := range obj.ProxyIDs { + v, ok := tf.Attrs["proxy_ids"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.ProxyIDs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.ProxyIDs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ProxyIDs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["proxy_ids"] = c + } + } + } + { + a, ok := tf.AttrTypes["public_addrs"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.public_addrs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.public_addrs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["public_addrs"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PublicAddrs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PublicAddrs)) + } + } + if obj.PublicAddrs != nil { + t := o.ElemType + if len(obj.PublicAddrs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PublicAddrs)) + } + for k, a := range obj.PublicAddrs { + v, ok := tf.Attrs["public_addrs"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.public_addrs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.public_addrs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.PublicAddrs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["public_addrs"] = c + } + } + } + { + a, ok := tf.AttrTypes["cloud_metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.CloudMetadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.CloudMetadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["cloud_metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.CloudMetadata == nil { + v.Null = true + } else { + obj := obj.CloudMetadata + tf := &v + { + a, ok := tf.AttrTypes["aws"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.CloudMetadata.AWS"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["aws"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.AWS == nil { + v.Null = true + } else { + obj := obj.AWS + tf := &v + { + t, ok := tf.AttrTypes["account_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.AccountID"}) + } else { + v, ok := tf.Attrs["account_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.CloudMetadata.AWS.AccountID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.AccountID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AccountID) == "" + } + v.Value = string(obj.AccountID) + v.Unknown = false + tf.Attrs["account_id"] = v + } + } + { + t, ok := tf.AttrTypes["instance_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.InstanceID"}) + } else { + v, ok := tf.Attrs["instance_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.CloudMetadata.AWS.InstanceID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.InstanceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.InstanceID) == "" + } + v.Value = string(obj.InstanceID) + v.Unknown = false + tf.Attrs["instance_id"] = v + } + } + { + t, ok := tf.AttrTypes["region"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.Region"}) + } else { + v, ok := tf.Attrs["region"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.CloudMetadata.AWS.Region", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.Region", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Region) == "" + } + v.Value = string(obj.Region) + v.Unknown = false + tf.Attrs["region"] = v + } + } + { + t, ok := tf.AttrTypes["vpc_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.VPCID"}) + } else { + v, ok := tf.Attrs["vpc_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.CloudMetadata.AWS.VPCID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.VPCID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.VPCID) == "" + } + v.Value = string(obj.VPCID) + v.Unknown = false + tf.Attrs["vpc_id"] = v + } + } + { + t, ok := tf.AttrTypes["integration"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.Integration"}) + } else { + v, ok := tf.Attrs["integration"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.CloudMetadata.AWS.Integration", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.Integration", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Integration) == "" + } + v.Value = string(obj.Integration) + v.Unknown = false + tf.Attrs["integration"] = v + } + } + { + t, ok := tf.AttrTypes["subnet_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ServerV2.Spec.CloudMetadata.AWS.SubnetID"}) + } else { + v, ok := tf.Attrs["subnet_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ServerV2.Spec.CloudMetadata.AWS.SubnetID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ServerV2.Spec.CloudMetadata.AWS.SubnetID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubnetID) == "" + } + v.Value = string(obj.SubnetID) + v.Unknown = false + tf.Attrs["subnet_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["aws"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["cloud_metadata"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyAppV3FromTerraform copies contents of the source Terraform object into a target struct +func CopyAppV3FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.AppV3) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.AppSpecV3{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["uri"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.URI"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.URI", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.URI = t + } + } + } + { + a, ok := tf.Attrs["public_addr"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.PublicAddr"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.PublicAddr", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PublicAddr = t + } + } + } + { + a, ok := tf.Attrs["dynamic_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.DynamicLabels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.DynamicLabels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.DynamicLabels = make(map[string]github_com_gravitational_teleport_api_types.CommandLabelV2, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.DynamicLabels", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.CommandLabelV2 + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["period"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.DynamicLabels.Period"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.DynamicLabels.Period", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.Period = t + } + } + } + { + a, ok := tf.Attrs["command"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.DynamicLabels.Command"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.DynamicLabels.Command", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Command = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.DynamicLabels.Command", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Command[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["result"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.DynamicLabels.Result"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.DynamicLabels.Result", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Result = t + } + } + } + } + obj.DynamicLabels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["insecure_skip_verify"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.InsecureSkipVerify"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.InsecureSkipVerify", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.InsecureSkipVerify = t + } + } + } + { + a, ok := tf.Attrs["rewrite"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.Rewrite"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Rewrite", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Rewrite = nil + if !v.Null && !v.Unknown { + tf := v + obj.Rewrite = &github_com_gravitational_teleport_api_types.Rewrite{} + obj := obj.Rewrite + { + a, ok := tf.Attrs["redirect"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.Rewrite.Redirect"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Rewrite.Redirect", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Redirect = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Rewrite.Redirect", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Redirect[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["headers"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.Rewrite.Headers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Rewrite.Headers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Headers = make([]*github_com_gravitational_teleport_api_types.Header, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Rewrite.Headers", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.Header + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.Header{} + obj := t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.Rewrite.Headers.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Rewrite.Headers.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["value"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.Rewrite.Headers.Value"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Rewrite.Headers.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Value = t + } + } + } + } + obj.Headers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["jwt_claims"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.Rewrite.JWTClaims"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Rewrite.JWTClaims", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.JWTClaims = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["aws"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.AWS"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.AWS", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.AWS = nil + if !v.Null && !v.Unknown { + tf := v + obj.AWS = &github_com_gravitational_teleport_api_types.AppAWS{} + obj := obj.AWS + { + a, ok := tf.Attrs["external_id"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.AWS.ExternalID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.AWS.ExternalID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ExternalID = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["cloud"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.Cloud"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Cloud", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Cloud = t + } + } + } + { + a, ok := tf.Attrs["user_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.UserGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.UserGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.UserGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.UserGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.UserGroups[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["integration"] + if !ok { + diags.Append(attrReadMissingDiag{"AppV3.Spec.Integration"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AppV3.Spec.Integration", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Integration = t + } + } + } + } + } + } + } + return diags +} + +// CopyAppV3ToTerraform copies contents of the source Terraform object into a target struct +func CopyAppV3ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.AppV3, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["uri"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.URI"}) + } else { + v, ok := tf.Attrs["uri"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.URI", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.URI", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.URI) == "" + } + v.Value = string(obj.URI) + v.Unknown = false + tf.Attrs["uri"] = v + } + } + { + t, ok := tf.AttrTypes["public_addr"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.PublicAddr"}) + } else { + v, ok := tf.Attrs["public_addr"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.PublicAddr", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.PublicAddr", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.PublicAddr) == "" + } + v.Value = string(obj.PublicAddr) + v.Unknown = false + tf.Attrs["public_addr"] = v + } + } + { + a, ok := tf.AttrTypes["dynamic_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.DynamicLabels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.DynamicLabels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["dynamic_labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DynamicLabels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DynamicLabels)) + } + } + if obj.DynamicLabels != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + for k, a := range obj.DynamicLabels { + v, ok := tf.Attrs["dynamic_labels"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["period"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.DynamicLabels.Period"}) + } else { + v, ok := tf.Attrs["period"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.DynamicLabels.Period", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.DynamicLabels.Period", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.Period) + v.Unknown = false + tf.Attrs["period"] = v + } + } + { + a, ok := tf.AttrTypes["command"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.DynamicLabels.Command"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.DynamicLabels.Command", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["command"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Command)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Command)) + } + } + if obj.Command != nil { + t := o.ElemType + if len(obj.Command) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Command)) + } + for k, a := range obj.Command { + v, ok := tf.Attrs["command"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.DynamicLabels.Command", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.DynamicLabels.Command", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Command) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["command"] = c + } + } + } + { + t, ok := tf.AttrTypes["result"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.DynamicLabels.Result"}) + } else { + v, ok := tf.Attrs["result"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.DynamicLabels.Result", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.DynamicLabels.Result", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Result) == "" + } + v.Value = string(obj.Result) + v.Unknown = false + tf.Attrs["result"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DynamicLabels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["dynamic_labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["insecure_skip_verify"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.InsecureSkipVerify"}) + } else { + v, ok := tf.Attrs["insecure_skip_verify"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.InsecureSkipVerify", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.InsecureSkipVerify", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.InsecureSkipVerify) == false + } + v.Value = bool(obj.InsecureSkipVerify) + v.Unknown = false + tf.Attrs["insecure_skip_verify"] = v + } + } + { + a, ok := tf.AttrTypes["rewrite"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.Rewrite"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Rewrite", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["rewrite"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Rewrite == nil { + v.Null = true + } else { + obj := obj.Rewrite + tf := &v + { + a, ok := tf.AttrTypes["redirect"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.Rewrite.Redirect"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Rewrite.Redirect", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["redirect"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Redirect)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Redirect)) + } + } + if obj.Redirect != nil { + t := o.ElemType + if len(obj.Redirect) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Redirect)) + } + for k, a := range obj.Redirect { + v, ok := tf.Attrs["redirect"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.Rewrite.Redirect", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Rewrite.Redirect", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Redirect) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["redirect"] = c + } + } + } + { + a, ok := tf.AttrTypes["headers"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.Rewrite.Headers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Rewrite.Headers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["headers"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Headers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Headers)) + } + } + if obj.Headers != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Headers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Headers)) + } + for k, a := range obj.Headers { + v, ok := tf.Attrs["headers"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.Rewrite.Headers.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.Rewrite.Headers.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Rewrite.Headers.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["value"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.Rewrite.Headers.Value"}) + } else { + v, ok := tf.Attrs["value"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.Rewrite.Headers.Value", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Rewrite.Headers.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Value) == "" + } + v.Value = string(obj.Value) + v.Unknown = false + tf.Attrs["value"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Headers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["headers"] = c + } + } + } + { + t, ok := tf.AttrTypes["jwt_claims"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.Rewrite.JWTClaims"}) + } else { + v, ok := tf.Attrs["jwt_claims"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.Rewrite.JWTClaims", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Rewrite.JWTClaims", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.JWTClaims) == "" + } + v.Value = string(obj.JWTClaims) + v.Unknown = false + tf.Attrs["jwt_claims"] = v + } + } + } + v.Unknown = false + tf.Attrs["rewrite"] = v + } + } + } + { + a, ok := tf.AttrTypes["aws"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.AWS"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.AWS", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["aws"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.AWS == nil { + v.Null = true + } else { + obj := obj.AWS + tf := &v + { + t, ok := tf.AttrTypes["external_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.AWS.ExternalID"}) + } else { + v, ok := tf.Attrs["external_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.AWS.ExternalID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.AWS.ExternalID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ExternalID) == "" + } + v.Value = string(obj.ExternalID) + v.Unknown = false + tf.Attrs["external_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["aws"] = v + } + } + } + { + t, ok := tf.AttrTypes["cloud"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.Cloud"}) + } else { + v, ok := tf.Attrs["cloud"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.Cloud", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Cloud", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Cloud) == "" + } + v.Value = string(obj.Cloud) + v.Unknown = false + tf.Attrs["cloud"] = v + } + } + { + a, ok := tf.AttrTypes["user_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.UserGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.UserGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["user_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.UserGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.UserGroups)) + } + } + if obj.UserGroups != nil { + t := o.ElemType + if len(obj.UserGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.UserGroups)) + } + for k, a := range obj.UserGroups { + v, ok := tf.Attrs["user_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.UserGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.UserGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.UserGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["user_groups"] = c + } + } + } + { + t, ok := tf.AttrTypes["integration"] + if !ok { + diags.Append(attrWriteMissingDiag{"AppV3.Spec.Integration"}) + } else { + v, ok := tf.Attrs["integration"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AppV3.Spec.Integration", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AppV3.Spec.Integration", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Integration) == "" + } + v.Value = string(obj.Integration) + v.Unknown = false + tf.Attrs["integration"] = v + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyProvisionTokenV2FromTerraform copies contents of the source Terraform object into a target struct +func CopyProvisionTokenV2FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.ProvisionTokenV2) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]github_com_gravitational_teleport_api_types.SystemRole, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t github_com_gravitational_teleport_api_types.SystemRole + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.SystemRole(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Allow", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Allow = make([]*github_com_gravitational_teleport_api_types.TokenRule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Allow", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.TokenRule + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.TokenRule{} + obj := t + { + a, ok := tf.Attrs["aws_account"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Allow.AWSAccount"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSAccount", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AWSAccount = t + } + } + } + { + a, ok := tf.Attrs["aws_regions"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Allow.AWSRegions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSRegions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AWSRegions = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSRegions", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AWSRegions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["aws_role"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Allow.AWSRole"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSRole", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AWSRole = t + } + } + } + { + a, ok := tf.Attrs["aws_arn"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Allow.AWSARN"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSARN", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AWSARN = t + } + } + } + } + obj.Allow[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["aws_iid_ttl"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.AWSIIDTTL"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.AWSIIDTTL", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.AWSIIDTTL = t + } + } + } + { + a, ok := tf.Attrs["join_method"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.JoinMethod"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.JoinMethod", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t github_com_gravitational_teleport_api_types.JoinMethod + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.JoinMethod(v.Value) + } + obj.JoinMethod = t + } + } + } + { + a, ok := tf.Attrs["bot_name"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.BotName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.BotName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.BotName = t + } + } + } + { + a, ok := tf.Attrs["suggested_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.SuggestedLabels"}) + } + CopyFromLabels(diags, a, &obj.SuggestedLabels) + } + { + a, ok := tf.Attrs["github"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.GitHub = nil + if !v.Null && !v.Unknown { + tf := v + obj.GitHub = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GitHub{} + obj := obj.GitHub + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Allow = make([]*github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GitHub_Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GitHub_Rule + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GitHub_Rule{} + obj := t + { + a, ok := tf.Attrs["sub"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Sub"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Sub", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Sub = t + } + } + } + { + a, ok := tf.Attrs["repository"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Repository"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Repository", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Repository = t + } + } + } + { + a, ok := tf.Attrs["repository_owner"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.RepositoryOwner"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.RepositoryOwner", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.RepositoryOwner = t + } + } + } + { + a, ok := tf.Attrs["workflow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Workflow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Workflow", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Workflow = t + } + } + } + { + a, ok := tf.Attrs["environment"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Environment"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Environment", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Environment = t + } + } + } + { + a, ok := tf.Attrs["actor"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Actor"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Actor", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Actor = t + } + } + } + { + a, ok := tf.Attrs["ref"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Ref"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Ref", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Ref = t + } + } + } + { + a, ok := tf.Attrs["ref_type"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.RefType"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.RefType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.RefType = t + } + } + } + } + obj.Allow[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["enterprise_server_host"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.EnterpriseServerHost"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.EnterpriseServerHost", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EnterpriseServerHost = t + } + } + } + { + a, ok := tf.Attrs["enterprise_slug"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitHub.EnterpriseSlug"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.EnterpriseSlug", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EnterpriseSlug = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["circleci"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.CircleCI"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.CircleCI = nil + if !v.Null && !v.Unknown { + tf := v + obj.CircleCI = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2CircleCI{} + obj := obj.CircleCI + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.CircleCI.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.Allow", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Allow = make([]*github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2CircleCI_Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.Allow", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2CircleCI_Rule + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2CircleCI_Rule{} + obj := t + { + a, ok := tf.Attrs["project_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.CircleCI.Allow.ProjectID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.Allow.ProjectID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ProjectID = t + } + } + } + { + a, ok := tf.Attrs["context_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.CircleCI.Allow.ContextID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.Allow.ContextID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ContextID = t + } + } + } + } + obj.Allow[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["organization_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.CircleCI.OrganizationID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.OrganizationID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.OrganizationID = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["suggested_agent_matcher_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.SuggestedAgentMatcherLabels"}) + } + CopyFromLabels(diags, a, &obj.SuggestedAgentMatcherLabels) + } + { + a, ok := tf.Attrs["kubernetes"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Kubernetes"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Kubernetes = nil + if !v.Null && !v.Unknown { + tf := v + obj.Kubernetes = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Kubernetes{} + obj := obj.Kubernetes + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Allow = make([]*github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Kubernetes_Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Kubernetes_Rule + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Kubernetes_Rule{} + obj := t + { + a, ok := tf.Attrs["service_account"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow.ServiceAccount"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow.ServiceAccount", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ServiceAccount = t + } + } + } + } + obj.Allow[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["type"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.Type"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.Type", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t github_com_gravitational_teleport_api_types.KubernetesJoinType + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.KubernetesJoinType(v.Value) + } + obj.Type = t + } + } + } + { + a, ok := tf.Attrs["static_jwks"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.StaticJWKS = nil + if !v.Null && !v.Unknown { + tf := v + obj.StaticJWKS = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Kubernetes_StaticJWKSConfig{} + obj := obj.StaticJWKS + { + a, ok := tf.Attrs["jwks"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS.JWKS"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS.JWKS", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.JWKS = t + } + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["azure"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Azure"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Azure", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Azure = nil + if !v.Null && !v.Unknown { + tf := v + obj.Azure = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Azure{} + obj := obj.Azure + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Azure.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Allow = make([]*github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Azure_Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Azure_Rule + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Azure_Rule{} + obj := t + { + a, ok := tf.Attrs["subscription"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Azure.Allow.Subscription"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow.Subscription", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Subscription = t + } + } + } + { + a, ok := tf.Attrs["resource_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Azure.Allow.ResourceGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow.ResourceGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ResourceGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow.ResourceGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ResourceGroups[k] = t + } + } + } + } + } + } + } + obj.Allow[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["gitlab"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.GitLab = nil + if !v.Null && !v.Unknown { + tf := v + obj.GitLab = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GitLab{} + obj := obj.GitLab + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Allow = make([]*github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GitLab_Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GitLab_Rule + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GitLab_Rule{} + obj := t + { + a, ok := tf.Attrs["sub"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Sub"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Sub", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Sub = t + } + } + } + { + a, ok := tf.Attrs["ref"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Ref"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Ref", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Ref = t + } + } + } + { + a, ok := tf.Attrs["ref_type"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.RefType"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.RefType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.RefType = t + } + } + } + { + a, ok := tf.Attrs["namespace_path"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.NamespacePath"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.NamespacePath", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.NamespacePath = t + } + } + } + { + a, ok := tf.Attrs["project_path"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectPath"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectPath", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ProjectPath = t + } + } + } + { + a, ok := tf.Attrs["pipeline_source"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.PipelineSource"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.PipelineSource", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PipelineSource = t + } + } + } + { + a, ok := tf.Attrs["environment"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Environment"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Environment", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Environment = t + } + } + } + { + a, ok := tf.Attrs["user_login"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserLogin"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserLogin", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.UserLogin = t + } + } + } + { + a, ok := tf.Attrs["user_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.UserID = t + } + } + } + { + a, ok := tf.Attrs["user_email"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserEmail"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserEmail", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.UserEmail = t + } + } + } + { + a, ok := tf.Attrs["ref_protected"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.RefProtected"}) + } + CopyFromBoolOption(diags, a, &obj.RefProtected) + } + { + a, ok := tf.Attrs["environment_protected"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.EnvironmentProtected"}) + } + CopyFromBoolOption(diags, a, &obj.EnvironmentProtected) + } + { + a, ok := tf.Attrs["ci_config_sha"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigSHA"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigSHA", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CIConfigSHA = t + } + } + } + { + a, ok := tf.Attrs["ci_config_ref_uri"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigRefURI"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigRefURI", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CIConfigRefURI = t + } + } + } + { + a, ok := tf.Attrs["deployment_tier"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.DeploymentTier"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.DeploymentTier", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DeploymentTier = t + } + } + } + { + a, ok := tf.Attrs["project_visibility"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectVisibility"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectVisibility", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ProjectVisibility = t + } + } + } + } + obj.Allow[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["domain"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GitLab.Domain"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Domain", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Domain = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["gcp"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GCP"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.GCP = nil + if !v.Null && !v.Unknown { + tf := v + obj.GCP = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GCP{} + obj := obj.GCP + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GCP.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Allow = make([]*github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GCP_Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GCP_Rule + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2GCP_Rule{} + obj := t + { + a, ok := tf.Attrs["project_ids"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GCP.Allow.ProjectIDs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.ProjectIDs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ProjectIDs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.ProjectIDs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ProjectIDs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["locations"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GCP.Allow.Locations"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.Locations", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Locations = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.Locations", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Locations[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["service_accounts"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.GCP.Allow.ServiceAccounts"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.ServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ServiceAccounts = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.ServiceAccounts", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ServiceAccounts[k] = t + } + } + } + } + } + } + } + obj.Allow[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spacelift"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Spacelift"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spacelift = nil + if !v.Null && !v.Unknown { + tf := v + obj.Spacelift = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Spacelift{} + obj := obj.Spacelift + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Allow = make([]*github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Spacelift_Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Spacelift_Rule + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.ProvisionTokenSpecV2Spacelift_Rule{} + obj := t + { + a, ok := tf.Attrs["space_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.SpaceID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.SpaceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SpaceID = t + } + } + } + { + a, ok := tf.Attrs["caller_id"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CallerID = t + } + } + } + { + a, ok := tf.Attrs["caller_type"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerType"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CallerType = t + } + } + } + { + a, ok := tf.Attrs["scope"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.Scope"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.Scope", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Scope = t + } + } + } + } + obj.Allow[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["hostname"] + if !ok { + diags.Append(attrReadMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Hostname"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Hostname", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Hostname = t + } + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyProvisionTokenV2ToTerraform copies contents of the source Terraform object into a target struct +func CopyProvisionTokenV2ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.ProvisionTokenV2, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + } + if obj.Allow != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Allow) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + for k, a := range obj.Allow { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["aws_account"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Allow.AWSAccount"}) + } else { + v, ok := tf.Attrs["aws_account"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Allow.AWSAccount", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSAccount", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AWSAccount) == "" + } + v.Value = string(obj.AWSAccount) + v.Unknown = false + tf.Attrs["aws_account"] = v + } + } + { + a, ok := tf.AttrTypes["aws_regions"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Allow.AWSRegions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSRegions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["aws_regions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRegions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRegions)) + } + } + if obj.AWSRegions != nil { + t := o.ElemType + if len(obj.AWSRegions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRegions)) + } + for k, a := range obj.AWSRegions { + v, ok := tf.Attrs["aws_regions"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Allow.AWSRegions", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSRegions", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AWSRegions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["aws_regions"] = c + } + } + } + { + t, ok := tf.AttrTypes["aws_role"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Allow.AWSRole"}) + } else { + v, ok := tf.Attrs["aws_role"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Allow.AWSRole", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSRole", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AWSRole) == "" + } + v.Value = string(obj.AWSRole) + v.Unknown = false + tf.Attrs["aws_role"] = v + } + } + { + t, ok := tf.AttrTypes["aws_arn"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Allow.AWSARN"}) + } else { + v, ok := tf.Attrs["aws_arn"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Allow.AWSARN", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Allow.AWSARN", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AWSARN) == "" + } + v.Value = string(obj.AWSARN) + v.Unknown = false + tf.Attrs["aws_arn"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Allow) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["allow"] = c + } + } + } + { + t, ok := tf.AttrTypes["aws_iid_ttl"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.AWSIIDTTL"}) + } else { + v, ok := tf.Attrs["aws_iid_ttl"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.AWSIIDTTL", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.AWSIIDTTL", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.AWSIIDTTL) + v.Unknown = false + tf.Attrs["aws_iid_ttl"] = v + } + } + { + t, ok := tf.AttrTypes["join_method"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.JoinMethod"}) + } else { + v, ok := tf.Attrs["join_method"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.JoinMethod", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.JoinMethod", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.JoinMethod) == "" + } + v.Value = string(obj.JoinMethod) + v.Unknown = false + tf.Attrs["join_method"] = v + } + } + { + t, ok := tf.AttrTypes["bot_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.BotName"}) + } else { + v, ok := tf.Attrs["bot_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.BotName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.BotName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.BotName) == "" + } + v.Value = string(obj.BotName) + v.Unknown = false + tf.Attrs["bot_name"] = v + } + } + { + t, ok := tf.AttrTypes["suggested_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.SuggestedLabels"}) + } else { + v := CopyToLabels(diags, obj.SuggestedLabels, t, tf.Attrs["suggested_labels"]) + tf.Attrs["suggested_labels"] = v + } + } + { + a, ok := tf.AttrTypes["github"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["github"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.GitHub == nil { + v.Null = true + } else { + obj := obj.GitHub + tf := &v + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + } + if obj.Allow != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Allow) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + for k, a := range obj.Allow { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["sub"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Sub"}) + } else { + v, ok := tf.Attrs["sub"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.Allow.Sub", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Sub", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Sub) == "" + } + v.Value = string(obj.Sub) + v.Unknown = false + tf.Attrs["sub"] = v + } + } + { + t, ok := tf.AttrTypes["repository"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Repository"}) + } else { + v, ok := tf.Attrs["repository"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.Allow.Repository", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Repository", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Repository) == "" + } + v.Value = string(obj.Repository) + v.Unknown = false + tf.Attrs["repository"] = v + } + } + { + t, ok := tf.AttrTypes["repository_owner"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.RepositoryOwner"}) + } else { + v, ok := tf.Attrs["repository_owner"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.Allow.RepositoryOwner", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.RepositoryOwner", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.RepositoryOwner) == "" + } + v.Value = string(obj.RepositoryOwner) + v.Unknown = false + tf.Attrs["repository_owner"] = v + } + } + { + t, ok := tf.AttrTypes["workflow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Workflow"}) + } else { + v, ok := tf.Attrs["workflow"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.Allow.Workflow", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Workflow", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Workflow) == "" + } + v.Value = string(obj.Workflow) + v.Unknown = false + tf.Attrs["workflow"] = v + } + } + { + t, ok := tf.AttrTypes["environment"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Environment"}) + } else { + v, ok := tf.Attrs["environment"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.Allow.Environment", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Environment", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Environment) == "" + } + v.Value = string(obj.Environment) + v.Unknown = false + tf.Attrs["environment"] = v + } + } + { + t, ok := tf.AttrTypes["actor"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Actor"}) + } else { + v, ok := tf.Attrs["actor"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.Allow.Actor", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Actor", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Actor) == "" + } + v.Value = string(obj.Actor) + v.Unknown = false + tf.Attrs["actor"] = v + } + } + { + t, ok := tf.AttrTypes["ref"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Ref"}) + } else { + v, ok := tf.Attrs["ref"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.Allow.Ref", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.Ref", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Ref) == "" + } + v.Value = string(obj.Ref) + v.Unknown = false + tf.Attrs["ref"] = v + } + } + { + t, ok := tf.AttrTypes["ref_type"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.Allow.RefType"}) + } else { + v, ok := tf.Attrs["ref_type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.Allow.RefType", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.Allow.RefType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.RefType) == "" + } + v.Value = string(obj.RefType) + v.Unknown = false + tf.Attrs["ref_type"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Allow) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["allow"] = c + } + } + } + { + t, ok := tf.AttrTypes["enterprise_server_host"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.EnterpriseServerHost"}) + } else { + v, ok := tf.Attrs["enterprise_server_host"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.EnterpriseServerHost", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.EnterpriseServerHost", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EnterpriseServerHost) == "" + } + v.Value = string(obj.EnterpriseServerHost) + v.Unknown = false + tf.Attrs["enterprise_server_host"] = v + } + } + { + t, ok := tf.AttrTypes["enterprise_slug"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitHub.EnterpriseSlug"}) + } else { + v, ok := tf.Attrs["enterprise_slug"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitHub.EnterpriseSlug", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitHub.EnterpriseSlug", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EnterpriseSlug) == "" + } + v.Value = string(obj.EnterpriseSlug) + v.Unknown = false + tf.Attrs["enterprise_slug"] = v + } + } + } + v.Unknown = false + tf.Attrs["github"] = v + } + } + } + { + a, ok := tf.AttrTypes["circleci"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.CircleCI"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["circleci"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.CircleCI == nil { + v.Null = true + } else { + obj := obj.CircleCI + tf := &v + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.CircleCI.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + } + if obj.Allow != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Allow) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + for k, a := range obj.Allow { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["project_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.CircleCI.Allow.ProjectID"}) + } else { + v, ok := tf.Attrs["project_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.CircleCI.Allow.ProjectID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.Allow.ProjectID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ProjectID) == "" + } + v.Value = string(obj.ProjectID) + v.Unknown = false + tf.Attrs["project_id"] = v + } + } + { + t, ok := tf.AttrTypes["context_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.CircleCI.Allow.ContextID"}) + } else { + v, ok := tf.Attrs["context_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.CircleCI.Allow.ContextID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.Allow.ContextID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ContextID) == "" + } + v.Value = string(obj.ContextID) + v.Unknown = false + tf.Attrs["context_id"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Allow) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["allow"] = c + } + } + } + { + t, ok := tf.AttrTypes["organization_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.CircleCI.OrganizationID"}) + } else { + v, ok := tf.Attrs["organization_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.CircleCI.OrganizationID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.CircleCI.OrganizationID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.OrganizationID) == "" + } + v.Value = string(obj.OrganizationID) + v.Unknown = false + tf.Attrs["organization_id"] = v + } + } + } + v.Unknown = false + tf.Attrs["circleci"] = v + } + } + } + { + t, ok := tf.AttrTypes["suggested_agent_matcher_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.SuggestedAgentMatcherLabels"}) + } else { + v := CopyToLabels(diags, obj.SuggestedAgentMatcherLabels, t, tf.Attrs["suggested_agent_matcher_labels"]) + tf.Attrs["suggested_agent_matcher_labels"] = v + } + } + { + a, ok := tf.AttrTypes["kubernetes"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Kubernetes"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["kubernetes"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Kubernetes == nil { + v.Null = true + } else { + obj := obj.Kubernetes + tf := &v + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + } + if obj.Allow != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Allow) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + for k, a := range obj.Allow { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["service_account"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow.ServiceAccount"}) + } else { + v, ok := tf.Attrs["service_account"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Kubernetes.Allow.ServiceAccount", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.Allow.ServiceAccount", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ServiceAccount) == "" + } + v.Value = string(obj.ServiceAccount) + v.Unknown = false + tf.Attrs["service_account"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Allow) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["allow"] = c + } + } + } + { + t, ok := tf.AttrTypes["type"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.Type"}) + } else { + v, ok := tf.Attrs["type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Kubernetes.Type", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.Type", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Type) == "" + } + v.Value = string(obj.Type) + v.Unknown = false + tf.Attrs["type"] = v + } + } + { + a, ok := tf.AttrTypes["static_jwks"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["static_jwks"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.StaticJWKS == nil { + v.Null = true + } else { + obj := obj.StaticJWKS + tf := &v + { + t, ok := tf.AttrTypes["jwks"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS.JWKS"}) + } else { + v, ok := tf.Attrs["jwks"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS.JWKS", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Kubernetes.StaticJWKS.JWKS", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.JWKS) == "" + } + v.Value = string(obj.JWKS) + v.Unknown = false + tf.Attrs["jwks"] = v + } + } + } + v.Unknown = false + tf.Attrs["static_jwks"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["kubernetes"] = v + } + } + } + { + a, ok := tf.AttrTypes["azure"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Azure"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Azure", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["azure"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Azure == nil { + v.Null = true + } else { + obj := obj.Azure + tf := &v + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Azure.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + } + if obj.Allow != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Allow) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + for k, a := range obj.Allow { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["subscription"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Azure.Allow.Subscription"}) + } else { + v, ok := tf.Attrs["subscription"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Azure.Allow.Subscription", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow.Subscription", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Subscription) == "" + } + v.Value = string(obj.Subscription) + v.Unknown = false + tf.Attrs["subscription"] = v + } + } + { + a, ok := tf.AttrTypes["resource_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Azure.Allow.ResourceGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow.ResourceGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["resource_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ResourceGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ResourceGroups)) + } + } + if obj.ResourceGroups != nil { + t := o.ElemType + if len(obj.ResourceGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ResourceGroups)) + } + for k, a := range obj.ResourceGroups { + v, ok := tf.Attrs["resource_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Azure.Allow.ResourceGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Azure.Allow.ResourceGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ResourceGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["resource_groups"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Allow) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["allow"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["azure"] = v + } + } + } + { + a, ok := tf.AttrTypes["gitlab"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["gitlab"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.GitLab == nil { + v.Null = true + } else { + obj := obj.GitLab + tf := &v + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + } + if obj.Allow != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Allow) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + for k, a := range obj.Allow { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["sub"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Sub"}) + } else { + v, ok := tf.Attrs["sub"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.Sub", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Sub", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Sub) == "" + } + v.Value = string(obj.Sub) + v.Unknown = false + tf.Attrs["sub"] = v + } + } + { + t, ok := tf.AttrTypes["ref"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Ref"}) + } else { + v, ok := tf.Attrs["ref"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.Ref", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Ref", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Ref) == "" + } + v.Value = string(obj.Ref) + v.Unknown = false + tf.Attrs["ref"] = v + } + } + { + t, ok := tf.AttrTypes["ref_type"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.RefType"}) + } else { + v, ok := tf.Attrs["ref_type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.RefType", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.RefType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.RefType) == "" + } + v.Value = string(obj.RefType) + v.Unknown = false + tf.Attrs["ref_type"] = v + } + } + { + t, ok := tf.AttrTypes["namespace_path"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.NamespacePath"}) + } else { + v, ok := tf.Attrs["namespace_path"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.NamespacePath", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.NamespacePath", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.NamespacePath) == "" + } + v.Value = string(obj.NamespacePath) + v.Unknown = false + tf.Attrs["namespace_path"] = v + } + } + { + t, ok := tf.AttrTypes["project_path"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectPath"}) + } else { + v, ok := tf.Attrs["project_path"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectPath", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectPath", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ProjectPath) == "" + } + v.Value = string(obj.ProjectPath) + v.Unknown = false + tf.Attrs["project_path"] = v + } + } + { + t, ok := tf.AttrTypes["pipeline_source"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.PipelineSource"}) + } else { + v, ok := tf.Attrs["pipeline_source"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.PipelineSource", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.PipelineSource", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.PipelineSource) == "" + } + v.Value = string(obj.PipelineSource) + v.Unknown = false + tf.Attrs["pipeline_source"] = v + } + } + { + t, ok := tf.AttrTypes["environment"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Environment"}) + } else { + v, ok := tf.Attrs["environment"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.Environment", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.Environment", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Environment) == "" + } + v.Value = string(obj.Environment) + v.Unknown = false + tf.Attrs["environment"] = v + } + } + { + t, ok := tf.AttrTypes["user_login"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserLogin"}) + } else { + v, ok := tf.Attrs["user_login"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.UserLogin", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserLogin", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.UserLogin) == "" + } + v.Value = string(obj.UserLogin) + v.Unknown = false + tf.Attrs["user_login"] = v + } + } + { + t, ok := tf.AttrTypes["user_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserID"}) + } else { + v, ok := tf.Attrs["user_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.UserID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.UserID) == "" + } + v.Value = string(obj.UserID) + v.Unknown = false + tf.Attrs["user_id"] = v + } + } + { + t, ok := tf.AttrTypes["user_email"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserEmail"}) + } else { + v, ok := tf.Attrs["user_email"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.UserEmail", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.UserEmail", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.UserEmail) == "" + } + v.Value = string(obj.UserEmail) + v.Unknown = false + tf.Attrs["user_email"] = v + } + } + { + t, ok := tf.AttrTypes["ref_protected"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.RefProtected"}) + } else { + v := CopyToBoolOption(diags, obj.RefProtected, t, tf.Attrs["ref_protected"]) + tf.Attrs["ref_protected"] = v + } + } + { + t, ok := tf.AttrTypes["environment_protected"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.EnvironmentProtected"}) + } else { + v := CopyToBoolOption(diags, obj.EnvironmentProtected, t, tf.Attrs["environment_protected"]) + tf.Attrs["environment_protected"] = v + } + } + { + t, ok := tf.AttrTypes["ci_config_sha"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigSHA"}) + } else { + v, ok := tf.Attrs["ci_config_sha"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigSHA", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigSHA", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CIConfigSHA) == "" + } + v.Value = string(obj.CIConfigSHA) + v.Unknown = false + tf.Attrs["ci_config_sha"] = v + } + } + { + t, ok := tf.AttrTypes["ci_config_ref_uri"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigRefURI"}) + } else { + v, ok := tf.Attrs["ci_config_ref_uri"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigRefURI", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.CIConfigRefURI", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CIConfigRefURI) == "" + } + v.Value = string(obj.CIConfigRefURI) + v.Unknown = false + tf.Attrs["ci_config_ref_uri"] = v + } + } + { + t, ok := tf.AttrTypes["deployment_tier"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.DeploymentTier"}) + } else { + v, ok := tf.Attrs["deployment_tier"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.DeploymentTier", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.DeploymentTier", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DeploymentTier) == "" + } + v.Value = string(obj.DeploymentTier) + v.Unknown = false + tf.Attrs["deployment_tier"] = v + } + } + { + t, ok := tf.AttrTypes["project_visibility"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectVisibility"}) + } else { + v, ok := tf.Attrs["project_visibility"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectVisibility", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Allow.ProjectVisibility", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ProjectVisibility) == "" + } + v.Value = string(obj.ProjectVisibility) + v.Unknown = false + tf.Attrs["project_visibility"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Allow) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["allow"] = c + } + } + } + { + t, ok := tf.AttrTypes["domain"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GitLab.Domain"}) + } else { + v, ok := tf.Attrs["domain"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GitLab.Domain", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GitLab.Domain", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Domain) == "" + } + v.Value = string(obj.Domain) + v.Unknown = false + tf.Attrs["domain"] = v + } + } + } + v.Unknown = false + tf.Attrs["gitlab"] = v + } + } + } + { + a, ok := tf.AttrTypes["gcp"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GCP"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GCP", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["gcp"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.GCP == nil { + v.Null = true + } else { + obj := obj.GCP + tf := &v + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GCP.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + } + if obj.Allow != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Allow) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + for k, a := range obj.Allow { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["project_ids"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GCP.Allow.ProjectIDs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.ProjectIDs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["project_ids"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ProjectIDs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ProjectIDs)) + } + } + if obj.ProjectIDs != nil { + t := o.ElemType + if len(obj.ProjectIDs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ProjectIDs)) + } + for k, a := range obj.ProjectIDs { + v, ok := tf.Attrs["project_ids"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GCP.Allow.ProjectIDs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.ProjectIDs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ProjectIDs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["project_ids"] = c + } + } + } + { + a, ok := tf.AttrTypes["locations"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GCP.Allow.Locations"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.Locations", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["locations"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Locations)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Locations)) + } + } + if obj.Locations != nil { + t := o.ElemType + if len(obj.Locations) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Locations)) + } + for k, a := range obj.Locations { + v, ok := tf.Attrs["locations"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GCP.Allow.Locations", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.Locations", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Locations) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["locations"] = c + } + } + } + { + a, ok := tf.AttrTypes["service_accounts"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.GCP.Allow.ServiceAccounts"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.ServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["service_accounts"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ServiceAccounts)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ServiceAccounts)) + } + } + if obj.ServiceAccounts != nil { + t := o.ElemType + if len(obj.ServiceAccounts) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ServiceAccounts)) + } + for k, a := range obj.ServiceAccounts { + v, ok := tf.Attrs["service_accounts"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.GCP.Allow.ServiceAccounts", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.GCP.Allow.ServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ServiceAccounts) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["service_accounts"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Allow) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["allow"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["gcp"] = v + } + } + } + { + a, ok := tf.AttrTypes["spacelift"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Spacelift"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spacelift"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Spacelift == nil { + v.Null = true + } else { + obj := obj.Spacelift + tf := &v + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + } + if obj.Allow != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Allow) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Allow)) + } + for k, a := range obj.Allow { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["space_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.SpaceID"}) + } else { + v, ok := tf.Attrs["space_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Spacelift.Allow.SpaceID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.SpaceID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SpaceID) == "" + } + v.Value = string(obj.SpaceID) + v.Unknown = false + tf.Attrs["space_id"] = v + } + } + { + t, ok := tf.AttrTypes["caller_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerID"}) + } else { + v, ok := tf.Attrs["caller_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CallerID) == "" + } + v.Value = string(obj.CallerID) + v.Unknown = false + tf.Attrs["caller_id"] = v + } + } + { + t, ok := tf.AttrTypes["caller_type"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerType"}) + } else { + v, ok := tf.Attrs["caller_type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerType", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.CallerType", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CallerType) == "" + } + v.Value = string(obj.CallerType) + v.Unknown = false + tf.Attrs["caller_type"] = v + } + } + { + t, ok := tf.AttrTypes["scope"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.Scope"}) + } else { + v, ok := tf.Attrs["scope"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Spacelift.Allow.Scope", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Allow.Scope", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Scope) == "" + } + v.Value = string(obj.Scope) + v.Unknown = false + tf.Attrs["scope"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Allow) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["allow"] = c + } + } + } + { + t, ok := tf.AttrTypes["hostname"] + if !ok { + diags.Append(attrWriteMissingDiag{"ProvisionTokenV2.Spec.Spacelift.Hostname"}) + } else { + v, ok := tf.Attrs["hostname"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ProvisionTokenV2.Spec.Spacelift.Hostname", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ProvisionTokenV2.Spec.Spacelift.Hostname", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Hostname) == "" + } + v.Value = string(obj.Hostname) + v.Unknown = false + tf.Attrs["hostname"] = v + } + } + } + v.Unknown = false + tf.Attrs["spacelift"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyClusterNetworkingConfigV2FromTerraform copies contents of the source Terraform object into a target struct +func CopyClusterNetworkingConfigV2FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.ClusterNetworkingConfigV2) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.ClusterNetworkingConfigSpecV2{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["client_idle_timeout"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeout"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeout", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.ClientIdleTimeout = t + } + } + } + { + a, ok := tf.Attrs["keep_alive_interval"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.KeepAliveInterval"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.KeepAliveInterval", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.KeepAliveInterval = t + } + } + } + { + a, ok := tf.Attrs["keep_alive_count_max"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.KeepAliveCountMax"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.KeepAliveCountMax", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int64 + if !v.Null && !v.Unknown { + t = int64(v.Value) + } + obj.KeepAliveCountMax = t + } + } + } + { + a, ok := tf.Attrs["session_control_timeout"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.SessionControlTimeout"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.SessionControlTimeout", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.SessionControlTimeout = t + } + } + } + { + a, ok := tf.Attrs["idle_timeout_message"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeoutMessage"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeoutMessage", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClientIdleTimeoutMessage = t + } + } + } + { + a, ok := tf.Attrs["web_idle_timeout"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.WebIdleTimeout"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.WebIdleTimeout", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.WebIdleTimeout = t + } + } + } + { + a, ok := tf.Attrs["proxy_listener_mode"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.ProxyListenerMode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.ProxyListenerMode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.ProxyListenerMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.ProxyListenerMode(v.Value) + } + obj.ProxyListenerMode = t + } + } + } + { + a, ok := tf.Attrs["routing_strategy"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.RoutingStrategy"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.RoutingStrategy", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.RoutingStrategy + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.RoutingStrategy(v.Value) + } + obj.RoutingStrategy = t + } + } + } + { + a, ok := tf.Attrs["tunnel_strategy"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.TunnelStrategy = nil + if !v.Null && !v.Unknown { + tf := v + obj.TunnelStrategy = &github_com_gravitational_teleport_api_types.TunnelStrategyV1{} + obj := obj.TunnelStrategy + obj.Strategy = nil + { + a, ok := tf.Attrs["agent_mesh"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.AgentMesh"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.AgentMesh", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + if !v.Null && !v.Unknown { + b := &github_com_gravitational_teleport_api_types.AgentMeshTunnelStrategy{} + obj.Strategy = &github_com_gravitational_teleport_api_types.TunnelStrategyV1_AgentMesh{AgentMesh: b} + } + } + } + } + { + a, ok := tf.Attrs["proxy_peering"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + if !v.Null && !v.Unknown { + b := &github_com_gravitational_teleport_api_types.ProxyPeeringTunnelStrategy{} + obj.Strategy = &github_com_gravitational_teleport_api_types.TunnelStrategyV1_ProxyPeering{ProxyPeering: b} + obj := b + tf := v + { + a, ok := tf.Attrs["agent_connection_count"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering.AgentConnectionCount"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering.AgentConnectionCount", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int64 + if !v.Null && !v.Unknown { + t = int64(v.Value) + } + obj.AgentConnectionCount = t + } + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["proxy_ping_interval"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.ProxyPingInterval"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.ProxyPingInterval", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.ProxyPingInterval = t + } + } + } + { + a, ok := tf.Attrs["assist_command_execution_workers"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.AssistCommandExecutionWorkers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.AssistCommandExecutionWorkers", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int32 + if !v.Null && !v.Unknown { + t = int32(v.Value) + } + obj.AssistCommandExecutionWorkers = t + } + } + } + { + a, ok := tf.Attrs["case_insensitive_routing"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterNetworkingConfigV2.Spec.CaseInsensitiveRouting"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.CaseInsensitiveRouting", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.CaseInsensitiveRouting = t + } + } + } + } + } + } + } + return diags +} + +// CopyClusterNetworkingConfigV2ToTerraform copies contents of the source Terraform object into a target struct +func CopyClusterNetworkingConfigV2ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.ClusterNetworkingConfigV2, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["client_idle_timeout"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeout"}) + } else { + v, ok := tf.Attrs["client_idle_timeout"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeout", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeout", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.ClientIdleTimeout) + v.Unknown = false + tf.Attrs["client_idle_timeout"] = v + } + } + { + t, ok := tf.AttrTypes["keep_alive_interval"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.KeepAliveInterval"}) + } else { + v, ok := tf.Attrs["keep_alive_interval"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.KeepAliveInterval", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.KeepAliveInterval", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.KeepAliveInterval) + v.Unknown = false + tf.Attrs["keep_alive_interval"] = v + } + } + { + t, ok := tf.AttrTypes["keep_alive_count_max"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.KeepAliveCountMax"}) + } else { + v, ok := tf.Attrs["keep_alive_count_max"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.KeepAliveCountMax", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.KeepAliveCountMax", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.KeepAliveCountMax) == 0 + } + v.Value = int64(obj.KeepAliveCountMax) + v.Unknown = false + tf.Attrs["keep_alive_count_max"] = v + } + } + { + t, ok := tf.AttrTypes["session_control_timeout"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.SessionControlTimeout"}) + } else { + v, ok := tf.Attrs["session_control_timeout"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.SessionControlTimeout", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.SessionControlTimeout", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.SessionControlTimeout) + v.Unknown = false + tf.Attrs["session_control_timeout"] = v + } + } + { + t, ok := tf.AttrTypes["idle_timeout_message"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeoutMessage"}) + } else { + v, ok := tf.Attrs["idle_timeout_message"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeoutMessage", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.ClientIdleTimeoutMessage", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClientIdleTimeoutMessage) == "" + } + v.Value = string(obj.ClientIdleTimeoutMessage) + v.Unknown = false + tf.Attrs["idle_timeout_message"] = v + } + } + { + t, ok := tf.AttrTypes["web_idle_timeout"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.WebIdleTimeout"}) + } else { + v, ok := tf.Attrs["web_idle_timeout"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.WebIdleTimeout", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.WebIdleTimeout", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.WebIdleTimeout) + v.Unknown = false + tf.Attrs["web_idle_timeout"] = v + } + } + { + t, ok := tf.AttrTypes["proxy_listener_mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.ProxyListenerMode"}) + } else { + v, ok := tf.Attrs["proxy_listener_mode"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.ProxyListenerMode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.ProxyListenerMode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.ProxyListenerMode) == 0 + } + v.Value = int64(obj.ProxyListenerMode) + v.Unknown = false + tf.Attrs["proxy_listener_mode"] = v + } + } + { + t, ok := tf.AttrTypes["routing_strategy"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.RoutingStrategy"}) + } else { + v, ok := tf.Attrs["routing_strategy"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.RoutingStrategy", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.RoutingStrategy", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.RoutingStrategy) == 0 + } + v.Value = int64(obj.RoutingStrategy) + v.Unknown = false + tf.Attrs["routing_strategy"] = v + } + } + { + a, ok := tf.AttrTypes["tunnel_strategy"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["tunnel_strategy"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.TunnelStrategy == nil { + v.Null = true + } else { + obj := obj.TunnelStrategy + tf := &v + { + a, ok := tf.AttrTypes["agent_mesh"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.AgentMesh"}) + } else { + obj, ok := obj.Strategy.(*github_com_gravitational_teleport_api_types.TunnelStrategyV1_AgentMesh) + if !ok { + obj = &github_com_gravitational_teleport_api_types.TunnelStrategyV1_AgentMesh{} + } + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.AgentMesh", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["agent_mesh"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.AgentMesh == nil { + v.Null = true + } else { + tf := &v + { + t, ok := tf.AttrTypes["active"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.AgentMesh.active"}) + } else { + v, ok := tf.Attrs["active"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.AgentMesh.active", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.AgentMesh.active", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = true + } + v.Unknown = false + tf.Attrs["active"] = v + } + } + } + v.Unknown = false + tf.Attrs["agent_mesh"] = v + } + } + } + { + a, ok := tf.AttrTypes["proxy_peering"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering"}) + } else { + obj, ok := obj.Strategy.(*github_com_gravitational_teleport_api_types.TunnelStrategyV1_ProxyPeering) + if !ok { + obj = &github_com_gravitational_teleport_api_types.TunnelStrategyV1_ProxyPeering{} + } + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["proxy_peering"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.ProxyPeering == nil { + v.Null = true + } else { + obj := obj.ProxyPeering + tf := &v + { + t, ok := tf.AttrTypes["agent_connection_count"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering.AgentConnectionCount"}) + } else { + v, ok := tf.Attrs["agent_connection_count"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering.AgentConnectionCount", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.TunnelStrategy.ProxyPeering.AgentConnectionCount", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.AgentConnectionCount) == 0 + } + v.Value = int64(obj.AgentConnectionCount) + v.Unknown = false + tf.Attrs["agent_connection_count"] = v + } + } + } + v.Unknown = false + tf.Attrs["proxy_peering"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["tunnel_strategy"] = v + } + } + } + { + t, ok := tf.AttrTypes["proxy_ping_interval"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.ProxyPingInterval"}) + } else { + v, ok := tf.Attrs["proxy_ping_interval"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.ProxyPingInterval", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.ProxyPingInterval", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.ProxyPingInterval) + v.Unknown = false + tf.Attrs["proxy_ping_interval"] = v + } + } + { + t, ok := tf.AttrTypes["assist_command_execution_workers"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.AssistCommandExecutionWorkers"}) + } else { + v, ok := tf.Attrs["assist_command_execution_workers"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.AssistCommandExecutionWorkers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.AssistCommandExecutionWorkers", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.AssistCommandExecutionWorkers) == 0 + } + v.Value = int64(obj.AssistCommandExecutionWorkers) + v.Unknown = false + tf.Attrs["assist_command_execution_workers"] = v + } + } + { + t, ok := tf.AttrTypes["case_insensitive_routing"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterNetworkingConfigV2.Spec.CaseInsensitiveRouting"}) + } else { + v, ok := tf.Attrs["case_insensitive_routing"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterNetworkingConfigV2.Spec.CaseInsensitiveRouting", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterNetworkingConfigV2.Spec.CaseInsensitiveRouting", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.CaseInsensitiveRouting) == false + } + v.Value = bool(obj.CaseInsensitiveRouting) + v.Unknown = false + tf.Attrs["case_insensitive_routing"] = v + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopySessionRecordingConfigV2FromTerraform copies contents of the source Terraform object into a target struct +func CopySessionRecordingConfigV2FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.SessionRecordingConfigV2) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.SessionRecordingConfigSpecV2{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["mode"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Spec.Mode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SessionRecordingConfigV2.Spec.Mode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Mode = t + } + } + } + { + a, ok := tf.Attrs["proxy_checks_host_keys"] + if !ok { + diags.Append(attrReadMissingDiag{"SessionRecordingConfigV2.Spec.ProxyChecksHostKeys"}) + } + CopyFromBoolOption(diags, a, &obj.ProxyChecksHostKeys) + } + } + } + } + } + return diags +} + +// CopySessionRecordingConfigV2ToTerraform copies contents of the source Terraform object into a target struct +func CopySessionRecordingConfigV2ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.SessionRecordingConfigV2, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Spec.Mode"}) + } else { + v, ok := tf.Attrs["mode"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SessionRecordingConfigV2.Spec.Mode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SessionRecordingConfigV2.Spec.Mode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Mode) == "" + } + v.Value = string(obj.Mode) + v.Unknown = false + tf.Attrs["mode"] = v + } + } + { + t, ok := tf.AttrTypes["proxy_checks_host_keys"] + if !ok { + diags.Append(attrWriteMissingDiag{"SessionRecordingConfigV2.Spec.ProxyChecksHostKeys"}) + } else { + v := CopyToBoolOption(diags, obj.ProxyChecksHostKeys, t, tf.Attrs["proxy_checks_host_keys"]) + tf.Attrs["proxy_checks_host_keys"] = v + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyAuthPreferenceV2FromTerraform copies contents of the source Terraform object into a target struct +func CopyAuthPreferenceV2FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.AuthPreferenceV2) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.AuthPreferenceSpecV2{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["type"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.Type"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Type", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Type = t + } + } + } + { + a, ok := tf.Attrs["second_factor"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.SecondFactor"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.SecondFactor", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t github_com_gravitational_teleport_api_constants.SecondFactorType + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_constants.SecondFactorType(v.Value) + } + obj.SecondFactor = t + } + } + } + { + a, ok := tf.Attrs["connector_name"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.ConnectorName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.ConnectorName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ConnectorName = t + } + } + } + { + a, ok := tf.Attrs["u2f"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.U2F"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.U2F", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.U2F = nil + if !v.Null && !v.Unknown { + tf := v + obj.U2F = &github_com_gravitational_teleport_api_types.U2F{} + obj := obj.U2F + { + a, ok := tf.Attrs["app_id"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.U2F.AppID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.AppID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AppID = t + } + } + } + { + a, ok := tf.Attrs["facets"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.U2F.Facets"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.Facets", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Facets = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.Facets", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Facets[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["device_attestation_cas"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.U2F.DeviceAttestationCAs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.DeviceAttestationCAs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DeviceAttestationCAs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.DeviceAttestationCAs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DeviceAttestationCAs[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["disconnect_expired_cert"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.DisconnectExpiredCert"}) + } + CopyFromBoolOption(diags, a, &obj.DisconnectExpiredCert) + } + { + a, ok := tf.Attrs["allow_local_auth"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.AllowLocalAuth"}) + } + CopyFromBoolOption(diags, a, &obj.AllowLocalAuth) + } + { + a, ok := tf.Attrs["message_of_the_day"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.MessageOfTheDay"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.MessageOfTheDay", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.MessageOfTheDay = t + } + } + } + { + a, ok := tf.Attrs["locking_mode"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.LockingMode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.LockingMode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t github_com_gravitational_teleport_api_constants.LockingMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_constants.LockingMode(v.Value) + } + obj.LockingMode = t + } + } + } + { + a, ok := tf.Attrs["webauthn"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.Webauthn"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Webauthn = nil + if !v.Null && !v.Unknown { + tf := v + obj.Webauthn = &github_com_gravitational_teleport_api_types.Webauthn{} + obj := obj.Webauthn + { + a, ok := tf.Attrs["rp_id"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.Webauthn.RPID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.RPID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.RPID = t + } + } + } + { + a, ok := tf.Attrs["attestation_allowed_cas"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationAllowedCAs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationAllowedCAs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AttestationAllowedCAs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationAllowedCAs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AttestationAllowedCAs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["attestation_denied_cas"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationDeniedCAs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationDeniedCAs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AttestationDeniedCAs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationDeniedCAs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AttestationDeniedCAs[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["allow_passwordless"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.AllowPasswordless"}) + } + CopyFromBoolOption(diags, a, &obj.AllowPasswordless) + } + { + a, ok := tf.Attrs["require_session_mfa"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.RequireMFAType"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.RequireMFAType", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.RequireMFAType + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.RequireMFAType(v.Value) + } + obj.RequireMFAType = t + } + } + } + { + a, ok := tf.Attrs["device_trust"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.DeviceTrust"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.DeviceTrust = nil + if !v.Null && !v.Unknown { + tf := v + obj.DeviceTrust = &github_com_gravitational_teleport_api_types.DeviceTrust{} + obj := obj.DeviceTrust + { + a, ok := tf.Attrs["mode"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.DeviceTrust.Mode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust.Mode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Mode = t + } + } + } + { + a, ok := tf.Attrs["auto_enroll"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.DeviceTrust.AutoEnroll"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust.AutoEnroll", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.AutoEnroll = t + } + } + } + { + a, ok := tf.Attrs["ekcert_allowed_cas"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.DeviceTrust.EKCertAllowedCAs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust.EKCertAllowedCAs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.EKCertAllowedCAs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust.EKCertAllowedCAs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EKCertAllowedCAs[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["idp"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.IDP"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.IDP", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.IDP = nil + if !v.Null && !v.Unknown { + tf := v + obj.IDP = &github_com_gravitational_teleport_api_types.IdPOptions{} + obj := obj.IDP + { + a, ok := tf.Attrs["saml"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.IDP.SAML"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.IDP.SAML", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.SAML = nil + if !v.Null && !v.Unknown { + tf := v + obj.SAML = &github_com_gravitational_teleport_api_types.IdPSAMLOptions{} + obj := obj.SAML + { + a, ok := tf.Attrs["enabled"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.IDP.SAML.Enabled"}) + } + CopyFromBoolOption(diags, a, &obj.Enabled) + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["allow_headless"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.AllowHeadless"}) + } + CopyFromBoolOption(diags, a, &obj.AllowHeadless) + } + { + a, ok := tf.Attrs["default_session_ttl"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.DefaultSessionTTL"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.DefaultSessionTTL", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.DefaultSessionTTL = t + } + } + } + { + a, ok := tf.Attrs["okta"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.Okta"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Okta", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Okta = nil + if !v.Null && !v.Unknown { + tf := v + obj.Okta = &github_com_gravitational_teleport_api_types.OktaOptions{} + obj := obj.Okta + { + a, ok := tf.Attrs["sync_period"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.Okta.SyncPeriod"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.Okta.SyncPeriod", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.SyncPeriod = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["piv_slot"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.PIVSlot"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.PIVSlot", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PIVSlot = t + } + } + } + { + a, ok := tf.Attrs["hardware_key"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.HardwareKey = nil + if !v.Null && !v.Unknown { + tf := v + obj.HardwareKey = &github_com_gravitational_teleport_api_types.HardwareKey{} + obj := obj.HardwareKey + { + a, ok := tf.Attrs["piv_slot"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PIVSlot = t + } + } + } + { + a, ok := tf.Attrs["serial_number_validation"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.SerialNumberValidation = nil + if !v.Null && !v.Unknown { + tf := v + obj.SerialNumberValidation = &github_com_gravitational_teleport_api_types.HardwareKeySerialNumberValidation{} + obj := obj.SerialNumberValidation + { + a, ok := tf.Attrs["enabled"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.Enabled = t + } + } + } + { + a, ok := tf.Attrs["serial_number_trait_name"] + if !ok { + diags.Append(attrReadMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SerialNumberTraitName = t + } + } + } + } + } + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyAuthPreferenceV2ToTerraform copies contents of the source Terraform object into a target struct +func CopyAuthPreferenceV2ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.AuthPreferenceV2, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["type"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.Type"}) + } else { + v, ok := tf.Attrs["type"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.Type", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Type", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Type) == "" + } + v.Value = string(obj.Type) + v.Unknown = false + tf.Attrs["type"] = v + } + } + { + t, ok := tf.AttrTypes["second_factor"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.SecondFactor"}) + } else { + v, ok := tf.Attrs["second_factor"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.SecondFactor", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.SecondFactor", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SecondFactor) == "" + } + v.Value = string(obj.SecondFactor) + v.Unknown = false + tf.Attrs["second_factor"] = v + } + } + { + t, ok := tf.AttrTypes["connector_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.ConnectorName"}) + } else { + v, ok := tf.Attrs["connector_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.ConnectorName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.ConnectorName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ConnectorName) == "" + } + v.Value = string(obj.ConnectorName) + v.Unknown = false + tf.Attrs["connector_name"] = v + } + } + { + a, ok := tf.AttrTypes["u2f"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.U2F"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.U2F", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["u2f"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.U2F == nil { + v.Null = true + } else { + obj := obj.U2F + tf := &v + { + t, ok := tf.AttrTypes["app_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.U2F.AppID"}) + } else { + v, ok := tf.Attrs["app_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.U2F.AppID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.AppID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AppID) == "" + } + v.Value = string(obj.AppID) + v.Unknown = false + tf.Attrs["app_id"] = v + } + } + { + a, ok := tf.AttrTypes["facets"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.U2F.Facets"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.Facets", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["facets"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Facets)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Facets)) + } + } + if obj.Facets != nil { + t := o.ElemType + if len(obj.Facets) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Facets)) + } + for k, a := range obj.Facets { + v, ok := tf.Attrs["facets"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.U2F.Facets", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.Facets", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Facets) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["facets"] = c + } + } + } + { + a, ok := tf.AttrTypes["device_attestation_cas"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.U2F.DeviceAttestationCAs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.DeviceAttestationCAs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["device_attestation_cas"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DeviceAttestationCAs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DeviceAttestationCAs)) + } + } + if obj.DeviceAttestationCAs != nil { + t := o.ElemType + if len(obj.DeviceAttestationCAs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DeviceAttestationCAs)) + } + for k, a := range obj.DeviceAttestationCAs { + v, ok := tf.Attrs["device_attestation_cas"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.U2F.DeviceAttestationCAs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.U2F.DeviceAttestationCAs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DeviceAttestationCAs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["device_attestation_cas"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["u2f"] = v + } + } + } + { + t, ok := tf.AttrTypes["disconnect_expired_cert"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.DisconnectExpiredCert"}) + } else { + v := CopyToBoolOption(diags, obj.DisconnectExpiredCert, t, tf.Attrs["disconnect_expired_cert"]) + tf.Attrs["disconnect_expired_cert"] = v + } + } + { + t, ok := tf.AttrTypes["allow_local_auth"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.AllowLocalAuth"}) + } else { + v := CopyToBoolOption(diags, obj.AllowLocalAuth, t, tf.Attrs["allow_local_auth"]) + tf.Attrs["allow_local_auth"] = v + } + } + { + t, ok := tf.AttrTypes["message_of_the_day"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.MessageOfTheDay"}) + } else { + v, ok := tf.Attrs["message_of_the_day"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.MessageOfTheDay", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.MessageOfTheDay", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.MessageOfTheDay) == "" + } + v.Value = string(obj.MessageOfTheDay) + v.Unknown = false + tf.Attrs["message_of_the_day"] = v + } + } + { + t, ok := tf.AttrTypes["locking_mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.LockingMode"}) + } else { + v, ok := tf.Attrs["locking_mode"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.LockingMode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.LockingMode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.LockingMode) == "" + } + v.Value = string(obj.LockingMode) + v.Unknown = false + tf.Attrs["locking_mode"] = v + } + } + { + a, ok := tf.AttrTypes["webauthn"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.Webauthn"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["webauthn"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Webauthn == nil { + v.Null = true + } else { + obj := obj.Webauthn + tf := &v + { + t, ok := tf.AttrTypes["rp_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.Webauthn.RPID"}) + } else { + v, ok := tf.Attrs["rp_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.Webauthn.RPID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.RPID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.RPID) == "" + } + v.Value = string(obj.RPID) + v.Unknown = false + tf.Attrs["rp_id"] = v + } + } + { + a, ok := tf.AttrTypes["attestation_allowed_cas"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationAllowedCAs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationAllowedCAs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["attestation_allowed_cas"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttestationAllowedCAs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttestationAllowedCAs)) + } + } + if obj.AttestationAllowedCAs != nil { + t := o.ElemType + if len(obj.AttestationAllowedCAs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttestationAllowedCAs)) + } + for k, a := range obj.AttestationAllowedCAs { + v, ok := tf.Attrs["attestation_allowed_cas"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.Webauthn.AttestationAllowedCAs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationAllowedCAs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AttestationAllowedCAs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["attestation_allowed_cas"] = c + } + } + } + { + a, ok := tf.AttrTypes["attestation_denied_cas"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationDeniedCAs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationDeniedCAs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["attestation_denied_cas"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttestationDeniedCAs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttestationDeniedCAs)) + } + } + if obj.AttestationDeniedCAs != nil { + t := o.ElemType + if len(obj.AttestationDeniedCAs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttestationDeniedCAs)) + } + for k, a := range obj.AttestationDeniedCAs { + v, ok := tf.Attrs["attestation_denied_cas"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.Webauthn.AttestationDeniedCAs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Webauthn.AttestationDeniedCAs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AttestationDeniedCAs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["attestation_denied_cas"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["webauthn"] = v + } + } + } + { + t, ok := tf.AttrTypes["allow_passwordless"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.AllowPasswordless"}) + } else { + v := CopyToBoolOption(diags, obj.AllowPasswordless, t, tf.Attrs["allow_passwordless"]) + tf.Attrs["allow_passwordless"] = v + } + } + { + t, ok := tf.AttrTypes["require_session_mfa"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.RequireMFAType"}) + } else { + v, ok := tf.Attrs["require_session_mfa"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.RequireMFAType", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.RequireMFAType", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.RequireMFAType) == 0 + } + v.Value = int64(obj.RequireMFAType) + v.Unknown = false + tf.Attrs["require_session_mfa"] = v + } + } + { + a, ok := tf.AttrTypes["device_trust"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.DeviceTrust"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["device_trust"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.DeviceTrust == nil { + v.Null = true + } else { + obj := obj.DeviceTrust + tf := &v + { + t, ok := tf.AttrTypes["mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.DeviceTrust.Mode"}) + } else { + v, ok := tf.Attrs["mode"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.DeviceTrust.Mode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust.Mode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Mode) == "" + } + v.Value = string(obj.Mode) + v.Unknown = false + tf.Attrs["mode"] = v + } + } + { + t, ok := tf.AttrTypes["auto_enroll"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.DeviceTrust.AutoEnroll"}) + } else { + v, ok := tf.Attrs["auto_enroll"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.DeviceTrust.AutoEnroll", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust.AutoEnroll", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.AutoEnroll) == false + } + v.Value = bool(obj.AutoEnroll) + v.Unknown = false + tf.Attrs["auto_enroll"] = v + } + } + { + a, ok := tf.AttrTypes["ekcert_allowed_cas"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.DeviceTrust.EKCertAllowedCAs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust.EKCertAllowedCAs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["ekcert_allowed_cas"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.EKCertAllowedCAs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.EKCertAllowedCAs)) + } + } + if obj.EKCertAllowedCAs != nil { + t := o.ElemType + if len(obj.EKCertAllowedCAs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.EKCertAllowedCAs)) + } + for k, a := range obj.EKCertAllowedCAs { + v, ok := tf.Attrs["ekcert_allowed_cas"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.DeviceTrust.EKCertAllowedCAs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.DeviceTrust.EKCertAllowedCAs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.EKCertAllowedCAs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["ekcert_allowed_cas"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["device_trust"] = v + } + } + } + { + a, ok := tf.AttrTypes["idp"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.IDP"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.IDP", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["idp"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.IDP == nil { + v.Null = true + } else { + obj := obj.IDP + tf := &v + { + a, ok := tf.AttrTypes["saml"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.IDP.SAML"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.IDP.SAML", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["saml"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.SAML == nil { + v.Null = true + } else { + obj := obj.SAML + tf := &v + { + t, ok := tf.AttrTypes["enabled"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.IDP.SAML.Enabled"}) + } else { + v := CopyToBoolOption(diags, obj.Enabled, t, tf.Attrs["enabled"]) + tf.Attrs["enabled"] = v + } + } + } + v.Unknown = false + tf.Attrs["saml"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["idp"] = v + } + } + } + { + t, ok := tf.AttrTypes["allow_headless"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.AllowHeadless"}) + } else { + v := CopyToBoolOption(diags, obj.AllowHeadless, t, tf.Attrs["allow_headless"]) + tf.Attrs["allow_headless"] = v + } + } + { + t, ok := tf.AttrTypes["default_session_ttl"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.DefaultSessionTTL"}) + } else { + v, ok := tf.Attrs["default_session_ttl"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.DefaultSessionTTL", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.DefaultSessionTTL", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.DefaultSessionTTL) + v.Unknown = false + tf.Attrs["default_session_ttl"] = v + } + } + { + a, ok := tf.AttrTypes["okta"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.Okta"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Okta", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["okta"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Okta == nil { + v.Null = true + } else { + obj := obj.Okta + tf := &v + { + t, ok := tf.AttrTypes["sync_period"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.Okta.SyncPeriod"}) + } else { + v, ok := tf.Attrs["sync_period"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.Okta.SyncPeriod", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.Okta.SyncPeriod", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.SyncPeriod) + v.Unknown = false + tf.Attrs["sync_period"] = v + } + } + } + v.Unknown = false + tf.Attrs["okta"] = v + } + } + } + { + t, ok := tf.AttrTypes["piv_slot"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.PIVSlot"}) + } else { + v, ok := tf.Attrs["piv_slot"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.PIVSlot", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.PIVSlot", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.PIVSlot) == "" + } + v.Value = string(obj.PIVSlot) + v.Unknown = false + tf.Attrs["piv_slot"] = v + } + } + { + a, ok := tf.AttrTypes["hardware_key"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["hardware_key"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.HardwareKey == nil { + v.Null = true + } else { + obj := obj.HardwareKey + tf := &v + { + t, ok := tf.AttrTypes["piv_slot"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot"}) + } else { + v, ok := tf.Attrs["piv_slot"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.PIVSlot", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.PIVSlot) == "" + } + v.Value = string(obj.PIVSlot) + v.Unknown = false + tf.Attrs["piv_slot"] = v + } + } + { + a, ok := tf.AttrTypes["serial_number_validation"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["serial_number_validation"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.SerialNumberValidation == nil { + v.Null = true + } else { + obj := obj.SerialNumberValidation + tf := &v + { + t, ok := tf.AttrTypes["enabled"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled"}) + } else { + v, ok := tf.Attrs["enabled"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.Enabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.Enabled) == false + } + v.Value = bool(obj.Enabled) + v.Unknown = false + tf.Attrs["enabled"] = v + } + } + { + t, ok := tf.AttrTypes["serial_number_trait_name"] + if !ok { + diags.Append(attrWriteMissingDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName"}) + } else { + v, ok := tf.Attrs["serial_number_trait_name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"AuthPreferenceV2.Spec.HardwareKey.SerialNumberValidation.SerialNumberTraitName", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SerialNumberTraitName) == "" + } + v.Value = string(obj.SerialNumberTraitName) + v.Unknown = false + tf.Attrs["serial_number_trait_name"] = v + } + } + } + v.Unknown = false + tf.Attrs["serial_number_validation"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["hardware_key"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyRoleV6FromTerraform copies contents of the source Terraform object into a target struct +func CopyRoleV6FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.RoleV6) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.RoleSpecV6{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["options"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Options = github_com_gravitational_teleport_api_types.RoleOptions{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Options + { + a, ok := tf.Attrs["forward_agent"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.ForwardAgent"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.ForwardAgent", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t github_com_gravitational_teleport_api_types.Bool + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Bool(v.Value) + } + obj.ForwardAgent = t + } + } + } + { + a, ok := tf.Attrs["max_session_ttl"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.MaxSessionTTL"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.MaxSessionTTL", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.MaxSessionTTL = t + } + } + } + { + a, ok := tf.Attrs["port_forwarding"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.PortForwarding"}) + } + CopyFromBoolOption(diags, a, &obj.PortForwarding) + } + { + a, ok := tf.Attrs["cert_format"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CertificateFormat"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CertificateFormat", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.CertificateFormat = t + } + } + } + { + a, ok := tf.Attrs["client_idle_timeout"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.ClientIdleTimeout"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.ClientIdleTimeout", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.ClientIdleTimeout = t + } + } + } + { + a, ok := tf.Attrs["disconnect_expired_cert"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.DisconnectExpiredCert"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.DisconnectExpiredCert", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t github_com_gravitational_teleport_api_types.Bool + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Bool(v.Value) + } + obj.DisconnectExpiredCert = t + } + } + } + { + a, ok := tf.Attrs["enhanced_recording"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.BPF"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.BPF", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.BPF = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.BPF", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.BPF[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["permit_x11_forwarding"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.PermitX11Forwarding"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.PermitX11Forwarding", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t github_com_gravitational_teleport_api_types.Bool + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Bool(v.Value) + } + obj.PermitX11Forwarding = t + } + } + } + { + a, ok := tf.Attrs["max_connections"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.MaxConnections"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.MaxConnections", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int64 + if !v.Null && !v.Unknown { + t = int64(v.Value) + } + obj.MaxConnections = t + } + } + } + { + a, ok := tf.Attrs["max_sessions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.MaxSessions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.MaxSessions", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int64 + if !v.Null && !v.Unknown { + t = int64(v.Value) + } + obj.MaxSessions = t + } + } + } + { + a, ok := tf.Attrs["request_access"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.RequestAccess"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.RequestAccess", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t github_com_gravitational_teleport_api_types.RequestStrategy + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.RequestStrategy(v.Value) + } + obj.RequestAccess = t + } + } + } + { + a, ok := tf.Attrs["request_prompt"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.RequestPrompt"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.RequestPrompt", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.RequestPrompt = t + } + } + } + { + a, ok := tf.Attrs["lock"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.Lock"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.Lock", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t github_com_gravitational_teleport_api_constants.LockingMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_constants.LockingMode(v.Value) + } + obj.Lock = t + } + } + } + { + a, ok := tf.Attrs["record_session"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.RecordSession"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.RecordSession", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.RecordSession = nil + if !v.Null && !v.Unknown { + tf := v + obj.RecordSession = &github_com_gravitational_teleport_api_types.RecordSession{} + obj := obj.RecordSession + { + a, ok := tf.Attrs["desktop"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.RecordSession.Desktop"}) + } + CopyFromBoolOption(diags, a, &obj.Desktop) + } + { + a, ok := tf.Attrs["default"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.RecordSession.Default"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.RecordSession.Default", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t github_com_gravitational_teleport_api_constants.SessionRecordingMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_constants.SessionRecordingMode(v.Value) + } + obj.Default = t + } + } + } + { + a, ok := tf.Attrs["ssh"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.RecordSession.SSH"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.RecordSession.SSH", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t github_com_gravitational_teleport_api_constants.SessionRecordingMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_constants.SessionRecordingMode(v.Value) + } + obj.SSH = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["desktop_clipboard"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.DesktopClipboard"}) + } + CopyFromBoolOption(diags, a, &obj.DesktopClipboard) + } + { + a, ok := tf.Attrs["cert_extensions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CertExtensions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.CertExtensions = make([]*github_com_gravitational_teleport_api_types.CertExtension, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.CertExtension + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.CertExtension{} + obj := t + { + a, ok := tf.Attrs["type"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CertExtensions.Type"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions.Type", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.CertExtensionType + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.CertExtensionType(v.Value) + } + obj.Type = t + } + } + } + { + a, ok := tf.Attrs["mode"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CertExtensions.Mode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions.Mode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.CertExtensionMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.CertExtensionMode(v.Value) + } + obj.Mode = t + } + } + } + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CertExtensions.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["value"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CertExtensions.Value"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Value = t + } + } + } + } + obj.CertExtensions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["max_kubernetes_connections"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.MaxKubernetesConnections"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.MaxKubernetesConnections", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int64 + if !v.Null && !v.Unknown { + t = int64(v.Value) + } + obj.MaxKubernetesConnections = t + } + } + } + { + a, ok := tf.Attrs["desktop_directory_sharing"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.DesktopDirectorySharing"}) + } + CopyFromBoolOption(diags, a, &obj.DesktopDirectorySharing) + } + { + a, ok := tf.Attrs["create_host_user"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CreateHostUser"}) + } + CopyFromBoolOption(diags, a, &obj.CreateHostUser) + } + { + a, ok := tf.Attrs["pin_source_ip"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.PinSourceIP"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.PinSourceIP", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t github_com_gravitational_teleport_api_types.Bool + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Bool(v.Value) + } + obj.PinSourceIP = t + } + } + } + { + a, ok := tf.Attrs["ssh_file_copy"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.SSHFileCopy"}) + } + CopyFromBoolOption(diags, a, &obj.SSHFileCopy) + } + { + a, ok := tf.Attrs["require_session_mfa"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.RequireMFAType"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.RequireMFAType", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.RequireMFAType + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.RequireMFAType(v.Value) + } + obj.RequireMFAType = t + } + } + } + { + a, ok := tf.Attrs["device_trust_mode"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.DeviceTrustMode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.DeviceTrustMode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DeviceTrustMode = t + } + } + } + { + a, ok := tf.Attrs["idp"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.IDP"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.IDP", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.IDP = nil + if !v.Null && !v.Unknown { + tf := v + obj.IDP = &github_com_gravitational_teleport_api_types.IdPOptions{} + obj := obj.IDP + { + a, ok := tf.Attrs["saml"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.IDP.SAML"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.IDP.SAML", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.SAML = nil + if !v.Null && !v.Unknown { + tf := v + obj.SAML = &github_com_gravitational_teleport_api_types.IdPSAMLOptions{} + obj := obj.SAML + { + a, ok := tf.Attrs["enabled"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.IDP.SAML.Enabled"}) + } + CopyFromBoolOption(diags, a, &obj.Enabled) + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["create_desktop_user"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CreateDesktopUser"}) + } + CopyFromBoolOption(diags, a, &obj.CreateDesktopUser) + } + { + a, ok := tf.Attrs["create_db_user"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CreateDatabaseUser"}) + } + CopyFromBoolOption(diags, a, &obj.CreateDatabaseUser) + } + { + a, ok := tf.Attrs["create_host_user_mode"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CreateHostUserMode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CreateHostUserMode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.CreateHostUserMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.CreateHostUserMode(v.Value) + } + obj.CreateHostUserMode = t + } + } + } + { + a, ok := tf.Attrs["create_db_user_mode"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Options.CreateDatabaseUserMode"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Options.CreateDatabaseUserMode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t github_com_gravitational_teleport_api_types.CreateDatabaseUserMode + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.CreateDatabaseUserMode(v.Value) + } + obj.CreateDatabaseUserMode = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["allow"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Allow = github_com_gravitational_teleport_api_types.RoleConditions{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Allow + { + a, ok := tf.Attrs["logins"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Logins"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Logins", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Logins = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Logins", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Logins[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["node_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.NodeLabels"}) + } + CopyFromLabels(diags, a, &obj.NodeLabels) + } + { + a, ok := tf.Attrs["rules"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Rules"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Rules = make([]github_com_gravitational_teleport_api_types.Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.Rule + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["resources"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Rules.Resources"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Resources", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Resources = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Resources", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Resources[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["verbs"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Rules.Verbs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Verbs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Verbs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Verbs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["where"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Rules.Where"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Where = t + } + } + } + { + a, ok := tf.Attrs["actions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Rules.Actions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Actions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Actions = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Actions", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Actions[k] = t + } + } + } + } + } + } + } + obj.Rules[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["kubernetes_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubeGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.KubeGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubeGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KubeGroups[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["request"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Request = nil + if !v.Null && !v.Unknown { + tf := v + obj.Request = &github_com_gravitational_teleport_api_types.AccessRequestConditions{} + obj := obj.Request + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["claims_to_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ClaimsToRoles = make([]github_com_gravitational_teleport_api_types.ClaimMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.ClaimMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["claim"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Claim"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Claim = t + } + } + } + { + a, ok := tf.Attrs["value"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Value"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Value = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + } + obj.ClaimsToRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["annotations"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.Annotations"}) + } + CopyFromTraits(diags, a, &obj.Annotations) + } + { + a, ok := tf.Attrs["thresholds"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Thresholds = make([]github_com_gravitational_teleport_api_types.AccessReviewThreshold, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.AccessReviewThreshold + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["filter"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds.Filter"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds.Filter", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Filter = t + } + } + } + { + a, ok := tf.Attrs["approve"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds.Approve"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds.Approve", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t uint32 + if !v.Null && !v.Unknown { + t = uint32(v.Value) + } + obj.Approve = t + } + } + } + { + a, ok := tf.Attrs["deny"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds.Deny"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds.Deny", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t uint32 + if !v.Null && !v.Unknown { + t = uint32(v.Value) + } + obj.Deny = t + } + } + } + } + obj.Thresholds[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["suggested_reviewers"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.SuggestedReviewers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.SuggestedReviewers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SuggestedReviewers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.SuggestedReviewers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SuggestedReviewers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["search_as_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.SearchAsRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.SearchAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SearchAsRoles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.SearchAsRoles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SearchAsRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["max_duration"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Request.MaxDuration"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Request.MaxDuration", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.MaxDuration = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["kubernetes_users"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubeUsers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.KubeUsers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubeUsers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KubeUsers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["app_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.AppLabels"}) + } + CopyFromLabels(diags, a, &obj.AppLabels) + } + { + a, ok := tf.Attrs["cluster_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ClusterLabels"}) + } + CopyFromLabels(diags, a, &obj.ClusterLabels) + } + { + a, ok := tf.Attrs["kubernetes_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubernetesLabels"}) + } + CopyFromLabels(diags, a, &obj.KubernetesLabels) + } + { + a, ok := tf.Attrs["db_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabaseLabels"}) + } + CopyFromLabels(diags, a, &obj.DatabaseLabels) + } + { + a, ok := tf.Attrs["db_names"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabaseNames"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseNames", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabaseNames = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseNames", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseNames[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["db_users"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabaseUsers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseUsers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabaseUsers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseUsers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseUsers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["impersonate"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Impersonate"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Impersonate = nil + if !v.Null && !v.Unknown { + tf := v + obj.Impersonate = &github_com_gravitational_teleport_api_types.ImpersonateConditions{} + obj := obj.Impersonate + { + a, ok := tf.Attrs["users"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Impersonate.Users"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Users", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Users = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Users", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Users[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Impersonate.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["where"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.Impersonate.Where"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Where = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["review_requests"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ReviewRequests"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.ReviewRequests = nil + if !v.Null && !v.Unknown { + tf := v + obj.ReviewRequests = &github_com_gravitational_teleport_api_types.AccessReviewConditions{} + obj := obj.ReviewRequests + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["claims_to_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ClaimsToRoles = make([]github_com_gravitational_teleport_api_types.ClaimMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.ClaimMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["claim"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Claim"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Claim = t + } + } + } + { + a, ok := tf.Attrs["value"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Value"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Value = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + } + obj.ClaimsToRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["where"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.Where"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Where = t + } + } + } + { + a, ok := tf.Attrs["preview_as_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.PreviewAsRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.PreviewAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.PreviewAsRoles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.PreviewAsRoles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PreviewAsRoles[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["aws_role_arns"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.AWSRoleARNs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.AWSRoleARNs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AWSRoleARNs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.AWSRoleARNs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AWSRoleARNs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["windows_desktop_logins"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.WindowsDesktopLogins"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.WindowsDesktopLogins", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.WindowsDesktopLogins = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.WindowsDesktopLogins", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.WindowsDesktopLogins[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["windows_desktop_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.WindowsDesktopLabels"}) + } + CopyFromLabels(diags, a, &obj.WindowsDesktopLabels) + } + { + a, ok := tf.Attrs["require_session_join"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.RequireSessionJoin = make([]*github_com_gravitational_teleport_api_types.SessionRequirePolicy, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.SessionRequirePolicy + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.SessionRequirePolicy{} + obj := t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["filter"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Filter"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Filter", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Filter = t + } + } + } + { + a, ok := tf.Attrs["kinds"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Kinds"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Kinds = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Kinds", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kinds[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["count"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Count"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Count", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int32 + if !v.Null && !v.Unknown { + t = int32(v.Value) + } + obj.Count = t + } + } + } + { + a, ok := tf.Attrs["modes"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Modes"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Modes", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Modes = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Modes", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Modes[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["on_leave"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.OnLeave"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.OnLeave", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.OnLeave = t + } + } + } + } + obj.RequireSessionJoin[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["join_sessions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.JoinSessions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.JoinSessions = make([]*github_com_gravitational_teleport_api_types.SessionJoinPolicy, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.SessionJoinPolicy + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.SessionJoinPolicy{} + obj := t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.JoinSessions.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.JoinSessions.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["kinds"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.JoinSessions.Kinds"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Kinds = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Kinds", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kinds[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["modes"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.JoinSessions.Modes"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Modes", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Modes = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Modes", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Modes[k] = t + } + } + } + } + } + } + } + obj.JoinSessions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["host_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.HostGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.HostGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.HostGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.HostGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.HostGroups[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["host_sudoers"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.HostSudoers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.HostSudoers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.HostSudoers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.HostSudoers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.HostSudoers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["azure_identities"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.AzureIdentities"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.AzureIdentities", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AzureIdentities = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.AzureIdentities", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AzureIdentities[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["kubernetes_resources"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubernetesResources"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.KubernetesResources = make([]github_com_gravitational_teleport_api_types.KubernetesResource, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.KubernetesResource + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubernetesResources.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubernetesResources.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubernetesResources.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["verbs"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubernetesResources.Verbs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Verbs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Verbs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Verbs[k] = t + } + } + } + } + } + } + } + obj.KubernetesResources[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["gcp_service_accounts"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.GCPServiceAccounts"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.GCPServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.GCPServiceAccounts = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.GCPServiceAccounts", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GCPServiceAccounts[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["db_service_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabaseServiceLabels"}) + } + CopyFromLabels(diags, a, &obj.DatabaseServiceLabels) + } + { + a, ok := tf.Attrs["group_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.GroupLabels"}) + } + CopyFromLabels(diags, a, &obj.GroupLabels) + } + { + a, ok := tf.Attrs["desktop_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DesktopGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DesktopGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DesktopGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DesktopGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DesktopGroups[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["db_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabaseRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabaseRoles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseRoles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["node_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.NodeLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.NodeLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.NodeLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["app_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.AppLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.AppLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AppLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["cluster_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.ClusterLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.ClusterLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClusterLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["kubernetes_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.KubernetesLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KubernetesLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["db_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabaseLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["db_service_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabaseServiceLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseServiceLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseServiceLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["windows_desktop_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.WindowsDesktopLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.WindowsDesktopLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.WindowsDesktopLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["group_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.GroupLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.GroupLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GroupLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["db_permissions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabasePermissions = make([]github_com_gravitational_teleport_api_types.DatabasePermission, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.DatabasePermission + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["permissions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Permissions = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Permissions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["match"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions.Match"}) + } + CopyFromLabels(diags, a, &obj.Match) + } + } + obj.DatabasePermissions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["spiffe"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.SPIFFE"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SPIFFE = make([]*github_com_gravitational_teleport_api_types.SPIFFERoleCondition, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.SPIFFERoleCondition + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.SPIFFERoleCondition{} + obj := t + { + a, ok := tf.Attrs["path"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.SPIFFE.Path"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.Path", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Path = t + } + } + } + { + a, ok := tf.Attrs["dns_sans"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DNSSANs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DNSSANs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["ip_sans"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.IPSANs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.IPSANs[k] = t + } + } + } + } + } + } + } + obj.SPIFFE[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["deny"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Deny = github_com_gravitational_teleport_api_types.RoleConditions{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Deny + { + a, ok := tf.Attrs["logins"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Logins"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Logins", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Logins = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Logins", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Logins[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["node_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.NodeLabels"}) + } + CopyFromLabels(diags, a, &obj.NodeLabels) + } + { + a, ok := tf.Attrs["rules"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Rules"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Rules = make([]github_com_gravitational_teleport_api_types.Rule, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.Rule + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["resources"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Rules.Resources"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Resources", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Resources = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Resources", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Resources[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["verbs"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Rules.Verbs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Verbs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Verbs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Verbs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["where"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Rules.Where"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Where = t + } + } + } + { + a, ok := tf.Attrs["actions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Rules.Actions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Actions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Actions = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Actions", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Actions[k] = t + } + } + } + } + } + } + } + obj.Rules[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["kubernetes_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubeGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.KubeGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubeGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KubeGroups[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["request"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Request = nil + if !v.Null && !v.Unknown { + tf := v + obj.Request = &github_com_gravitational_teleport_api_types.AccessRequestConditions{} + obj := obj.Request + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["claims_to_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ClaimsToRoles = make([]github_com_gravitational_teleport_api_types.ClaimMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.ClaimMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["claim"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Claim"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Claim = t + } + } + } + { + a, ok := tf.Attrs["value"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Value"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Value = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + } + obj.ClaimsToRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["annotations"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.Annotations"}) + } + CopyFromTraits(diags, a, &obj.Annotations) + } + { + a, ok := tf.Attrs["thresholds"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Thresholds = make([]github_com_gravitational_teleport_api_types.AccessReviewThreshold, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.AccessReviewThreshold + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["filter"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds.Filter"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds.Filter", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Filter = t + } + } + } + { + a, ok := tf.Attrs["approve"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds.Approve"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds.Approve", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t uint32 + if !v.Null && !v.Unknown { + t = uint32(v.Value) + } + obj.Approve = t + } + } + } + { + a, ok := tf.Attrs["deny"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds.Deny"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds.Deny", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t uint32 + if !v.Null && !v.Unknown { + t = uint32(v.Value) + } + obj.Deny = t + } + } + } + } + obj.Thresholds[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["suggested_reviewers"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.SuggestedReviewers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.SuggestedReviewers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SuggestedReviewers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.SuggestedReviewers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SuggestedReviewers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["search_as_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.SearchAsRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.SearchAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SearchAsRoles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.SearchAsRoles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SearchAsRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["max_duration"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Request.MaxDuration"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Request.MaxDuration", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + obj.MaxDuration = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["kubernetes_users"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubeUsers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.KubeUsers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubeUsers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KubeUsers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["app_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.AppLabels"}) + } + CopyFromLabels(diags, a, &obj.AppLabels) + } + { + a, ok := tf.Attrs["cluster_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ClusterLabels"}) + } + CopyFromLabels(diags, a, &obj.ClusterLabels) + } + { + a, ok := tf.Attrs["kubernetes_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubernetesLabels"}) + } + CopyFromLabels(diags, a, &obj.KubernetesLabels) + } + { + a, ok := tf.Attrs["db_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabaseLabels"}) + } + CopyFromLabels(diags, a, &obj.DatabaseLabels) + } + { + a, ok := tf.Attrs["db_names"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabaseNames"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseNames", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabaseNames = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseNames", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseNames[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["db_users"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabaseUsers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseUsers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabaseUsers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseUsers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseUsers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["impersonate"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Impersonate"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Impersonate = nil + if !v.Null && !v.Unknown { + tf := v + obj.Impersonate = &github_com_gravitational_teleport_api_types.ImpersonateConditions{} + obj := obj.Impersonate + { + a, ok := tf.Attrs["users"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Impersonate.Users"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Users", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Users = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Users", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Users[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Impersonate.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["where"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.Impersonate.Where"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Where = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["review_requests"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ReviewRequests"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.ReviewRequests = nil + if !v.Null && !v.Unknown { + tf := v + obj.ReviewRequests = &github_com_gravitational_teleport_api_types.AccessReviewConditions{} + obj := obj.ReviewRequests + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["claims_to_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ClaimsToRoles = make([]github_com_gravitational_teleport_api_types.ClaimMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.ClaimMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["claim"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Claim"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Claim = t + } + } + } + { + a, ok := tf.Attrs["value"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Value"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Value = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + } + obj.ClaimsToRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["where"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.Where"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Where = t + } + } + } + { + a, ok := tf.Attrs["preview_as_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.PreviewAsRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.PreviewAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.PreviewAsRoles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.PreviewAsRoles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PreviewAsRoles[k] = t + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["aws_role_arns"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.AWSRoleARNs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.AWSRoleARNs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AWSRoleARNs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.AWSRoleARNs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AWSRoleARNs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["windows_desktop_logins"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.WindowsDesktopLogins"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.WindowsDesktopLogins", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.WindowsDesktopLogins = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.WindowsDesktopLogins", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.WindowsDesktopLogins[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["windows_desktop_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.WindowsDesktopLabels"}) + } + CopyFromLabels(diags, a, &obj.WindowsDesktopLabels) + } + { + a, ok := tf.Attrs["require_session_join"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.RequireSessionJoin = make([]*github_com_gravitational_teleport_api_types.SessionRequirePolicy, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.SessionRequirePolicy + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.SessionRequirePolicy{} + obj := t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["filter"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Filter"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Filter", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Filter = t + } + } + } + { + a, ok := tf.Attrs["kinds"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Kinds"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Kinds = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Kinds", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kinds[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["count"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Count"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Count", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int32 + if !v.Null && !v.Unknown { + t = int32(v.Value) + } + obj.Count = t + } + } + } + { + a, ok := tf.Attrs["modes"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Modes"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Modes", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Modes = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Modes", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Modes[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["on_leave"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.OnLeave"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.OnLeave", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.OnLeave = t + } + } + } + } + obj.RequireSessionJoin[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["join_sessions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.JoinSessions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.JoinSessions = make([]*github_com_gravitational_teleport_api_types.SessionJoinPolicy, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.SessionJoinPolicy + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.SessionJoinPolicy{} + obj := t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.JoinSessions.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.JoinSessions.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["kinds"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.JoinSessions.Kinds"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Kinds = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Kinds", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kinds[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["modes"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.JoinSessions.Modes"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Modes", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Modes = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Modes", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Modes[k] = t + } + } + } + } + } + } + } + obj.JoinSessions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["host_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.HostGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.HostGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.HostGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.HostGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.HostGroups[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["host_sudoers"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.HostSudoers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.HostSudoers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.HostSudoers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.HostSudoers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.HostSudoers[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["azure_identities"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.AzureIdentities"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.AzureIdentities", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AzureIdentities = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.AzureIdentities", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AzureIdentities[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["kubernetes_resources"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubernetesResources"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.KubernetesResources = make([]github_com_gravitational_teleport_api_types.KubernetesResource, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.KubernetesResource + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubernetesResources.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubernetesResources.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubernetesResources.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["verbs"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubernetesResources.Verbs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Verbs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Verbs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Verbs[k] = t + } + } + } + } + } + } + } + obj.KubernetesResources[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["gcp_service_accounts"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.GCPServiceAccounts"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.GCPServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.GCPServiceAccounts = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.GCPServiceAccounts", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GCPServiceAccounts[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["db_service_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabaseServiceLabels"}) + } + CopyFromLabels(diags, a, &obj.DatabaseServiceLabels) + } + { + a, ok := tf.Attrs["group_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.GroupLabels"}) + } + CopyFromLabels(diags, a, &obj.GroupLabels) + } + { + a, ok := tf.Attrs["desktop_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DesktopGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DesktopGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DesktopGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DesktopGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DesktopGroups[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["db_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabaseRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabaseRoles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseRoles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["node_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.NodeLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.NodeLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.NodeLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["app_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.AppLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.AppLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AppLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["cluster_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.ClusterLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.ClusterLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClusterLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["kubernetes_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.KubernetesLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KubernetesLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["db_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabaseLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["db_service_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabaseServiceLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseServiceLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DatabaseServiceLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["windows_desktop_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.WindowsDesktopLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.WindowsDesktopLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.WindowsDesktopLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["group_labels_expression"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.GroupLabelsExpression"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.GroupLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GroupLabelsExpression = t + } + } + } + { + a, ok := tf.Attrs["db_permissions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DatabasePermissions = make([]github_com_gravitational_teleport_api_types.DatabasePermission, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.DatabasePermission + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["permissions"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Permissions = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Permissions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["match"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions.Match"}) + } + CopyFromLabels(diags, a, &obj.Match) + } + } + obj.DatabasePermissions[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["spiffe"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.SPIFFE"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SPIFFE = make([]*github_com_gravitational_teleport_api_types.SPIFFERoleCondition, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.SPIFFERoleCondition + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.SPIFFERoleCondition{} + obj := t + { + a, ok := tf.Attrs["path"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.SPIFFE.Path"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.Path", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Path = t + } + } + } + { + a, ok := tf.Attrs["dns_sans"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.DNSSANs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.DNSSANs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["ip_sans"] + if !ok { + diags.Append(attrReadMissingDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.IPSANs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.IPSANs[k] = t + } + } + } + } + } + } + } + obj.SPIFFE[k] = t + } + } + } + } + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyRoleV6ToTerraform copies contents of the source Terraform object into a target struct +func CopyRoleV6ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.RoleV6, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + a, ok := tf.AttrTypes["options"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["options"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Options + tf := &v + { + t, ok := tf.AttrTypes["forward_agent"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.ForwardAgent"}) + } else { + v, ok := tf.Attrs["forward_agent"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.ForwardAgent", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.ForwardAgent", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.ForwardAgent) == false + } + v.Value = bool(obj.ForwardAgent) + v.Unknown = false + tf.Attrs["forward_agent"] = v + } + } + { + t, ok := tf.AttrTypes["max_session_ttl"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.MaxSessionTTL"}) + } else { + v, ok := tf.Attrs["max_session_ttl"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.MaxSessionTTL", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.MaxSessionTTL", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.MaxSessionTTL) + v.Unknown = false + tf.Attrs["max_session_ttl"] = v + } + } + { + t, ok := tf.AttrTypes["port_forwarding"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.PortForwarding"}) + } else { + v := CopyToBoolOption(diags, obj.PortForwarding, t, tf.Attrs["port_forwarding"]) + tf.Attrs["port_forwarding"] = v + } + } + { + t, ok := tf.AttrTypes["cert_format"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CertificateFormat"}) + } else { + v, ok := tf.Attrs["cert_format"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.CertificateFormat", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.CertificateFormat", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.CertificateFormat) == "" + } + v.Value = string(obj.CertificateFormat) + v.Unknown = false + tf.Attrs["cert_format"] = v + } + } + { + t, ok := tf.AttrTypes["client_idle_timeout"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.ClientIdleTimeout"}) + } else { + v, ok := tf.Attrs["client_idle_timeout"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.ClientIdleTimeout", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.ClientIdleTimeout", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.ClientIdleTimeout) + v.Unknown = false + tf.Attrs["client_idle_timeout"] = v + } + } + { + t, ok := tf.AttrTypes["disconnect_expired_cert"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.DisconnectExpiredCert"}) + } else { + v, ok := tf.Attrs["disconnect_expired_cert"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.DisconnectExpiredCert", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.DisconnectExpiredCert", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.DisconnectExpiredCert) == false + } + v.Value = bool(obj.DisconnectExpiredCert) + v.Unknown = false + tf.Attrs["disconnect_expired_cert"] = v + } + } + { + a, ok := tf.AttrTypes["enhanced_recording"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.BPF"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.BPF", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["enhanced_recording"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.BPF)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.BPF)) + } + } + if obj.BPF != nil { + t := o.ElemType + if len(obj.BPF) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.BPF)) + } + for k, a := range obj.BPF { + v, ok := tf.Attrs["enhanced_recording"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.BPF", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.BPF", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.BPF) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["enhanced_recording"] = c + } + } + } + { + t, ok := tf.AttrTypes["permit_x11_forwarding"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.PermitX11Forwarding"}) + } else { + v, ok := tf.Attrs["permit_x11_forwarding"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.PermitX11Forwarding", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.PermitX11Forwarding", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.PermitX11Forwarding) == false + } + v.Value = bool(obj.PermitX11Forwarding) + v.Unknown = false + tf.Attrs["permit_x11_forwarding"] = v + } + } + { + t, ok := tf.AttrTypes["max_connections"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.MaxConnections"}) + } else { + v, ok := tf.Attrs["max_connections"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.MaxConnections", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.MaxConnections", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.MaxConnections) == 0 + } + v.Value = int64(obj.MaxConnections) + v.Unknown = false + tf.Attrs["max_connections"] = v + } + } + { + t, ok := tf.AttrTypes["max_sessions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.MaxSessions"}) + } else { + v, ok := tf.Attrs["max_sessions"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.MaxSessions", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.MaxSessions", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.MaxSessions) == 0 + } + v.Value = int64(obj.MaxSessions) + v.Unknown = false + tf.Attrs["max_sessions"] = v + } + } + { + t, ok := tf.AttrTypes["request_access"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.RequestAccess"}) + } else { + v, ok := tf.Attrs["request_access"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.RequestAccess", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.RequestAccess", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.RequestAccess) == "" + } + v.Value = string(obj.RequestAccess) + v.Unknown = false + tf.Attrs["request_access"] = v + } + } + { + t, ok := tf.AttrTypes["request_prompt"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.RequestPrompt"}) + } else { + v, ok := tf.Attrs["request_prompt"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.RequestPrompt", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.RequestPrompt", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.RequestPrompt) == "" + } + v.Value = string(obj.RequestPrompt) + v.Unknown = false + tf.Attrs["request_prompt"] = v + } + } + { + t, ok := tf.AttrTypes["lock"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.Lock"}) + } else { + v, ok := tf.Attrs["lock"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.Lock", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.Lock", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Lock) == "" + } + v.Value = string(obj.Lock) + v.Unknown = false + tf.Attrs["lock"] = v + } + } + { + a, ok := tf.AttrTypes["record_session"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.RecordSession"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.RecordSession", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["record_session"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.RecordSession == nil { + v.Null = true + } else { + obj := obj.RecordSession + tf := &v + { + t, ok := tf.AttrTypes["desktop"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.RecordSession.Desktop"}) + } else { + v := CopyToBoolOption(diags, obj.Desktop, t, tf.Attrs["desktop"]) + tf.Attrs["desktop"] = v + } + } + { + t, ok := tf.AttrTypes["default"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.RecordSession.Default"}) + } else { + v, ok := tf.Attrs["default"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.RecordSession.Default", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.RecordSession.Default", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Default) == "" + } + v.Value = string(obj.Default) + v.Unknown = false + tf.Attrs["default"] = v + } + } + { + t, ok := tf.AttrTypes["ssh"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.RecordSession.SSH"}) + } else { + v, ok := tf.Attrs["ssh"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.RecordSession.SSH", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.RecordSession.SSH", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SSH) == "" + } + v.Value = string(obj.SSH) + v.Unknown = false + tf.Attrs["ssh"] = v + } + } + } + v.Unknown = false + tf.Attrs["record_session"] = v + } + } + } + { + t, ok := tf.AttrTypes["desktop_clipboard"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.DesktopClipboard"}) + } else { + v := CopyToBoolOption(diags, obj.DesktopClipboard, t, tf.Attrs["desktop_clipboard"]) + tf.Attrs["desktop_clipboard"] = v + } + } + { + a, ok := tf.AttrTypes["cert_extensions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CertExtensions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["cert_extensions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.CertExtensions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.CertExtensions)) + } + } + if obj.CertExtensions != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.CertExtensions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.CertExtensions)) + } + for k, a := range obj.CertExtensions { + v, ok := tf.Attrs["cert_extensions"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["type"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CertExtensions.Type"}) + } else { + v, ok := tf.Attrs["type"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.CertExtensions.Type", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions.Type", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Type) == 0 + } + v.Value = int64(obj.Type) + v.Unknown = false + tf.Attrs["type"] = v + } + } + { + t, ok := tf.AttrTypes["mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CertExtensions.Mode"}) + } else { + v, ok := tf.Attrs["mode"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.CertExtensions.Mode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions.Mode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Mode) == 0 + } + v.Value = int64(obj.Mode) + v.Unknown = false + tf.Attrs["mode"] = v + } + } + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CertExtensions.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.CertExtensions.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["value"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CertExtensions.Value"}) + } else { + v, ok := tf.Attrs["value"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.CertExtensions.Value", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.CertExtensions.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Value) == "" + } + v.Value = string(obj.Value) + v.Unknown = false + tf.Attrs["value"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.CertExtensions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["cert_extensions"] = c + } + } + } + { + t, ok := tf.AttrTypes["max_kubernetes_connections"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.MaxKubernetesConnections"}) + } else { + v, ok := tf.Attrs["max_kubernetes_connections"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.MaxKubernetesConnections", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.MaxKubernetesConnections", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.MaxKubernetesConnections) == 0 + } + v.Value = int64(obj.MaxKubernetesConnections) + v.Unknown = false + tf.Attrs["max_kubernetes_connections"] = v + } + } + { + t, ok := tf.AttrTypes["desktop_directory_sharing"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.DesktopDirectorySharing"}) + } else { + v := CopyToBoolOption(diags, obj.DesktopDirectorySharing, t, tf.Attrs["desktop_directory_sharing"]) + tf.Attrs["desktop_directory_sharing"] = v + } + } + { + t, ok := tf.AttrTypes["create_host_user"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CreateHostUser"}) + } else { + v := CopyToBoolOption(diags, obj.CreateHostUser, t, tf.Attrs["create_host_user"]) + tf.Attrs["create_host_user"] = v + } + } + { + t, ok := tf.AttrTypes["pin_source_ip"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.PinSourceIP"}) + } else { + v, ok := tf.Attrs["pin_source_ip"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.PinSourceIP", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.PinSourceIP", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.PinSourceIP) == false + } + v.Value = bool(obj.PinSourceIP) + v.Unknown = false + tf.Attrs["pin_source_ip"] = v + } + } + { + t, ok := tf.AttrTypes["ssh_file_copy"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.SSHFileCopy"}) + } else { + v := CopyToBoolOption(diags, obj.SSHFileCopy, t, tf.Attrs["ssh_file_copy"]) + tf.Attrs["ssh_file_copy"] = v + } + } + { + t, ok := tf.AttrTypes["require_session_mfa"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.RequireMFAType"}) + } else { + v, ok := tf.Attrs["require_session_mfa"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.RequireMFAType", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.RequireMFAType", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.RequireMFAType) == 0 + } + v.Value = int64(obj.RequireMFAType) + v.Unknown = false + tf.Attrs["require_session_mfa"] = v + } + } + { + t, ok := tf.AttrTypes["device_trust_mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.DeviceTrustMode"}) + } else { + v, ok := tf.Attrs["device_trust_mode"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.DeviceTrustMode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.DeviceTrustMode", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DeviceTrustMode) == "" + } + v.Value = string(obj.DeviceTrustMode) + v.Unknown = false + tf.Attrs["device_trust_mode"] = v + } + } + { + a, ok := tf.AttrTypes["idp"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.IDP"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.IDP", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["idp"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.IDP == nil { + v.Null = true + } else { + obj := obj.IDP + tf := &v + { + a, ok := tf.AttrTypes["saml"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.IDP.SAML"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.IDP.SAML", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["saml"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.SAML == nil { + v.Null = true + } else { + obj := obj.SAML + tf := &v + { + t, ok := tf.AttrTypes["enabled"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.IDP.SAML.Enabled"}) + } else { + v := CopyToBoolOption(diags, obj.Enabled, t, tf.Attrs["enabled"]) + tf.Attrs["enabled"] = v + } + } + } + v.Unknown = false + tf.Attrs["saml"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["idp"] = v + } + } + } + { + t, ok := tf.AttrTypes["create_desktop_user"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CreateDesktopUser"}) + } else { + v := CopyToBoolOption(diags, obj.CreateDesktopUser, t, tf.Attrs["create_desktop_user"]) + tf.Attrs["create_desktop_user"] = v + } + } + { + t, ok := tf.AttrTypes["create_db_user"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CreateDatabaseUser"}) + } else { + v := CopyToBoolOption(diags, obj.CreateDatabaseUser, t, tf.Attrs["create_db_user"]) + tf.Attrs["create_db_user"] = v + } + } + { + t, ok := tf.AttrTypes["create_host_user_mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CreateHostUserMode"}) + } else { + v, ok := tf.Attrs["create_host_user_mode"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.CreateHostUserMode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.CreateHostUserMode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.CreateHostUserMode) == 0 + } + v.Value = int64(obj.CreateHostUserMode) + v.Unknown = false + tf.Attrs["create_host_user_mode"] = v + } + } + { + t, ok := tf.AttrTypes["create_db_user_mode"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Options.CreateDatabaseUserMode"}) + } else { + v, ok := tf.Attrs["create_db_user_mode"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Options.CreateDatabaseUserMode", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Options.CreateDatabaseUserMode", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.CreateDatabaseUserMode) == 0 + } + v.Value = int64(obj.CreateDatabaseUserMode) + v.Unknown = false + tf.Attrs["create_db_user_mode"] = v + } + } + } + v.Unknown = false + tf.Attrs["options"] = v + } + } + } + { + a, ok := tf.AttrTypes["allow"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["allow"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Allow + tf := &v + { + a, ok := tf.AttrTypes["logins"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Logins"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Logins", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["logins"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)) + } + } + if obj.Logins != nil { + t := o.ElemType + if len(obj.Logins) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)) + } + for k, a := range obj.Logins { + v, ok := tf.Attrs["logins"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Logins", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Logins", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Logins) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["logins"] = c + } + } + } + { + t, ok := tf.AttrTypes["node_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.NodeLabels"}) + } else { + v := CopyToLabels(diags, obj.NodeLabels, t, tf.Attrs["node_labels"]) + tf.Attrs["node_labels"] = v + } + } + { + a, ok := tf.AttrTypes["rules"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Rules"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Rules", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["rules"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Rules)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Rules)) + } + } + if obj.Rules != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Rules) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Rules)) + } + for k, a := range obj.Rules { + v, ok := tf.Attrs["rules"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["resources"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Rules.Resources"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Resources", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["resources"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Resources)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Resources)) + } + } + if obj.Resources != nil { + t := o.ElemType + if len(obj.Resources) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Resources)) + } + for k, a := range obj.Resources { + v, ok := tf.Attrs["resources"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Rules.Resources", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Resources", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Resources) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["resources"] = c + } + } + } + { + a, ok := tf.AttrTypes["verbs"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Rules.Verbs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["verbs"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)) + } + } + if obj.Verbs != nil { + t := o.ElemType + if len(obj.Verbs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)) + } + for k, a := range obj.Verbs { + v, ok := tf.Attrs["verbs"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Rules.Verbs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Verbs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["verbs"] = c + } + } + } + { + t, ok := tf.AttrTypes["where"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Rules.Where"}) + } else { + v, ok := tf.Attrs["where"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Rules.Where", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Where) == "" + } + v.Value = string(obj.Where) + v.Unknown = false + tf.Attrs["where"] = v + } + } + { + a, ok := tf.AttrTypes["actions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Rules.Actions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Actions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["actions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Actions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Actions)) + } + } + if obj.Actions != nil { + t := o.ElemType + if len(obj.Actions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Actions)) + } + for k, a := range obj.Actions { + v, ok := tf.Attrs["actions"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Rules.Actions", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Rules.Actions", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Actions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["actions"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Rules) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["rules"] = c + } + } + } + { + a, ok := tf.AttrTypes["kubernetes_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubeGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kubernetes_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)) + } + } + if obj.KubeGroups != nil { + t := o.ElemType + if len(obj.KubeGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)) + } + for k, a := range obj.KubeGroups { + v, ok := tf.Attrs["kubernetes_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.KubeGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.KubeGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kubernetes_groups"] = c + } + } + } + { + a, ok := tf.AttrTypes["request"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["request"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Request == nil { + v.Null = true + } else { + obj := obj.Request + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["claims_to_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + } + if obj.ClaimsToRoles != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.ClaimsToRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + for k, a := range obj.ClaimsToRoles { + v, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["claim"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Claim"}) + } else { + v, ok := tf.Attrs["claim"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Claim", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Claim) == "" + } + v.Value = string(obj.Claim) + v.Unknown = false + tf.Attrs["claim"] = v + } + } + { + t, ok := tf.AttrTypes["value"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Value"}) + } else { + v, ok := tf.Attrs["value"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Value", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Value) == "" + } + v.Value = string(obj.Value) + v.Unknown = false + tf.Attrs["value"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ClaimsToRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["claims_to_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["annotations"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.Annotations"}) + } else { + v := CopyToTraits(diags, obj.Annotations, t, tf.Attrs["annotations"]) + tf.Attrs["annotations"] = v + } + } + { + a, ok := tf.AttrTypes["thresholds"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["thresholds"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Thresholds)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Thresholds)) + } + } + if obj.Thresholds != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Thresholds) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Thresholds)) + } + for k, a := range obj.Thresholds { + v, ok := tf.Attrs["thresholds"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.Thresholds.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["filter"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds.Filter"}) + } else { + v, ok := tf.Attrs["filter"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.Thresholds.Filter", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds.Filter", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Filter) == "" + } + v.Value = string(obj.Filter) + v.Unknown = false + tf.Attrs["filter"] = v + } + } + { + t, ok := tf.AttrTypes["approve"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds.Approve"}) + } else { + v, ok := tf.Attrs["approve"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.Thresholds.Approve", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds.Approve", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Approve) == 0 + } + v.Value = int64(obj.Approve) + v.Unknown = false + tf.Attrs["approve"] = v + } + } + { + t, ok := tf.AttrTypes["deny"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.Thresholds.Deny"}) + } else { + v, ok := tf.Attrs["deny"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.Thresholds.Deny", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.Thresholds.Deny", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Deny) == 0 + } + v.Value = int64(obj.Deny) + v.Unknown = false + tf.Attrs["deny"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Thresholds) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["thresholds"] = c + } + } + } + { + a, ok := tf.AttrTypes["suggested_reviewers"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.SuggestedReviewers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.SuggestedReviewers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["suggested_reviewers"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SuggestedReviewers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SuggestedReviewers)) + } + } + if obj.SuggestedReviewers != nil { + t := o.ElemType + if len(obj.SuggestedReviewers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SuggestedReviewers)) + } + for k, a := range obj.SuggestedReviewers { + v, ok := tf.Attrs["suggested_reviewers"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.SuggestedReviewers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.SuggestedReviewers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SuggestedReviewers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["suggested_reviewers"] = c + } + } + } + { + a, ok := tf.AttrTypes["search_as_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.SearchAsRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.SearchAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["search_as_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SearchAsRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SearchAsRoles)) + } + } + if obj.SearchAsRoles != nil { + t := o.ElemType + if len(obj.SearchAsRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SearchAsRoles)) + } + for k, a := range obj.SearchAsRoles { + v, ok := tf.Attrs["search_as_roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.SearchAsRoles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.SearchAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SearchAsRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["search_as_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["max_duration"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Request.MaxDuration"}) + } else { + v, ok := tf.Attrs["max_duration"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Request.MaxDuration", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Request.MaxDuration", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.MaxDuration) + v.Unknown = false + tf.Attrs["max_duration"] = v + } + } + } + v.Unknown = false + tf.Attrs["request"] = v + } + } + } + { + a, ok := tf.AttrTypes["kubernetes_users"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubeUsers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kubernetes_users"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)) + } + } + if obj.KubeUsers != nil { + t := o.ElemType + if len(obj.KubeUsers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)) + } + for k, a := range obj.KubeUsers { + v, ok := tf.Attrs["kubernetes_users"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.KubeUsers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.KubeUsers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kubernetes_users"] = c + } + } + } + { + t, ok := tf.AttrTypes["app_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.AppLabels"}) + } else { + v := CopyToLabels(diags, obj.AppLabels, t, tf.Attrs["app_labels"]) + tf.Attrs["app_labels"] = v + } + } + { + t, ok := tf.AttrTypes["cluster_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ClusterLabels"}) + } else { + v := CopyToLabels(diags, obj.ClusterLabels, t, tf.Attrs["cluster_labels"]) + tf.Attrs["cluster_labels"] = v + } + } + { + t, ok := tf.AttrTypes["kubernetes_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubernetesLabels"}) + } else { + v := CopyToLabels(diags, obj.KubernetesLabels, t, tf.Attrs["kubernetes_labels"]) + tf.Attrs["kubernetes_labels"] = v + } + } + { + t, ok := tf.AttrTypes["db_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabaseLabels"}) + } else { + v := CopyToLabels(diags, obj.DatabaseLabels, t, tf.Attrs["db_labels"]) + tf.Attrs["db_labels"] = v + } + } + { + a, ok := tf.AttrTypes["db_names"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabaseNames"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseNames", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_names"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseNames)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseNames)) + } + } + if obj.DatabaseNames != nil { + t := o.ElemType + if len(obj.DatabaseNames) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseNames)) + } + for k, a := range obj.DatabaseNames { + v, ok := tf.Attrs["db_names"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.DatabaseNames", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseNames", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabaseNames) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_names"] = c + } + } + } + { + a, ok := tf.AttrTypes["db_users"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabaseUsers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseUsers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_users"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseUsers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseUsers)) + } + } + if obj.DatabaseUsers != nil { + t := o.ElemType + if len(obj.DatabaseUsers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseUsers)) + } + for k, a := range obj.DatabaseUsers { + v, ok := tf.Attrs["db_users"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.DatabaseUsers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseUsers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabaseUsers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_users"] = c + } + } + } + { + a, ok := tf.AttrTypes["impersonate"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Impersonate"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["impersonate"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Impersonate == nil { + v.Null = true + } else { + obj := obj.Impersonate + tf := &v + { + a, ok := tf.AttrTypes["users"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Impersonate.Users"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Users", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["users"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Users)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Users)) + } + } + if obj.Users != nil { + t := o.ElemType + if len(obj.Users) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Users)) + } + for k, a := range obj.Users { + v, ok := tf.Attrs["users"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Impersonate.Users", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Users", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Users) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["users"] = c + } + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Impersonate.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Impersonate.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["where"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.Impersonate.Where"}) + } else { + v, ok := tf.Attrs["where"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.Impersonate.Where", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.Impersonate.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Where) == "" + } + v.Value = string(obj.Where) + v.Unknown = false + tf.Attrs["where"] = v + } + } + } + v.Unknown = false + tf.Attrs["impersonate"] = v + } + } + } + { + a, ok := tf.AttrTypes["review_requests"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ReviewRequests"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["review_requests"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.ReviewRequests == nil { + v.Null = true + } else { + obj := obj.ReviewRequests + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.ReviewRequests.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["claims_to_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + } + if obj.ClaimsToRoles != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.ClaimsToRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + for k, a := range obj.ClaimsToRoles { + v, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["claim"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Claim"}) + } else { + v, ok := tf.Attrs["claim"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Claim", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Claim) == "" + } + v.Value = string(obj.Claim) + v.Unknown = false + tf.Attrs["claim"] = v + } + } + { + t, ok := tf.AttrTypes["value"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Value"}) + } else { + v, ok := tf.Attrs["value"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Value", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Value) == "" + } + v.Value = string(obj.Value) + v.Unknown = false + tf.Attrs["value"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ClaimsToRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["claims_to_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["where"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.Where"}) + } else { + v, ok := tf.Attrs["where"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.ReviewRequests.Where", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Where) == "" + } + v.Value = string(obj.Where) + v.Unknown = false + tf.Attrs["where"] = v + } + } + { + a, ok := tf.AttrTypes["preview_as_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ReviewRequests.PreviewAsRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.PreviewAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["preview_as_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PreviewAsRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PreviewAsRoles)) + } + } + if obj.PreviewAsRoles != nil { + t := o.ElemType + if len(obj.PreviewAsRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PreviewAsRoles)) + } + for k, a := range obj.PreviewAsRoles { + v, ok := tf.Attrs["preview_as_roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.ReviewRequests.PreviewAsRoles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ReviewRequests.PreviewAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.PreviewAsRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["preview_as_roles"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["review_requests"] = v + } + } + } + { + a, ok := tf.AttrTypes["aws_role_arns"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.AWSRoleARNs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.AWSRoleARNs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["aws_role_arns"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRoleARNs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRoleARNs)) + } + } + if obj.AWSRoleARNs != nil { + t := o.ElemType + if len(obj.AWSRoleARNs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRoleARNs)) + } + for k, a := range obj.AWSRoleARNs { + v, ok := tf.Attrs["aws_role_arns"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.AWSRoleARNs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.AWSRoleARNs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AWSRoleARNs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["aws_role_arns"] = c + } + } + } + { + a, ok := tf.AttrTypes["windows_desktop_logins"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.WindowsDesktopLogins"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.WindowsDesktopLogins", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["windows_desktop_logins"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.WindowsDesktopLogins)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.WindowsDesktopLogins)) + } + } + if obj.WindowsDesktopLogins != nil { + t := o.ElemType + if len(obj.WindowsDesktopLogins) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.WindowsDesktopLogins)) + } + for k, a := range obj.WindowsDesktopLogins { + v, ok := tf.Attrs["windows_desktop_logins"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.WindowsDesktopLogins", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.WindowsDesktopLogins", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.WindowsDesktopLogins) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["windows_desktop_logins"] = c + } + } + } + { + t, ok := tf.AttrTypes["windows_desktop_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.WindowsDesktopLabels"}) + } else { + v := CopyToLabels(diags, obj.WindowsDesktopLabels, t, tf.Attrs["windows_desktop_labels"]) + tf.Attrs["windows_desktop_labels"] = v + } + } + { + a, ok := tf.AttrTypes["require_session_join"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["require_session_join"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RequireSessionJoin)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RequireSessionJoin)) + } + } + if obj.RequireSessionJoin != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.RequireSessionJoin) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RequireSessionJoin)) + } + for k, a := range obj.RequireSessionJoin { + v, ok := tf.Attrs["require_session_join"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.RequireSessionJoin.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["filter"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Filter"}) + } else { + v, ok := tf.Attrs["filter"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.RequireSessionJoin.Filter", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Filter", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Filter) == "" + } + v.Value = string(obj.Filter) + v.Unknown = false + tf.Attrs["filter"] = v + } + } + { + a, ok := tf.AttrTypes["kinds"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Kinds"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kinds"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)) + } + } + if obj.Kinds != nil { + t := o.ElemType + if len(obj.Kinds) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)) + } + for k, a := range obj.Kinds { + v, ok := tf.Attrs["kinds"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.RequireSessionJoin.Kinds", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Kinds) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kinds"] = c + } + } + } + { + t, ok := tf.AttrTypes["count"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Count"}) + } else { + v, ok := tf.Attrs["count"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.RequireSessionJoin.Count", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Count", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Count) == 0 + } + v.Value = int64(obj.Count) + v.Unknown = false + tf.Attrs["count"] = v + } + } + { + a, ok := tf.AttrTypes["modes"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Modes"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Modes", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["modes"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)) + } + } + if obj.Modes != nil { + t := o.ElemType + if len(obj.Modes) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)) + } + for k, a := range obj.Modes { + v, ok := tf.Attrs["modes"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.RequireSessionJoin.Modes", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.Modes", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Modes) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["modes"] = c + } + } + } + { + t, ok := tf.AttrTypes["on_leave"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.RequireSessionJoin.OnLeave"}) + } else { + v, ok := tf.Attrs["on_leave"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.RequireSessionJoin.OnLeave", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.RequireSessionJoin.OnLeave", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.OnLeave) == "" + } + v.Value = string(obj.OnLeave) + v.Unknown = false + tf.Attrs["on_leave"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.RequireSessionJoin) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["require_session_join"] = c + } + } + } + { + a, ok := tf.AttrTypes["join_sessions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.JoinSessions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["join_sessions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.JoinSessions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.JoinSessions)) + } + } + if obj.JoinSessions != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.JoinSessions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.JoinSessions)) + } + for k, a := range obj.JoinSessions { + v, ok := tf.Attrs["join_sessions"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.JoinSessions.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.JoinSessions.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.JoinSessions.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.JoinSessions.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["kinds"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.JoinSessions.Kinds"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kinds"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)) + } + } + if obj.Kinds != nil { + t := o.ElemType + if len(obj.Kinds) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)) + } + for k, a := range obj.Kinds { + v, ok := tf.Attrs["kinds"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.JoinSessions.Kinds", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Kinds) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kinds"] = c + } + } + } + { + a, ok := tf.AttrTypes["modes"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.JoinSessions.Modes"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Modes", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["modes"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)) + } + } + if obj.Modes != nil { + t := o.ElemType + if len(obj.Modes) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)) + } + for k, a := range obj.Modes { + v, ok := tf.Attrs["modes"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.JoinSessions.Modes", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.JoinSessions.Modes", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Modes) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["modes"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.JoinSessions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["join_sessions"] = c + } + } + } + { + a, ok := tf.AttrTypes["host_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.HostGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.HostGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["host_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostGroups)) + } + } + if obj.HostGroups != nil { + t := o.ElemType + if len(obj.HostGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostGroups)) + } + for k, a := range obj.HostGroups { + v, ok := tf.Attrs["host_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.HostGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.HostGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.HostGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["host_groups"] = c + } + } + } + { + a, ok := tf.AttrTypes["host_sudoers"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.HostSudoers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.HostSudoers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["host_sudoers"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostSudoers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostSudoers)) + } + } + if obj.HostSudoers != nil { + t := o.ElemType + if len(obj.HostSudoers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostSudoers)) + } + for k, a := range obj.HostSudoers { + v, ok := tf.Attrs["host_sudoers"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.HostSudoers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.HostSudoers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.HostSudoers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["host_sudoers"] = c + } + } + } + { + a, ok := tf.AttrTypes["azure_identities"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.AzureIdentities"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.AzureIdentities", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["azure_identities"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AzureIdentities)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AzureIdentities)) + } + } + if obj.AzureIdentities != nil { + t := o.ElemType + if len(obj.AzureIdentities) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AzureIdentities)) + } + for k, a := range obj.AzureIdentities { + v, ok := tf.Attrs["azure_identities"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.AzureIdentities", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.AzureIdentities", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AzureIdentities) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["azure_identities"] = c + } + } + } + { + a, ok := tf.AttrTypes["kubernetes_resources"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubernetesResources"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kubernetes_resources"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubernetesResources)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubernetesResources)) + } + } + if obj.KubernetesResources != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.KubernetesResources) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubernetesResources)) + } + for k, a := range obj.KubernetesResources { + v, ok := tf.Attrs["kubernetes_resources"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubernetesResources.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.KubernetesResources.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubernetesResources.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.KubernetesResources.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubernetesResources.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.KubernetesResources.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + a, ok := tf.AttrTypes["verbs"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubernetesResources.Verbs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["verbs"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)) + } + } + if obj.Verbs != nil { + t := o.ElemType + if len(obj.Verbs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)) + } + for k, a := range obj.Verbs { + v, ok := tf.Attrs["verbs"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.KubernetesResources.Verbs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesResources.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Verbs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["verbs"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.KubernetesResources) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kubernetes_resources"] = c + } + } + } + { + a, ok := tf.AttrTypes["gcp_service_accounts"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.GCPServiceAccounts"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.GCPServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["gcp_service_accounts"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GCPServiceAccounts)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GCPServiceAccounts)) + } + } + if obj.GCPServiceAccounts != nil { + t := o.ElemType + if len(obj.GCPServiceAccounts) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GCPServiceAccounts)) + } + for k, a := range obj.GCPServiceAccounts { + v, ok := tf.Attrs["gcp_service_accounts"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.GCPServiceAccounts", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.GCPServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.GCPServiceAccounts) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["gcp_service_accounts"] = c + } + } + } + { + t, ok := tf.AttrTypes["db_service_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabaseServiceLabels"}) + } else { + v := CopyToLabels(diags, obj.DatabaseServiceLabels, t, tf.Attrs["db_service_labels"]) + tf.Attrs["db_service_labels"] = v + } + } + { + t, ok := tf.AttrTypes["group_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.GroupLabels"}) + } else { + v := CopyToLabels(diags, obj.GroupLabels, t, tf.Attrs["group_labels"]) + tf.Attrs["group_labels"] = v + } + } + { + a, ok := tf.AttrTypes["desktop_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DesktopGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DesktopGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["desktop_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DesktopGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DesktopGroups)) + } + } + if obj.DesktopGroups != nil { + t := o.ElemType + if len(obj.DesktopGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DesktopGroups)) + } + for k, a := range obj.DesktopGroups { + v, ok := tf.Attrs["desktop_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.DesktopGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DesktopGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DesktopGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["desktop_groups"] = c + } + } + } + { + a, ok := tf.AttrTypes["db_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabaseRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseRoles)) + } + } + if obj.DatabaseRoles != nil { + t := o.ElemType + if len(obj.DatabaseRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseRoles)) + } + for k, a := range obj.DatabaseRoles { + v, ok := tf.Attrs["db_roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.DatabaseRoles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseRoles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabaseRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["node_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.NodeLabelsExpression"}) + } else { + v, ok := tf.Attrs["node_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.NodeLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.NodeLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.NodeLabelsExpression) == "" + } + v.Value = string(obj.NodeLabelsExpression) + v.Unknown = false + tf.Attrs["node_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["app_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.AppLabelsExpression"}) + } else { + v, ok := tf.Attrs["app_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.AppLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.AppLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AppLabelsExpression) == "" + } + v.Value = string(obj.AppLabelsExpression) + v.Unknown = false + tf.Attrs["app_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["cluster_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.ClusterLabelsExpression"}) + } else { + v, ok := tf.Attrs["cluster_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.ClusterLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.ClusterLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClusterLabelsExpression) == "" + } + v.Value = string(obj.ClusterLabelsExpression) + v.Unknown = false + tf.Attrs["cluster_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["kubernetes_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.KubernetesLabelsExpression"}) + } else { + v, ok := tf.Attrs["kubernetes_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.KubernetesLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.KubernetesLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.KubernetesLabelsExpression) == "" + } + v.Value = string(obj.KubernetesLabelsExpression) + v.Unknown = false + tf.Attrs["kubernetes_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["db_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabaseLabelsExpression"}) + } else { + v, ok := tf.Attrs["db_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.DatabaseLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DatabaseLabelsExpression) == "" + } + v.Value = string(obj.DatabaseLabelsExpression) + v.Unknown = false + tf.Attrs["db_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["db_service_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabaseServiceLabelsExpression"}) + } else { + v, ok := tf.Attrs["db_service_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.DatabaseServiceLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabaseServiceLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DatabaseServiceLabelsExpression) == "" + } + v.Value = string(obj.DatabaseServiceLabelsExpression) + v.Unknown = false + tf.Attrs["db_service_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["windows_desktop_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.WindowsDesktopLabelsExpression"}) + } else { + v, ok := tf.Attrs["windows_desktop_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.WindowsDesktopLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.WindowsDesktopLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.WindowsDesktopLabelsExpression) == "" + } + v.Value = string(obj.WindowsDesktopLabelsExpression) + v.Unknown = false + tf.Attrs["windows_desktop_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["group_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.GroupLabelsExpression"}) + } else { + v, ok := tf.Attrs["group_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.GroupLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.GroupLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.GroupLabelsExpression) == "" + } + v.Value = string(obj.GroupLabelsExpression) + v.Unknown = false + tf.Attrs["group_labels_expression"] = v + } + } + { + a, ok := tf.AttrTypes["db_permissions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_permissions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)) + } + } + if obj.DatabasePermissions != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.DatabasePermissions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)) + } + for k, a := range obj.DatabasePermissions { + v, ok := tf.Attrs["db_permissions"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["permissions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["permissions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)) + } + } + if obj.Permissions != nil { + t := o.ElemType + if len(obj.Permissions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)) + } + for k, a := range obj.Permissions { + v, ok := tf.Attrs["permissions"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Permissions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["permissions"] = c + } + } + } + { + t, ok := tf.AttrTypes["match"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.DatabasePermissions.Match"}) + } else { + v := CopyToLabels(diags, obj.Match, t, tf.Attrs["match"]) + tf.Attrs["match"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabasePermissions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_permissions"] = c + } + } + } + { + a, ok := tf.AttrTypes["spiffe"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.SPIFFE"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["spiffe"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)) + } + } + if obj.SPIFFE != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.SPIFFE) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)) + } + for k, a := range obj.SPIFFE { + v, ok := tf.Attrs["spiffe"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["path"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.SPIFFE.Path"}) + } else { + v, ok := tf.Attrs["path"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.SPIFFE.Path", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.Path", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Path) == "" + } + v.Value = string(obj.Path) + v.Unknown = false + tf.Attrs["path"] = v + } + } + { + a, ok := tf.AttrTypes["dns_sans"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["dns_sans"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)) + } + } + if obj.DNSSANs != nil { + t := o.ElemType + if len(obj.DNSSANs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)) + } + for k, a := range obj.DNSSANs { + v, ok := tf.Attrs["dns_sans"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DNSSANs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["dns_sans"] = c + } + } + } + { + a, ok := tf.AttrTypes["ip_sans"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["ip_sans"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)) + } + } + if obj.IPSANs != nil { + t := o.ElemType + if len(obj.IPSANs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)) + } + for k, a := range obj.IPSANs { + v, ok := tf.Attrs["ip_sans"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Allow.SPIFFE.IPSANs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Allow.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.IPSANs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["ip_sans"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SPIFFE) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["spiffe"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["allow"] = v + } + } + } + { + a, ok := tf.AttrTypes["deny"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["deny"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Deny + tf := &v + { + a, ok := tf.AttrTypes["logins"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Logins"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Logins", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["logins"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)) + } + } + if obj.Logins != nil { + t := o.ElemType + if len(obj.Logins) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)) + } + for k, a := range obj.Logins { + v, ok := tf.Attrs["logins"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Logins", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Logins", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Logins) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["logins"] = c + } + } + } + { + t, ok := tf.AttrTypes["node_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.NodeLabels"}) + } else { + v := CopyToLabels(diags, obj.NodeLabels, t, tf.Attrs["node_labels"]) + tf.Attrs["node_labels"] = v + } + } + { + a, ok := tf.AttrTypes["rules"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Rules"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Rules", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["rules"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Rules)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Rules)) + } + } + if obj.Rules != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Rules) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Rules)) + } + for k, a := range obj.Rules { + v, ok := tf.Attrs["rules"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["resources"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Rules.Resources"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Resources", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["resources"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Resources)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Resources)) + } + } + if obj.Resources != nil { + t := o.ElemType + if len(obj.Resources) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Resources)) + } + for k, a := range obj.Resources { + v, ok := tf.Attrs["resources"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Rules.Resources", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Resources", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Resources) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["resources"] = c + } + } + } + { + a, ok := tf.AttrTypes["verbs"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Rules.Verbs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["verbs"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)) + } + } + if obj.Verbs != nil { + t := o.ElemType + if len(obj.Verbs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)) + } + for k, a := range obj.Verbs { + v, ok := tf.Attrs["verbs"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Rules.Verbs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Verbs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["verbs"] = c + } + } + } + { + t, ok := tf.AttrTypes["where"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Rules.Where"}) + } else { + v, ok := tf.Attrs["where"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Rules.Where", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Where) == "" + } + v.Value = string(obj.Where) + v.Unknown = false + tf.Attrs["where"] = v + } + } + { + a, ok := tf.AttrTypes["actions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Rules.Actions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Actions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["actions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Actions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Actions)) + } + } + if obj.Actions != nil { + t := o.ElemType + if len(obj.Actions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Actions)) + } + for k, a := range obj.Actions { + v, ok := tf.Attrs["actions"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Rules.Actions", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Rules.Actions", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Actions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["actions"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Rules) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["rules"] = c + } + } + } + { + a, ok := tf.AttrTypes["kubernetes_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubeGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kubernetes_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)) + } + } + if obj.KubeGroups != nil { + t := o.ElemType + if len(obj.KubeGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)) + } + for k, a := range obj.KubeGroups { + v, ok := tf.Attrs["kubernetes_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.KubeGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.KubeGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kubernetes_groups"] = c + } + } + } + { + a, ok := tf.AttrTypes["request"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["request"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Request == nil { + v.Null = true + } else { + obj := obj.Request + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["claims_to_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + } + if obj.ClaimsToRoles != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.ClaimsToRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + for k, a := range obj.ClaimsToRoles { + v, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["claim"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Claim"}) + } else { + v, ok := tf.Attrs["claim"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Claim", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Claim) == "" + } + v.Value = string(obj.Claim) + v.Unknown = false + tf.Attrs["claim"] = v + } + } + { + t, ok := tf.AttrTypes["value"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Value"}) + } else { + v, ok := tf.Attrs["value"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Value", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Value) == "" + } + v.Value = string(obj.Value) + v.Unknown = false + tf.Attrs["value"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ClaimsToRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["claims_to_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["annotations"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.Annotations"}) + } else { + v := CopyToTraits(diags, obj.Annotations, t, tf.Attrs["annotations"]) + tf.Attrs["annotations"] = v + } + } + { + a, ok := tf.AttrTypes["thresholds"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["thresholds"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Thresholds)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Thresholds)) + } + } + if obj.Thresholds != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Thresholds) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Thresholds)) + } + for k, a := range obj.Thresholds { + v, ok := tf.Attrs["thresholds"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.Thresholds.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["filter"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds.Filter"}) + } else { + v, ok := tf.Attrs["filter"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.Thresholds.Filter", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds.Filter", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Filter) == "" + } + v.Value = string(obj.Filter) + v.Unknown = false + tf.Attrs["filter"] = v + } + } + { + t, ok := tf.AttrTypes["approve"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds.Approve"}) + } else { + v, ok := tf.Attrs["approve"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.Thresholds.Approve", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds.Approve", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Approve) == 0 + } + v.Value = int64(obj.Approve) + v.Unknown = false + tf.Attrs["approve"] = v + } + } + { + t, ok := tf.AttrTypes["deny"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.Thresholds.Deny"}) + } else { + v, ok := tf.Attrs["deny"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.Thresholds.Deny", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.Thresholds.Deny", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Deny) == 0 + } + v.Value = int64(obj.Deny) + v.Unknown = false + tf.Attrs["deny"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Thresholds) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["thresholds"] = c + } + } + } + { + a, ok := tf.AttrTypes["suggested_reviewers"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.SuggestedReviewers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.SuggestedReviewers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["suggested_reviewers"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SuggestedReviewers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SuggestedReviewers)) + } + } + if obj.SuggestedReviewers != nil { + t := o.ElemType + if len(obj.SuggestedReviewers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SuggestedReviewers)) + } + for k, a := range obj.SuggestedReviewers { + v, ok := tf.Attrs["suggested_reviewers"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.SuggestedReviewers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.SuggestedReviewers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SuggestedReviewers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["suggested_reviewers"] = c + } + } + } + { + a, ok := tf.AttrTypes["search_as_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.SearchAsRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.SearchAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["search_as_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SearchAsRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SearchAsRoles)) + } + } + if obj.SearchAsRoles != nil { + t := o.ElemType + if len(obj.SearchAsRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SearchAsRoles)) + } + for k, a := range obj.SearchAsRoles { + v, ok := tf.Attrs["search_as_roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.SearchAsRoles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.SearchAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SearchAsRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["search_as_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["max_duration"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Request.MaxDuration"}) + } else { + v, ok := tf.Attrs["max_duration"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Request.MaxDuration", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Request.MaxDuration", "DurationValue"}) + } + v.Null = false + } + v.Value = time.Duration(obj.MaxDuration) + v.Unknown = false + tf.Attrs["max_duration"] = v + } + } + } + v.Unknown = false + tf.Attrs["request"] = v + } + } + } + { + a, ok := tf.AttrTypes["kubernetes_users"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubeUsers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kubernetes_users"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)) + } + } + if obj.KubeUsers != nil { + t := o.ElemType + if len(obj.KubeUsers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)) + } + for k, a := range obj.KubeUsers { + v, ok := tf.Attrs["kubernetes_users"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.KubeUsers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.KubeUsers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kubernetes_users"] = c + } + } + } + { + t, ok := tf.AttrTypes["app_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.AppLabels"}) + } else { + v := CopyToLabels(diags, obj.AppLabels, t, tf.Attrs["app_labels"]) + tf.Attrs["app_labels"] = v + } + } + { + t, ok := tf.AttrTypes["cluster_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ClusterLabels"}) + } else { + v := CopyToLabels(diags, obj.ClusterLabels, t, tf.Attrs["cluster_labels"]) + tf.Attrs["cluster_labels"] = v + } + } + { + t, ok := tf.AttrTypes["kubernetes_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubernetesLabels"}) + } else { + v := CopyToLabels(diags, obj.KubernetesLabels, t, tf.Attrs["kubernetes_labels"]) + tf.Attrs["kubernetes_labels"] = v + } + } + { + t, ok := tf.AttrTypes["db_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabaseLabels"}) + } else { + v := CopyToLabels(diags, obj.DatabaseLabels, t, tf.Attrs["db_labels"]) + tf.Attrs["db_labels"] = v + } + } + { + a, ok := tf.AttrTypes["db_names"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabaseNames"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseNames", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_names"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseNames)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseNames)) + } + } + if obj.DatabaseNames != nil { + t := o.ElemType + if len(obj.DatabaseNames) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseNames)) + } + for k, a := range obj.DatabaseNames { + v, ok := tf.Attrs["db_names"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.DatabaseNames", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseNames", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabaseNames) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_names"] = c + } + } + } + { + a, ok := tf.AttrTypes["db_users"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabaseUsers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseUsers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_users"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseUsers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseUsers)) + } + } + if obj.DatabaseUsers != nil { + t := o.ElemType + if len(obj.DatabaseUsers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseUsers)) + } + for k, a := range obj.DatabaseUsers { + v, ok := tf.Attrs["db_users"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.DatabaseUsers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseUsers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabaseUsers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_users"] = c + } + } + } + { + a, ok := tf.AttrTypes["impersonate"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Impersonate"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["impersonate"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.Impersonate == nil { + v.Null = true + } else { + obj := obj.Impersonate + tf := &v + { + a, ok := tf.AttrTypes["users"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Impersonate.Users"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Users", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["users"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Users)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Users)) + } + } + if obj.Users != nil { + t := o.ElemType + if len(obj.Users) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Users)) + } + for k, a := range obj.Users { + v, ok := tf.Attrs["users"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Impersonate.Users", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Users", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Users) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["users"] = c + } + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Impersonate.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Impersonate.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["where"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.Impersonate.Where"}) + } else { + v, ok := tf.Attrs["where"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.Impersonate.Where", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.Impersonate.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Where) == "" + } + v.Value = string(obj.Where) + v.Unknown = false + tf.Attrs["where"] = v + } + } + } + v.Unknown = false + tf.Attrs["impersonate"] = v + } + } + } + { + a, ok := tf.AttrTypes["review_requests"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ReviewRequests"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["review_requests"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.ReviewRequests == nil { + v.Null = true + } else { + obj := obj.ReviewRequests + tf := &v + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.ReviewRequests.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["claims_to_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + } + if obj.ClaimsToRoles != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.ClaimsToRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + for k, a := range obj.ClaimsToRoles { + v, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["claim"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Claim"}) + } else { + v, ok := tf.Attrs["claim"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Claim", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Claim) == "" + } + v.Value = string(obj.Claim) + v.Unknown = false + tf.Attrs["claim"] = v + } + } + { + t, ok := tf.AttrTypes["value"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Value"}) + } else { + v, ok := tf.Attrs["value"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Value", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Value) == "" + } + v.Value = string(obj.Value) + v.Unknown = false + tf.Attrs["value"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ClaimsToRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["claims_to_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["where"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.Where"}) + } else { + v, ok := tf.Attrs["where"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.ReviewRequests.Where", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.Where", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Where) == "" + } + v.Value = string(obj.Where) + v.Unknown = false + tf.Attrs["where"] = v + } + } + { + a, ok := tf.AttrTypes["preview_as_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ReviewRequests.PreviewAsRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.PreviewAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["preview_as_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PreviewAsRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PreviewAsRoles)) + } + } + if obj.PreviewAsRoles != nil { + t := o.ElemType + if len(obj.PreviewAsRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.PreviewAsRoles)) + } + for k, a := range obj.PreviewAsRoles { + v, ok := tf.Attrs["preview_as_roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.ReviewRequests.PreviewAsRoles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ReviewRequests.PreviewAsRoles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.PreviewAsRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["preview_as_roles"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["review_requests"] = v + } + } + } + { + a, ok := tf.AttrTypes["aws_role_arns"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.AWSRoleARNs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.AWSRoleARNs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["aws_role_arns"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRoleARNs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRoleARNs)) + } + } + if obj.AWSRoleARNs != nil { + t := o.ElemType + if len(obj.AWSRoleARNs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AWSRoleARNs)) + } + for k, a := range obj.AWSRoleARNs { + v, ok := tf.Attrs["aws_role_arns"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.AWSRoleARNs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.AWSRoleARNs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AWSRoleARNs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["aws_role_arns"] = c + } + } + } + { + a, ok := tf.AttrTypes["windows_desktop_logins"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.WindowsDesktopLogins"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.WindowsDesktopLogins", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["windows_desktop_logins"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.WindowsDesktopLogins)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.WindowsDesktopLogins)) + } + } + if obj.WindowsDesktopLogins != nil { + t := o.ElemType + if len(obj.WindowsDesktopLogins) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.WindowsDesktopLogins)) + } + for k, a := range obj.WindowsDesktopLogins { + v, ok := tf.Attrs["windows_desktop_logins"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.WindowsDesktopLogins", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.WindowsDesktopLogins", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.WindowsDesktopLogins) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["windows_desktop_logins"] = c + } + } + } + { + t, ok := tf.AttrTypes["windows_desktop_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.WindowsDesktopLabels"}) + } else { + v := CopyToLabels(diags, obj.WindowsDesktopLabels, t, tf.Attrs["windows_desktop_labels"]) + tf.Attrs["windows_desktop_labels"] = v + } + } + { + a, ok := tf.AttrTypes["require_session_join"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["require_session_join"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RequireSessionJoin)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RequireSessionJoin)) + } + } + if obj.RequireSessionJoin != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.RequireSessionJoin) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RequireSessionJoin)) + } + for k, a := range obj.RequireSessionJoin { + v, ok := tf.Attrs["require_session_join"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.RequireSessionJoin.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["filter"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Filter"}) + } else { + v, ok := tf.Attrs["filter"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.RequireSessionJoin.Filter", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Filter", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Filter) == "" + } + v.Value = string(obj.Filter) + v.Unknown = false + tf.Attrs["filter"] = v + } + } + { + a, ok := tf.AttrTypes["kinds"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Kinds"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kinds"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)) + } + } + if obj.Kinds != nil { + t := o.ElemType + if len(obj.Kinds) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)) + } + for k, a := range obj.Kinds { + v, ok := tf.Attrs["kinds"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.RequireSessionJoin.Kinds", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Kinds) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kinds"] = c + } + } + } + { + t, ok := tf.AttrTypes["count"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Count"}) + } else { + v, ok := tf.Attrs["count"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.RequireSessionJoin.Count", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Count", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Count) == 0 + } + v.Value = int64(obj.Count) + v.Unknown = false + tf.Attrs["count"] = v + } + } + { + a, ok := tf.AttrTypes["modes"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Modes"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Modes", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["modes"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)) + } + } + if obj.Modes != nil { + t := o.ElemType + if len(obj.Modes) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)) + } + for k, a := range obj.Modes { + v, ok := tf.Attrs["modes"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.RequireSessionJoin.Modes", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.Modes", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Modes) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["modes"] = c + } + } + } + { + t, ok := tf.AttrTypes["on_leave"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.RequireSessionJoin.OnLeave"}) + } else { + v, ok := tf.Attrs["on_leave"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.RequireSessionJoin.OnLeave", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.RequireSessionJoin.OnLeave", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.OnLeave) == "" + } + v.Value = string(obj.OnLeave) + v.Unknown = false + tf.Attrs["on_leave"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.RequireSessionJoin) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["require_session_join"] = c + } + } + } + { + a, ok := tf.AttrTypes["join_sessions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.JoinSessions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["join_sessions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.JoinSessions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.JoinSessions)) + } + } + if obj.JoinSessions != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.JoinSessions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.JoinSessions)) + } + for k, a := range obj.JoinSessions { + v, ok := tf.Attrs["join_sessions"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.JoinSessions.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.JoinSessions.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.JoinSessions.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.JoinSessions.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["kinds"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.JoinSessions.Kinds"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kinds"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)) + } + } + if obj.Kinds != nil { + t := o.ElemType + if len(obj.Kinds) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Kinds)) + } + for k, a := range obj.Kinds { + v, ok := tf.Attrs["kinds"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.JoinSessions.Kinds", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Kinds", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Kinds) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kinds"] = c + } + } + } + { + a, ok := tf.AttrTypes["modes"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.JoinSessions.Modes"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Modes", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["modes"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)) + } + } + if obj.Modes != nil { + t := o.ElemType + if len(obj.Modes) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Modes)) + } + for k, a := range obj.Modes { + v, ok := tf.Attrs["modes"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.JoinSessions.Modes", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.JoinSessions.Modes", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Modes) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["modes"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.JoinSessions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["join_sessions"] = c + } + } + } + { + a, ok := tf.AttrTypes["host_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.HostGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.HostGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["host_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostGroups)) + } + } + if obj.HostGroups != nil { + t := o.ElemType + if len(obj.HostGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostGroups)) + } + for k, a := range obj.HostGroups { + v, ok := tf.Attrs["host_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.HostGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.HostGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.HostGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["host_groups"] = c + } + } + } + { + a, ok := tf.AttrTypes["host_sudoers"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.HostSudoers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.HostSudoers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["host_sudoers"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostSudoers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostSudoers)) + } + } + if obj.HostSudoers != nil { + t := o.ElemType + if len(obj.HostSudoers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.HostSudoers)) + } + for k, a := range obj.HostSudoers { + v, ok := tf.Attrs["host_sudoers"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.HostSudoers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.HostSudoers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.HostSudoers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["host_sudoers"] = c + } + } + } + { + a, ok := tf.AttrTypes["azure_identities"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.AzureIdentities"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.AzureIdentities", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["azure_identities"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AzureIdentities)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AzureIdentities)) + } + } + if obj.AzureIdentities != nil { + t := o.ElemType + if len(obj.AzureIdentities) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AzureIdentities)) + } + for k, a := range obj.AzureIdentities { + v, ok := tf.Attrs["azure_identities"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.AzureIdentities", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.AzureIdentities", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AzureIdentities) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["azure_identities"] = c + } + } + } + { + a, ok := tf.AttrTypes["kubernetes_resources"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubernetesResources"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kubernetes_resources"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubernetesResources)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubernetesResources)) + } + } + if obj.KubernetesResources != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.KubernetesResources) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubernetesResources)) + } + for k, a := range obj.KubernetesResources { + v, ok := tf.Attrs["kubernetes_resources"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubernetesResources.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.KubernetesResources.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubernetesResources.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.KubernetesResources.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubernetesResources.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.KubernetesResources.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + a, ok := tf.AttrTypes["verbs"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubernetesResources.Verbs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["verbs"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)) + } + } + if obj.Verbs != nil { + t := o.ElemType + if len(obj.Verbs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Verbs)) + } + for k, a := range obj.Verbs { + v, ok := tf.Attrs["verbs"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.KubernetesResources.Verbs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesResources.Verbs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Verbs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["verbs"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.KubernetesResources) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kubernetes_resources"] = c + } + } + } + { + a, ok := tf.AttrTypes["gcp_service_accounts"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.GCPServiceAccounts"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.GCPServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["gcp_service_accounts"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GCPServiceAccounts)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GCPServiceAccounts)) + } + } + if obj.GCPServiceAccounts != nil { + t := o.ElemType + if len(obj.GCPServiceAccounts) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GCPServiceAccounts)) + } + for k, a := range obj.GCPServiceAccounts { + v, ok := tf.Attrs["gcp_service_accounts"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.GCPServiceAccounts", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.GCPServiceAccounts", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.GCPServiceAccounts) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["gcp_service_accounts"] = c + } + } + } + { + t, ok := tf.AttrTypes["db_service_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabaseServiceLabels"}) + } else { + v := CopyToLabels(diags, obj.DatabaseServiceLabels, t, tf.Attrs["db_service_labels"]) + tf.Attrs["db_service_labels"] = v + } + } + { + t, ok := tf.AttrTypes["group_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.GroupLabels"}) + } else { + v := CopyToLabels(diags, obj.GroupLabels, t, tf.Attrs["group_labels"]) + tf.Attrs["group_labels"] = v + } + } + { + a, ok := tf.AttrTypes["desktop_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DesktopGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DesktopGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["desktop_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DesktopGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DesktopGroups)) + } + } + if obj.DesktopGroups != nil { + t := o.ElemType + if len(obj.DesktopGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DesktopGroups)) + } + for k, a := range obj.DesktopGroups { + v, ok := tf.Attrs["desktop_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.DesktopGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DesktopGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DesktopGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["desktop_groups"] = c + } + } + } + { + a, ok := tf.AttrTypes["db_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabaseRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseRoles)) + } + } + if obj.DatabaseRoles != nil { + t := o.ElemType + if len(obj.DatabaseRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabaseRoles)) + } + for k, a := range obj.DatabaseRoles { + v, ok := tf.Attrs["db_roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.DatabaseRoles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseRoles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabaseRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["node_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.NodeLabelsExpression"}) + } else { + v, ok := tf.Attrs["node_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.NodeLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.NodeLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.NodeLabelsExpression) == "" + } + v.Value = string(obj.NodeLabelsExpression) + v.Unknown = false + tf.Attrs["node_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["app_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.AppLabelsExpression"}) + } else { + v, ok := tf.Attrs["app_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.AppLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.AppLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AppLabelsExpression) == "" + } + v.Value = string(obj.AppLabelsExpression) + v.Unknown = false + tf.Attrs["app_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["cluster_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.ClusterLabelsExpression"}) + } else { + v, ok := tf.Attrs["cluster_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.ClusterLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.ClusterLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClusterLabelsExpression) == "" + } + v.Value = string(obj.ClusterLabelsExpression) + v.Unknown = false + tf.Attrs["cluster_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["kubernetes_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.KubernetesLabelsExpression"}) + } else { + v, ok := tf.Attrs["kubernetes_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.KubernetesLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.KubernetesLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.KubernetesLabelsExpression) == "" + } + v.Value = string(obj.KubernetesLabelsExpression) + v.Unknown = false + tf.Attrs["kubernetes_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["db_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabaseLabelsExpression"}) + } else { + v, ok := tf.Attrs["db_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.DatabaseLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DatabaseLabelsExpression) == "" + } + v.Value = string(obj.DatabaseLabelsExpression) + v.Unknown = false + tf.Attrs["db_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["db_service_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabaseServiceLabelsExpression"}) + } else { + v, ok := tf.Attrs["db_service_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.DatabaseServiceLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabaseServiceLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.DatabaseServiceLabelsExpression) == "" + } + v.Value = string(obj.DatabaseServiceLabelsExpression) + v.Unknown = false + tf.Attrs["db_service_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["windows_desktop_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.WindowsDesktopLabelsExpression"}) + } else { + v, ok := tf.Attrs["windows_desktop_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.WindowsDesktopLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.WindowsDesktopLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.WindowsDesktopLabelsExpression) == "" + } + v.Value = string(obj.WindowsDesktopLabelsExpression) + v.Unknown = false + tf.Attrs["windows_desktop_labels_expression"] = v + } + } + { + t, ok := tf.AttrTypes["group_labels_expression"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.GroupLabelsExpression"}) + } else { + v, ok := tf.Attrs["group_labels_expression"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.GroupLabelsExpression", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.GroupLabelsExpression", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.GroupLabelsExpression) == "" + } + v.Value = string(obj.GroupLabelsExpression) + v.Unknown = false + tf.Attrs["group_labels_expression"] = v + } + } + { + a, ok := tf.AttrTypes["db_permissions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["db_permissions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)) + } + } + if obj.DatabasePermissions != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.DatabasePermissions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DatabasePermissions)) + } + for k, a := range obj.DatabasePermissions { + v, ok := tf.Attrs["db_permissions"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["permissions"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["permissions"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)) + } + } + if obj.Permissions != nil { + t := o.ElemType + if len(obj.Permissions) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Permissions)) + } + for k, a := range obj.Permissions { + v, ok := tf.Attrs["permissions"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.DatabasePermissions.Permissions", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Permissions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["permissions"] = c + } + } + } + { + t, ok := tf.AttrTypes["match"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.DatabasePermissions.Match"}) + } else { + v := CopyToLabels(diags, obj.Match, t, tf.Attrs["match"]) + tf.Attrs["match"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DatabasePermissions) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["db_permissions"] = c + } + } + } + { + a, ok := tf.AttrTypes["spiffe"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.SPIFFE"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["spiffe"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)) + } + } + if obj.SPIFFE != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.SPIFFE) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SPIFFE)) + } + for k, a := range obj.SPIFFE { + v, ok := tf.Attrs["spiffe"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["path"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.SPIFFE.Path"}) + } else { + v, ok := tf.Attrs["path"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.SPIFFE.Path", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.Path", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Path) == "" + } + v.Value = string(obj.Path) + v.Unknown = false + tf.Attrs["path"] = v + } + } + { + a, ok := tf.AttrTypes["dns_sans"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["dns_sans"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)) + } + } + if obj.DNSSANs != nil { + t := o.ElemType + if len(obj.DNSSANs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.DNSSANs)) + } + for k, a := range obj.DNSSANs { + v, ok := tf.Attrs["dns_sans"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.DNSSANs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.DNSSANs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["dns_sans"] = c + } + } + } + { + a, ok := tf.AttrTypes["ip_sans"] + if !ok { + diags.Append(attrWriteMissingDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["ip_sans"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)) + } + } + if obj.IPSANs != nil { + t := o.ElemType + if len(obj.IPSANs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.IPSANs)) + } + for k, a := range obj.IPSANs { + v, ok := tf.Attrs["ip_sans"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"RoleV6.Spec.Deny.SPIFFE.IPSANs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"RoleV6.Spec.Deny.SPIFFE.IPSANs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.IPSANs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["ip_sans"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SPIFFE) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["spiffe"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["deny"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyUserV2FromTerraform copies contents of the source Terraform object into a target struct +func CopyUserV2FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.UserV2) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.UserSpecV2{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["oidc_identities"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.OIDCIdentities"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.OIDCIdentities", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.OIDCIdentities = make([]github_com_gravitational_teleport_api_types.ExternalIdentity, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.OIDCIdentities", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.ExternalIdentity + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["connector_id"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.OIDCIdentities.ConnectorID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.OIDCIdentities.ConnectorID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ConnectorID = t + } + } + } + { + a, ok := tf.Attrs["username"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.OIDCIdentities.Username"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.OIDCIdentities.Username", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Username = t + } + } + } + } + obj.OIDCIdentities[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["saml_identities"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.SAMLIdentities"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.SAMLIdentities", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.SAMLIdentities = make([]github_com_gravitational_teleport_api_types.ExternalIdentity, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.SAMLIdentities", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.ExternalIdentity + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["connector_id"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.SAMLIdentities.ConnectorID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.SAMLIdentities.ConnectorID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ConnectorID = t + } + } + } + { + a, ok := tf.Attrs["username"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.SAMLIdentities.Username"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.SAMLIdentities.Username", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Username = t + } + } + } + } + obj.SAMLIdentities[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["github_identities"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.GithubIdentities"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.GithubIdentities", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.GithubIdentities = make([]github_com_gravitational_teleport_api_types.ExternalIdentity, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.GithubIdentities", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.ExternalIdentity + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["connector_id"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.GithubIdentities.ConnectorID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.GithubIdentities.ConnectorID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ConnectorID = t + } + } + } + { + a, ok := tf.Attrs["username"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.GithubIdentities.Username"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.GithubIdentities.Username", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Username = t + } + } + } + } + obj.GithubIdentities[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["traits"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.Traits"}) + } + CopyFromTraits(diags, a, &obj.Traits) + } + { + a, ok := tf.Attrs["trusted_device_ids"] + if !ok { + diags.Append(attrReadMissingDiag{"UserV2.Spec.TrustedDeviceIDs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.TrustedDeviceIDs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.TrustedDeviceIDs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"UserV2.Spec.TrustedDeviceIDs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.TrustedDeviceIDs[k] = t + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyUserV2ToTerraform copies contents of the source Terraform object into a target struct +func CopyUserV2ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.UserV2, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + a, ok := tf.AttrTypes["oidc_identities"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.OIDCIdentities"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.OIDCIdentities", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["oidc_identities"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.OIDCIdentities)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.OIDCIdentities)) + } + } + if obj.OIDCIdentities != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.OIDCIdentities) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.OIDCIdentities)) + } + for k, a := range obj.OIDCIdentities { + v, ok := tf.Attrs["oidc_identities"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["connector_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.OIDCIdentities.ConnectorID"}) + } else { + v, ok := tf.Attrs["connector_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Spec.OIDCIdentities.ConnectorID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.OIDCIdentities.ConnectorID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ConnectorID) == "" + } + v.Value = string(obj.ConnectorID) + v.Unknown = false + tf.Attrs["connector_id"] = v + } + } + { + t, ok := tf.AttrTypes["username"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.OIDCIdentities.Username"}) + } else { + v, ok := tf.Attrs["username"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Spec.OIDCIdentities.Username", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.OIDCIdentities.Username", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Username) == "" + } + v.Value = string(obj.Username) + v.Unknown = false + tf.Attrs["username"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.OIDCIdentities) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["oidc_identities"] = c + } + } + } + { + a, ok := tf.AttrTypes["saml_identities"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.SAMLIdentities"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.SAMLIdentities", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["saml_identities"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SAMLIdentities)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SAMLIdentities)) + } + } + if obj.SAMLIdentities != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.SAMLIdentities) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.SAMLIdentities)) + } + for k, a := range obj.SAMLIdentities { + v, ok := tf.Attrs["saml_identities"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["connector_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.SAMLIdentities.ConnectorID"}) + } else { + v, ok := tf.Attrs["connector_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Spec.SAMLIdentities.ConnectorID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.SAMLIdentities.ConnectorID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ConnectorID) == "" + } + v.Value = string(obj.ConnectorID) + v.Unknown = false + tf.Attrs["connector_id"] = v + } + } + { + t, ok := tf.AttrTypes["username"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.SAMLIdentities.Username"}) + } else { + v, ok := tf.Attrs["username"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Spec.SAMLIdentities.Username", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.SAMLIdentities.Username", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Username) == "" + } + v.Value = string(obj.Username) + v.Unknown = false + tf.Attrs["username"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.SAMLIdentities) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["saml_identities"] = c + } + } + } + { + a, ok := tf.AttrTypes["github_identities"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.GithubIdentities"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.GithubIdentities", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["github_identities"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GithubIdentities)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GithubIdentities)) + } + } + if obj.GithubIdentities != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.GithubIdentities) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GithubIdentities)) + } + for k, a := range obj.GithubIdentities { + v, ok := tf.Attrs["github_identities"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["connector_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.GithubIdentities.ConnectorID"}) + } else { + v, ok := tf.Attrs["connector_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Spec.GithubIdentities.ConnectorID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.GithubIdentities.ConnectorID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ConnectorID) == "" + } + v.Value = string(obj.ConnectorID) + v.Unknown = false + tf.Attrs["connector_id"] = v + } + } + { + t, ok := tf.AttrTypes["username"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.GithubIdentities.Username"}) + } else { + v, ok := tf.Attrs["username"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Spec.GithubIdentities.Username", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.GithubIdentities.Username", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Username) == "" + } + v.Value = string(obj.Username) + v.Unknown = false + tf.Attrs["username"] = v + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.GithubIdentities) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["github_identities"] = c + } + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Spec.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["traits"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.Traits"}) + } else { + v := CopyToTraits(diags, obj.Traits, t, tf.Attrs["traits"]) + tf.Attrs["traits"] = v + } + } + { + a, ok := tf.AttrTypes["trusted_device_ids"] + if !ok { + diags.Append(attrWriteMissingDiag{"UserV2.Spec.TrustedDeviceIDs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.TrustedDeviceIDs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["trusted_device_ids"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TrustedDeviceIDs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TrustedDeviceIDs)) + } + } + if obj.TrustedDeviceIDs != nil { + t := o.ElemType + if len(obj.TrustedDeviceIDs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TrustedDeviceIDs)) + } + for k, a := range obj.TrustedDeviceIDs { + v, ok := tf.Attrs["trusted_device_ids"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"UserV2.Spec.TrustedDeviceIDs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"UserV2.Spec.TrustedDeviceIDs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.TrustedDeviceIDs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["trusted_device_ids"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyOIDCConnectorV3FromTerraform copies contents of the source Terraform object into a target struct +func CopyOIDCConnectorV3FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.OIDCConnectorV3) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.OIDCConnectorSpecV3{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["issuer_url"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.IssuerURL"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.IssuerURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.IssuerURL = t + } + } + } + { + a, ok := tf.Attrs["client_id"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.ClientID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ClientID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClientID = t + } + } + } + { + a, ok := tf.Attrs["client_secret"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.ClientSecret"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ClientSecret", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClientSecret = t + } + } + } + { + a, ok := tf.Attrs["acr_values"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.ACR"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ACR", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ACR = t + } + } + } + { + a, ok := tf.Attrs["provider"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.Provider"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.Provider", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Provider = t + } + } + } + { + a, ok := tf.Attrs["display"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.Display"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.Display", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Display = t + } + } + } + { + a, ok := tf.Attrs["scope"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.Scope"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.Scope", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Scope = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.Scope", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Scope[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["prompt"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.Prompt"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.Prompt", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Prompt = t + } + } + } + { + a, ok := tf.Attrs["claims_to_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.ClaimsToRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.ClaimsToRoles = make([]github_com_gravitational_teleport_api_types.ClaimMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.ClaimMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["claim"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Claim"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Claim = t + } + } + } + { + a, ok := tf.Attrs["value"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Value"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Value = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + } + obj.ClaimsToRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["google_service_account_uri"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.GoogleServiceAccountURI"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.GoogleServiceAccountURI", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GoogleServiceAccountURI = t + } + } + } + { + a, ok := tf.Attrs["google_service_account"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.GoogleServiceAccount"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.GoogleServiceAccount", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GoogleServiceAccount = t + } + } + } + { + a, ok := tf.Attrs["google_admin_email"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.GoogleAdminEmail"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.GoogleAdminEmail", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GoogleAdminEmail = t + } + } + } + { + a, ok := tf.Attrs["redirect_url"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.RedirectURLs"}) + } + CopyFromStrings(diags, a, &obj.RedirectURLs) + } + { + a, ok := tf.Attrs["allow_unverified_email"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.AllowUnverifiedEmail"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.AllowUnverifiedEmail", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.AllowUnverifiedEmail = t + } + } + } + { + a, ok := tf.Attrs["username_claim"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorV3.Spec.UsernameClaim"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorV3.Spec.UsernameClaim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.UsernameClaim = t + } + } + } + { + a, ok := tf.Attrs["max_age"] + if !ok { + diags.Append(attrReadMissingDiag{"OIDCConnectorSpecV3.Value"}) + } else { + v, ok := a.(DurationValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OIDCConnectorSpecV3.Value", "DurationValue"}) + } else { + var t github_com_gravitational_teleport_api_types.Duration + if !v.Null && !v.Unknown { + t = github_com_gravitational_teleport_api_types.Duration(v.Value) + } + if !v.Null && !v.Unknown { + if obj.MaxAge == nil { + obj.MaxAge = &github_com_gravitational_teleport_api_types.MaxAge{} + } + obj.Value = t + } + } + } + } + } + } + } + } + return diags +} + +// CopyOIDCConnectorV3ToTerraform copies contents of the source Terraform object into a target struct +func CopyOIDCConnectorV3ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.OIDCConnectorV3, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["issuer_url"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.IssuerURL"}) + } else { + v, ok := tf.Attrs["issuer_url"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.IssuerURL", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.IssuerURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.IssuerURL) == "" + } + v.Value = string(obj.IssuerURL) + v.Unknown = false + tf.Attrs["issuer_url"] = v + } + } + { + t, ok := tf.AttrTypes["client_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.ClientID"}) + } else { + v, ok := tf.Attrs["client_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.ClientID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.ClientID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClientID) == "" + } + v.Value = string(obj.ClientID) + v.Unknown = false + tf.Attrs["client_id"] = v + } + } + { + t, ok := tf.AttrTypes["client_secret"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.ClientSecret"}) + } else { + v, ok := tf.Attrs["client_secret"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.ClientSecret", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.ClientSecret", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClientSecret) == "" + } + v.Value = string(obj.ClientSecret) + v.Unknown = false + tf.Attrs["client_secret"] = v + } + } + { + t, ok := tf.AttrTypes["acr_values"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.ACR"}) + } else { + v, ok := tf.Attrs["acr_values"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.ACR", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.ACR", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ACR) == "" + } + v.Value = string(obj.ACR) + v.Unknown = false + tf.Attrs["acr_values"] = v + } + } + { + t, ok := tf.AttrTypes["provider"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.Provider"}) + } else { + v, ok := tf.Attrs["provider"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.Provider", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.Provider", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Provider) == "" + } + v.Value = string(obj.Provider) + v.Unknown = false + tf.Attrs["provider"] = v + } + } + { + t, ok := tf.AttrTypes["display"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.Display"}) + } else { + v, ok := tf.Attrs["display"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.Display", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.Display", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Display) == "" + } + v.Value = string(obj.Display) + v.Unknown = false + tf.Attrs["display"] = v + } + } + { + a, ok := tf.AttrTypes["scope"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.Scope"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.Scope", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["scope"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Scope)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Scope)) + } + } + if obj.Scope != nil { + t := o.ElemType + if len(obj.Scope) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Scope)) + } + for k, a := range obj.Scope { + v, ok := tf.Attrs["scope"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.Scope", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.Scope", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Scope) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["scope"] = c + } + } + } + { + t, ok := tf.AttrTypes["prompt"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.Prompt"}) + } else { + v, ok := tf.Attrs["prompt"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.Prompt", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.Prompt", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Prompt) == "" + } + v.Value = string(obj.Prompt) + v.Unknown = false + tf.Attrs["prompt"] = v + } + } + { + a, ok := tf.AttrTypes["claims_to_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.ClaimsToRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + } + if obj.ClaimsToRoles != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.ClaimsToRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.ClaimsToRoles)) + } + for k, a := range obj.ClaimsToRoles { + v, ok := tf.Attrs["claims_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["claim"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Claim"}) + } else { + v, ok := tf.Attrs["claim"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.ClaimsToRoles.Claim", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Claim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Claim) == "" + } + v.Value = string(obj.Claim) + v.Unknown = false + tf.Attrs["claim"] = v + } + } + { + t, ok := tf.AttrTypes["value"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Value"}) + } else { + v, ok := tf.Attrs["value"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.ClaimsToRoles.Value", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Value) == "" + } + v.Value = string(obj.Value) + v.Unknown = false + tf.Attrs["value"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.ClaimsToRoles.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.ClaimsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.ClaimsToRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["claims_to_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["google_service_account_uri"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.GoogleServiceAccountURI"}) + } else { + v, ok := tf.Attrs["google_service_account_uri"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.GoogleServiceAccountURI", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.GoogleServiceAccountURI", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.GoogleServiceAccountURI) == "" + } + v.Value = string(obj.GoogleServiceAccountURI) + v.Unknown = false + tf.Attrs["google_service_account_uri"] = v + } + } + { + t, ok := tf.AttrTypes["google_service_account"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.GoogleServiceAccount"}) + } else { + v, ok := tf.Attrs["google_service_account"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.GoogleServiceAccount", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.GoogleServiceAccount", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.GoogleServiceAccount) == "" + } + v.Value = string(obj.GoogleServiceAccount) + v.Unknown = false + tf.Attrs["google_service_account"] = v + } + } + { + t, ok := tf.AttrTypes["google_admin_email"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.GoogleAdminEmail"}) + } else { + v, ok := tf.Attrs["google_admin_email"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.GoogleAdminEmail", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.GoogleAdminEmail", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.GoogleAdminEmail) == "" + } + v.Value = string(obj.GoogleAdminEmail) + v.Unknown = false + tf.Attrs["google_admin_email"] = v + } + } + { + t, ok := tf.AttrTypes["redirect_url"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.RedirectURLs"}) + } else { + v := CopyToStrings(diags, obj.RedirectURLs, t, tf.Attrs["redirect_url"]) + tf.Attrs["redirect_url"] = v + } + } + { + t, ok := tf.AttrTypes["allow_unverified_email"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.AllowUnverifiedEmail"}) + } else { + v, ok := tf.Attrs["allow_unverified_email"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.AllowUnverifiedEmail", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.AllowUnverifiedEmail", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.AllowUnverifiedEmail) == false + } + v.Value = bool(obj.AllowUnverifiedEmail) + v.Unknown = false + tf.Attrs["allow_unverified_email"] = v + } + } + { + t, ok := tf.AttrTypes["username_claim"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorV3.Spec.UsernameClaim"}) + } else { + v, ok := tf.Attrs["username_claim"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorV3.Spec.UsernameClaim", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorV3.Spec.UsernameClaim", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.UsernameClaim) == "" + } + v.Value = string(obj.UsernameClaim) + v.Unknown = false + tf.Attrs["username_claim"] = v + } + } + { + t, ok := tf.AttrTypes["max_age"] + if !ok { + diags.Append(attrWriteMissingDiag{"OIDCConnectorSpecV3.Value"}) + } else { + v, ok := tf.Attrs["max_age"].(DurationValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OIDCConnectorSpecV3.Value", err}) + } + v, ok = i.(DurationValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OIDCConnectorSpecV3.Value", "DurationValue"}) + } + v.Null = false + } + if obj.MaxAge == nil { + v.Null = true + } else { + v.Value = time.Duration(obj.Value) + } + v.Unknown = false + tf.Attrs["max_age"] = v + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopySAMLConnectorV2FromTerraform copies contents of the source Terraform object into a target struct +func CopySAMLConnectorV2FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.SAMLConnectorV2) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.SAMLConnectorSpecV2{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["issuer"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.Issuer"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.Issuer", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Issuer = t + } + } + } + { + a, ok := tf.Attrs["sso"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.SSO"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.SSO", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SSO = t + } + } + } + { + a, ok := tf.Attrs["cert"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.Cert"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.Cert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Cert = t + } + } + } + { + a, ok := tf.Attrs["display"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.Display"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.Display", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Display = t + } + } + } + { + a, ok := tf.Attrs["acs"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.AssertionConsumerService"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.AssertionConsumerService", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AssertionConsumerService = t + } + } + } + { + a, ok := tf.Attrs["audience"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.Audience"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.Audience", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Audience = t + } + } + } + { + a, ok := tf.Attrs["service_provider_issuer"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.ServiceProviderIssuer"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.ServiceProviderIssuer", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ServiceProviderIssuer = t + } + } + } + { + a, ok := tf.Attrs["entity_descriptor"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.EntityDescriptor"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.EntityDescriptor", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EntityDescriptor = t + } + } + } + { + a, ok := tf.Attrs["entity_descriptor_url"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.EntityDescriptorURL"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.EntityDescriptorURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EntityDescriptorURL = t + } + } + } + { + a, ok := tf.Attrs["attributes_to_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.AttributesToRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AttributesToRoles = make([]github_com_gravitational_teleport_api_types.AttributeMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.AttributeMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["value"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Value"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Value = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + } + obj.AttributesToRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["signing_key_pair"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.SigningKeyPair"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.SigningKeyPair", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.SigningKeyPair = nil + if !v.Null && !v.Unknown { + tf := v + obj.SigningKeyPair = &github_com_gravitational_teleport_api_types.AsymmetricKeyPair{} + obj := obj.SigningKeyPair + { + a, ok := tf.Attrs["private_key"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.SigningKeyPair.PrivateKey"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.SigningKeyPair.PrivateKey", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PrivateKey = t + } + } + } + { + a, ok := tf.Attrs["cert"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.SigningKeyPair.Cert"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.SigningKeyPair.Cert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Cert = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["provider"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.Provider"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.Provider", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Provider = t + } + } + } + { + a, ok := tf.Attrs["assertion_key_pair"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.EncryptionKeyPair = nil + if !v.Null && !v.Unknown { + tf := v + obj.EncryptionKeyPair = &github_com_gravitational_teleport_api_types.AsymmetricKeyPair{} + obj := obj.EncryptionKeyPair + { + a, ok := tf.Attrs["private_key"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair.PrivateKey"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair.PrivateKey", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.PrivateKey = t + } + } + } + { + a, ok := tf.Attrs["cert"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair.Cert"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair.Cert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Cert = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["allow_idp_initiated"] + if !ok { + diags.Append(attrReadMissingDiag{"SAMLConnectorV2.Spec.AllowIDPInitiated"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"SAMLConnectorV2.Spec.AllowIDPInitiated", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.AllowIDPInitiated = t + } + } + } + } + } + } + } + return diags +} + +// CopySAMLConnectorV2ToTerraform copies contents of the source Terraform object into a target struct +func CopySAMLConnectorV2ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.SAMLConnectorV2, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["issuer"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.Issuer"}) + } else { + v, ok := tf.Attrs["issuer"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.Issuer", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.Issuer", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Issuer) == "" + } + v.Value = string(obj.Issuer) + v.Unknown = false + tf.Attrs["issuer"] = v + } + } + { + t, ok := tf.AttrTypes["sso"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.SSO"}) + } else { + v, ok := tf.Attrs["sso"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.SSO", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.SSO", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SSO) == "" + } + v.Value = string(obj.SSO) + v.Unknown = false + tf.Attrs["sso"] = v + } + } + { + t, ok := tf.AttrTypes["cert"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.Cert"}) + } else { + v, ok := tf.Attrs["cert"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.Cert", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.Cert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Cert) == "" + } + v.Value = string(obj.Cert) + v.Unknown = false + tf.Attrs["cert"] = v + } + } + { + t, ok := tf.AttrTypes["display"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.Display"}) + } else { + v, ok := tf.Attrs["display"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.Display", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.Display", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Display) == "" + } + v.Value = string(obj.Display) + v.Unknown = false + tf.Attrs["display"] = v + } + } + { + t, ok := tf.AttrTypes["acs"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.AssertionConsumerService"}) + } else { + v, ok := tf.Attrs["acs"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.AssertionConsumerService", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.AssertionConsumerService", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.AssertionConsumerService) == "" + } + v.Value = string(obj.AssertionConsumerService) + v.Unknown = false + tf.Attrs["acs"] = v + } + } + { + t, ok := tf.AttrTypes["audience"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.Audience"}) + } else { + v, ok := tf.Attrs["audience"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.Audience", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.Audience", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Audience) == "" + } + v.Value = string(obj.Audience) + v.Unknown = false + tf.Attrs["audience"] = v + } + } + { + t, ok := tf.AttrTypes["service_provider_issuer"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.ServiceProviderIssuer"}) + } else { + v, ok := tf.Attrs["service_provider_issuer"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.ServiceProviderIssuer", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.ServiceProviderIssuer", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ServiceProviderIssuer) == "" + } + v.Value = string(obj.ServiceProviderIssuer) + v.Unknown = false + tf.Attrs["service_provider_issuer"] = v + } + } + { + t, ok := tf.AttrTypes["entity_descriptor"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.EntityDescriptor"}) + } else { + v, ok := tf.Attrs["entity_descriptor"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.EntityDescriptor", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.EntityDescriptor", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EntityDescriptor) == "" + } + v.Value = string(obj.EntityDescriptor) + v.Unknown = false + tf.Attrs["entity_descriptor"] = v + } + } + { + t, ok := tf.AttrTypes["entity_descriptor_url"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.EntityDescriptorURL"}) + } else { + v, ok := tf.Attrs["entity_descriptor_url"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.EntityDescriptorURL", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.EntityDescriptorURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EntityDescriptorURL) == "" + } + v.Value = string(obj.EntityDescriptorURL) + v.Unknown = false + tf.Attrs["entity_descriptor_url"] = v + } + } + { + a, ok := tf.AttrTypes["attributes_to_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.AttributesToRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["attributes_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttributesToRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttributesToRoles)) + } + } + if obj.AttributesToRoles != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.AttributesToRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AttributesToRoles)) + } + for k, a := range obj.AttributesToRoles { + v, ok := tf.Attrs["attributes_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.AttributesToRoles.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["value"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Value"}) + } else { + v, ok := tf.Attrs["value"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.AttributesToRoles.Value", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Value", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Value) == "" + } + v.Value = string(obj.Value) + v.Unknown = false + tf.Attrs["value"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.AttributesToRoles.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.AttributesToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AttributesToRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["attributes_to_roles"] = c + } + } + } + { + a, ok := tf.AttrTypes["signing_key_pair"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.SigningKeyPair"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.SigningKeyPair", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["signing_key_pair"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.SigningKeyPair == nil { + v.Null = true + } else { + obj := obj.SigningKeyPair + tf := &v + { + t, ok := tf.AttrTypes["private_key"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.SigningKeyPair.PrivateKey"}) + } else { + v, ok := tf.Attrs["private_key"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.SigningKeyPair.PrivateKey", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.SigningKeyPair.PrivateKey", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.PrivateKey) == "" + } + v.Value = string(obj.PrivateKey) + v.Unknown = false + tf.Attrs["private_key"] = v + } + } + { + t, ok := tf.AttrTypes["cert"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.SigningKeyPair.Cert"}) + } else { + v, ok := tf.Attrs["cert"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.SigningKeyPair.Cert", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.SigningKeyPair.Cert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Cert) == "" + } + v.Value = string(obj.Cert) + v.Unknown = false + tf.Attrs["cert"] = v + } + } + } + v.Unknown = false + tf.Attrs["signing_key_pair"] = v + } + } + } + { + t, ok := tf.AttrTypes["provider"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.Provider"}) + } else { + v, ok := tf.Attrs["provider"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.Provider", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.Provider", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Provider) == "" + } + v.Value = string(obj.Provider) + v.Unknown = false + tf.Attrs["provider"] = v + } + } + { + a, ok := tf.AttrTypes["assertion_key_pair"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["assertion_key_pair"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.EncryptionKeyPair == nil { + v.Null = true + } else { + obj := obj.EncryptionKeyPair + tf := &v + { + t, ok := tf.AttrTypes["private_key"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair.PrivateKey"}) + } else { + v, ok := tf.Attrs["private_key"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.EncryptionKeyPair.PrivateKey", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair.PrivateKey", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.PrivateKey) == "" + } + v.Value = string(obj.PrivateKey) + v.Unknown = false + tf.Attrs["private_key"] = v + } + } + { + t, ok := tf.AttrTypes["cert"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair.Cert"}) + } else { + v, ok := tf.Attrs["cert"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.EncryptionKeyPair.Cert", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.EncryptionKeyPair.Cert", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Cert) == "" + } + v.Value = string(obj.Cert) + v.Unknown = false + tf.Attrs["cert"] = v + } + } + } + v.Unknown = false + tf.Attrs["assertion_key_pair"] = v + } + } + } + { + t, ok := tf.AttrTypes["allow_idp_initiated"] + if !ok { + diags.Append(attrWriteMissingDiag{"SAMLConnectorV2.Spec.AllowIDPInitiated"}) + } else { + v, ok := tf.Attrs["allow_idp_initiated"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"SAMLConnectorV2.Spec.AllowIDPInitiated", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"SAMLConnectorV2.Spec.AllowIDPInitiated", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.AllowIDPInitiated) == false + } + v.Value = bool(obj.AllowIDPInitiated) + v.Unknown = false + tf.Attrs["allow_idp_initiated"] = v + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyGithubConnectorV3FromTerraform copies contents of the source Terraform object into a target struct +func CopyGithubConnectorV3FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.GithubConnectorV3) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.GithubConnectorSpecV3{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["client_id"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.ClientID"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.ClientID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClientID = t + } + } + } + { + a, ok := tf.Attrs["client_secret"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.ClientSecret"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.ClientSecret", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ClientSecret = t + } + } + } + { + a, ok := tf.Attrs["redirect_url"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.RedirectURL"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.RedirectURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.RedirectURL = t + } + } + } + { + a, ok := tf.Attrs["teams_to_logins"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.TeamsToLogins = make([]github_com_gravitational_teleport_api_types.TeamMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.TeamMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["organization"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.Organization"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.Organization", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Organization = t + } + } + } + { + a, ok := tf.Attrs["team"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.Team"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.Team", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Team = t + } + } + } + { + a, ok := tf.Attrs["logins"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.Logins"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.Logins", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Logins = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.Logins", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Logins[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["kubernetes_groups"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeGroups"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.KubeGroups = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeGroups", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KubeGroups[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["kubernetes_users"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeUsers"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.KubeUsers = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeUsers", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.KubeUsers[k] = t + } + } + } + } + } + } + } + obj.TeamsToLogins[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["display"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.Display"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.Display", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Display = t + } + } + } + { + a, ok := tf.Attrs["teams_to_roles"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToRoles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.TeamsToRoles = make([]github_com_gravitational_teleport_api_types.TeamRolesMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.TeamRolesMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["organization"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToRoles.Organization"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles.Organization", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Organization = t + } + } + } + { + a, ok := tf.Attrs["team"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToRoles.Team"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles.Team", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Team = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.TeamsToRoles.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + } + obj.TeamsToRoles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["endpoint_url"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.EndpointURL"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.EndpointURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.EndpointURL = t + } + } + } + { + a, ok := tf.Attrs["api_endpoint_url"] + if !ok { + diags.Append(attrReadMissingDiag{"GithubConnectorV3.Spec.APIEndpointURL"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"GithubConnectorV3.Spec.APIEndpointURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.APIEndpointURL = t + } + } + } + } + } + } + } + return diags +} + +// CopyGithubConnectorV3ToTerraform copies contents of the source Terraform object into a target struct +func CopyGithubConnectorV3ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.GithubConnectorV3, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["client_id"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.ClientID"}) + } else { + v, ok := tf.Attrs["client_id"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.ClientID", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.ClientID", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClientID) == "" + } + v.Value = string(obj.ClientID) + v.Unknown = false + tf.Attrs["client_id"] = v + } + } + { + t, ok := tf.AttrTypes["client_secret"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.ClientSecret"}) + } else { + v, ok := tf.Attrs["client_secret"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.ClientSecret", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.ClientSecret", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ClientSecret) == "" + } + v.Value = string(obj.ClientSecret) + v.Unknown = false + tf.Attrs["client_secret"] = v + } + } + { + t, ok := tf.AttrTypes["redirect_url"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.RedirectURL"}) + } else { + v, ok := tf.Attrs["redirect_url"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.RedirectURL", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.RedirectURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.RedirectURL) == "" + } + v.Value = string(obj.RedirectURL) + v.Unknown = false + tf.Attrs["redirect_url"] = v + } + } + { + a, ok := tf.AttrTypes["teams_to_logins"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["teams_to_logins"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TeamsToLogins)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TeamsToLogins)) + } + } + if obj.TeamsToLogins != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.TeamsToLogins) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TeamsToLogins)) + } + for k, a := range obj.TeamsToLogins { + v, ok := tf.Attrs["teams_to_logins"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["organization"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.Organization"}) + } else { + v, ok := tf.Attrs["organization"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.TeamsToLogins.Organization", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.Organization", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Organization) == "" + } + v.Value = string(obj.Organization) + v.Unknown = false + tf.Attrs["organization"] = v + } + } + { + t, ok := tf.AttrTypes["team"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.Team"}) + } else { + v, ok := tf.Attrs["team"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.TeamsToLogins.Team", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.Team", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Team) == "" + } + v.Value = string(obj.Team) + v.Unknown = false + tf.Attrs["team"] = v + } + } + { + a, ok := tf.AttrTypes["logins"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.Logins"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.Logins", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["logins"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)) + } + } + if obj.Logins != nil { + t := o.ElemType + if len(obj.Logins) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Logins)) + } + for k, a := range obj.Logins { + v, ok := tf.Attrs["logins"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.TeamsToLogins.Logins", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.Logins", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Logins) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["logins"] = c + } + } + } + { + a, ok := tf.AttrTypes["kubernetes_groups"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeGroups"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kubernetes_groups"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)) + } + } + if obj.KubeGroups != nil { + t := o.ElemType + if len(obj.KubeGroups) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeGroups)) + } + for k, a := range obj.KubeGroups { + v, ok := tf.Attrs["kubernetes_groups"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.TeamsToLogins.KubeGroups", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeGroups", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.KubeGroups) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kubernetes_groups"] = c + } + } + } + { + a, ok := tf.AttrTypes["kubernetes_users"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeUsers"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["kubernetes_users"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)) + } + } + if obj.KubeUsers != nil { + t := o.ElemType + if len(obj.KubeUsers) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.KubeUsers)) + } + for k, a := range obj.KubeUsers { + v, ok := tf.Attrs["kubernetes_users"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.TeamsToLogins.KubeUsers", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToLogins.KubeUsers", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.KubeUsers) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["kubernetes_users"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.TeamsToLogins) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["teams_to_logins"] = c + } + } + } + { + t, ok := tf.AttrTypes["display"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.Display"}) + } else { + v, ok := tf.Attrs["display"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.Display", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.Display", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Display) == "" + } + v.Value = string(obj.Display) + v.Unknown = false + tf.Attrs["display"] = v + } + } + { + a, ok := tf.AttrTypes["teams_to_roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToRoles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["teams_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TeamsToRoles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TeamsToRoles)) + } + } + if obj.TeamsToRoles != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.TeamsToRoles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.TeamsToRoles)) + } + for k, a := range obj.TeamsToRoles { + v, ok := tf.Attrs["teams_to_roles"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["organization"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToRoles.Organization"}) + } else { + v, ok := tf.Attrs["organization"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.TeamsToRoles.Organization", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles.Organization", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Organization) == "" + } + v.Value = string(obj.Organization) + v.Unknown = false + tf.Attrs["organization"] = v + } + } + { + t, ok := tf.AttrTypes["team"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToRoles.Team"}) + } else { + v, ok := tf.Attrs["team"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.TeamsToRoles.Team", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles.Team", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Team) == "" + } + v.Value = string(obj.Team) + v.Unknown = false + tf.Attrs["team"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.TeamsToRoles.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.TeamsToRoles.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.TeamsToRoles.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.TeamsToRoles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["teams_to_roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["endpoint_url"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.EndpointURL"}) + } else { + v, ok := tf.Attrs["endpoint_url"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.EndpointURL", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.EndpointURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.EndpointURL) == "" + } + v.Value = string(obj.EndpointURL) + v.Unknown = false + tf.Attrs["endpoint_url"] = v + } + } + { + t, ok := tf.AttrTypes["api_endpoint_url"] + if !ok { + diags.Append(attrWriteMissingDiag{"GithubConnectorV3.Spec.APIEndpointURL"}) + } else { + v, ok := tf.Attrs["api_endpoint_url"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"GithubConnectorV3.Spec.APIEndpointURL", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"GithubConnectorV3.Spec.APIEndpointURL", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.APIEndpointURL) == "" + } + v.Value = string(obj.APIEndpointURL) + v.Unknown = false + tf.Attrs["api_endpoint_url"] = v + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyTrustedClusterV2FromTerraform copies contents of the source Terraform object into a target struct +func CopyTrustedClusterV2FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.TrustedClusterV2) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.TrustedClusterSpecV2{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["enabled"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec.Enabled"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.Enabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } else { + var t bool + if !v.Null && !v.Unknown { + t = bool(v.Value) + } + obj.Enabled = t + } + } + } + { + a, ok := tf.Attrs["roles"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec.Roles"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Roles = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.Roles", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Roles[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["token"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec.Token"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.Token", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Token = t + } + } + } + { + a, ok := tf.Attrs["web_proxy_addr"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec.ProxyAddress"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.ProxyAddress", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ProxyAddress = t + } + } + } + { + a, ok := tf.Attrs["tunnel_addr"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec.ReverseTunnelAddress"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.ReverseTunnelAddress", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.ReverseTunnelAddress = t + } + } + } + { + a, ok := tf.Attrs["role_map"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec.RoleMap"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.RoleMap = make([]github_com_gravitational_teleport_api_types.RoleMapping, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t github_com_gravitational_teleport_api_types.RoleMapping + if !v.Null && !v.Unknown { + tf := v + obj := &t + { + a, ok := tf.Attrs["remote"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec.RoleMap.Remote"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap.Remote", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Remote = t + } + } + } + { + a, ok := tf.Attrs["local"] + if !ok { + diags.Append(attrReadMissingDiag{"TrustedClusterV2.Spec.RoleMap.Local"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap.Local", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Local = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap.Local", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Local[k] = t + } + } + } + } + } + } + } + obj.RoleMap[k] = t + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyTrustedClusterV2ToTerraform copies contents of the source Terraform object into a target struct +func CopyTrustedClusterV2ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.TrustedClusterV2, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["enabled"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec.Enabled"}) + } else { + v, ok := tf.Attrs["enabled"].(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Spec.Enabled", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Bool) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.Enabled", "github.com/hashicorp/terraform-plugin-framework/types.Bool"}) + } + v.Null = bool(obj.Enabled) == false + } + v.Value = bool(obj.Enabled) + v.Unknown = false + tf.Attrs["enabled"] = v + } + } + { + a, ok := tf.AttrTypes["roles"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec.Roles"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + } + if obj.Roles != nil { + t := o.ElemType + if len(obj.Roles) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Roles)) + } + for k, a := range obj.Roles { + v, ok := tf.Attrs["roles"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Spec.Roles", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.Roles", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Roles) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["roles"] = c + } + } + } + { + t, ok := tf.AttrTypes["token"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec.Token"}) + } else { + v, ok := tf.Attrs["token"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Spec.Token", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.Token", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Token) == "" + } + v.Value = string(obj.Token) + v.Unknown = false + tf.Attrs["token"] = v + } + } + { + t, ok := tf.AttrTypes["web_proxy_addr"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec.ProxyAddress"}) + } else { + v, ok := tf.Attrs["web_proxy_addr"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Spec.ProxyAddress", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.ProxyAddress", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ProxyAddress) == "" + } + v.Value = string(obj.ProxyAddress) + v.Unknown = false + tf.Attrs["web_proxy_addr"] = v + } + } + { + t, ok := tf.AttrTypes["tunnel_addr"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec.ReverseTunnelAddress"}) + } else { + v, ok := tf.Attrs["tunnel_addr"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Spec.ReverseTunnelAddress", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.ReverseTunnelAddress", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.ReverseTunnelAddress) == "" + } + v.Value = string(obj.ReverseTunnelAddress) + v.Unknown = false + tf.Attrs["tunnel_addr"] = v + } + } + { + a, ok := tf.AttrTypes["role_map"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec.RoleMap"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["role_map"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RoleMap)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RoleMap)) + } + } + if obj.RoleMap != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.RoleMap) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.RoleMap)) + } + for k, a := range obj.RoleMap { + v, ok := tf.Attrs["role_map"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := a + tf := &v + { + t, ok := tf.AttrTypes["remote"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec.RoleMap.Remote"}) + } else { + v, ok := tf.Attrs["remote"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Spec.RoleMap.Remote", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap.Remote", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Remote) == "" + } + v.Value = string(obj.Remote) + v.Unknown = false + tf.Attrs["remote"] = v + } + } + { + a, ok := tf.AttrTypes["local"] + if !ok { + diags.Append(attrWriteMissingDiag{"TrustedClusterV2.Spec.RoleMap.Local"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap.Local", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["local"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Local)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Local)) + } + } + if obj.Local != nil { + t := o.ElemType + if len(obj.Local) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Local)) + } + for k, a := range obj.Local { + v, ok := tf.Attrs["local"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"TrustedClusterV2.Spec.RoleMap.Local", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"TrustedClusterV2.Spec.RoleMap.Local", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Local) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["local"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.RoleMap) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["role_map"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// CopyClusterMaintenanceConfigV1FromTerraform copies contents of the source Terraform object into a target struct +func CopyClusterMaintenanceConfigV1FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.ClusterMaintenanceConfigV1) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.ClusterMaintenanceConfigSpecV1{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["agent_upgrades"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.AgentUpgrades = nil + if !v.Null && !v.Unknown { + tf := v + obj.AgentUpgrades = &github_com_gravitational_teleport_api_types.AgentUpgradeWindow{} + obj := obj.AgentUpgrades + { + a, ok := tf.Attrs["utc_start_hour"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.UTCStartHour"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.UTCStartHour", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t uint32 + if !v.Null && !v.Unknown { + t = uint32(v.Value) + } + obj.UTCStartHour = t + } + } + } + { + a, ok := tf.Attrs["weekdays"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.Weekdays"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.Weekdays", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Weekdays = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.Weekdays", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Weekdays[k] = t + } + } + } + } + } + } + } + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["nonce"] + if !ok { + diags.Append(attrReadMissingDiag{"ClusterMaintenanceConfigV1.Nonce"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"ClusterMaintenanceConfigV1.Nonce", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t uint64 + if !v.Null && !v.Unknown { + t = uint64(v.Value) + } + obj.Nonce = t + } + } + } + return diags +} + +// CopyClusterMaintenanceConfigV1ToTerraform copies contents of the source Terraform object into a target struct +func CopyClusterMaintenanceConfigV1ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.ClusterMaintenanceConfigV1, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + a, ok := tf.AttrTypes["agent_upgrades"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["agent_upgrades"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if obj.AgentUpgrades == nil { + v.Null = true + } else { + obj := obj.AgentUpgrades + tf := &v + { + t, ok := tf.AttrTypes["utc_start_hour"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.UTCStartHour"}) + } else { + v, ok := tf.Attrs["utc_start_hour"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.UTCStartHour", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.UTCStartHour", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.UTCStartHour) == 0 + } + v.Value = int64(obj.UTCStartHour) + v.Unknown = false + tf.Attrs["utc_start_hour"] = v + } + } + { + a, ok := tf.AttrTypes["weekdays"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.Weekdays"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.Weekdays", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["weekdays"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Weekdays)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Weekdays)) + } + } + if obj.Weekdays != nil { + t := o.ElemType + if len(obj.Weekdays) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Weekdays)) + } + for k, a := range obj.Weekdays { + v, ok := tf.Attrs["weekdays"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.Weekdays", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Spec.AgentUpgrades.Weekdays", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Weekdays) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["weekdays"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["agent_upgrades"] = v + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + { + t, ok := tf.AttrTypes["nonce"] + if !ok { + diags.Append(attrWriteMissingDiag{"ClusterMaintenanceConfigV1.Nonce"}) + } else { + v, ok := tf.Attrs["nonce"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"ClusterMaintenanceConfigV1.Nonce", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"ClusterMaintenanceConfigV1.Nonce", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Nonce) == 0 + } + v.Value = int64(obj.Nonce) + v.Unknown = false + tf.Attrs["nonce"] = v + } + } + return diags +} + +// CopyOktaImportRuleV1FromTerraform copies contents of the source Terraform object into a target struct +func CopyOktaImportRuleV1FromTerraform(_ context.Context, tf github_com_hashicorp_terraform_plugin_framework_types.Object, obj *github_com_gravitational_teleport_api_types.OktaImportRuleV1) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + { + a, ok := tf.Attrs["kind"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Kind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Kind = t + } + } + } + { + a, ok := tf.Attrs["sub_kind"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.SubKind"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.SubKind = t + } + } + } + { + a, ok := tf.Attrs["version"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Version"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Version = t + } + } + } + { + a, ok := tf.Attrs["metadata"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Metadata = github_com_gravitational_teleport_api_types.Metadata{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Metadata + { + a, ok := tf.Attrs["name"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Name"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Name = t + } + } + } + { + a, ok := tf.Attrs["namespace"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Namespace"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Namespace = t + } + } + } + { + a, ok := tf.Attrs["description"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Description"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Description = t + } + } + } + { + a, ok := tf.Attrs["labels"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Labels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.Labels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Labels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Labels[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["expires"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Expires"}) + } else { + v, ok := a.(TimeValue) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Expires", "TimeValue"}) + } else { + var t *time.Time + if !v.Null && !v.Unknown { + c := time.Time(v.Value) + t = &c + } + obj.Expires = t + } + } + } + { + a, ok := tf.Attrs["revision"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Metadata.Revision"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.Revision = t + } + } + } + } + } + } + } + { + a, ok := tf.Attrs["spec"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec", "github.com/hashicorp/terraform-plugin-framework/types.Object"}) + } else { + obj.Spec = github_com_gravitational_teleport_api_types.OktaImportRuleSpecV1{} + if !v.Null && !v.Unknown { + tf := v + obj := &obj.Spec + { + a, ok := tf.Attrs["priority"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Priority"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Priority", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } else { + var t int32 + if !v.Null && !v.Unknown { + t = int32(v.Value) + } + obj.Priority = t + } + } + } + { + a, ok := tf.Attrs["mappings"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Mappings = make([]*github_com_gravitational_teleport_api_types.OktaImportRuleMappingV1, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.OktaImportRuleMappingV1 + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.OktaImportRuleMappingV1{} + obj := t + { + a, ok := tf.Attrs["match"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.Match = make([]*github_com_gravitational_teleport_api_types.OktaImportRuleMatchV1, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match", "github_com_hashicorp_terraform_plugin_framework_types.Object"}) + } else { + var t *github_com_gravitational_teleport_api_types.OktaImportRuleMatchV1 + if !v.Null && !v.Unknown { + tf := v + t = &github_com_gravitational_teleport_api_types.OktaImportRuleMatchV1{} + obj := t + { + a, ok := tf.Attrs["app_ids"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AppIDs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AppIDs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["group_ids"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.GroupIDs = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GroupIDs[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["app_name_regexes"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppNameRegexes"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppNameRegexes", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.AppNameRegexes = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppNameRegexes", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AppNameRegexes[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["group_name_regexes"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupNameRegexes"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupNameRegexes", "github.com/hashicorp/terraform-plugin-framework/types.List"}) + } else { + obj.GroupNameRegexes = make([]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupNameRegexes", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.GroupNameRegexes[k] = t + } + } + } + } + } + } + } + obj.Match[k] = t + } + } + } + } + } + } + { + a, ok := tf.Attrs["add_labels"] + if !ok { + diags.Append(attrReadMissingDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels"}) + } else { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels", "github.com/hashicorp/terraform-plugin-framework/types.Map"}) + } else { + obj.AddLabels = make(map[string]string, len(v.Elems)) + if !v.Null && !v.Unknown { + for k, a := range v.Elems { + v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrReadConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels", "github_com_hashicorp_terraform_plugin_framework_types.String"}) + } else { + var t string + if !v.Null && !v.Unknown { + t = string(v.Value) + } + obj.AddLabels[k] = t + } + } + } + } + } + } + } + obj.Mappings[k] = t + } + } + } + } + } + } + } + } + } + } + return diags +} + +// CopyOktaImportRuleV1ToTerraform copies contents of the source Terraform object into a target struct +func CopyOktaImportRuleV1ToTerraform(ctx context.Context, obj *github_com_gravitational_teleport_api_types.OktaImportRuleV1, tf *github_com_hashicorp_terraform_plugin_framework_types.Object) github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics { + var diags github_com_hashicorp_terraform_plugin_framework_diag.Diagnostics + tf.Null = false + tf.Unknown = false + if tf.Attrs == nil { + tf.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value) + } + { + t, ok := tf.AttrTypes["kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Kind"}) + } else { + v, ok := tf.Attrs["kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Kind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Kind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Kind) == "" + } + v.Value = string(obj.Kind) + v.Unknown = false + tf.Attrs["kind"] = v + } + } + { + t, ok := tf.AttrTypes["sub_kind"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.SubKind"}) + } else { + v, ok := tf.Attrs["sub_kind"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.SubKind", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.SubKind", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.SubKind) == "" + } + v.Value = string(obj.SubKind) + v.Unknown = false + tf.Attrs["sub_kind"] = v + } + } + { + t, ok := tf.AttrTypes["version"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Version"}) + } else { + v, ok := tf.Attrs["version"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Version", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Version", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Version) == "" + } + v.Value = string(obj.Version) + v.Unknown = false + tf.Attrs["version"] = v + } + } + { + a, ok := tf.AttrTypes["metadata"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["metadata"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Metadata + tf := &v + { + t, ok := tf.AttrTypes["name"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Name"}) + } else { + v, ok := tf.Attrs["name"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Name", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Name", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Name) == "" + } + v.Value = string(obj.Name) + v.Unknown = false + tf.Attrs["name"] = v + } + } + { + t, ok := tf.AttrTypes["namespace"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Namespace"}) + } else { + v, ok := tf.Attrs["namespace"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Namespace", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Namespace", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Namespace) == "" + } + v.Value = string(obj.Namespace) + v.Unknown = false + tf.Attrs["namespace"] = v + } + } + { + t, ok := tf.AttrTypes["description"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Description"}) + } else { + v, ok := tf.Attrs["description"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Description", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Description", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Description) == "" + } + v.Value = string(obj.Description) + v.Unknown = false + tf.Attrs["description"] = v + } + } + { + a, ok := tf.AttrTypes["labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Labels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Labels)) + } + } + if obj.Labels != nil { + t := o.ElemType + for k, a := range obj.Labels { + v, ok := tf.Attrs["labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Labels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Labels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Labels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["labels"] = c + } + } + } + { + t, ok := tf.AttrTypes["expires"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Expires"}) + } else { + v, ok := tf.Attrs["expires"].(TimeValue) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Expires", err}) + } + v, ok = i.(TimeValue) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Expires", "TimeValue"}) + } + v.Null = false + } + if obj.Expires == nil { + v.Null = true + } else { + v.Null = false + v.Value = time.Time(*obj.Expires) + } + v.Unknown = false + tf.Attrs["expires"] = v + } + } + { + t, ok := tf.AttrTypes["revision"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Metadata.Revision"}) + } else { + v, ok := tf.Attrs["revision"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Metadata.Revision", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Metadata.Revision", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(obj.Revision) == "" + } + v.Value = string(obj.Revision) + v.Unknown = false + tf.Attrs["revision"] = v + } + } + } + v.Unknown = false + tf.Attrs["metadata"] = v + } + } + } + { + a, ok := tf.AttrTypes["spec"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"}) + } else { + v, ok := tf.Attrs["spec"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + { + obj := obj.Spec + tf := &v + { + t, ok := tf.AttrTypes["priority"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Priority"}) + } else { + v, ok := tf.Attrs["priority"].(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Priority", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.Int64) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Priority", "github.com/hashicorp/terraform-plugin-framework/types.Int64"}) + } + v.Null = int64(obj.Priority) == 0 + } + v.Value = int64(obj.Priority) + v.Unknown = false + tf.Attrs["priority"] = v + } + } + { + a, ok := tf.AttrTypes["mappings"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["mappings"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Mappings)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Mappings)) + } + } + if obj.Mappings != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Mappings) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Mappings)) + } + for k, a := range obj.Mappings { + v, ok := tf.Attrs["mappings"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["match"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["match"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Match)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Match)) + } + } + if obj.Match != nil { + o := o.ElemType.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType) + if len(obj.Match) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.Match)) + } + for k, a := range obj.Match { + v, ok := tf.Attrs["match"].(github_com_hashicorp_terraform_plugin_framework_types.Object) + if !ok { + v = github_com_hashicorp_terraform_plugin_framework_types.Object{ + + AttrTypes: o.AttrTypes, + Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)), + } + } else { + if v.Attrs == nil { + v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes)) + } + } + if a == nil { + v.Null = true + } else { + obj := a + tf := &v + { + a, ok := tf.AttrTypes["app_ids"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["app_ids"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppIDs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppIDs)) + } + } + if obj.AppIDs != nil { + t := o.ElemType + if len(obj.AppIDs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppIDs)) + } + for k, a := range obj.AppIDs { + v, ok := tf.Attrs["app_ids"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppIDs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AppIDs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["app_ids"] = c + } + } + } + { + a, ok := tf.AttrTypes["group_ids"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["group_ids"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupIDs)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupIDs)) + } + } + if obj.GroupIDs != nil { + t := o.ElemType + if len(obj.GroupIDs) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupIDs)) + } + for k, a := range obj.GroupIDs { + v, ok := tf.Attrs["group_ids"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupIDs", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.GroupIDs) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["group_ids"] = c + } + } + } + { + a, ok := tf.AttrTypes["app_name_regexes"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppNameRegexes"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppNameRegexes", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["app_name_regexes"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppNameRegexes)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppNameRegexes)) + } + } + if obj.AppNameRegexes != nil { + t := o.ElemType + if len(obj.AppNameRegexes) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AppNameRegexes)) + } + for k, a := range obj.AppNameRegexes { + v, ok := tf.Attrs["app_name_regexes"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Mappings.Match.AppNameRegexes", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.AppNameRegexes", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AppNameRegexes) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["app_name_regexes"] = c + } + } + } + { + a, ok := tf.AttrTypes["group_name_regexes"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupNameRegexes"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupNameRegexes", "github.com/hashicorp/terraform-plugin-framework/types.ListType"}) + } else { + c, ok := tf.Attrs["group_name_regexes"].(github_com_hashicorp_terraform_plugin_framework_types.List) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.List{ + + ElemType: o.ElemType, + Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupNameRegexes)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupNameRegexes)) + } + } + if obj.GroupNameRegexes != nil { + t := o.ElemType + if len(obj.GroupNameRegexes) != len(c.Elems) { + c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.GroupNameRegexes)) + } + for k, a := range obj.GroupNameRegexes { + v, ok := tf.Attrs["group_name_regexes"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Mappings.Match.GroupNameRegexes", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.Match.GroupNameRegexes", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = string(a) == "" + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.GroupNameRegexes) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["group_name_regexes"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Match) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["match"] = c + } + } + } + { + a, ok := tf.AttrTypes["add_labels"] + if !ok { + diags.Append(attrWriteMissingDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels"}) + } else { + o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.MapType) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels", "github.com/hashicorp/terraform-plugin-framework/types.MapType"}) + } else { + c, ok := tf.Attrs["add_labels"].(github_com_hashicorp_terraform_plugin_framework_types.Map) + if !ok { + c = github_com_hashicorp_terraform_plugin_framework_types.Map{ + + ElemType: o.ElemType, + Elems: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AddLabels)), + Null: true, + } + } else { + if c.Elems == nil { + c.Elems = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.AddLabels)) + } + } + if obj.AddLabels != nil { + t := o.ElemType + for k, a := range obj.AddLabels { + v, ok := tf.Attrs["add_labels"].(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil)) + if err != nil { + diags.Append(attrWriteGeneralError{"OktaImportRuleV1.Spec.Mappings.AddLabels", err}) + } + v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String) + if !ok { + diags.Append(attrWriteConversionFailureDiag{"OktaImportRuleV1.Spec.Mappings.AddLabels", "github.com/hashicorp/terraform-plugin-framework/types.String"}) + } + v.Null = false + } + v.Value = string(a) + v.Unknown = false + c.Elems[k] = v + } + if len(obj.AddLabels) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["add_labels"] = c + } + } + } + } + v.Unknown = false + c.Elems[k] = v + } + if len(obj.Mappings) > 0 { + c.Null = false + } + } + c.Unknown = false + tf.Attrs["mappings"] = c + } + } + } + } + v.Unknown = false + tf.Attrs["spec"] = v + } + } + } + return diags +} + +// attrReadMissingDiag represents diagnostic message on an attribute missing in the source object +type attrReadMissingDiag struct { + Path string +} + +func (d attrReadMissingDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrReadMissingDiag) Summary() string { + return "Error reading from Terraform object" +} + +func (d attrReadMissingDiag) Detail() string { + return fmt.Sprintf("A value for %v is missing in the source Terraform object Attrs", d.Path) +} + +func (d attrReadMissingDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrReadConversionFailureDiag represents diagnostic message on a failed type conversion on read +type attrReadConversionFailureDiag struct { + Path string + Type string +} + +func (d attrReadConversionFailureDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrReadConversionFailureDiag) Summary() string { + return "Error reading from Terraform object" +} + +func (d attrReadConversionFailureDiag) Detail() string { + return fmt.Sprintf("A value for %v can not be converted to %v", d.Path, d.Type) +} + +func (d attrReadConversionFailureDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteMissingDiag represents diagnostic message on an attribute missing in the target object +type attrWriteMissingDiag struct { + Path string +} + +func (d attrWriteMissingDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteMissingDiag) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteMissingDiag) Detail() string { + return fmt.Sprintf("A value for %v is missing in the source Terraform object AttrTypes", d.Path) +} + +func (d attrWriteMissingDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteConversionFailureDiag represents diagnostic message on a failed type conversion on write +type attrWriteConversionFailureDiag struct { + Path string + Type string +} + +func (d attrWriteConversionFailureDiag) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteConversionFailureDiag) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteConversionFailureDiag) Detail() string { + return fmt.Sprintf("A value for %v can not be converted to %v", d.Path, d.Type) +} + +func (d attrWriteConversionFailureDiag) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} + +// attrWriteGeneralError represents diagnostic message on a generic error on write +type attrWriteGeneralError struct { + Path string + Err error +} + +func (d attrWriteGeneralError) Severity() github_com_hashicorp_terraform_plugin_framework_diag.Severity { + return github_com_hashicorp_terraform_plugin_framework_diag.SeverityError +} + +func (d attrWriteGeneralError) Summary() string { + return "Error writing to Terraform object" +} + +func (d attrWriteGeneralError) Detail() string { + return fmt.Sprintf("%s: %s", d.Path, d.Err.Error()) +} + +func (d attrWriteGeneralError) Equal(o github_com_hashicorp_terraform_plugin_framework_diag.Diagnostic) bool { + return (d.Severity() == o.Severity()) && (d.Summary() == o.Summary()) && (d.Detail() == o.Detail()) +} diff --git a/integrations/terraform/tfschema/validators.go b/integrations/terraform/tfschema/validators.go new file mode 100644 index 0000000000000..e28af9d28d7ec --- /dev/null +++ b/integrations/terraform/tfschema/validators.go @@ -0,0 +1,275 @@ +/* +Copyright 2015-2022 Gravitational, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package tfschema + +import ( + "context" + fmt "fmt" + "slices" + "strings" + "time" + + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" +) + +// TimeValueInFutureValidator ensures that a time is in the future +type TimeValueInFutureValidator struct{} + +// MustTimeBeInFuture returns TimeValueInFutureValidator +func MustTimeBeInFuture() tfsdk.AttributeValidator { + return TimeValueInFutureValidator{} +} + +// Description returns validator description +func (v TimeValueInFutureValidator) Description(_ context.Context) string { + return "Checks that a time value is in future" +} + +// MarkdownDescription returns validator markdown description +func (v TimeValueInFutureValidator) MarkdownDescription(_ context.Context) string { + return "Checks that a time value is in future" +} + +// Validate performs the validation. +func (v TimeValueInFutureValidator) Validate(_ context.Context, req tfsdk.ValidateAttributeRequest, resp *tfsdk.ValidateAttributeResponse) { + if req.AttributeConfig == nil { + return + } + + value, ok := req.AttributeConfig.(TimeValue) + if !ok { + resp.Diagnostics.AddError("Time validation error", fmt.Sprintf("Attribute %v can not be converted to TimeValue", req.AttributePath.String())) + return + } + + if value.Null || value.Unknown { + return + } + + if time.Now().After(value.Value) { + resp.Diagnostics.AddError("Time validation error", fmt.Sprintf("Attribute %v value must be in the future", req.AttributePath.String())) + } +} + +// VersionValidator validates that a resource version is in the specified range +type VersionValidator struct { + Min int + Max int +} + +// UseVersionBetween creates VersionValidator +func UseVersionBetween(min, max int) tfsdk.AttributeValidator { + return VersionValidator{min, max} +} + +// Description returns validator description +func (v VersionValidator) Description(_ context.Context) string { + return fmt.Sprintf("Checks that version string is between %v..%v", v.Min, v.Max) +} + +// MarkdownDescription returns validator markdown description +func (v VersionValidator) MarkdownDescription(_ context.Context) string { + return fmt.Sprintf("Checks that version string is between %v..%v", v.Min, v.Max) +} + +// Validate performs the validation. +func (v VersionValidator) Validate(_ context.Context, req tfsdk.ValidateAttributeRequest, resp *tfsdk.ValidateAttributeResponse) { + if req.AttributeConfig == nil { + return + } + + value, ok := req.AttributeConfig.(types.String) + if !ok { + resp.Diagnostics.AddError("Version validation error", fmt.Sprintf("Attribute %v can not be converted to StringValue", req.AttributePath.String())) + return + } + + if value.Null || value.Unknown { + return + } + + var version int + fmt.Sscan(value.Value[1:], &version) // strip leading v + + if version == 0 { + resp.Diagnostics.AddError("Version validation error", fmt.Sprintf("Attribute %v (%v) is not a vaild version (vXX)", req.AttributePath.String(), value.Value)) + return + } + + if version < v.Min || version > v.Max { + resp.Diagnostics.AddError("Version validation error", fmt.Sprintf("Version v%v (%v) is not in range v%v..v%v", version, req.AttributePath.String(), v.Min, v.Max)) + return + } +} + +// MapKeysPresentValidator validates that a map has the specified keys +type MapKeysPresentValidator struct { + Keys []string +} + +// UseKeysPresentValidator creates MapKeysPresentValidator +func UseMapKeysPresentValidator(keys ...string) tfsdk.AttributeValidator { + return MapKeysPresentValidator{Keys: keys} +} + +// Description returns validator description +func (v MapKeysPresentValidator) Description(_ context.Context) string { + return fmt.Sprintf("Checks that a map has %v keys set", v.Keys) +} + +// MarkdownDescription returns validator markdown description +func (v MapKeysPresentValidator) MarkdownDescription(_ context.Context) string { + return fmt.Sprintf("Checks that a map has %v keys set", v.Keys) +} + +// Validate performs the validation. +func (v MapKeysPresentValidator) Validate(_ context.Context, req tfsdk.ValidateAttributeRequest, resp *tfsdk.ValidateAttributeResponse) { + if req.AttributeConfig == nil { + return + } + + value, ok := req.AttributeConfig.(types.Map) + if !ok { + resp.Diagnostics.AddError("Map keys validation error", fmt.Sprintf("Attribute %v can not be converted to Map", req.AttributePath.String())) + return + } + + if value.Null || value.Unknown { + return + } + +OUTER: + for _, k := range v.Keys { + for e := range value.Elems { + if e == k { + break OUTER + } + } + + resp.Diagnostics.AddError("Map keys validation error", fmt.Sprintf("Key %v must be present in the map %v", k, req.AttributePath.String())) + } + +} + +// AnyOfValidator validates that at least one of the attributes is set (known and not null) +type AnyOfValidator struct { + Keys []string +} + +// UseAnyOfValidator creates AnyOfValidator +func UseAnyOfValidator(keys ...string) tfsdk.AttributeValidator { + return AnyOfValidator{ + Keys: keys, + } +} + +// Description returns validator description +func (v AnyOfValidator) Description(_ context.Context) string { + return fmt.Sprintf("AnyOf '%s' attributes must be present", strings.Join(v.Keys, ", ")) +} + +// MarkdownDescription returns validator markdown description +func (v AnyOfValidator) MarkdownDescription(_ context.Context) string { + return fmt.Sprintf("AnyOf `%s` attributes must be present", strings.Join(v.Keys, ", ")) +} + +// Validate performs the validation. +func (v AnyOfValidator) Validate(ctx context.Context, req tfsdk.ValidateAttributeRequest, resp *tfsdk.ValidateAttributeResponse) { + if req.AttributeConfig == nil { + return + } + + value, ok := req.AttributeConfig.(types.Object) + if !ok { + resp.Diagnostics.AddError( + "AnyOf Object validation error", + fmt.Sprintf("Attribute %v can not be converted to Object", req.AttributePath.String()), + ) + return + } + + if value.Null || value.Unknown { + return + } + + for _, key := range v.Keys { + attr, found := value.Attrs[key] + if found { + tfVal, err := attr.ToTerraformValue(ctx) + if err != nil { + resp.Diagnostics.AddError( + "AnyOf keys validation error", + fmt.Sprintf("Failed to convert ToTerraformValue attribute with key '%s': %v", key, err), + ) + return + } + if !tfVal.IsNull() { + return + } + } + } + + resp.Diagnostics.AddError( + "AnyOf keys validation error", + fmt.Sprintf("AnyOf '%s' keys must be present", strings.Join(v.Keys, ", ")), + ) +} + +// UseValueIn creates a StringValueValidator +func UseValueIn(allowed ...string) tfsdk.AttributeValidator { + return StringValueValidator{allowed} +} + +// StringValueValidator validates that a resource string field is in a set of allowed values. +type StringValueValidator struct { + AllowedValues []string +} + +// Description returns validator description +func (v StringValueValidator) Description(_ context.Context) string { + return fmt.Sprintf("Checks that string field is one of %v", v.AllowedValues) +} + +// MarkdownDescription returns validator markdown description +func (v StringValueValidator) MarkdownDescription(_ context.Context) string { + return fmt.Sprintf("Checks that string field is one of %v", v.AllowedValues) +} + +// Validate performs the validation. +func (v StringValueValidator) Validate(_ context.Context, req tfsdk.ValidateAttributeRequest, resp *tfsdk.ValidateAttributeResponse) { + if req.AttributeConfig == nil { + return + } + + value, ok := req.AttributeConfig.(types.String) + if !ok { + resp.Diagnostics.AddError("Field validation error", fmt.Sprintf("Attribute %v can not be converted to StringValue", req.AttributePath.String())) + return + } + + if value.Null || value.Unknown { + if !slices.Contains(v.AllowedValues, "") { + resp.Diagnostics.AddError("Field validation error", fmt.Sprintf("Attribute %v (%v) is unset but empty string is not a valid value.", req.AttributePath.String(), value.Value)) + } + return + } + + if !slices.Contains(v.AllowedValues, value.Value) { + resp.Diagnostics.AddError("Field validation error", fmt.Sprintf("Attribute %v (%v) is not in the allowed set (%v).", req.AttributePath.String(), value.Value, v.AllowedValues)) + } +} diff --git a/integrations/terraform/tfschema/validators_test.go b/integrations/terraform/tfschema/validators_test.go new file mode 100644 index 0000000000000..2726d2f9a36f3 --- /dev/null +++ b/integrations/terraform/tfschema/validators_test.go @@ -0,0 +1,90 @@ +/* + Copyright 2022 Gravitational, Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package tfschema + +import ( + "context" + "testing" + + "github.com/hashicorp/terraform-plugin-framework/attr" + "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/tfsdk" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/stretchr/testify/require" +) + +func getObjectWithTwoKeys() types.Object { + return types.Object{ + Attrs: map[string]attr.Value{ + "key1": types.String{ + Value: "val1", + Null: false, + Unknown: false, + }, + "key2": types.Int64{ + Value: 12, + Null: false, + Unknown: false, + }, + }, + AttrTypes: map[string]attr.Type{ + "key1": types.StringType, + "key2": types.StringType, + }, + } +} + +func TestAnyOfValidator(t *testing.T) { + type testCase struct { + input types.Object + anyOfValues []string + expectError bool + } + tests := map[string]testCase{ + "one-of-two": { + input: getObjectWithTwoKeys(), + anyOfValues: []string{"key1"}, + expectError: false, + }, + "two-of-two": { + input: getObjectWithTwoKeys(), + anyOfValues: []string{"key1", "key2"}, + expectError: false, + }, + "none-of-two": { + input: getObjectWithTwoKeys(), + anyOfValues: []string{"key3"}, + expectError: true, + }, + } + for name, test := range tests { + name, test := name, test + t.Run(name, func(t *testing.T) { + t.Parallel() + ctx := context.Background() + resp := &tfsdk.ValidateAttributeResponse{ + Diagnostics: make(diag.Diagnostics, 0), + } + + req := tfsdk.ValidateAttributeRequest{ + AttributeConfig: test.input, + } + UseAnyOfValidator(test.anyOfValues...).Validate(ctx, req, resp) + require.Equal(t, test.expectError, resp.Diagnostics.HasError()) + }) + } +}