terraform-provider-stackit icon indicating copy to clipboard operation
terraform-provider-stackit copied to clipboard
verified publisher icon stackitcloud

feat(authorization): refactor role_assignment resource and implement folder assignment

Open h3adex opened this issue 2 months ago • 1 comments

Description

This PR refactors stackit_authorization_{project,folder,organization}_role_assignment resources to align with our coding standards and adds tests for resource.go and utils.go. It also adds the capability to add role assignments to Folder.

E2E Results:
Screenshot 2025-11-14 at 11 09 06

Required ENV:
TF_ACC=1
TF_ACC_REGION=eu01
TF_ACC_ORGANIZATION_ID=xxxx
STACKIT_SERVICE_ACCOUNT_TOKEN=ey..
TF_ACC_TEST_PROJECT_SERVICE_ACCOUNT_EMAIL=terraform-xxxx@sa.stackit.cloud

Manual Tests:

locals {
  org_id      = "xxxx"
  owner_email = "[email protected]"
}

resource "stackit_resourcemanager_folder" "folder" {
  parent_container_id = local.org_id
  name                = "e2e-test-folder"
  owner_email         = local.owner_email
}

resource "stackit_resourcemanager_project" "project" {
  parent_container_id = local.org_id
  name                = "e2e-test-folder"
  owner_email         = local.owner_email
}

resource "stackit_authorization_folder_role_assignment" "fra" {
  resource_id = stackit_resourcemanager_folder.folder.folder_id
  role        = "editor"
  subject     = local.owner_email
}

resource "stackit_authorization_folder_role_assignment" "fra_duplicate" {
  resource_id = stackit_resourcemanager_folder.folder.folder_id
  role        = "editor"
  subject     = local.owner_email
}

resource "stackit_authorization_project_role_assignment" "pra" {
  resource_id = stackit_resourcemanager_project.project.project_id
  role        = "reader"
  subject     = local.owner_email
}

resource "stackit_authorization_organization_role_assignment" "ora" {
  resource_id = local.org_id
  role        = "iaas.project.admin"
  subject     = local.owner_email
}

Checklist

  • [x] Issue was linked above
  • [x] Code format was applied: make fmt
  • [x] Examples were added / adjusted (see examples/ directory)
  • [x] Docs are up-to-date: make generate-docs (will be checked by CI)
  • [x] Unit tests got implemented or updated
  • [x] Acceptance tests got implemented or updated (see e.g. here)
  • [x] Unit tests are passing: make test (will be checked by CI)
  • [x] No linter issues: make lint (will be checked by CI)

h3adex avatar Nov 14 '25 10:11 h3adex

This PR was marked as stale after 7 days of inactivity and will be closed after another 7 days of further inactivity. If this PR should be kept open, just add a comment, remove the stale label or push new commits to it.

github-actions[bot] avatar Nov 25 '25 02:11 github-actions[bot]

This PR was marked as stale after 7 days of inactivity and will be closed after another 7 days of further inactivity. If this PR should be kept open, just add a comment, remove the stale label or push new commits to it.

github-actions[bot] avatar Dec 10 '25 03:12 github-actions[bot]