[OPAL-11976] Pick up new Speakeasy version doc changes, new openapi c…

…hanges, require non-empty request_configuration (#91) * autogen + pick up new openapi changes * new docs, add minItems * unit test preventing empty request configs
opalsecurity · Sep 18, 2024 · 024f635 · 024f635
1 parent c35bb69
commit 024f635
Show file tree

Hide file tree

Showing 125 changed files with 4,247 additions and 1,645 deletions.
diff --git a/.speakeasy/gen.lock b/.speakeasy/gen.lock
diff --git a/.speakeasy/workflow.lock b/.speakeasy/workflow.lock
@@ -1,19 +1,17 @@
-speakeasyVersion: 1.381.0
+speakeasyVersion: 1.399.0
 sources:
     opal-terraform-provider:
         sourceNamespace: opal-terraform-provider
-        sourceRevisionDigest: sha256:7415528914f881e4b2cc2bfa35938a1f961a5247f61098554d19f15625cb500a
-        sourceBlobDigest: sha256:eff1a79ca954137ffe0c37f22a4a27d682170a54cf02b79c1a1bfe28f5828f78
+        sourceRevisionDigest: sha256:95265027f81091c7656626c9ce815785cffd65a25d31832d1d474c267009bbdd
+        sourceBlobDigest: sha256:841262b7535fc779b3408ffc8eb96e4575fd0fc3d6d38b052feb71deb08d04ef
         tags:
             - latest
-            - main
 targets:
     terraform:
         source: opal-terraform-provider
         sourceNamespace: opal-terraform-provider
-        sourceRevisionDigest: sha256:7415528914f881e4b2cc2bfa35938a1f961a5247f61098554d19f15625cb500a
-        sourceBlobDigest: sha256:eff1a79ca954137ffe0c37f22a4a27d682170a54cf02b79c1a1bfe28f5828f78
-        outLocation: .
+        sourceRevisionDigest: sha256:95265027f81091c7656626c9ce815785cffd65a25d31832d1d474c267009bbdd
+        sourceBlobDigest: sha256:841262b7535fc779b3408ffc8eb96e4575fd0fc3d6d38b052feb71deb08d04ef
 workflow:
     workflowVersion: 1.0.0
     speakeasyVersion: latest

diff --git a/README.md b/README.md
@@ -3,72 +3,139 @@
 ## SDK Generation
 Generate the new SDK using `speakeasy run`. This pulls the remote spec specified in `.speakeasy/workflow.yaml#6` and applies the overrides in `terraform_overlay.yaml`. Note the Makefile is only useful if you want to do development with a local OpenAPI spec and update the Speakeasy workflow config to reference that OpenAPI spec.
 
-<!-- Start SDK Installation [installation] -->
-## Using the SDK
+<!-- Start Summary [summary] -->
+## Summary
 
-To install this provider in your Terraform usage, copy and paste this code into your Terraform configuration files. Then, run `terraform init`.
+Opal API: Your Home For Developer Resources.
+<!-- End Summary [summary] -->
+
+<!-- Start Table of Contents [toc] -->
+## Table of Contents
+
+* [Installation](#installation)
+* [Available Resources and Data Sources](#available-resources-and-data-sources)
+* [Testing the provider locally](#testing-the-provider-locally)
+<!-- End Table of Contents [toc] -->
+
+<!-- Start Installation [installation] -->
+## Installation
+
+To install this provider, copy and paste this code into your Terraform configuration. Then, run `terraform init`.
 
 ```hcl
 terraform {
   required_providers {
     opal = {
       source  = "opalsecurity/opal"
-      version = "3.0.1"  # or other later version
+      version = "0.24.9"
     }
   }
 }
 
 provider "opal" {
-  bearer_auth = <auth-token>
-  server_url = "https://api.opal.dev/v1"
+  # Configuration options
 }
 ```
+<!-- End Installation [installation] -->
+
+
+<!-- Start Available Resources and Data Sources [operations] -->
+## Available Resources and Data Sources
+
+### Resources
+
+* [opal_configuration_template](docs/resources/configuration_template.md)
+* [opal_group](docs/resources/group.md)
+* [opal_group_resource_list](docs/resources/group_resource_list.md)
+* [opal_group_tag](docs/resources/group_tag.md)
+* [opal_group_user](docs/resources/group_user.md)
+* [opal_message_channel](docs/resources/message_channel.md)
+* [opal_on_call_schedule](docs/resources/on_call_schedule.md)
+* [opal_owner](docs/resources/owner.md)
+* [opal_resource](docs/resources/resource.md)
+* [opal_resource_tag](docs/resources/resource_tag.md)
+* [opal_tag](docs/resources/tag.md)
+* [opal_tag_user](docs/resources/tag_user.md)
+### Data Sources
+
+* [opal_app](docs/data-sources/app.md)
+* [opal_apps](docs/data-sources/apps.md)
+* [opal_configuration_template_list](docs/data-sources/configuration_template_list.md)
+* [opal_events](docs/data-sources/events.md)
+* [opal_group](docs/data-sources/group.md)
+* [opal_group_list](docs/data-sources/group_list.md)
+* [opal_group_resource_list](docs/data-sources/group_resource_list.md)
+* [opal_group_reviewers_stages_list](docs/data-sources/group_reviewers_stages_list.md)
+* [opal_group_tags](docs/data-sources/group_tags.md)
+* [opal_group_users](docs/data-sources/group_users.md)
+* [opal_message_channel](docs/data-sources/message_channel.md)
+* [opal_message_channel_list](docs/data-sources/message_channel_list.md)
+* [opal_on_call_schedule](docs/data-sources/on_call_schedule.md)
+* [opal_on_call_schedule_list](docs/data-sources/on_call_schedule_list.md)
+* [opal_owner](docs/data-sources/owner.md)
+* [opal_owner_from_name](docs/data-sources/owner_from_name.md)
+* [opal_owners](docs/data-sources/owners.md)
+* [opal_requests](docs/data-sources/requests.md)
+* [opal_resource](docs/data-sources/resource.md)
+* [opal_resource_message_channel_list](docs/data-sources/resource_message_channel_list.md)
+* [opal_resource_reviewers_list](docs/data-sources/resource_reviewers_list.md)
+* [opal_resources_list](docs/data-sources/resources_list.md)
+* [opal_resources_access_status](docs/data-sources/resources_access_status.md)
+* [opal_resources_users_list](docs/data-sources/resources_users_list.md)
+* [opal_resource_tags](docs/data-sources/resource_tags.md)
+* [opal_resource_visibility](docs/data-sources/resource_visibility.md)
+* [opal_sessions](docs/data-sources/sessions.md)
+* [opal_tag](docs/data-sources/tag.md)
+* [opal_tags_list](docs/data-sources/tags_list.md)
+* [opal_uar](docs/data-sources/uar.md)
+* [opal_uars_list](docs/data-sources/uars_list.md)
+* [opal_user](docs/data-sources/user.md)
+* [opal_users](docs/data-sources/users.md)
+* [opal_user_tags](docs/data-sources/user_tags.md)
+<!-- End Available Resources and Data Sources [operations] -->
+
+<!-- Start Testing the provider locally [usage] -->
+## Testing the provider locally
+
+#### Local Provider
+
+Should you want to validate a change locally, the `--debug` flag allows you to execute the provider against a terraform instance locally.
+
+This also allows for debuggers (e.g. delve) to be attached to the provider.
 
-<!-- End SDK Installation [installation] -->
+```sh
+go run main.go --debug
+# Copy the TF_REATTACH_PROVIDERS env var
+# In a new terminal
+cd examples/your-example
+TF_REATTACH_PROVIDERS=... terraform init
+TF_REATTACH_PROVIDERS=... terraform apply
+```
 
+#### Compiled Provider
 
-<!-- Start SDK Example Usage [usage] -->
-## SDK Example Usage
+Terraform allows you to use local provider builds by setting a `dev_overrides` block in a configuration file called `.terraformrc`. This block overrides all other configured installation methods.
 
-### Testing the provider locally
-If you want to test the provider using a development version of this provider, you can run this provider locally by simply running
+1. Execute `go build` to construct a binary called `terraform-provider-opal`
+2. Ensure that the `.terraformrc` file is configured with a `dev_overrides` section such that your local copy of terraform can see the provider binary
 
-```sh
-go run main.go --debug
-```
-This command should output a log line that looks like
-```sh
-TF_REATTACH_PROVIDERS='{"registry.terraform.io/opalsecurity/opal":{"Protocol":"grpc","ProtocolVersion":6,"Pid":55387,"Test":true,"Addr":{"Network":"unix","String":"/var/folders/rw/nppqqcz93r11_b8n3_q1tzsr0000gn/T/plugin2970912145"}}}'
-```
-This logline tells you the value of the environment variable to set wherever you invoke your Terraform operations (e.g. `plan`, `apply`, etc). You can either export `TF_REATTACH_PROVIDERS` or just prefix your commands with the envar.
+Terraform searches for the `.terraformrc` file in your home directory and applies any configuration settings you set.
 
-If you would like to enable IDE debugging in VScode you can add the following launch profile.
-```
-{
-    "version": "0.2.0",
-    "configurations": [
-        {
-            "name": "Debug",
-            "type": "go",
-            "request": "launch",
-            "mode": "auto",
-            "program": "${workspaceFolder}/main.go",
-            "args": ["--debug"],
-        }
-    ]
-}
 ```
-For the IDE to trigger any breakpoints you must run the debug process _within_ VSCode instead of a standalone terminal (e.g. Terminal, ITerm, etc). Take the `TF_REATTACH_PROVIDERS` like before and use it while applying the Terraform operations.
+provider_installation {
 
+  dev_overrides {
+      "registry.terraform.io/opalsecurity/opal" = "<PATH>"
+  }
 
-### Contributions
-
-While we value open-source contributions to this SDK, this library is generated programmatically.
-Feel free to open a PR or a Github issue as a proof of concept and we'll do our best to include it in a future release!
+  # For all other providers, install them directly from their origin provider
+  # registries as normal. If you omit this, Terraform will _only_ use
+  # the dev_overrides block, and so no other providers will be available.
+  direct {}
+}
+```
+<!-- End Testing the provider locally [usage] -->
 
-<!-- No SDK Installation -->
-<!-- No SDK Example Usage -->
-<!-- No SDK Available Operations -->
 <!-- Placeholder for Future Speakeasy SDK Sections -->
 
 
diff --git a/docs/data-sources/apps.md b/docs/data-sources/apps.md
@@ -15,7 +15,7 @@ Apps DataSource
 ```terraform
 data "opal_apps" "my_apps" {
   app_type_filter = [
-    "OKTA_DIRECTORY",
+    "OKTA_DIRECTORY"
   ]
   owner_filter = "29827fb8-f2dd-4e80-9576-28e31e9934ac"
 }

diff --git a/docs/data-sources/configuration_template_list.md b/docs/data-sources/configuration_template_list.md
@@ -32,6 +32,7 @@ Read-Only:
 - `admin_owner_id` (String) The ID of the owner of the configuration template.
 - `break_glass_user_ids` (Set of String) The IDs of the break glass users linked to the configuration template.
 - `configuration_template_id` (String) The ID of the configuration template.
+- `custom_request_notification` (String) Custom request notification sent upon request approval for this configuration template.
 - `linked_audit_message_channel_ids` (Set of String) The IDs of the audit message channels linked to the configuration template.
 - `member_oncall_schedule_ids` (Set of String) The IDs of the on-call schedules linked to the configuration template.
 - `name` (String) The name of the configuration template.
@@ -49,13 +50,13 @@ Read-Only:
 - `enabled_on_grant` (Boolean)
 - `enabled_on_revocation` (Boolean)
 - `ticket_project_id` (String)
-- `ticket_provider` (String) The third party ticketing platform provider. must be one of ["JIRA", "LINEAR", "SERVICE_NOW"]
+- `ticket_provider` (String) The third party ticketing platform provider.
 
 
 <a id="nestedatt--results--visibility"></a>
 ### Nested Schema for `results.visibility`
 
 Read-Only:
 
-- `visibility` (String) The visibility level of the entity. must be one of ["GLOBAL", "LIMITED"]
+- `visibility` (String) The visibility level of the entity.
 - `visibility_group_ids` (Set of String)
diff --git a/docs/data-sources/group.md b/docs/data-sources/group.md
@@ -14,7 +14,7 @@ Group DataSource
 
 ```terraform
 data "opal_group" "my_group" {
-  id = "f454d283-ca87-4a8a-bdbb-df212eca5353"
+  id = "32acc112-21ff-4669-91c2-21e27683eaa1"
 }
 ```
 
@@ -29,18 +29,19 @@ data "opal_group" "my_group" {
 
 - `admin_owner_id` (String) The ID of the owner of the group.
 - `app_id` (String) The ID of the group's app.
+- `custom_request_notification` (String) Custom request notification sent to the requester when the request is approved.
 - `description` (String) A description of the group.
 - `group_binding_id` (String) The ID of the associated group binding.
 - `group_leader_user_ids` (Set of String) A list of User IDs for the group leaders of the group
-- `group_type` (String) The type of the group. must be one of ["ACTIVE_DIRECTORY_GROUP", "AWS_SSO_GROUP", "DUO_GROUP", "GIT_HUB_TEAM", "GIT_LAB_GROUP", "GOOGLE_GROUPS_GROUP", "LDAP_GROUP", "OKTA_GROUP", "OPAL_GROUP", "AZURE_AD_SECURITY_GROUP", "AZURE_AD_MICROSOFT_365_GROUP"]
-- `message_channels` (Attributes) The audit and reviewer message channels attached to the group. (see [below for nested schema](#nestedatt--message_channels))
+- `group_type` (String) The type of the group.
+- `message_channels` (Attributes) (see [below for nested schema](#nestedatt--message_channels))
 - `name` (String) The name of the group.
-- `oncall_schedules` (Attributes) The on call schedules attached to the group. (see [below for nested schema](#nestedatt--oncall_schedules))
+- `oncall_schedules` (Attributes) (see [below for nested schema](#nestedatt--oncall_schedules))
 - `remote_info` (Attributes) Information that defines the remote group. This replaces the deprecated remote_id and metadata fields. (see [below for nested schema](#nestedatt--remote_info))
 - `remote_name` (String) The name of the remote.
 - `request_configurations` (Attributes Set) A list of request configurations for this group. (see [below for nested schema](#nestedatt--request_configurations))
 - `require_mfa_to_approve` (Boolean) A bool representing whether or not to require MFA for reviewers to approve requests for this group.
-- `visibility` (String) The visibility level of the entity. must be one of ["GLOBAL", "LIMITED"]
+- `visibility` (String) The visibility level of the entity.
 - `visibility_group_ids` (Set of String)
 
 <a id="nestedatt--message_channels"></a>
@@ -59,7 +60,7 @@ Read-Only:
 - `is_private` (Boolean) A bool representing whether or not the message channel is private.
 - `name` (String) The name of the message channel.
 - `remote_id` (String) The remote ID of the message channel
-- `third_party_provider` (String) The third party provider of the message channel. must be one of ["SLACK"]
+- `third_party_provider` (String) The third party provider of the message channel.
 
 
 
@@ -71,7 +72,7 @@ Read-Only:
 - `id` (String) The ID of the on-call schedule.
 - `name` (String) The name of the on call schedule.
 - `remote_id` (String) The remote ID of the on call schedule
-- `third_party_provider` (String) The third party provider of the on call schedule. must be one of ["OPSGENIE", "PAGER_DUTY"]
+- `third_party_provider` (String) The third party provider of the on call schedule.
 
 
 <a id="nestedatt--remote_info"></a>
@@ -192,7 +193,7 @@ Read-Only:
 
 Read-Only:
 
-- `operator` (String) The operator of the reviewer stage. Admin and manager approval are also treated as reviewers. must be one of ["AND", "OR"]
+- `operator` (String) The operator of the reviewer stage. Admin and manager approval are also treated as reviewers.
 - `owner_ids` (Set of String)
 - `require_admin_approval` (Boolean) Whether this reviewer stage should require admin approval.
 - `require_manager_approval` (Boolean) Whether this reviewer stage should require manager approval.
diff --git a/docs/data-sources/group_list.md b/docs/data-sources/group_list.md
@@ -15,7 +15,7 @@ GroupList DataSource
 ```terraform
 data "opal_group_list" "my_group_list" {
   group_ids = [
-    "1b978423-db0a-4037-a4cf-f79c60cb67b3",
+    "1b978423-db0a-4037-a4cf-f79c60cb67b3"
   ]
   group_name        = "example-name"
   group_type_filter = "OPAL_GROUP"
@@ -30,7 +30,7 @@ data "opal_group_list" "my_group_list" {
 
 - `group_ids` (List of String) The group ids to filter by.
 - `group_name` (String) Group name.
-- `group_type_filter` (String) The type of the group. must be one of ["ACTIVE_DIRECTORY_GROUP", "AWS_SSO_GROUP", "DUO_GROUP", "GIT_HUB_TEAM", "GIT_LAB_GROUP", "GOOGLE_GROUPS_GROUP", "LDAP_GROUP", "OKTA_GROUP", "OPAL_GROUP", "AZURE_AD_SECURITY_GROUP", "AZURE_AD_MICROSOFT_365_GROUP"]
+- `group_type_filter` (String) The group type to filter by.
 - `page_size` (Number) Number of results to return per page. Default is 200.
 
 ### Read-Only
@@ -44,10 +44,11 @@ Read-Only:
 
 - `admin_owner_id` (String) The ID of the owner of the group.
 - `app_id` (String) The ID of the group's app.
+- `custom_request_notification` (String) Custom request notification sent to the requester when the request is approved.
 - `description` (String) A description of the group.
 - `group_binding_id` (String) The ID of the associated group binding.
 - `group_leader_user_ids` (Set of String) A list of User IDs for the group leaders of the group
-- `group_type` (String) The type of the group. must be one of ["ACTIVE_DIRECTORY_GROUP", "AWS_SSO_GROUP", "DUO_GROUP", "GIT_HUB_TEAM", "GIT_LAB_GROUP", "GOOGLE_GROUPS_GROUP", "LDAP_GROUP", "OKTA_GROUP", "OPAL_GROUP", "AZURE_AD_SECURITY_GROUP", "AZURE_AD_MICROSOFT_365_GROUP"]
+- `group_type` (String) The type of the group.
 - `id` (String) The ID of the group.
 - `name` (String) The name of the group.
 - `remote_info` (Attributes) Information that defines the remote group. This replaces the deprecated remote_id and metadata fields. (see [below for nested schema](#nestedatt--results--remote_info))
@@ -173,7 +174,7 @@ Read-Only:
 
 Read-Only:
 
-- `operator` (String) The operator of the reviewer stage. Admin and manager approval are also treated as reviewers. must be one of ["AND", "OR"]
+- `operator` (String) The operator of the reviewer stage. Admin and manager approval are also treated as reviewers.
 - `owner_ids` (Set of String)
 - `require_admin_approval` (Boolean) Whether this reviewer stage should require admin approval.
 - `require_manager_approval` (Boolean) Whether this reviewer stage should require manager approval.
diff --git a/docs/data-sources/group_reviewers_stages_list.md b/docs/data-sources/group_reviewers_stages_list.md
@@ -27,14 +27,14 @@ data "opal_group_reviewers_stages_list" "my_groupreviewersstageslist" {
 
 ### Read-Only
 
-- `data` (Attributes List) The reviewer stages for this group. (see [below for nested schema](#nestedatt--data))
+- `data` (Attributes List) (see [below for nested schema](#nestedatt--data))
 
 <a id="nestedatt--data"></a>
 ### Nested Schema for `data`
 
 Read-Only:
 
-- `operator` (String) The operator of the reviewer stage. Admin and manager approval are also treated as reviewers. must be one of ["AND", "OR"]
+- `operator` (String) The operator of the reviewer stage. Admin and manager approval are also treated as reviewers.
 - `owner_ids` (Set of String)
 - `require_admin_approval` (Boolean) Whether this reviewer stage should require admin approval.
 - `require_manager_approval` (Boolean) Whether this reviewer stage should require manager approval.
diff --git a/docs/data-sources/message_channel.md b/docs/data-sources/message_channel.md
@@ -14,7 +14,7 @@ MessageChannel DataSource
 
 ```terraform
 data "opal_message_channel" "my_messagechannel" {
-  id = "6670617d-e72a-47f5-a84c-693817ab4860"
+  id = "4baf8423-db0a-4037-a4cf-f79c60cb67a5"
 }
 ```
 
@@ -30,4 +30,4 @@ data "opal_message_channel" "my_messagechannel" {
 - `is_private` (Boolean) A bool representing whether or not the message channel is private.
 - `name` (String) The name of the message channel.
 - `remote_id` (String) The remote ID of the message channel
-- `third_party_provider` (String) The third party provider of the message channel. must be one of ["SLACK"]
+- `third_party_provider` (String) The third party provider of the message channel.
diff --git a/docs/data-sources/message_channel_list.md b/docs/data-sources/message_channel_list.md
@@ -33,4 +33,4 @@ Read-Only:
 - `is_private` (Boolean) A bool representing whether or not the message channel is private.
 - `name` (String) The name of the message channel.
 - `remote_id` (String) The remote ID of the message channel
-- `third_party_provider` (String) The third party provider of the message channel. must be one of ["SLACK"]
+- `third_party_provider` (String) The third party provider of the message channel.
diff --git a/docs/data-sources/on_call_schedule.md b/docs/data-sources/on_call_schedule.md
@@ -29,4 +29,4 @@ data "opal_on_call_schedule" "my_oncallschedule" {
 
 - `name` (String) The name of the on call schedule.
 - `remote_id` (String) The remote ID of the on call schedule
-- `third_party_provider` (String) The third party provider of the on call schedule. must be one of ["OPSGENIE", "PAGER_DUTY"]
+- `third_party_provider` (String) The third party provider of the on call schedule.
diff --git a/docs/data-sources/on_call_schedule_list.md b/docs/data-sources/on_call_schedule_list.md
@@ -32,4 +32,4 @@ Read-Only:
 - `id` (String) The ID of the on-call schedule.
 - `name` (String) The name of the on call schedule.
 - `remote_id` (String) The remote ID of the on call schedule
-- `third_party_provider` (String) The third party provider of the on call schedule. must be one of ["OPSGENIE", "PAGER_DUTY"]
+- `third_party_provider` (String) The third party provider of the on call schedule.