hopefully finally fixed the TLS nil pointer

Reviewed-on: #19

Makefile

@@ -3,7 +3,7 @@ GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor)
 
 GOFMT ?= gofmt -s
 
-VERSION = 0.9.0
+VERSION = 0.11.1
 
 test: fmt-check
 	go test -i $(TEST) || exit 1

README.md

@@ -17,7 +17,7 @@ terraform {
   required_providers {
     gitea = {
       source = "Lerentis/gitea"
-      version = "0.9.0"
+      version = "0.11.1"
     }
   }
 }

docs/index.md

@@ -17,7 +17,7 @@ terraform {
   required_providers {
     gitea = {
       source = "Lerentis/gitea"
-      version = "0.9.0"
+      version = "0.11.1"
     }
   }
 }

docs/resources/repository.md

@@ -93,7 +93,10 @@ Need to exist in the gitea instance
 ### Read-Only
 
 - `created` (String)
+- `clone_url` (String)
+- `html_url` (String)
 - `id` (String) The ID of this resource.
+- `ssh_url` (String)
 - `permission_admin` (Boolean)
 - `permission_pull` (Boolean)
 - `permission_push` (Boolean)

docs/resources/token.md

@@ -0,0 +1,67 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "gitea_token Resource - terraform-provider-gitea"
+subcategory: ""
+description: |-
+  gitea_token manages gitea Access Tokens.
+  Due to upstream limitations (see https://gitea.com/gitea/go-sdk/issues/610) this resource
+  can only be used with username/password provider configuration.
+  WARNING:
+  Tokens will be stored in the terraform state!
+---
+
+# gitea_token (Resource)
+
+`gitea_token` manages gitea Access Tokens.
+
+Due to upstream limitations (see https://gitea.com/gitea/go-sdk/issues/610) this resource
+can only be used with username/password provider configuration.
+
+WARNING:
+Tokens will be stored in the terraform state!
+
+## Example Usage
+
+```terraform
+provider "gitea" {
+  base_url = var.gitea_url
+  # Token Auth can not be used with this resource
+  username = var.gitea_username
+  password = var.gitea_password
+}
+
+resource "gitea_user" "test" {
+  username             = "test"
+  login_name           = "test"
+  password             = "Geheim1!"
+  email                = "test@user.dev"
+  must_change_password = false
+  admin                = true
+}
+
+resource "gitea_token" "test_token" {
+  username = resource.gitea_user.test.username
+  name     = "test-token"
+}
+
+output "token" {
+  value     = resource.gitea_token.test_token.token
+  sensitive = true
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) The name of the Access Token
+- `username` (String) The owner of the Access Token
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `last_eight` (String)
+- `token` (String, Sensitive) The actual Access Token
+
+

examples/main.tf

@@ -95,3 +95,13 @@ resource "gitea_fork" "org2_fork_of_repo1_in_org1" {
   repo         = gitea_repository.repo1_in_org1.name
   organization = gitea_org.org2.name
 }
+
+resource "gitea_token" "test_token" {
+  username = data.gitea_user.me.username
+  name     = "test-token"
+}
+
+output "token" {
+  value = resource.gitea_token.test_token.token
+  sensitive = true
+}

examples/provider.tf

@@ -2,12 +2,14 @@ terraform {
   required_providers {
     gitea = {
       source = "terraform.local/lerentis/gitea"
-      version = "0.9.0"
+      version = "0.11.1"
     }
   }
 }
 
 provider "gitea" {
   base_url = var.gitea_url
-  token    = var.gitea_token
+  username = "lerentis"
+  password = var.gitea_password
+  #token    = var.gitea_token
 }

examples/provider/provider.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     gitea = {
       source = "Lerentis/gitea"
-      version = "0.9.0"
+      version = "0.11.1"
     }
   }
 }

examples/resources/gitea_token/resource.tf

@@ -0,0 +1,25 @@
+provider "gitea" {
+  base_url = var.gitea_url
+  # Token Auth can not be used with this resource
+  username = var.gitea_username
+  password = var.gitea_password
+}
+
+resource "gitea_user" "test" {
+  username             = "test"
+  login_name           = "test"
+  password             = "Geheim1!"
+  email                = "test@user.dev"
+  must_change_password = false
+  admin                = true
+}
+
+resource "gitea_token" "test_token" {
+  username = resource.gitea_user.test.username
+  name     = "test-token"
+}
+
+output "token" {
+  value     = resource.gitea_token.test_token.token
+  sensitive = true
+}

examples/variables.tf

@@ -9,3 +9,7 @@ variable "gitea_token" {
 variable "gitea_mirror_token" {
   
 }
+
+variable "gitea_password" {
+  
+}

gitea/config.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"net/http"
+	"time"
 
 	"code.gitea.io/sdk/gitea"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/logging"
@@ -28,8 +29,7 @@ func (c *Config) Client() (interface{}, error) {
 		return nil, fmt.Errorf("either a token or a username needs to be used")
 	}
 	// Configure TLS/SSL
-	tlsConfig := &tls.Config{}
+	var tlsConfig tls.Config
-
 	// If a CACertFile has been specified, use that for cert validation
 	if c.CACertFile != "" {
 		caCert, err := ioutil.ReadFile(c.CACertFile)
@@ -43,13 +43,12 @@ func (c *Config) Client() (interface{}, error) {
 	}
 
 	// If configured as insecure, turn off SSL verification
-	if c.Insecure {
+	tlsConfig.InsecureSkipVerify = c.Insecure
-		tlsConfig.InsecureSkipVerify = true
-	}
 
 	t := http.DefaultTransport.(*http.Transport).Clone()
-	t.TLSClientConfig = tlsConfig
+	t.TLSClientConfig = &tlsConfig
 	t.MaxIdleConnsPerHost = 100
+	t.TLSHandshakeTimeout = 10 * time.Second
 
 	httpClient := &http.Client{
 		Transport: logging.NewTransport("Gitea", t),
@@ -60,16 +59,23 @@ func (c *Config) Client() (interface{}, error) {
 	}
 
 	var client *gitea.Client
+	var err error
 	if c.Token != "" {
-		client, _ = gitea.NewClient(c.BaseURL, gitea.SetToken(c.Token), gitea.SetHTTPClient(httpClient))
+		client, err = gitea.NewClient(c.BaseURL, gitea.SetToken(c.Token), gitea.SetHTTPClient(httpClient))
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	if c.Username != "" {
-		client, _ = gitea.NewClient(c.BaseURL, gitea.SetBasicAuth(c.Username, c.Password), gitea.SetHTTPClient(httpClient))
+		client, err = gitea.NewClient(c.BaseURL, gitea.SetBasicAuth(c.Username, c.Password), gitea.SetHTTPClient(httpClient))
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	// Test the credentials by checking we can get information about the authenticated user.
-	_, _, err := client.GetMyUserInfo()
+	_, _, err = client.GetMyUserInfo()
 
 	return client, err
 }

gitea/provider.go

@@ -82,6 +82,7 @@ func Provider() *schema.Provider {
 			"gitea_public_key": resourceGiteaPublicKey(),
 			"gitea_team":       resourceGiteaTeam(),
 			"gitea_git_hook":   resourceGiteaGitHook(),
+			"gitea_token":      resourceGiteaToken(),
 		},
 
 		ConfigureFunc: providerConfigure,

gitea/resource_gitea_repository.go

@@ -78,16 +78,6 @@ func resourceRepoCreate(d *schema.ResourceData, meta interface{}) (err error) {
 	client := meta.(*gitea.Client)
 
 	var repo *gitea.Repository
-	var resp *gitea.Response
-	var orgRepo bool
-
-	_, resp, err = client.GetOrg(d.Get(repoOwner).(string))
-
-	if resp.StatusCode == 404 {
-		orgRepo = false
-	} else {
-		orgRepo = true
-	}
 
 	if (d.Get(repoMirror)).(bool) {
 
@@ -144,15 +134,11 @@ func resourceRepoCreate(d *schema.ResourceData, meta interface{}) (err error) {
 			TrustModel:    "default",
 		}
 
-		if orgRepo {
+		repo, _, err = client.CreateOrgRepo(d.Get(repoOwner).(string), opts)
-			repo, _, err = client.CreateOrgRepo(d.Get(repoOwner).(string), opts)
-		} else {
-			repo, _, err = client.CreateRepo(opts)
-		}
 	}
 
 	if err != nil {
-		return
+		return err
 	}
 
 	err = setRepoResourceData(repo, d)
@@ -530,6 +516,18 @@ func resourceGiteaRepository() *schema.Resource {
 				Optional: true,
 				Default:  "",
 			},
+			"clone_url": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"html_url": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"ssh_url": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 		},
 		Description: "`gitea_repository` manages a gitea repository.\n\n" +
 			"Per default this repository will be initializiled with the provided configuration (gitignore, License etc.).\n" +

gitea/resource_gitea_token.go

@@ -0,0 +1,151 @@
+package gitea
+
+import (
+	"fmt"
+	"strconv"
+
+	"code.gitea.io/sdk/gitea"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+const (
+	TokenUsername  string = "username"
+	TokenName      string = "name"
+	TokenHash      string = "token"
+	TokenLastEight string = "last_eight"
+)
+
+func searchTokenById(c *gitea.Client, id int64) (res *gitea.AccessToken, err error) {
+	page := 1
+
+	for {
+		tokens, _, err := c.ListAccessTokens(gitea.ListAccessTokensOptions{
+			ListOptions: gitea.ListOptions{
+				Page:     page,
+				PageSize: 50,
+			},
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		if len(tokens) == 0 {
+			return nil, fmt.Errorf("Token with ID %d could not be found", id)
+		}
+
+		for _, token := range tokens {
+			if token.ID == id {
+				return token, nil
+			}
+		}
+
+		page += 1
+	}
+}
+
+func resourceTokenCreate(d *schema.ResourceData, meta interface{}) (err error) {
+
+	client := meta.(*gitea.Client)
+
+	var opt gitea.CreateAccessTokenOption
+	opt.Name = d.Get(TokenName).(string)
+
+	token, _, err := client.CreateAccessToken(opt)
+
+	if err != nil {
+		return err
+	}
+
+	err = setTokenResourceData(token, d)
+
+	return
+}
+
+func resourceTokenRead(d *schema.ResourceData, meta interface{}) (err error) {
+
+	client := meta.(*gitea.Client)
+
+	var token *gitea.AccessToken
+
+	id, err := strconv.ParseInt(d.Id(), 10, 64)
+
+	token, err = searchTokenById(client, id)
+
+	if err != nil {
+		return err
+	}
+
+	err = setTokenResourceData(token, d)
+
+	return
+}
+
+func resourceTokenDelete(d *schema.ResourceData, meta interface{}) (err error) {
+
+	client := meta.(*gitea.Client)
+	var resp *gitea.Response
+
+	resp, err = client.DeleteAccessToken(d.Get(TokenName).(string))
+
+	if err != nil {
+		if resp.StatusCode == 404 {
+			return
+		} else {
+			return err
+		}
+	}
+
+	return
+}
+
+func setTokenResourceData(token *gitea.AccessToken, d *schema.ResourceData) (err error) {
+
+	d.SetId(fmt.Sprintf("%d", token.ID))
+	d.Set(TokenName, token.Name)
+	if token.Token != "" {
+		d.Set(TokenHash, token.Token)
+	}
+	d.Set(TokenLastEight, token.TokenLastEight)
+
+	return
+}
+
+func resourceGiteaToken() *schema.Resource {
+	return &schema.Resource{
+		Read:   resourceTokenRead,
+		Create: resourceTokenCreate,
+		Delete: resourceTokenDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+		Schema: map[string]*schema.Schema{
+			"username": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The owner of the Access Token",
+			},
+			"name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The name of the Access Token",
+			},
+			"token": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Sensitive:   true,
+				Description: "The actual Access Token",
+			},
+			"last_eight": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+		Description: "`gitea_token` manages gitea Access Tokens.\n\n" +
+			"Due to upstream limitations (see https://gitea.com/gitea/go-sdk/issues/610) this resource\n" +
+			"can only be used with username/password provider configuration.\n\n" +
+			"WARNING:\n" +
+			"Tokens will be stored in the terraform state!",
+	}
+}