Makefile

@@ -3,7 +3,7 @@ GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor)
 
 GOFMT ?= gofmt -s
 
-VERSION = 0.9.0
+VERSION = 0.10.0
 
 test: fmt-check
 	go test -i $(TEST) || exit 1

README.md

@@ -17,7 +17,7 @@ terraform {
   required_providers {
     gitea = {
       source = "Lerentis/gitea"
-      version = "0.9.0"
+      version = "0.10.0"
     }
   }
 }

docs/index.md

@@ -17,7 +17,7 @@ terraform {
   required_providers {
     gitea = {
       source = "Lerentis/gitea"
-      version = "0.9.0"
+      version = "0.10.0"
     }
   }
 }

docs/resources/token.md

@@ -0,0 +1,67 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "gitea_token Resource - terraform-provider-gitea"
+subcategory: ""
+description: |-
+  gitea_token manages gitea Access Tokens.
+  Due to upstream limitations (see https://gitea.com/gitea/go-sdk/issues/610) this resource
+  can only be used with username/password provider configuration.
+  WARNING:
+  Tokens will be stored in the terraform state!
+---
+
+# gitea_token (Resource)
+
+`gitea_token` manages gitea Access Tokens.
+
+Due to upstream limitations (see https://gitea.com/gitea/go-sdk/issues/610) this resource
+can only be used with username/password provider configuration.
+
+WARNING:
+Tokens will be stored in the terraform state!
+
+## Example Usage
+
+```terraform
+provider "gitea" {
+  base_url = var.gitea_url
+  # Token Auth can not be used with this resource
+  username = var.gitea_username
+  password = var.gitea_password
+}
+
+resource "gitea_user" "test" {
+  username             = "test"
+  login_name           = "test"
+  password             = "Geheim1!"
+  email                = "test@user.dev"
+  must_change_password = false
+  admin                = true
+}
+
+resource "gitea_token" "test_token" {
+  username = resource.gitea_user.test.username
+  name     = "test-token"
+}
+
+output "token" {
+  value     = resource.gitea_token.test_token.token
+  sensitive = true
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) The name of the Access Token
+- `username` (String) The owner of the Access Token
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `last_eight` (String)
+- `token` (String, Sensitive) The actual Access Token
+
+

examples/main.tf

@@ -94,4 +94,14 @@ resource "gitea_fork" "org2_fork_of_repo1_in_org1" {
   owner        = gitea_org.org1.name
   repo         = gitea_repository.repo1_in_org1.name
   organization = gitea_org.org2.name
+}
+
+resource "gitea_token" "test_token" {
+  username = data.gitea_user.me.username
+  name     = "test-token"
+}
+
+output "token" {
+  value = resource.gitea_token.test_token.token
+  sensitive = true
 }

examples/provider.tf

@@ -2,12 +2,14 @@ terraform {
   required_providers {
     gitea = {
       source = "terraform.local/lerentis/gitea"
-      version = "0.9.0"
+      version = "0.10.0"
     }
   }
 }
 
 provider "gitea" {
   base_url = var.gitea_url
-  token    = var.gitea_token
+  username = "lerentis"
+  password = var.gitea_password
+  #token    = var.gitea_token
 }

examples/provider/provider.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     gitea = {
       source = "Lerentis/gitea"
-      version = "0.9.0"
+      version = "0.10.0"
     }
   }
 }

examples/resources/gitea_token/resource.tf

@@ -0,0 +1,25 @@
+provider "gitea" {
+  base_url = var.gitea_url
+  # Token Auth can not be used with this resource
+  username = var.gitea_username
+  password = var.gitea_password
+}
+
+resource "gitea_user" "test" {
+  username             = "test"
+  login_name           = "test"
+  password             = "Geheim1!"
+  email                = "test@user.dev"
+  must_change_password = false
+  admin                = true
+}
+
+resource "gitea_token" "test_token" {
+  username = resource.gitea_user.test.username
+  name     = "test-token"
+}
+
+output "token" {
+  value     = resource.gitea_token.test_token.token
+  sensitive = true
+}

examples/variables.tf

@@ -8,4 +8,8 @@ variable "gitea_token" {
 
 variable "gitea_mirror_token" {
   
+}
+
+variable "gitea_password" {
+  
 }

gitea/provider.go

@@ -82,6 +82,7 @@ func Provider() *schema.Provider {
 			"gitea_public_key": resourceGiteaPublicKey(),
 			"gitea_team":       resourceGiteaTeam(),
 			"gitea_git_hook":   resourceGiteaGitHook(),
+			"gitea_token":      resourceGiteaToken(),
 		},
 
 		ConfigureFunc: providerConfigure,

gitea/resource_gitea_token.go

@@ -0,0 +1,151 @@
+package gitea
+
+import (
+	"fmt"
+	"strconv"
+
+	"code.gitea.io/sdk/gitea"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+const (
+	TokenUsername  string = "username"
+	TokenName      string = "name"
+	TokenHash      string = "token"
+	TokenLastEight string = "last_eight"
+)
+
+func searchTokenById(c *gitea.Client, id int64) (res *gitea.AccessToken, err error) {
+	page := 1
+
+	for {
+		tokens, _, err := c.ListAccessTokens(gitea.ListAccessTokensOptions{
+			ListOptions: gitea.ListOptions{
+				Page:     page,
+				PageSize: 50,
+			},
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		if len(tokens) == 0 {
+			return nil, fmt.Errorf("Token with ID %d could not be found", id)
+		}
+
+		for _, token := range tokens {
+			if token.ID == id {
+				return token, nil
+			}
+		}
+
+		page += 1
+	}
+}
+
+func resourceTokenCreate(d *schema.ResourceData, meta interface{}) (err error) {
+
+	client := meta.(*gitea.Client)
+
+	var opt gitea.CreateAccessTokenOption
+	opt.Name = d.Get(TokenName).(string)
+
+	token, _, err := client.CreateAccessToken(opt)
+
+	if err != nil {
+		return err
+	}
+
+	err = setTokenResourceData(token, d)
+
+	return
+}
+
+func resourceTokenRead(d *schema.ResourceData, meta interface{}) (err error) {
+
+	client := meta.(*gitea.Client)
+
+	var token *gitea.AccessToken
+
+	id, err := strconv.ParseInt(d.Id(), 10, 64)
+
+	token, err = searchTokenById(client, id)
+
+	if err != nil {
+		return err
+	}
+
+	err = setTokenResourceData(token, d)
+
+	return
+}
+
+func resourceTokenDelete(d *schema.ResourceData, meta interface{}) (err error) {
+
+	client := meta.(*gitea.Client)
+	var resp *gitea.Response
+
+	resp, err = client.DeleteAccessToken(d.Get(TokenName).(string))
+
+	if err != nil {
+		if resp.StatusCode == 404 {
+			return
+		} else {
+			return err
+		}
+	}
+
+	return
+}
+
+func setTokenResourceData(token *gitea.AccessToken, d *schema.ResourceData) (err error) {
+
+	d.SetId(fmt.Sprintf("%d", token.ID))
+	d.Set(TokenName, token.Name)
+	if token.Token != "" {
+		d.Set(TokenHash, token.Token)
+	}
+	d.Set(TokenLastEight, token.TokenLastEight)
+
+	return
+}
+
+func resourceGiteaToken() *schema.Resource {
+	return &schema.Resource{
+		Read:   resourceTokenRead,
+		Create: resourceTokenCreate,
+		Delete: resourceTokenDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+		Schema: map[string]*schema.Schema{
+			"username": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The owner of the Access Token",
+			},
+			"name": {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "The name of the Access Token",
+			},
+			"token": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Sensitive:   true,
+				Description: "The actual Access Token",
+			},
+			"last_eight": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+		Description: "`gitea_token` manages gitea Access Tokens.\n\n" +
+			"Due to upstream limitations (see https://gitea.com/gitea/go-sdk/issues/610) this resource\n" +
+			"can only be used with username/password provider configuration.\n\n" +
+			"WARNING:\n" +
+			"Tokens will be stored in the terraform state!",
+	}
+}