Add global role resource

CHANGELOG.md

@@ -1,3 +1,9 @@
+## 1.4.0 (Mar 6, 2024)
+
+FEATURES:
+
+* **New Resource:** `platform_global_role`: PR: [#35](https://github.com/jfrog/terraform-provider-platform/pull/35)
+
 ## 1.3.0 (Feb 29, 2024)
 
 FEATURES:

CONTRIBUTIONS.md

@@ -16,11 +16,11 @@ JFrog requires contributors to sign a Contributor License Agreement, known as a
 
 ## Building
 
-Simply run `make install` - this will compile the provider and install it to `~/.terraform.d`. When running this, it will take the current tag and bump it 1 patch version. It does not actually create a new tag (that will be `make release`). If you wish to use the locally installed provider, make sure your TF script refers to the new version number.
+Simply run `make install` - this will compile the provider and install it to `~/.terraform.d`. When running this, it will take the current tag and bump it 1 patch version. It does not actually create a new tag. If you wish to use the locally installed provider, make sure your TF script refers to the new version number.
 
 Requirements:
-- [Terraform](https://www.terraform.io/downloads.html) 0.13+
-- [Go](https://golang.org/doc/install) 1.18+ (to build the provider plugin)
+- [Terraform](https://www.terraform.io/downloads.html) 1.7+
+- [Go](https://golang.org/doc/install) 1.21+ (to build the provider plugin)
 
 ## Debugging
 
@@ -36,9 +36,9 @@ The script requires a valid license of a [supported type](https://github.com/jfr
 
 With the script you can start one or two Artifactory instances using docker compose.
 
-The license is not supplied, but a [30 day trial license can be freely obtained](https://jfrog.com/start-free/#hosted) and will allow local development. Make sure the license saved as a multi line text file.
+The license is not supplied but is required for local development. Make sure the license saved as a multi line text file.
 
-Currently, acceptance tests **require an access key** and don't support basic authentication or an API key. To generate an access key, please refer to the [official documentation](https://www.jfrog.com/confluence/display/JFROG/Access+Tokens#AccessTokens-GeneratingAdminTokens)
+Currently, acceptance tests **require an access key**. To generate an access key, please refer to the [official documentation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/generate-admin-tokens)
 
 Then, you have to set some environment variables as this is how the acceptance tests pick up their config.
 
@@ -48,6 +48,7 @@ ARTIFACTORY_USERNAME=admin
 ARTIFACTORY_ACCESS_TOKEN=<your_access_token>
 TF_ACC=true
 ```
+
 `ARTIFACTORY_USERNAME` is not used in authentication, but used in several tests, related to replication functionality. It should be hardcoded to `admin`, because it's a default user created in the Artifactory instance from the start.
 
 A crucial env var to set is `TF_ACC=true` - you can literally set `TF_ACC` to anything you want, so long as it's set. The acceptance tests use terraform testing libraries that, if this flag isn't set, will skip all tests.
@@ -66,12 +67,6 @@ $ make acceptance
 
 **DO NOT** remove the `-v` - terraform testing needs this. This will recursively run all tests, including acceptance tests.
 
-### Testing Federated repos
-
-To execute acceptance tests for federated repo resource, we need:
-- 2 Artifactory instances, configured with [Circle-of-Trust](https://www.jfrog.com/confluence/display/JFROG/Access+Tokens#AccessTokens-CircleofTrust(Cross-InstanceAuthentication))
-- Set environment variables `ARTIFACTORY_URL_2` to enable the acceptance tests that utilize both Artifactory instances
-
 #### Setup Artifactory instances
 
 The [scripts/run-artifactory.sh](scripts/run-artifactory.sh) starts two Artifactory instances for testing using the file [scripts/docker-compose.yml](scripts/docker-compose.yml).
@@ -92,11 +87,6 @@ Run all the acceptance tests as usual
 $ make acceptance
 ```
 
-Or run only the acceptance tests for Federated repos:
-```sh
-$ make acceptance_federated
-```
-
 ## Releasing
 
 Please create a pull request against the master branch. Each pull request will be reviewed by a member of the JFrog team.

docs/resources/global_role.md

@@ -0,0 +1,45 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "platform_global_role Resource - terraform-provider-platform"
+subcategory: ""
+description: |-
+  Provides a JFrog global role https://jfrog.com/help/r/jfrog-platform-administration-documentation/global-and-project-role-types resource to manage custom global roles.
+---
+
+# platform_global_role (Resource)
+
+Provides a JFrog [global role](https://jfrog.com/help/r/jfrog-platform-administration-documentation/global-and-project-role-types) resource to manage custom global roles.
+
+## Example Usage
+
+```terraform
+resource "platform_global_role" "my-global-role" {
+  name         = "my-global-role"
+  description  = "My custom global role"
+  type         = "CUSTOM_GLOBAL"
+  environments = ["DEV", "PROD"]
+  actions      = ["READ_REPOSITORY", "READ_BUILD"]
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `actions` (Set of String) List of actions. Allowed values: READ_REPOSITORY, ANNOTATE_REPOSITORY, DEPLOY_CACHE_REPOSITORY, DELETE_OVERWRITE_REPOSITORY, MANAGE_XRAY_MD_REPOSITORY, READ_RELEASE_BUNDLE, ANNOTATE_RELEASE_BUNDLE, CREATE_RELEASE_BUNDLE, DISTRIBUTE_RELEASE_BUNDLE, DELETE_RELEASE_BUNDLE, MANAGE_XRAY_MD_RELEASE_BUNDLE, READ_BUILD, ANNOTATE_BUILD, DEPLOY_BUILD, DELETE_BUILD, MANAGE_XRAY_MD_BUILD, READ_SOURCES_PIPELINE, TRIGGER_PIPELINE, READ_INTEGRATIONS_PIPELINE, READ_POOLS_PIPELINE, REPORTS_SECURITY, WATCHES_SECURITY, POLICIES_SECURITY, RULES_SECURITY, READ_POLICIES_SECURITY
+- `environments` (Set of String) List of global or custom environments. A repository can be available in different environments. Members with roles defined in the set environment will have access to the repository.
+- `name` (String) Name of the role
+- `type` (String) Type of the role. Allowed values: ADMIN, CUSTOM_GLOBAL, PREDEFINED
+
+### Optional
+
+- `description` (String) Description of the role
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import platform_global_role.my-global-role my-global-role
+```

examples/resources/platform_global_role/import.sh

@@ -0,0 +1 @@
+terraform import platform_global_role.my-global-role my-global-role

examples/resources/platform_global_role/resource.tf

@@ -0,0 +1,7 @@
+resource "platform_global_role" "my-global-role" {
+  name         = "my-global-role"
+  description  = "My custom global role"
+  type         = "CUSTOM_GLOBAL"
+  environments = ["DEV", "PROD"]
+  actions      = ["READ_REPOSITORY", "READ_BUILD"]
+}

pkg/platform/provider.go

@@ -142,6 +142,7 @@ func (p *PlatformProvider) DataSources(ctx context.Context) []func() datasource.
 func (p *PlatformProvider) Resources(ctx context.Context) []func() resource.Resource {
 	return []func() resource.Resource{
 		NewLicenseResource,
+		NewGlobalRoleResource,
 		NewPermissionResource,
 		NewReverseProxyResource,
 		NewWorkerServiceResource,