Comments (16)
Hi @fog1985 ,
would it help to provide a data source for privileges? It could return, based on a filter like domain
, repository
or name
, all privileges matching the filter. You could than use the returned list to do some other stuff with it.
resource "nexus_repository" "demo" {
type = "hosted"
format = "maven2"
name = "demo"
...
}
data "nexus_privileges" "demo" {
repository = nexus_repository.demo.name
}
from terraform-provider-nexus.
I believe the only thing we could do is to add a name filter like name = ".*-read"
. So we could use a regexp on the privilege name to get only privileges matching the regexp. Would that help you?
from terraform-provider-nexus.
As an interim solution, I have just come up with this one:
value = [for x in data.nexus_privileges.apt-proxy-read.privileges: x.name if contains(x["actions"], "READ")]
Which returns READ
privilege. :)
from terraform-provider-nexus.
For those who might be looking for the same:
output "privileges_apt_proxy_all_read" {
value = [for x in data.nexus_privileges.apt-proxy-read.privileges: x.name if can(regex("ALL|READ", join("",x.actions)))]
}
output "privileges_apt_proxy_browse" {
value = [for x in data.nexus_privileges.apt-proxy-read.privileges: x.name if can(regex("BROWSE", join("",x.actions)))]
}
output "privileges_multiple_repos_example" {
value = concat([for x in data.nexus_privileges.apt-proxy-read.privileges: x.name if can(regex("ALL|READ", join("",x.actions)))], [for x in data.nexus_privileges.apt-proxy-read.privileges: x.name if can(regex("BROWSE", join("",x.actions)))])
}
In this way, we can get nice filtering based on actions
with the usage of RegExp
.
Or even combine privileges from different repositories and data sources with the usage of Terraform's concat
function.
from terraform-provider-nexus.
Hi @Nosmoht ,
Yeap. It would work like a charm.
from terraform-provider-nexus.
@Nosmoht ,
It would be nice to have the possibility of multiple filters or nested results. Cuz in the repository there are multiple types of privileges. Hence it would be nice to get let's say privileges of type repository-view
which are applied for this
repository.
from terraform-provider-nexus.
Hi @fog1985 ,
this should be fixed with v1.7.0.
from terraform-provider-nexus.
Documentation
Cool. Thank you @Nosmoht
from terraform-provider-nexus.
@fog1985 Please let me know if it works and if we can close the issue.
from terraform-provider-nexus.
Hey @Nosmoht ,
I am sure it works. Don't have a chance to put a new release and test it right away.
Or please leave it for a few days and I will try my best to test it out early next week.
from terraform-provider-nexus.
Hi @Nosmoht ,
I have just tried to use it. And a bit confused with the way of how to declare all the needed stuff.
Here what I have:
data "nexus_privileges" "apt-proxy-read" {
format = "apt"
repository = "apt-proxy"
type = "repository-view"
privileges {
actions = ["read"]
}
}
Was referring at this code:
https://github.com/datadrivers/terraform-provider-nexus/blob/master/nexus/data_source_privileges.go
It indeed seems to have privileges
section.
But not sure what is the difference between format
for example in a root declaration and format
inside of the privileges.
Nevertheless, I get as follow:
Error: "privileges": this field cannot be set
on roles.tf line 1, in data "nexus_privileges" "apt-proxy-read":
1: data "nexus_privileges" "apt-proxy-read" {
If I put actions
into the root still fails that actions are not expected here
.
from terraform-provider-nexus.
Hi @fog1985 ,
the data resource is used to get the list of privileges for the specified repository format
and type
. So please remove the privileges
from your declaration and you should get a list of all privileges of repository apt-proxy
as return value.
from terraform-provider-nexus.
Hi @Nosmoht ,
Thanks. I have managed to read all the privileges' names as follow:
data "nexus_privileges" "apt-proxy-read" {
format = "apt"
repository = "apt-proxy"
type = "repository-view"
}
output "privileges" {
value = data.nexus_privileges.apt-proxy-read.privileges.*.name
}
Is there a way to get a privilege for example which's action stands for READ
or WRITE
?
Or just a list of all privileges?
Also not clear about this parameter in data source block:
type = "repository-view"
Should it be the format of the repository or format of the privileges?
If it's a format of the privileges then it doesn't work as expected. Cuz with repository-view
I got the full list of all the privileges including those aimed for write/edit etc.
It would be nice to have a short example on how to filter out the output of data source to some READ, WRITE, or other filters for privileges.
from terraform-provider-nexus.
I think yes. That would work.
I also tried to use Terrafomr's filter
facility. As described here:
https://www.terraform.io/docs/providers/oci/guides/filters.html
Doesn't work either.
data "nexus_privileges" "apt-proxy-read" {
format = "apt"
repository = "apt-proxy"
type = "repository-view"
filter {
name = "actions"
values = ["READ"]
}
}
Result:
Error: Unsupported block type
on roles.tf line 6, in data "nexus_privileges" "apt-proxy-read":
6: filter {
Blocks of type "filter" are not expected here.
So name
would work if possible.
from terraform-provider-nexus.
Hi @fog1985,
can we close the issue and create a new feature request for the privilege filter?
from terraform-provider-nexus.
Hi @fog1985,
can we close the issue and create a new feature request for the privilege filter?
Hi @Nosmoht ,
Sure.
Thank you.
from terraform-provider-nexus.
Related Issues (20)
- Support for email settings HOT 2
- Allow local development on Apple M1
- Workflow fails due to expired Nexus Pro license HOT 1
- Support for Docker Subdomain Connector HOT 5
- Support for `source` when using `nexus_security_user`
- SAML : validate_response_signature no respected
- Update nexus version in tests HOT 1
- pre-commit commitizen not working anymore
- Could not unmarshal list of generic blobstores
- bug ? nexus_security_role error when the role is modified
- Not possible to set maven configuration on a nexus_repository_maven_group HOT 5
- nexus_security_ldap resource group_type does not see the actual value HOT 1
- Repository doesn't notice changes to routing rules HOT 2
- Nexus_blobstore_file cannot apply path does not reflect in tf state HOT 1
- Error: Plugin did not respond - panic: runtime error: index out of range [0] with length | by adding Repos
- apt hosted signing info not handled by data source
- Support for changing the admin password using terraform
- My Local development env gives invalid resource_type error
- Would like to have a "ignore_not_found" attribute on repository datasource HOT 5
- Support for setting IQ Server details
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-nexus.