feat(DMVP-2708): add support for external tokens

locals.tf

@@ -0,0 +1,26 @@
+
+locals {
+  scm_providers = {
+    github = {
+      provider = "github"
+      http_url = "https://github.com"
+      api_url  = "https://api.github.com"
+    }
+    gitlab = {
+      provider = "gitlab_hosted"
+      http_url = "https://gitlab.com"
+      api_url  = "https://gitlab.com/api/v4"
+    }
+    bitbucket = {
+      provider = "bitbucket_hosted"
+      http_url = "https://bitbucket.org"
+      api_url  = "https://api.bitbucket.org/2.0"
+    }
+  }
+
+  # check to see if token is actually SCM token or TFC token ID
+  create_oauth_client = substr(var.git_token, 0, 3) != "ot-"
+
+  # if token is TFC token ID then resource should not be created and provided token should be used
+  oauth_token_id = local.create_oauth_client ? tfe_oauth_client.this[0].oauth_token_id : var.git_token
+}

oauth-client.tf

@@ -1,5 +1,7 @@
 # for oauth_token_id generation
 resource "tfe_oauth_client" "this" {
+  count = local.create_oauth_client ? 1 : 0
+
   name             = "git-oauth-client"
   organization     = var.org # this one is terraform cloud organisation
   service_provider = local.scm_providers[var.git_provider].provider

tests/basic/1-example.tf

@@ -1,8 +1,11 @@
+variable "tfc_token" {}
+variable "git_token" {}
+
 module "basic" {
   source = "../.."
 
   org   = "dasmeta-testing"
-  token = "ojODA5TvvwpL1A.atlasv1.6ifl0D5Q3zaonS3GPc5aXSLo4HWxCScaXf3u0sSVy4Eb4I62HAcs75W9l4EO9iBkFyE"
+  token = var.tfc_token
 
   rootdir   = "_terraform"
   targetdir = "_terraform"
@@ -11,7 +14,7 @@ module "basic" {
   git_provider = "github"
   git_org      = "dasmeta-testing"
   git_repo     = "test-infrastructure"
-  git_token    = "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"
+  git_token    = var.git_token
 
   aws = {
     access_key_id     = ""

tests/bitbucket/0-setup.tf

@@ -0,0 +1,8 @@
+terraform {
+  cloud {
+    organization = "dasmeta-testing"
+    workspaces {
+      name = "terraform-tfe-cloud-test"
+    }
+  }
+}

tests/bitbucket/1-example.tf

@@ -0,0 +1,24 @@
+variable "tfc_token" {}
+variable "git_token" {}
+
+module "basic" {
+  source = "../.."
+
+  org   = "dasmeta-testing"
+  token = var.tfc_token
+
+  rootdir   = "_terraform"
+  targetdir = "_terraform"
+  yamldir   = "."
+
+  git_provider = "bitbucket"
+  git_org      = "dasmeta-testing"
+  git_repo     = "test-infrastructure"
+  git_token    = var.git_token
+
+  aws = {
+    access_key_id     = ""
+    secret_access_key = ""
+    default_region    = ""
+  }
+}

tests/bitbucket/empty.yaml

@@ -0,0 +1,2 @@
+source: dasmeta/null/empty
+version: 1.0.1

variables.tf

@@ -33,21 +33,6 @@ variable "rootdir" {
 }
 
 # SCM
-locals {
-  scm_providers = {
-    github = {
-      http_url = "https://github.com"
-      api_url  = "https://api.github.com"
-      provider = "github"
-    }
-    gitlab = {
-      http_url = "https://gitlab.com"
-      api_url  = "https://gitlab.com/api/v4"
-      provider = "gitlab_hosted"
-    }
-  }
-}
-
 variable "git_provider" {
   type        = string
   default     = "gitlab"
@@ -64,7 +49,7 @@ variable "git_repo" {
 }
 variable "git_token" {
   type        = string
-  description = "The vsc(github, gitlab, ...) personal access token"
+  description = "The vsc(github, gitlab, ...) personal access token. TFC oauth token can be created manually or externally and oken supplied via this variable."
 }
 
 # Cloud Access (goes to shared variable set, should be adjusted)

workspaces.tf

@@ -34,7 +34,7 @@ module "workspaces" {
 
   repo = {
     identifier     = "${var.git_org}/${var.git_repo}"
-    oauth_token_id = tfe_oauth_client.this.oauth_token_id
+    oauth_token_id = local.oauth_token_id
   }
 
   variable_set_ids = concat([module.aws_credentials_variable_set.id], try(each.value.variable_set_ids, []))