Skip to content

Coder workspace owner context, load in all fields #46

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Emyrk opened this issue Mar 21, 2025 · 5 comments
Closed

Coder workspace owner context, load in all fields #46

Emyrk opened this issue Mar 21, 2025 · 5 comments
Assignees
@aslilac
Labels
early-access candidate for an early-access, or experimental, release

Comments

@Emyrk
Copy link
Member

Emyrk commented Mar 21, 2025 

data "coder_workspace_owner" "me" {}

Need to load in all fields for this data block to match the provider. This is to allow coder user context when using dynamic forms.

  • email (String) The email address of the user.
  • full_name (String) The full name of the user.
  • groups (List of String) The groups of which the user is a member.
  • id (String) The UUID of the workspace owner.
  • login_type (String) The type of login the user has.
  • name (String) The username of the user.
  • oidc_access_token (String) A valid OpenID Connect access token of the workspace owner. This is only available if the workspace owner authenticated with OpenID Connect. If a valid token cannot be obtained, this value will be an empty string.
  • session_token (String) Session token for authenticating with a Coder deployment. It is regenerated every time a workspace is started.
  • ssh_private_key (String, Sensitive) The user's generated SSH private key.
  • ssh_public_key (String) The user's generated SSH public key.
@Emyrk Emyrk mentioned this issue Mar 21, 2025
Closed
@aslilac
Copy link
Member

aslilac commented Mar 21, 2025

rbac_roles is missing from this list, but maybe that was intentional? it definitely seems like the trickiest of these to implement

@aslilac
Copy link
Member

aslilac commented Mar 21, 2025

I'm not sure that this type would really "fit" anywhere in the Terraform provider, even though conceptually it really matches.

The newer "terraform-plugin-framework" style does define local types like this to decode into, but those typically use Terraform "types", and not traditional Go types as is desired here. They look like this:

type UserResourceModel struct {
	ID UUID `tfsdk:"id"`

	Username  types.String `tfsdk:"username"`
	Name      types.String `tfsdk:"name"`
	Email     types.String `tfsdk:"email"`
	Roles     types.Set    `tfsdk:"roles"`      // owner, template-admin, user-admin, auditor (member is implicit)
	LoginType types.String `tfsdk:"login_type"` // none, password, github, oidc
	Password  types.String `tfsdk:"password"`   // only when login_type is password
	Suspended types.Bool   `tfsdk:"suspended"`
}

I could plan around with this, and maybe using the Terraform types would be fine? but it's also a little weird because we'd be adding them to that package without it actually being intended for use anywhere in it.

It also gets complicated because we'll only be embedding one version of the evaluation engine in the product, but customers could be using any number of versions of the Terraform provider in their templates. Do we think that poses any risk? Might we eventually need separate types for separate provider versions, especially if we ever bump the provider to v2?

@stirby
Copy link

stirby commented Mar 24, 2025

rbac_roles is missing from this list, but maybe that was intentional? it definitely seems like the trickiest of these to implement

I do think roles awareness is crucial for customer value here. Does custom roles also exponentially increase complexity? 👀

Do we think that poses any risk? Might we eventually need separate types for separate provider versions, especially if we ever bump the provider to v2?

This is a really good point. How does compatibility work with preview vs provider versions, and can we promise backward compatibility.

@Emyrk
Copy link
Member Author

Emyrk commented Mar 24, 2025

rbac_roles is missing from this list, but maybe that was intentional? it definitely seems like the trickiest of these to implement

We should include it. It is new, I just missed it.

@Emyrk
Copy link
Member Author

Emyrk commented Mar 24, 2025
edited
Loading

I'm not sure that this type would really "fit" anywhere in the Terraform provider, even though conceptually it really matches.

@aslilac if it does not make sense, do not worry about it. Just trying to share code where possible.

It also gets complicated because we'll only be embedding one version of the evaluation engine in the product, but customers could be using any number of versions of the Terraform provider in their templates. Do we think that poses any risk? Might we eventually need separate types for separate provider versions, especially if we ever bump the provider to v2?

We can deal with that bridge when we get to it. We'd have to take a look at the provider version and switch the code behavior.

@Kira-Pilot Kira-Pilot added the early-access candidate for an early-access, or experimental, release label Apr 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aslilac aslilac

Labels
early-access candidate for an early-access, or experimental, release
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@aslilac @Emyrk @Kira-Pilot @stirby