Skip to content

feat: add meshstack_api_key managed resource#158

Merged
grubmeshi merged 1 commit intomainfrom
feature/api-key-resource
May 7, 2026
Merged

feat: add meshstack_api_key managed resource#158
grubmeshi merged 1 commit intomainfrom
feature/api-key-resource

Conversation

@grubmeshi
Copy link
Copy Markdown
Collaborator

@grubmeshi grubmeshi commented Apr 30, 2026
edited
Loading

Add a managed Terraform resource meshstack_api_key for managing meshStack API keys.

Changes

  • New meshstack_api_key resource with full CRUD lifecycle using generic.Get/Set pattern
  • Client types aligned with meshObject API (MeshApiKey with metadata/spec/status)
  • status.client_secret is sensitive+computed, stored in state after creation
  • ModifyPlan marks client_secret unknown when expires_at changes (secret rotation)
  • UseStateForUnknown preserves client_secret in state on non-rotating updates
  • expires_at is optional — if omitted, the key never expires
  • Acceptance test with testconfig builder pattern (create + update + secret rotation steps)
  • No import support (secret cannot be retrieved after creation)
  • Updated api_permissions.go with all workspace and admin permission constants
  • Docs with coalesced permissions list (workspace/admin variants shown together)
  • Preview disclaimer in resource description
  • CHANGELOG.md entry for v0.21.0

@grubmeshi grubmeshi mentioned this pull request Apr 30, 2026
Closed
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 30, 2026
edited
Loading

📊 Test Coverage: 71.9%

Top uncovered files 
github.com/meshcloud/terraform-provider-meshstack/client/api_key.go:43:									newApiKeyClient					0.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key.go:47:									Create						0.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key.go:51:									Read						0.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key.go:55:									Update						0.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key.go:59:									Delete						0.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key_permissions.go:20:							AllCodes					100.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key_permissions.go:33:							WorkspaceCodes					100.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key_permissions.go:49:							MarkdownString					100.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key_permissions.go:225:							AllApiKeyPermissions				0.0%
github.com/meshcloud/terraform-provider-meshstack/client/api_key_permissions.go:230:							WorkspacePermissionCodes			100.0%

Coverage measured across all packages with -coverpkg=./...

@grubmeshi grubmeshi force-pushed the feature/api-key-resource branch from 375eaea to 54d2711 Compare April 30, 2026 06:23
@grubmeshi grubmeshi requested a review from j0g3sc April 30, 2026 12:25
@grubmeshi grubmeshi force-pushed the feature/api-key-resource branch 5 times, most recently from 08593f6 to ac7f33a Compare May 4, 2026 14:50
@grubmeshi grubmeshi requested a review from Copilot May 4, 2026 18:04
Copilot AI reviewed May 4, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new managed Terraform resource meshstack_api_key to the meshStack Terraform provider, including client support for the underlying meshObject API and accompanying docs/tests.

Changes:

  • Introduces meshstack_api_key resource with CRUD lifecycle and state handling for the sensitive status.client_secret.
  • Extends the Go API client + mock client with MeshApiKey types/client, and adds full permission enums for validation/docs.
  • Fixes meshObject kind pluralization for meshApiKey (key → keys) and generates provider docs/examples.

Reviewed changes

Copilot reviewed 14 out of 14 changed files in this pull request and generated 8 comments.

Show a summary per file
File Description
internal/provider/provider.go Registers the new meshstack_api_key resource.
internal/provider/api_key_resource.go Implements schema, CRUD, and plan modification logic for secret rotation.
internal/provider/api_key_resource_test.go Adds acceptance/unit-style test coverage for create + update.
internal/provider/acctest/testconfig/build_api_key.go Adds testconfig builder for API key resource configs.
internal/clientmock/mock_client.go Wires the mock API key client into the overall mock client.
internal/clientmock/mock_api_key.go Implements mock CRUD behavior incl. secret only on create/rotation.
examples/resources/meshstack_api_key/resource.tf Adds example HCL for the new resource.
docs/resources/api_key.md Adds generated registry documentation for meshstack_api_key.
client/internal/mesh_object_client.go Adjusts kind pluralization to support meshApiKey.
client/client.go Adds ApiKey client to the main client bundle and constructor.
client/client_kind.go Adds meshApiKey kind constant.
client/client_kind_test.go Validates InferKind matches the new kind constant.
client/api_permissions.go Expands workspace/admin permission enums and adds AllApiKeyPermissions().
client/api_key.go Adds API key meshObject DTOs and client implementation (preview API).

Comment thread internal/provider/api_key_resource.go Outdated
Comment thread internal/provider/api_key_resource.go Outdated
Comment thread internal/provider/api_key_resource_test.go
Comment thread examples/resources/meshstack_api_key/resource.tf Outdated
Comment thread docs/resources/api_key.md
Comment thread internal/provider/provider.go
Comment thread client/internal/mesh_object_client.go Outdated
Comment thread client/api_key.go
@grubmeshi grubmeshi force-pushed the feature/api-key-resource branch 5 times, most recently from a61960a to 5adbf4b Compare May 5, 2026 19:29
@grubmeshi grubmeshi mentioned this pull request May 6, 2026
Merged
j0g3sc
j0g3sc approved these changes May 7, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@j0g3sc j0g3sc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

minor remarks I trust you to resolve before you merge.

Comment thread client/internal/mesh_object_client.go Outdated
Comment thread client/client.go Outdated
Comment thread client/client.go Outdated
Comment thread docs/resources/api_key.md Outdated
Comment thread internal/clientmock/mock_client.go
Comment thread internal/provider/api_key_resource.go
Comment thread internal/provider/api_key_resource.go
Comment thread internal/provider/api_key_resource_test.go Outdated
@grubmeshi grubmeshi force-pushed the feature/api-key-resource branch 3 times, most recently from 97270e9 to 245a380 Compare May 7, 2026 22:28
@grubmeshi grubmeshi force-pushed the feature/api-key-resource branch from 245a380 to b324d61 Compare May 7, 2026 22:31
@grubmeshi grubmeshi merged commit 38f87d4 into main May 7, 2026
4 checks passed
@grubmeshi grubmeshi deleted the feature/api-key-resource branch May 7, 2026 22:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@j0g3sc j0g3sc j0g3sc approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@grubmeshi @j0g3sc