eea5b24e3d
Fixes `coder_script "1password"` → `coder_script "onepassword"` since Terraform resource names cannot start with a digit. Adds a demo screenshot showing the template variables page and `op whoami` working in a workspace. Bumps version to 1.0.2.
113 lines
3.4 KiB
HCL
113 lines
3.4 KiB
HCL
terraform {
|
|
required_version = ">= 1.0"
|
|
|
|
required_providers {
|
|
coder = {
|
|
source = "coder/coder"
|
|
version = ">= 0.17"
|
|
}
|
|
}
|
|
}
|
|
|
|
variable "agent_id" {
|
|
type = string
|
|
description = "The ID of a Coder agent."
|
|
}
|
|
|
|
variable "service_account_token" {
|
|
type = string
|
|
description = "A 1Password service account token. If set, account-based sign-in is skipped."
|
|
default = ""
|
|
sensitive = true
|
|
}
|
|
|
|
variable "account_address" {
|
|
type = string
|
|
description = "The 1Password account sign-in address (e.g. myteam.1password.com)."
|
|
default = ""
|
|
}
|
|
|
|
variable "account_email" {
|
|
type = string
|
|
description = "The email address for the 1Password account."
|
|
default = ""
|
|
}
|
|
|
|
variable "account_secret_key" {
|
|
type = string
|
|
description = "The Secret Key for the 1Password account."
|
|
default = ""
|
|
sensitive = true
|
|
}
|
|
|
|
variable "install_dir" {
|
|
type = string
|
|
description = "The directory to install the 1Password CLI to."
|
|
default = "/usr/local/bin"
|
|
}
|
|
|
|
variable "op_cli_version" {
|
|
type = string
|
|
description = "The version of the 1Password CLI to install."
|
|
default = "latest"
|
|
validation {
|
|
condition = var.op_cli_version == "latest" || can(regex("^[0-9]+\\.[0-9]+\\.[0-9]+$", var.op_cli_version))
|
|
error_message = "op_cli_version must be either 'latest' or a semantic version (e.g., '2.30.0')."
|
|
}
|
|
}
|
|
|
|
variable "install_vscode_extension" {
|
|
type = bool
|
|
description = "Install the 1Password VS Code extension for both VS Code and code-server."
|
|
default = false
|
|
}
|
|
|
|
variable "pre_install_script" {
|
|
type = string
|
|
description = "Custom script to run before installing the 1Password CLI."
|
|
default = null
|
|
}
|
|
|
|
variable "post_install_script" {
|
|
type = string
|
|
description = "Custom script to run after installing the 1Password CLI."
|
|
default = null
|
|
}
|
|
|
|
data "coder_parameter" "account_password" {
|
|
count = var.account_address != "" && var.service_account_token == "" ? 1 : 0
|
|
type = "string"
|
|
name = "op_account_password"
|
|
display_name = "1Password Account Password"
|
|
description = "Your 1Password account password. Used to sign in to the CLI."
|
|
mutable = true
|
|
default = ""
|
|
}
|
|
|
|
resource "coder_script" "onepassword" {
|
|
agent_id = var.agent_id
|
|
display_name = "1Password CLI"
|
|
icon = "/icon/1password.svg"
|
|
script = templatefile("${path.module}/run.sh", {
|
|
SERVICE_ACCOUNT_TOKEN = var.service_account_token
|
|
ACCOUNT_ADDRESS = var.account_address
|
|
ACCOUNT_EMAIL = var.account_email
|
|
ACCOUNT_SECRET_KEY = var.account_secret_key
|
|
ACCOUNT_PASSWORD = var.account_address != "" && var.service_account_token == "" ? data.coder_parameter.account_password[0].value : ""
|
|
INSTALL_DIR = var.install_dir
|
|
OP_CLI_VERSION = var.op_cli_version
|
|
INSTALL_VSCODE_EXTENSION = var.install_vscode_extension
|
|
PRE_INSTALL_SCRIPT = var.pre_install_script != null ? base64encode(var.pre_install_script) : ""
|
|
POST_INSTALL_SCRIPT = var.post_install_script != null ? base64encode(var.post_install_script) : ""
|
|
})
|
|
run_on_start = true
|
|
start_blocks_login = true
|
|
}
|
|
|
|
resource "coder_env" "op_service_account_token" {
|
|
count = var.service_account_token != "" ? 1 : 0
|
|
agent_id = var.agent_id
|
|
name = "OP_SERVICE_ACCOUNT_TOKEN"
|
|
value = var.service_account_token
|
|
}
|