import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * A connection for GitHub, GitHub Enterprise, GitLab, and GitLab Enterprise. * * To get more information about Connection, see: * * * [API documentation](https://cloud.google.com/developer-connect/docs/api/reference/rest/v1/projects.locations.connections) * * How-to Guides * * [Official Documentation](https://cloud.google.com/developer-connect/docs/overview) * * ## Example Usage * * ### Developer Connect Connection New * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * // Setup permissions. Only needed once per project * const devconnect_p4sa = new gcp.projects.ServiceIdentity("devconnect-p4sa", {service: "developerconnect.googleapis.com"}); * const devconnect_secret = new gcp.projects.IAMMember("devconnect-secret", { * project: "my-project-name", * role: "roles/secretmanager.admin", * member: devconnect_p4sa.member, * }); * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "tf-test-connection-new", * githubConfig: { * githubApp: "FIREBASE", * }, * }, { * dependsOn: [devconnect_secret], * }); * export const nextSteps = my_connection.installationStates; * ``` * ### Developer Connect Connection Existing Credentials * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "tf-test-connection-cred", * githubConfig: { * githubApp: "DEVELOPER_CONNECT", * authorizerCredential: { * oauthTokenSecretVersion: "projects/your-project/secrets/your-secret-id/versions/latest", * }, * }, * }); * export const nextSteps = my_connection.installationStates; * ``` * ### Developer Connect Connection Existing Installation * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as std from "@pulumi/std"; * * const github_token_secret = new gcp.secretmanager.Secret("github-token-secret", { * secretId: "github-token-secret", * replication: { * auto: {}, * }, * }); * const github_token_secret_version = new gcp.secretmanager.SecretVersion("github-token-secret-version", { * secret: github_token_secret.id, * secretData: std.file({ * input: "my-github-token.txt", * }).then(invoke => invoke.result), * }); * const devconnect_p4sa = new gcp.projects.ServiceIdentity("devconnect-p4sa", {service: "developerconnect.googleapis.com"}); * const p4sa_secretAccessor = gcp.organizations.getIAMPolicyOutput({ * bindings: [{ * role: "roles/secretmanager.secretAccessor", * members: [devconnect_p4sa.member], * }], * }); * const policy = new gcp.secretmanager.SecretIamPolicy("policy", { * secretId: github_token_secret.secretId, * policyData: p4sa_secretAccessor.apply(p4sa_secretAccessor => p4sa_secretAccessor.policyData), * }); * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "my-connection", * githubConfig: { * githubApp: "DEVELOPER_CONNECT", * appInstallationId: "123123", * authorizerCredential: { * oauthTokenSecretVersion: github_token_secret_version.id, * }, * }, * }); * ``` * ### Developer Connect Connection Github * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "tf-test-connection", * githubConfig: { * githubApp: "DEVELOPER_CONNECT", * authorizerCredential: { * oauthTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/tf-test-do-not-change-github-oauthtoken-e0b9e7/versions/1", * }, * }, * }); * ``` * ### Developer Connect Connection Github Doc * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as std from "@pulumi/std"; * * const github_token_secret = new gcp.secretmanager.Secret("github-token-secret", { * secretId: "github-token-secret", * replication: { * auto: {}, * }, * }); * const github_token_secret_version = new gcp.secretmanager.SecretVersion("github-token-secret-version", { * secret: github_token_secret.id, * secretData: std.file({ * input: "my-github-token.txt", * }).then(invoke => invoke.result), * }); * const p4sa_secretAccessor = gcp.organizations.getIAMPolicy({ * bindings: [{ * role: "roles/secretmanager.secretAccessor", * members: ["serviceAccount:service-123456789@gcp-sa-devconnect.iam.gserviceaccount.com"], * }], * }); * const policy = new gcp.secretmanager.SecretIamPolicy("policy", { * secretId: github_token_secret.secretId, * policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData), * }); * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "my-connection", * githubConfig: { * githubApp: "DEVELOPER_CONNECT", * appInstallationId: "123123", * authorizerCredential: { * oauthTokenSecretVersion: github_token_secret_version.id, * }, * }, * }); * ``` * ### Developer Connect Connection Github Enterprise * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "tf-test-connection", * githubEnterpriseConfig: { * hostUri: "https://ghe.proctor-staging-test.com", * appId: "864434", * privateKeySecretVersion: "projects/devconnect-terraform-creds/secrets/tf-test-ghe-do-not-change-ghe-private-key-f522d2/versions/latest", * webhookSecretSecretVersion: "projects/devconnect-terraform-creds/secrets/tf-test-ghe-do-not-change-ghe-webhook-secret-3c806f/versions/latest", * appInstallationId: "837537", * }, * }); * ``` * ### Developer Connect Connection Github Enterprise Doc * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as std from "@pulumi/std"; * * const private_key_secret = new gcp.secretmanager.Secret("private-key-secret", { * secretId: "ghe-pk-secret", * replication: { * auto: {}, * }, * }); * const private_key_secret_version = new gcp.secretmanager.SecretVersion("private-key-secret-version", { * secret: private_key_secret.id, * secretData: std.file({ * input: "private-key.pem", * }).then(invoke => invoke.result), * }); * const webhook_secret_secret = new gcp.secretmanager.Secret("webhook-secret-secret", { * secretId: "ghe-token-secret", * replication: { * auto: {}, * }, * }); * const webhook_secret_secret_version = new gcp.secretmanager.SecretVersion("webhook-secret-secret-version", { * secret: webhook_secret_secret.id, * secretData: "", * }); * const p4sa_secretAccessor = gcp.organizations.getIAMPolicy({ * bindings: [{ * role: "roles/secretmanager.secretAccessor", * members: ["serviceAccount:service-123456789@gcp-sa-devconnect.iam.gserviceaccount.com"], * }], * }); * const policy_pk = new gcp.secretmanager.SecretIamPolicy("policy-pk", { * secretId: private_key_secret.secretId, * policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData), * }); * const policy_whs = new gcp.secretmanager.SecretIamPolicy("policy-whs", { * secretId: webhook_secret_secret.secretId, * policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData), * }); * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "my-connection", * githubEnterpriseConfig: { * hostUri: "https://ghe.com", * privateKeySecretVersion: private_key_secret_version.id, * webhookSecretSecretVersion: webhook_secret_secret_version.id, * appId: "100", * appInstallationId: "123123", * }, * }, { * dependsOn: [ * policy_pk, * policy_whs, * ], * }); * ``` * ### Developer Connect Connection Gitlab * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "tf-test-connection", * gitlabConfig: { * webhookSecretSecretVersion: "projects/devconnect-terraform-creds/secrets/gitlab-webhook/versions/latest", * readAuthorizerCredential: { * userTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/gitlab-read-cred/versions/latest", * }, * authorizerCredential: { * userTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/gitlab-auth-cred/versions/latest", * }, * }, * }); * ``` * ### Developer Connect Connection Gitlab Enterprise * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "tf-test-connection", * gitlabEnterpriseConfig: { * hostUri: "https://gle-us-central1.gcb-test.com", * webhookSecretSecretVersion: "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-webhook/versions/latest", * readAuthorizerCredential: { * userTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-read-cred/versions/latest", * }, * authorizerCredential: { * userTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/gitlab-enterprise-auth-cred/versions/latest", * }, * }, * }); * ``` * ### Developer Connect Connection Bbc * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "tf-test-connection", * bitbucketCloudConfig: { * workspace: "proctor-test", * webhookSecretSecretVersion: "projects/devconnect-terraform-creds/secrets/bbc-webhook/versions/latest", * readAuthorizerCredential: { * userTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/bbc-read-token/versions/latest", * }, * authorizerCredential: { * userTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/bbc-auth-token/versions/latest", * }, * }, * }); * ``` * ### Developer Connect Connection Bbdc * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const my_connection = new gcp.developerconnect.Connection("my-connection", { * location: "us-central1", * connectionId: "tf-test-connection", * bitbucketDataCenterConfig: { * hostUri: "https://bitbucket-us-central.gcb-test.com", * webhookSecretSecretVersion: "projects/devconnect-terraform-creds/secrets/bbdc-webhook/versions/latest", * readAuthorizerCredential: { * userTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/bbdc-read-token/versions/latest", * }, * authorizerCredential: { * userTokenSecretVersion: "projects/devconnect-terraform-creds/secrets/bbdc-auth-token/versions/latest", * }, * }, * }); * ``` * ## Import * * Connection can be imported using any of these accepted formats: * * * `projects/{{project}}/locations/{{location}}/connections/{{connection_id}}` * * `{{project}}/{{location}}/{{connection_id}}` * * `{{location}}/{{connection_id}}` * * When using the `pulumi import` command, Connection can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:developerconnect/connection:Connection default projects/{{project}}/locations/{{location}}/connections/{{connection_id}} * $ pulumi import gcp:developerconnect/connection:Connection default {{project}}/{{location}}/{{connection_id}} * $ pulumi import gcp:developerconnect/connection:Connection default {{location}}/{{connection_id}} * ``` */ export declare class Connection extends pulumi.CustomResource { /** * Get an existing Connection resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: ConnectionState, opts?: pulumi.CustomResourceOptions): Connection; /** * Returns true if the given object is an instance of Connection. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Connection; /** * Optional. Allows clients to store small amounts of arbitrary data. * **Note**: This field is non-authoritative, and will only manage the annotations present in your configuration. * Please refer to the field `effectiveAnnotations` for all of the annotations present on the resource. */ readonly annotations: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Configuration for connections to an instance of Bitbucket Cloud. * Structure is documented below. */ readonly bitbucketCloudConfig: pulumi.Output; /** * Configuration for connections to an instance of Bitbucket Data Center. * Structure is documented below. */ readonly bitbucketDataCenterConfig: pulumi.Output; /** * Required. Id of the requesting object * If auto-generating Id server-side, remove this field and * connectionId from the methodSignature of Create RPC */ readonly connectionId: pulumi.Output; /** * Output only. [Output only] Create timestamp */ readonly createTime: pulumi.Output; /** * The crypto key configuration. This field is used by the Customer-managed * encryption keys (CMEK) feature. * Structure is documented below. */ readonly cryptoKeyConfig: pulumi.Output; /** * Output only. [Output only] Delete timestamp */ readonly deleteTime: pulumi.Output; /** * Optional. If disabled is set to true, functionality is disabled for this connection. * Repository based API methods and webhooks processing for repositories in * this connection will be disabled. */ readonly disabled: pulumi.Output; /** * All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services. */ readonly effectiveAnnotations: pulumi.Output<{ [key: string]: string; }>; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ readonly effectiveLabels: pulumi.Output<{ [key: string]: string; }>; /** * Optional. This checksum is computed by the server based on the value of other * fields, and may be sent on update and delete requests to ensure the * client has an up-to-date value before proceeding. */ readonly etag: pulumi.Output; /** * Configuration for connections to github.com. * Structure is documented below. */ readonly githubConfig: pulumi.Output; /** * Configuration for connections to an instance of GitHub Enterprise. * Structure is documented below. */ readonly githubEnterpriseConfig: pulumi.Output; /** * Configuration for connections to gitlab.com. * Structure is documented below. */ readonly gitlabConfig: pulumi.Output; /** * Configuration for connections to an instance of GitLab Enterprise. * Structure is documented below. */ readonly gitlabEnterpriseConfig: pulumi.Output; /** * Describes stage and necessary actions to be taken by the * user to complete the installation. Used for GitHub and GitHub Enterprise * based connections. * Structure is documented below. */ readonly installationStates: pulumi.Output; /** * Optional. Labels as key value pairs * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ readonly labels: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ readonly location: pulumi.Output; /** * Identifier. The resource name of the connection, in the format * `projects/{project}/locations/{location}/connections/{connection_id}`. */ readonly name: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ readonly pulumiLabels: pulumi.Output<{ [key: string]: string; }>; /** * Output only. Set to true when the connection is being set up or updated in the * background. */ readonly reconciling: pulumi.Output; /** * Output only. A system-assigned unique identifier for a the GitRepositoryLink. */ readonly uid: pulumi.Output; /** * Output only. [Output only] Update timestamp */ readonly updateTime: pulumi.Output; /** * Create a Connection resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ConnectionArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Connection resources. */ export interface ConnectionState { /** * Optional. Allows clients to store small amounts of arbitrary data. * **Note**: This field is non-authoritative, and will only manage the annotations present in your configuration. * Please refer to the field `effectiveAnnotations` for all of the annotations present on the resource. */ annotations?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Configuration for connections to an instance of Bitbucket Cloud. * Structure is documented below. */ bitbucketCloudConfig?: pulumi.Input; /** * Configuration for connections to an instance of Bitbucket Data Center. * Structure is documented below. */ bitbucketDataCenterConfig?: pulumi.Input; /** * Required. Id of the requesting object * If auto-generating Id server-side, remove this field and * connectionId from the methodSignature of Create RPC */ connectionId?: pulumi.Input; /** * Output only. [Output only] Create timestamp */ createTime?: pulumi.Input; /** * The crypto key configuration. This field is used by the Customer-managed * encryption keys (CMEK) feature. * Structure is documented below. */ cryptoKeyConfig?: pulumi.Input; /** * Output only. [Output only] Delete timestamp */ deleteTime?: pulumi.Input; /** * Optional. If disabled is set to true, functionality is disabled for this connection. * Repository based API methods and webhooks processing for repositories in * this connection will be disabled. */ disabled?: pulumi.Input; /** * All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services. */ effectiveAnnotations?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ effectiveLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Optional. This checksum is computed by the server based on the value of other * fields, and may be sent on update and delete requests to ensure the * client has an up-to-date value before proceeding. */ etag?: pulumi.Input; /** * Configuration for connections to github.com. * Structure is documented below. */ githubConfig?: pulumi.Input; /** * Configuration for connections to an instance of GitHub Enterprise. * Structure is documented below. */ githubEnterpriseConfig?: pulumi.Input; /** * Configuration for connections to gitlab.com. * Structure is documented below. */ gitlabConfig?: pulumi.Input; /** * Configuration for connections to an instance of GitLab Enterprise. * Structure is documented below. */ gitlabEnterpriseConfig?: pulumi.Input; /** * Describes stage and necessary actions to be taken by the * user to complete the installation. Used for GitHub and GitHub Enterprise * based connections. * Structure is documented below. */ installationStates?: pulumi.Input[]>; /** * Optional. Labels as key value pairs * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ location?: pulumi.Input; /** * Identifier. The resource name of the connection, in the format * `projects/{project}/locations/{location}/connections/{connection_id}`. */ name?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ pulumiLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Output only. Set to true when the connection is being set up or updated in the * background. */ reconciling?: pulumi.Input; /** * Output only. A system-assigned unique identifier for a the GitRepositoryLink. */ uid?: pulumi.Input; /** * Output only. [Output only] Update timestamp */ updateTime?: pulumi.Input; } /** * The set of arguments for constructing a Connection resource. */ export interface ConnectionArgs { /** * Optional. Allows clients to store small amounts of arbitrary data. * **Note**: This field is non-authoritative, and will only manage the annotations present in your configuration. * Please refer to the field `effectiveAnnotations` for all of the annotations present on the resource. */ annotations?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Configuration for connections to an instance of Bitbucket Cloud. * Structure is documented below. */ bitbucketCloudConfig?: pulumi.Input; /** * Configuration for connections to an instance of Bitbucket Data Center. * Structure is documented below. */ bitbucketDataCenterConfig?: pulumi.Input; /** * Required. Id of the requesting object * If auto-generating Id server-side, remove this field and * connectionId from the methodSignature of Create RPC */ connectionId: pulumi.Input; /** * The crypto key configuration. This field is used by the Customer-managed * encryption keys (CMEK) feature. * Structure is documented below. */ cryptoKeyConfig?: pulumi.Input; /** * Optional. If disabled is set to true, functionality is disabled for this connection. * Repository based API methods and webhooks processing for repositories in * this connection will be disabled. */ disabled?: pulumi.Input; /** * Optional. This checksum is computed by the server based on the value of other * fields, and may be sent on update and delete requests to ensure the * client has an up-to-date value before proceeding. */ etag?: pulumi.Input; /** * Configuration for connections to github.com. * Structure is documented below. */ githubConfig?: pulumi.Input; /** * Configuration for connections to an instance of GitHub Enterprise. * Structure is documented below. */ githubEnterpriseConfig?: pulumi.Input; /** * Configuration for connections to gitlab.com. * Structure is documented below. */ gitlabConfig?: pulumi.Input; /** * Configuration for connections to an instance of GitLab Enterprise. * Structure is documented below. */ gitlabEnterpriseConfig?: pulumi.Input; /** * Optional. Labels as key value pairs * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ location: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; }