in internal/provider/sdk/resource_gitlab_group.go [604:735]
func resourceGitlabGroupRead(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics {
client := meta.(*gitlab.Client)
tflog.Debug(ctx, "[DEBUG] read gitlab group", map[string]any{
"group_id": d.Id(),
})
group, _, err := client.Groups.GetGroup(
d.Id(),
&gitlab.GetGroupOptions{WithProjects: gitlab.Ptr(false)},
gitlab.WithContext(ctx),
)
if err != nil {
if api.Is404(err) {
tflog.Debug(ctx, "[DEBUG] gitlab group not found so removing", map[string]any{
"id": d.Id(),
})
d.SetId("")
return nil
}
return diag.FromErr(err)
}
if group.MarkedForDeletionOn != nil {
tflog.Debug(ctx, "[DEBUG] gitlab group marked for deletion", map[string]any{
"id": d.Id(),
})
d.SetId("")
return nil
}
d.SetId(fmt.Sprintf("%d", group.ID))
d.Set("name", group.Name)
d.Set("path", group.Path)
d.Set("full_path", group.FullPath)
d.Set("full_name", group.FullName)
d.Set("web_url", group.WebURL)
d.Set("default_branch", group.DefaultBranch)
d.Set("description", group.Description)
d.Set("lfs_enabled", group.LFSEnabled)
d.Set("request_access_enabled", group.RequestAccessEnabled)
d.Set("visibility_level", group.Visibility)
d.Set("project_creation_level", group.ProjectCreationLevel)
d.Set("subgroup_creation_level", group.SubGroupCreationLevel)
d.Set("require_two_factor_authentication", group.RequireTwoFactorAuth)
d.Set("two_factor_grace_period", group.TwoFactorGracePeriod)
d.Set("auto_devops_enabled", group.AutoDevopsEnabled)
d.Set("mentions_disabled", group.MentionsDisabled)
d.Set("parent_id", group.ParentID)
d.Set("runners_token", group.RunnersToken)
d.Set("share_with_group_lock", group.ShareWithGroupLock)
d.Set("prevent_forking_outside_group", group.PreventForkingOutsideGroup)
d.Set("membership_lock", group.MembershipLock)
d.Set("extra_shared_runners_minutes_limit", group.ExtraSharedRunnersMinutesLimit)
d.Set("shared_runners_minutes_limit", group.SharedRunnersMinutesLimit)
d.Set("avatar_url", group.AvatarURL)
d.Set("wiki_access_level", group.WikiAccessLevel)
d.Set("shared_runners_setting", group.SharedRunnersSetting)
d.Set("emails_enabled", group.EmailsEnabled)
// nolint:staticcheck // SA1019 ignore deprecated DefaultBranchProtection
d.Set("default_branch_protection", group.DefaultBranchProtection)
if group.DefaultBranchProtectionDefaults != nil {
err = d.Set("default_branch_protection_defaults", []map[string]any{
{
"allowed_to_push": convertAccessLevelValuesToNames(group.DefaultBranchProtectionDefaults.AllowedToPush),
"allow_force_push": group.DefaultBranchProtectionDefaults.AllowForcePush,
"allowed_to_merge": convertAccessLevelValuesToNames(group.DefaultBranchProtectionDefaults.AllowedToMerge),
"developer_can_initial_push": group.DefaultBranchProtectionDefaults.DeveloperCanInitialPush,
},
})
if err != nil {
return diag.FromErr(err)
}
}
// The value comes back from the API as a comma separated string, and stores in TF as a set.
// We need to set the value only if it's "", otherwise the split gives up [""] which will result
// in a non-empty plan.
IPValue := []string{}
if group.IPRestrictionRanges != "" {
IPValue = strings.Split(group.IPRestrictionRanges, ",")
}
if err := d.Set("ip_restriction_ranges", IPValue); err != nil {
tflog.Error(ctx, "Error setting ip_restriction_ranges.")
return diag.FromErr(err)
}
// The value comes back from the API as a comma separated string, and stores in TF as a set.
// We need to set the value only if it's "", otherwise the split gives up [""] which will result
// in a non-empty plan.
emailDomains := []string{}
if group.AllowedEmailDomainsList != "" {
emailDomains = strings.Split(group.AllowedEmailDomainsList, ",")
}
if err := d.Set("allowed_email_domains_list", emailDomains); err != nil {
tflog.Error(ctx, "Error setting allowed_email_domains_list.")
return diag.FromErr(err)
}
isEE, err := utils.IsRunningInEEContext(client)
if err != nil {
return diag.FromErr(err)
}
if isEE {
tflog.Debug(ctx, "[DEBUG] read gitlab group push rules", map[string]any{"id": d.Id()})
pushRules, _, err := client.Groups.GetGroupPushRules(d.Id(), gitlab.WithContext(ctx))
if api.Is404(err) {
tflog.Error(ctx, "[ERROR] Failed to get push rules for group", map[string]any{
"group_id": d.Id(),
"error": err,
})
} else if err != nil {
return diag.Errorf("Failed to get push rules for group %q: %s", d.Id(), err)
}
pushRuleValues, err := flattenGroupPushRules(ctx, client, pushRules)
if err != nil {
return diag.FromErr(err)
}
if err := d.Set("push_rules", pushRuleValues); err != nil {
return diag.FromErr(err)
}
} else {
tflog.Debug(ctx, "[DEBUG] gitlab group push rule not read due to gitlab community edition")
}
return nil
}