You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+13
Original file line number
Diff line number
Diff line change
@@ -1,3 +1,16 @@
1
+
## 17.6.1 (2024-11-27)
2
+
3
+
This release was tested against GitLab 17.6, 17.5, and 17.4 for both CE and EE
4
+
5
+
### IMPROVEMENTS (1 change)
6
+
7
+
- resource/gitlab_group_service_account_token: [Add support for `rotation_configuration` with a limited set of attributes](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/7bad2a4bf0fd6e777c2d3598b35d46bc287135fc) by @heidi.berry ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2206))
8
+
9
+
### BUG FIXES (2 changes)
10
+
11
+
- resource/gitlab_project_compliance_frameworks: [Fixed an issue where project compliance frameworks didn't delete compliance frameworks properly. Fixed a bug where compliance frameworks weren't set properly on a project where they were removed outside of TF](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/6fe104b21bf5f07aff62b9751fa3d2d66c5ba175) by @mness ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2214))
12
+
- resource/gitlab_group: [Fixed an issue where an `allowed_email_domain_list` added outside of TF would be unset when upgrading the provider to 17.6](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/commit/4b76021b5a0633054eccb5e0b24435cf8dd64a8c) by @PatrickRice ([merge request](https://gitlab.com/gitlab-org/terraform-provider-gitlab/-/merge_requests/2217))
13
+
1
14
## 17.6.0 (2024-11-21)
2
15
3
16
This release was tested against GitLab 17.6, 17.5, and 17.4 for both CE and EE
Copy file name to clipboardExpand all lines: docs/resources/group_service_account_access_token.md
+28-1
Original file line number
Diff line number
Diff line change
@@ -6,6 +6,8 @@ description: |-
6
6
The gitlab_group_service_account_access_token resource allows to manage the lifecycle of a group service account access token.
7
7
~> Use of the timestamp() function with expires_at will cause the resource to be re-created with every apply, it's recommended to use plantimestamp() or a static value instead.
8
8
~> Reading the access token status of a service account requires an admin token or a top-level group owner token on gitlab.com. As a result, this resource will ignore permission errors when attempting to read the token status, and will rely on the values in state instead. This can lead to apply-time failures if the token configured for the provider doesn't have permissions to rotate tokens for the service account.
9
+
~> Use rotation_configuration to automatically rotate tokens instead of using timestamp() as timestamp will cause changes with every plan. terraform apply must still be run to rotate the token.
10
+
~> Due to a limitation in the API, the rotation_configuration is unable to set the new expiry date. Instead, when the resource is created, it will default the expiry date to 7 days in the future. On each subsequent apply, the new expiry will be 7 days from the date of the apply.
9
11
Upstream API: GitLab API docs https://docs.gitlab.com/ee/api/group_service_accounts.html#create-a-personal-access-token-for-a-service-account-user
10
12
---
11
13
@@ -17,6 +19,10 @@ The `gitlab_group_service_account_access_token` resource allows to manage the li
17
19
18
20
~> Reading the access token status of a service account requires an admin token or a top-level group owner token on gitlab.com. As a result, this resource will ignore permission errors when attempting to read the token status, and will rely on the values in state instead. This can lead to apply-time failures if the token configured for the provider doesn't have permissions to rotate tokens for the service account.
19
21
22
+
~> Use `rotation_configuration` to automatically rotate tokens instead of using `timestamp()` as timestamp will cause changes with every plan. `terraform apply` must still be run to rotate the token.
23
+
24
+
~> Due to a limitation in the API, the `rotation_configuration` is unable to set the new expiry date. Instead, when the resource is created, it will default the expiry date to 7 days in the future. On each subsequent apply, the new expiry will be 7 days from the date of the apply.
25
+
20
26
**Upstream API**: [GitLab API docs](https://docs.gitlab.com/ee/api/group_service_accounts.html#create-a-personal-access-token-for-a-service-account-user)
-`expires_at` (String) The personal access token expiry date. When left blank, the token follows the standard rule of expiry for personal access tokens.
89
+
-`expires_at` (String) The service account access token expiry date. When left blank, the token follows the standard rule of expiry for personal access tokens.
90
+
-`rotation_configuration` (Attributes) The configuration for when to rotate a token automatically. Will not rotate a token until `terraform apply` is run. (see [below for nested schema](#nestedatt--rotation_configuration))
-`revoked` (Boolean) True if the token is revoked.
78
98
-`token` (String, Sensitive) The token of the group service account access token. **Note**: the token is not available for imported resources.
79
99
100
+
<aid="nestedatt--rotation_configuration"></a>
101
+
### Nested Schema for `rotation_configuration`
102
+
103
+
Required:
104
+
105
+
-`rotate_before_days` (Number) The duration (in days) before the expiration when the token should be rotated. As an example, if set to 7 days, the token will rotate 7 days before the expiration date, but only when `terraform apply` is run in that timeframe.
106
+
80
107
## Import
81
108
82
109
Starting in Terraform v1.5.0 you can use an [import block](https://developer.hashicorp.com/terraform/language/import) to import `gitlab_group_service_account_access_token`. For example:
0 commit comments