From 345f5717cb58abaf6419fa156615ee2fa8edb5b5 Mon Sep 17 00:00:00 2001
From: Florian Blampey <flbla@users.noreply.github.com>
Date: Wed, 24 May 2023 12:32:10 +0200
Subject: [PATCH] harbor_config_auth : add param `primary_auth_mode` (#334)

#319
harbor_config_auth : add param `primary_auth_mode`

---------

Signed-off-by: flbla <flbla@users.noreply.github.com>
Signed-off-by: Florian Blampey <flbla@users.noreply.github.com>
---
 client/config.go                 | 3 +++
 docs/resources/configuration.md  | 5 +++++
 models/config.go                 | 5 +++++
 provider/resource_config_auth.go | 5 +++++
 4 files changed, 18 insertions(+)

diff --git a/client/config.go b/client/config.go
index 084ce763..015baa26 100644
--- a/client/config.go
+++ b/client/config.go
@@ -31,6 +31,7 @@ func GetConfigAuth(d *schema.ResourceData) models.ConfigBodyAuthPost {
 	case "oidc_auth", "oidc":
 		body = models.ConfigBodyAuthPost{
 			AuthMode:         "oidc_auth",
+			PrimaryAuthMode:  d.Get("primary_auth_mode").(bool),
 			OidcName:         d.Get("oidc_name").(string),
 			OidcEndpoint:     d.Get("oidc_endpoint").(string),
 			OidcClientID:     d.Get("oidc_client_id").(string),
@@ -46,6 +47,7 @@ func GetConfigAuth(d *schema.ResourceData) models.ConfigBodyAuthPost {
 	case "ldap_auth", "ldap":
 		body = models.ConfigBodyAuthPost{
 			AuthMode:                     "ldap_auth",
+			PrimaryAuthMode:              d.Get("primary_auth_mode").(bool),
 			LdapURL:                      d.Get("ldap_url").(string),
 			LdapSearchDn:                 d.Get("ldap_search_dn").(string),
 			LdapSearchPassword:           d.Get("ldap_search_password").(string),
@@ -118,6 +120,7 @@ func SetAuthValues(d *schema.ResourceData, resp string) error {
 
 	auth := jsonData.AuthMode.Value
 	d.Set("auth_mode", auth)
+	d.Set("primary_auth_mode", jsonData.PrimaryAuthMode.Value)
 
 	switch auth {
 	case "oidc_auth", "oidc":
diff --git a/docs/resources/configuration.md b/docs/resources/configuration.md
index 9fab047b..94e5380d 100644
--- a/docs/resources/configuration.md
+++ b/docs/resources/configuration.md
@@ -5,6 +5,7 @@ How to configure oidc
 ```hcl
 resource "harbor_config_auth" "oidc" {
   auth_mode          = "oidc_auth"
+  primary_auth_mode  = true
   oidc_name          = "azure"
   oidc_endpoint      = "https://login.microsoftonline.com/{GUID goes here}/v2.0"
   oidc_client_id     = "OIDC Client ID goes here"
@@ -21,6 +22,7 @@ How to configure ldap
 ```hcl
 resource "harbor_config_auth" "ldap" {
   auth_mode            = "ldap_auth"
+  primary_auth_mode    = true
   ldap_url             = "openldap.default.svc.cluster.local:389"
   ldap_search_dn       = "cn=admin,dc=example,dc=org"
   ldap_search_password = "Not@SecurePassw0rd"
@@ -35,6 +37,9 @@ The following arguments are supported:
 
 * `auth_mode` - (Required) Harbor authentication mode. Can be `"oidc_auth"`, `"db_auth"` or `"ldap_auth"`. (Default: **"db_auth"**)
 
+* `primary_auth_mode` - (Optional) Default is **"false"**, set to **"true"** if you want to use the OIDC or LDAP mode as the primary auth mode.
+`NOTE: "primary_auth_mode" can only be used with Harbor version v2.8.0 and above`
+
 * `oidc_name` - (Optional) The name of the oidc provider name. (Required - if auth_mode set to **oidc_auth**)
 
 * `oidc_endpoint` - (Optional) The URL of an OIDC-complaint server. (Required - if auth_mode set to **oidc_auth**)
diff --git a/models/config.go b/models/config.go
index 809f0e55..4bf1a7e6 100644
--- a/models/config.go
+++ b/models/config.go
@@ -8,6 +8,7 @@ type ConfigBodyAuthPost struct {
 	OidcUserClaim         string `json:"oidc_user_claim,omitempty"`
 	LdapGroupSearchFilter string `json:"ldap_group_search_filter,omitempty"`
 	AuthMode              string `json:"auth_mode,omitempty"`
+	PrimaryAuthMode       bool   `json:"primary_auth_mode,omitempty"`
 	SelfRegistration      bool   `json:"self_registration"`
 	OidcScope             string `json:"oidc_scope,omitempty"`
 	LdapSearchDn          string `json:"ldap_search_dn,omitempty"`
@@ -95,6 +96,10 @@ type ConfigBodyResponse struct {
 		Editable bool   `json:"editable,omitempty"`
 		Value    string `json:"value,omitempty"`
 	} `json:"auth_mode,omitempty"`
+	PrimaryAuthMode struct {
+		Editable bool `json:"editable,omitempty"`
+		Value    bool `json:"value,omitempty"`
+	} `json:"primary_auth_mode,omitempty"`
 	SelfRegistration struct {
 		Editable bool `json:"editable,omitempty"`
 		Value    bool `json:"value,omitempty"`
diff --git a/provider/resource_config_auth.go b/provider/resource_config_auth.go
index bc5b4b60..97325803 100644
--- a/provider/resource_config_auth.go
+++ b/provider/resource_config_auth.go
@@ -15,6 +15,11 @@ func resourceConfigAuth() *schema.Resource {
 				Type:     schema.TypeString,
 				Required: true,
 			},
+			"primary_auth_mode": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  false,
+			},
 			"oidc_name": {
 				Type:          schema.TypeString,
 				Optional:      true,