Merge remote-tracking branch 'upstream/main' into feature/add-support…

…-for-filtering-twingate_groups-datasource

.github/workflows/ci.yml

@@ -17,6 +17,7 @@ on:
     branches:
       - main
 
+
 # Ensures only 1 action runs per PR and previous is canceled on new trigger
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}

docs/data-sources/connectors.md

@@ -13,18 +13,31 @@ Connectors provide connectivity to Remote Networks. For more information, see Tw
 ## Example Usage
 
 ```terraform
-data "twingate_connectors" "all" {}
+data "twingate_connectors" "all" {
+  name = "<your connector's name>"
+  #  name_regexp = "<regular expression of connector name>"
+  #  name_contains = "<a string in the connector name>"
+  #  name_exclude = "<your connector's name to exclude>"
+  #  name_prefix = "<prefix of connector name>"
+  #  name_suffix = "<suffix of connector name>"
+}
 ```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
 ### Optional
 
-- `connectors` (Attributes List) List of Connectors (see [below for nested schema](#nestedatt--connectors))
+- `name` (String) Returns only connectors that exactly match this name. If no options are passed it will return all connectors. Only one option can be used at a time.
+- `name_contains` (String) Match when the value exist in the name of the connector.
+- `name_exclude` (String) Match when the value does not exist in the name of the connector.
+- `name_prefix` (String) The name of the connector must start with the value.
+- `name_regexp` (String) The regular expression match of the name of the connector.
+- `name_suffix` (String) The name of the connector must end with the value.
 
 ### Read-Only
 
+- `connectors` (Attributes List) List of Connectors (see [below for nested schema](#nestedatt--connectors))
 - `id` (String) The ID of this resource.
 
 <a id="nestedatt--connectors"></a>

docs/data-sources/remote_networks.md

@@ -13,12 +13,28 @@ A Remote Network represents a single private network in Twingate that can have o
 ## Example Usage
 
 ```terraform
-data "twingate_remote_networks" "all" {}
+data "twingate_remote_networks" "all" {
+  name = "<your network's name>"
+  #  name_regexp = "<regular expression of network name>"
+  #  name_contains = "<a string in the network name>"
+  #  name_exclude = "<your network's name to exclude>"
+  #  name_prefix = "<prefix of network name>"
+  #  name_suffix = "<suffix of network name>"
+}
 ```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
+### Optional
+
+- `name` (String) Returns only remote networks that exactly match this name. If no options are passed it will return all remote networks. Only one option can be used at a time.
+- `name_contains` (String) Match when the value exist in the name of the remote network.
+- `name_exclude` (String) Match when the value does not exist in the name of the remote network.
+- `name_prefix` (String) The name of the remote network must start with the value.
+- `name_regexp` (String) The regular expression match of the name of the remote network.
+- `name_suffix` (String) The name of the remote network must end with the value.
+
 ### Read-Only
 
 - `id` (String) The ID of this resource.
@@ -27,8 +43,11 @@ data "twingate_remote_networks" "all" {}
 <a id="nestedatt--remote_networks"></a>
 ### Nested Schema for `remote_networks`
 
+Optional:
+
+- `name` (String) The name of the Remote Network.
+
 Read-Only:
 
 - `id` (String) The ID of the Remote Network.
 - `location` (String) The location of the Remote Network. Must be one of the following: AWS, AZURE, GOOGLE_CLOUD, ON_PREMISE, OTHER.
-- `name` (String) The name of the Remote Network

docs/data-sources/security_policies.md

@@ -13,19 +13,32 @@ Security Policies are defined in the Twingate Admin Console and determine user a
 ## Example Usage
 
 ```terraform
-data "twingate_security_policies" "all" {}
+data "twingate_security_policies" "all" {
+  name = "<your security policy's name>"
+  #  name_regexp = "<regular expression of security policy name>"
+  #  name_contains = "<a string in the security policy name>"
+  #  name_exclude = "<your security policy's name to exclude>"
+  #  name_prefix = "<prefix of security policy name>"
+  #  name_suffix = "<suffix of security policy name>"
+}
 ```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
 ### Optional
 
-- `security_policies` (Attributes List) (see [below for nested schema](#nestedatt--security_policies))
+- `name` (String) Returns only security policies that exactly match this name. If no options are passed it will return all security policies. Only one option can be used at a time.
+- `name_contains` (String) Match when the value exist in the name of the security policy.
+- `name_exclude` (String) Match when the value does not exist in the name of the security policy.
+- `name_prefix` (String) The name of the security policy must start with the value.
+- `name_regexp` (String) The regular expression match of the name of the security policy.
+- `name_suffix` (String) The name of the security policy must end with the value.
 
 ### Read-Only
 
 - `id` (String) The ID of this resource.
+- `security_policies` (Attributes List) (see [below for nested schema](#nestedatt--security_policies))
 
 <a id="nestedatt--security_policies"></a>
 ### Nested Schema for `security_policies`

docs/data-sources/service_accounts.md

@@ -15,6 +15,11 @@ Service Accounts offer a way to provide programmatic, centrally-controlled, and
 ```terraform
 data "twingate_service_accounts" "foo" {
   name = "<your service account's name>"
+  #  name_regexp = "<regular expression of service account name>"
+  #  name_contains = "<a string in the service account name>"
+  #  name_exclude = "<your service account's name to exclude>"
+  #  name_prefix = "<prefix of service account name>"
+  #  name_suffix = "<suffix of service account name>"
 }
 ```
 
@@ -23,7 +28,12 @@ data "twingate_service_accounts" "foo" {
 
 ### Optional
 
-- `name` (String) Filter results by the name of the Service Account.
+- `name` (String) Returns only service accounts that exactly match this name. If no options are passed it will return all service accounts. Only one option can be used at a time.
+- `name_contains` (String) Match when the value exist in the name of the service account.
+- `name_exclude` (String) Match when the value does not exist in the name of the service account.
+- `name_prefix` (String) The name of the service account must start with the value.
+- `name_regexp` (String) The regular expression match of the name of the service account.
+- `name_suffix` (String) The name of the service account must end with the value.
 
 ### Read-Only
 

examples/data-sources/twingate_connectors/data-source.tf

@@ -1 +1,8 @@
-data "twingate_connectors" "all" {}
+data "twingate_connectors" "all" {
+  name = "<your connector's name>"
+  #  name_regexp = "<regular expression of connector name>"
+  #  name_contains = "<a string in the connector name>"
+  #  name_exclude = "<your connector's name to exclude>"
+  #  name_prefix = "<prefix of connector name>"
+  #  name_suffix = "<suffix of connector name>"
+}

examples/data-sources/twingate_remote_networks/data-source.tf

@@ -1 +1,8 @@
-data "twingate_remote_networks" "all" {}
+data "twingate_remote_networks" "all" {
+  name = "<your network's name>"
+  #  name_regexp = "<regular expression of network name>"
+  #  name_contains = "<a string in the network name>"
+  #  name_exclude = "<your network's name to exclude>"
+  #  name_prefix = "<prefix of network name>"
+  #  name_suffix = "<suffix of network name>"
+}

examples/data-sources/twingate_security_policies/data-source.tf

@@ -1 +1,8 @@
-data "twingate_security_policies" "all" {}
+data "twingate_security_policies" "all" {
+  name = "<your security policy's name>"
+  #  name_regexp = "<regular expression of security policy name>"
+  #  name_contains = "<a string in the security policy name>"
+  #  name_exclude = "<your security policy's name to exclude>"
+  #  name_prefix = "<prefix of security policy name>"
+  #  name_suffix = "<suffix of security policy name>"
+}

examples/data-sources/twingate_service_accounts/data-source.tf

@@ -1,3 +1,8 @@
 data "twingate_service_accounts" "foo" {
   name = "<your service account's name>"
+  #  name_regexp = "<regular expression of service account name>"
+  #  name_contains = "<a string in the service account name>"
+  #  name_exclude = "<your service account's name to exclude>"
+  #  name_prefix = "<prefix of service account name>"
+  #  name_suffix = "<suffix of service account name>"
 }

twingate/internal/client/connector.go

@@ -76,10 +76,11 @@ func (client *Client) ReadConnector(ctx context.Context, connectorID string) (*m
 	return response.ToModel(), nil
 }
 
-func (client *Client) ReadConnectors(ctx context.Context) ([]*model.Connector, error) {
+func (client *Client) ReadConnectors(ctx context.Context, name, filter string) ([]*model.Connector, error) {
 	opr := resourceConnector.read()
 
 	variables := newVars(
+		gqlNullable(query.NewConnectorFilterInput(name, filter), "filter"),
 		cursor(query.CursorConnectors),
 		pageLimit(client.pageLimit),
 	)

twingate/internal/client/query/connectors-read.go

@@ -8,7 +8,7 @@ import (
 const CursorConnectors = "connectorsEndCursor"
 
 type ReadConnectors struct {
-	Connectors `graphql:"connectors(after: $connectorsEndCursor, first: $pageLimit)"`
+	Connectors `graphql:"connectors(filter: $filter, after: $connectorsEndCursor, first: $pageLimit)"`
 }
 
 type Connectors struct {
@@ -36,3 +36,13 @@ func (c Connectors) ToModel() []*model.Connector {
 		return edge.Node.ToModel()
 	})
 }
+
+type ConnectorFilterInput struct {
+	Name *StringFilterOperationInput `json:"name"`
+}
+
+func NewConnectorFilterInput(name, filter string) *ConnectorFilterInput {
+	return &ConnectorFilterInput{
+		Name: NewStringFilterOperationInput(name, filter),
+	}
+}

twingate/internal/client/query/remote-networks-read.go

@@ -8,7 +8,7 @@ import (
 const CursorRemoteNetworks = "remoteNetworksEndCursor"
 
 type ReadRemoteNetworks struct {
-	RemoteNetworks `graphql:"remoteNetworks(after: $remoteNetworksEndCursor, first: $pageLimit)"`
+	RemoteNetworks `graphql:"remoteNetworks(filter: $filter, after: $remoteNetworksEndCursor, first: $pageLimit)"`
 }
 
 func (q ReadRemoteNetworks) IsEmpty() bool {
@@ -28,3 +28,13 @@ func (r RemoteNetworks) ToModel() []*model.RemoteNetwork {
 		return edge.Node.ToModel()
 	})
 }
+
+type RemoteNetworkFilterInput struct {
+	Name *StringFilterOperationInput `json:"name"`
+}
+
+func NewRemoteNetworkFilterInput(name, filter string) *RemoteNetworkFilterInput {
+	return &RemoteNetworkFilterInput{
+		Name: NewStringFilterOperationInput(name, filter),
+	}
+}

twingate/internal/client/query/security-policies-read.go

@@ -8,7 +8,7 @@ import (
 const CursorPolicies = "policiesEndCursor"
 
 type ReadSecurityPolicies struct {
-	SecurityPolicies `graphql:"securityPolicies(after: $policiesEndCursor, first: $pageLimit)"`
+	SecurityPolicies `graphql:"securityPolicies(filter: $filter, after: $policiesEndCursor, first: $pageLimit)"`
 }
 
 func (q ReadSecurityPolicies) IsEmpty() bool {
@@ -29,3 +29,13 @@ func (q ReadSecurityPolicies) ToModel() []*model.SecurityPolicy {
 			return edge.Node.ToModel()
 		})
 }
+
+type SecurityPolicyFilterField struct {
+	Name *StringFilterOperationInput `json:"name"`
+}
+
+func NewSecurityPolicyFilterField(name, filter string) *SecurityPolicyFilterField {
+	return &SecurityPolicyFilterField{
+		Name: NewStringFilterOperationInput(name, filter),
+	}
+}

twingate/internal/client/query/service-accounts-read.go

@@ -99,21 +99,15 @@ func IsGqlKeyActive(item *GqlKeyIDEdge) bool {
 }
 
 type ServiceAccountFilterInput struct {
-	Name StringFilter `json:"name"`
+	Name *StringFilterOperationInput `json:"name"`
 }
 
-type StringFilter struct {
-	Eq string `json:"eq"`
-}
-
-func NewServiceAccountFilterInput(name string) *ServiceAccountFilterInput {
+func NewServiceAccountFilterInput(name, filter string) *ServiceAccountFilterInput {
 	if name == "" {
 		return nil
 	}
 
 	return &ServiceAccountFilterInput{
-		Name: StringFilter{
-			Eq: name,
-		},
+		Name: NewStringFilterOperationInput(name, filter),
 	}
 }

twingate/internal/client/remote-network.go

@@ -30,10 +30,11 @@ func (client *Client) CreateRemoteNetwork(ctx context.Context, req *model.Remote
 	return response.ToModel(), nil
 }
 
-func (client *Client) ReadRemoteNetworks(ctx context.Context) ([]*model.RemoteNetwork, error) {
+func (client *Client) ReadRemoteNetworks(ctx context.Context, name, filter string) ([]*model.RemoteNetwork, error) {
 	opr := resourceRemoteNetwork.read()
 
 	variables := newVars(
+		gqlNullable(query.NewRemoteNetworkFilterInput(name, filter), "filter"),
 		cursor(query.CursorRemoteNetworks),
 		pageLimit(client.pageLimit),
 	)

twingate/internal/client/security-policy.go

@@ -30,10 +30,11 @@ func (client *Client) ReadSecurityPolicy(ctx context.Context, securityPolicyID,
 	return response.ToModel(), nil
 }
 
-func (client *Client) ReadSecurityPolicies(ctx context.Context) ([]*model.SecurityPolicy, error) {
+func (client *Client) ReadSecurityPolicies(ctx context.Context, name, filter string) ([]*model.SecurityPolicy, error) {
 	opr := resourceSecurityPolicy.read()
 
 	variables := newVars(
+		gqlNullable(query.NewSecurityPolicyFilterField(name, filter), "filter"),
 		cursor(query.CursorPolicies),
 		pageLimit(client.pageLimit),
 	)

twingate/internal/client/service-account.go

@@ -119,13 +119,17 @@ func (client *Client) readServiceAccountsAfter(ctx context.Context, variables ma
 func (client *Client) ReadServiceAccounts(ctx context.Context, input ...string) ([]*model.ServiceAccount, error) {
 	opr := resourceServiceAccount.read()
 
-	var name string
+	var name, filter string
 	if len(input) > 0 {
 		name = input[0]
 	}
 
+	if len(input) > 1 {
+		filter = input[1]
+	}
+
 	variables := newVars(
-		gqlNullable(query.NewServiceAccountFilterInput(name), "filter"),
+		gqlNullable(query.NewServiceAccountFilterInput(name, filter), "filter"),
 		cursor(query.CursorServices),
 		cursor(query.CursorResources),
 		cursor(query.CursorServiceKeys),