feat: Add kubernetes agent deployment target (#636)

* Added kubernetes agent resource and schema

.run/Run provider.run.xml

@@ -0,0 +1,12 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Run provider" type="GoApplicationRunConfiguration" factoryName="Go Application">
+    <module name="terraform-provider-octopusdeploy" />
+    <working_directory value="$PROJECT_DIR$" />
+    <parameters value="-debug true" />
+    <kind value="PACKAGE" />
+    <package value="github.com/OctopusDeploy/terraform-provider-octopusdeploy" />
+    <directory value="$PROJECT_DIR$" />
+    <filePath value="$PROJECT_DIR$" />
+    <method v="2" />
+  </configuration>
+</component>

README.md

@@ -84,7 +84,42 @@ Terraform will scan the local plugins folder directory structure (first) to qual
 
 :warning: The `version` number specified in your Terraform configuration MUST match the version number specified in the Makefile. Futhermore, this version MUST either be incremented for each local re-build; otherwise, Terraform will use the cached version of the provider in the `.terraform` folder. Alternatively, you can simply delete the folder and re-run the `terraform init` command.
 
-### Documentation Generation
+## Debugging 
+If you want to debug the provider follow these steps!
+
+### Prerequisites
+- Terraform provider is configured to use the local version e.g. `"octopus.com/com/octopusdeploy"`
+```hcl
+terraform {
+  required_providers {
+    octopusdeploy = {
+      source  = "octopus.com/com/octopusdeploy"
+      version = "0.7.63"
+    }
+  }
+}
+```
+- Optional - Install delve https://github.com/go-delve/delve
+
+### Via Goland
+1. Debug the provided run configuration `Run provider` - This will run the provider with the `-debug` flag set to true.
+2. Export the environment variable that the running provider logs out, it will look something like this:
+```shell
+TF_REATTACH_PROVIDERS='{"octopus.com/com/octopusdeploy":{"Protocol":"grpc","ProtocolVersion":5,"Pid":37485,"Test":true,"Addr":{"Network":"unix","String":"/var/folders/pq/_cv_xzg97ts8t2tq25d_43wr0000gn/T/plugin447612806"}}}'
+```
+3. In the same terminal session where you exported the environment variable, execute the Terraform commands you want to debug.
+
+### Via Delve
+1. Add your breakpoints, this can be done by adding `runtime.Breakpoint()` lines to where you want the code to break.
+2. Run `dlv debug . -- --debug` in the root folder of the project (same directory where `main.go` lives).
+3. The debugger will start and wait, type `continue` in the terminal to get it to start the provider.
+4. Export the environment variable that the running provider logs out, it will look something like this:
+```shell
+TF_REATTACH_PROVIDERS='{"octopus.com/com/octopusdeploy":{"Protocol":"grpc","ProtocolVersion":5,"Pid":37485,"Test":true,"Addr":{"Network":"unix","String":"/var/folders/pq/_cv_xzg97ts8t2tq25d_43wr0000gn/T/plugin447612806"}}}'
+```
+5. In the same terminal session where you exported the environment variable, execute the Terraform commands you want to debug.
+
+## Documentation Generation
 
 Documentation is auto-generated by the [tfplugindocs CLI](https://github.com/hashicorp/terraform-plugin-docs). To generate the documentation, run the following command:
 

docs/data-sources/kubernetes_agent_deployment_targets.md

@@ -0,0 +1,86 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "octopusdeploy_kubernetes_agent_deployment_targets Data Source - terraform-provider-octopusdeploy"
+subcategory: ""
+description: |-
+  Provides information about existing kubernetes agent deployment targets.
+---
+
+# octopusdeploy_kubernetes_agent_deployment_targets (Data Source)
+
+Provides information about existing kubernetes agent deployment targets.
+
+## Example Usage
+
+```terraform
+data "octopusdeploy_kubernetes_agent_deployment_targets" "kubernetes_agent_deployment_targets" {
+   deployment_id   = "Deployments-123"
+   environments    = ["Environments-123", "Environments-321"]
+   health_statuses = ["HasWarnings"]
+   ids             = ["Machines-123", "Machines-321"]
+   is_disabled     = false
+   name            = "Kubernetes Agent"
+   partial_name    = "Kubernetes Age"
+   roles           = ["Roles-123", "Roles-321"]
+   shell_names     = []
+   skip            = 5
+   take            = 100
+   tenant_tags     = ["TagSet1/Tag"]
+   tenants         = ["Tenants-123"]
+   thumbprint      = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Optional
+
+- `deployment_id` (String) A filter to search by deployment ID.
+- `environments` (List of String) A filter to search by a list of environment IDs.
+- `health_statuses` (List of String) A filter to search by a list of health statuses of resources. Valid health statuses are `HasWarnings`, `Healthy`, `Unavailable`, `Unhealthy`, or `Unknown`.
+- `ids` (List of String) A filter to search by a list of IDs.
+- `is_disabled` (Boolean) A filter to search by the disabled status of a resource.
+- `name` (String) A filter to search by name.
+- `partial_name` (String) A filter to search by the partial match of a name.
+- `roles` (List of String) A filter to search by a list of role IDs.
+- `shell_names` (List of String) A list of shell names to match in the query and/or search
+- `skip` (Number) A filter to specify the number of items to skip in the response.
+- `space_id` (String) The space ID associated with this resource.
+- `take` (Number) A filter to specify the number of items to take (or return) in the response.
+- `tenant_tags` (List of String) A filter to search by a list of tenant tags.
+- `tenants` (List of String) A filter to search by a list of tenant IDs.
+- `thumbprint` (String) The thumbprint of the deployment target to match in the query and/or search
+
+### Read-Only
+
+- `id` (String) An auto-generated identifier that includes the timestamp when this data source was last modified.
+- `kubernetes_agent_deployment_targets` (Block List) A list of kubernetes agent deployment targets that match the filter(s). (see [below for nested schema](#nestedblock--kubernetes_agent_deployment_targets))
+
+<a id="nestedblock--kubernetes_agent_deployment_targets"></a>
+### Nested Schema for `kubernetes_agent_deployment_targets`
+
+Read-Only:
+
+- `agent_helm_release_name` (String) Name of the Helm release that the agent belongs to.
+- `agent_kubernetes_namespace` (String) Name of the Kubernetes namespace where the agent is installed.
+- `agent_tentacle_version` (String) Current Tentacle version of the agent
+- `agent_upgrade_status` (String) Current upgrade availability status of the agent. One of 'NoUpgrades', 'UpgradeAvailable', 'UpgradeSuggested', 'UpgradeRequired'
+- `agent_version` (String) Current Helm chart version of the agent.
+- `communication_mode` (String) The communication mode used by the Kubernetes agent to communicate with Octopus Server. Currently, the only supported value is 'Polling'.
+- `default_namespace` (String) Optional default namespace that will be used when using Kubernetes deployment steps, can be overrides within step configurations.
+- `environments` (List of String) A list of environment IDs this Kubernetes agent can deploy to.
+- `id` (String) The unique ID for this resource.
+- `is_disabled` (Boolean) Whether the Kubernetes agent is disabled. If the agent is disabled, it will not be included in any deployments.
+- `machine_policy_id` (String) Optional ID of the machine policy that the Kubernetes agent will use. If not provided the default machine policy will be used.
+- `name` (String) The name of this resource.
+- `roles` (List of String) A list of target roles that are associated to this Kubernetes agent.
+- `space_id` (String) The space ID associated with this resource.
+- `tenant_tags` (List of String) A list of tenant tags associated with this resource.
+- `tenanted_deployment_participation` (String) The tenanted deployment mode of the resource. Valid account types are `Untenanted`, `TenantedOrUntenanted`, or `Tenanted`.
+- `tenants` (List of String) A list of tenant IDs associated with this resource.
+- `thumbprint` (String) The thumbprint of the Kubernetes agent's certificate used by server to verify the identity of the agent. This is the same thumbprint that was used when installing the agent.
+- `upgrade_locked` (Boolean) If enabled the Kubernetes agent will not automatically upgrade and will stay on the currently installed version, even if the associated machine policy is configured to automatically upgrade.
+- `uri` (String) The URI of the Kubernetes agent's used by the server to queue messages. This is the same subscription uri that was used when installing the agent.
+
+

docs/resources/kubernetes_agent_deployment_target.md

@@ -0,0 +1,84 @@
+---
+page_title: "octopusdeploy_kubernetes_agent_deployment_target Resource - terraform-provider-octopusdeploy"
+subcategory: "Deployment Targets"
+description: |-
+  This resource manages Kubernetes agent deployment targets in Octopus Deploy.
+---
+
+# octopusdeploy_kubernetes_agent_deployment_target (Resource)
+
+This resource manages Kubernetes agent deployment targets in Octopus Deploy.
+
+## Example Usage
+
+```terraform
+resource "octopusdeploy_kubernetes_agent_deployment_target" "minimal" {
+  name         = "agent-minimal"
+  environments = ["environments-1"]
+  roles        = ["role-1", "role-2"]
+  thumbprint   = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+  uri          = "poll://kcxzcv2fpsxkn6tk9u6d/"
+}
+
+resource "octopusdeploy_kubernetes_agent_deployment_target" "optionals" {
+  name              = "agent-optionals"
+  environments      = ["environments-1"]
+  roles             = ["role-1", "role-2"]
+  thumbprint   = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+  uri          = "poll://kcxzcv2fpsxkn6tk9u6d/"
+  machine_policy_id = "machinepolicies-1"
+  default_namespace = "kubernetes-namespace"
+  upgrade_locked    = true
+  is_disabled       = true
+}
+
+resource "octopusdeploy_kubernetes_agent_deployment_target" "tenanted_agent" {
+  name                              = "agent-tenanted"
+  environments                      = ["environments-1"]
+  roles                             = ["role-1", "role-2"]
+  thumbprint   = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+  uri          = "poll://kcxzcv2fpsxkn6tk9u6d/"
+  tenanted_deployment_participation = "Tenanted"
+  tenants                           = ["tenants-1"]
+  tenant_tags                       = ["TagSets-1/Tags-1"]
+}
+```
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `environments` (List of String) A list of environment IDs this Kubernetes agent can deploy to.
+- `name` (String) The name of this resource.
+- `roles` (List of String) A list of target roles that are associated to this Kubernetes agent.
+- `thumbprint` (String) The thumbprint of the Kubernetes agent's certificate used by server to verify the identity of the agent. This is the same thumbprint that was used when installing the agent.
+- `uri` (String) The URI of the Kubernetes agent's used by the server to queue messages. This is the same subscription uri that was used when installing the agent.
+
+### Optional
+
+- `communication_mode` (String) The communication mode used by the Kubernetes agent to communicate with Octopus Server. Currently, the only supported value is 'Polling'.
+- `default_namespace` (String) Optional default namespace that will be used when using Kubernetes deployment steps, can be overrides within step configurations.
+- `id` (String) The unique ID for this resource.
+- `is_disabled` (Boolean) Whether the Kubernetes agent is disabled. If the agent is disabled, it will not be included in any deployments.
+- `machine_policy_id` (String) Optional ID of the machine policy that the Kubernetes agent will use. If not provided the default machine policy will be used.
+- `space_id` (String) The space ID associated with this resource.
+- `tenant_tags` (List of String) A list of tenant tags associated with this resource.
+- `tenanted_deployment_participation` (String) The tenanted deployment mode of the resource. Valid account types are `Untenanted`, `TenantedOrUntenanted`, or `Tenanted`.
+- `tenants` (List of String) A list of tenant IDs associated with this resource.
+- `upgrade_locked` (Boolean) If enabled the Kubernetes agent will not automatically upgrade and will stay on the currently installed version, even if the associated machine policy is configured to automatically upgrade.
+
+### Read-Only
+
+- `agent_helm_release_name` (String) Name of the Helm release that the agent belongs to.
+- `agent_kubernetes_namespace` (String) Name of the Kubernetes namespace where the agent is installed.
+- `agent_tentacle_version` (String) Current Tentacle version of the agent
+- `agent_upgrade_status` (String) Current upgrade availability status of the agent. One of 'NoUpgrades', 'UpgradeAvailable', 'UpgradeSuggested', 'UpgradeRequired'
+- `agent_version` (String) Current Helm chart version of the agent.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import [options] octopusdeploy_kubernetes_agent_deployment_target.<name> <machine-id>
+```

docs/resources/polling_subscription_id.md

@@ -0,0 +1,46 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "octopusdeploy_polling_subscription_id Resource - terraform-provider-octopusdeploy"
+subcategory: ""
+description: |-
+  A unique polling subscription ID that can be used by polling tentacles.
+---
+
+# octopusdeploy_polling_subscription_id (Resource)
+
+A unique polling subscription ID that can be used by polling tentacles.
+
+## Example Usage
+
+```terraform
+resource "octopusdeploy_polling_subscription_id" "example" {}
+
+resource "octopusdeploy_polling_subscription_id" "example_with_dependencies" {
+  dependencies = {
+    "target" = octopusdeploy_kubernetes_agent_deployment_target.example.id
+  }
+}
+
+# Usage
+resource "octopusdeploy_kubernetes_agent_deployment_target" "agent" {
+  name         = "agent"
+  environments = ["environments-1"]
+  roles        = ["role-1", "role-2"]
+  thumbprint   = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+  uri          = octopusdeploy_polling_subscription_id.example_with_dependencies.polling_uri
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Optional
+
+- `dependencies` (Map of String) Optional map of dependencies that when modified will trigger a re-creation of this resource.
+
+### Read-Only
+
+- `id` (String) The generated polling subscription ID.
+- `polling_uri` (String) The URI of the polling subscription ID.
+
+

docs/resources/runbook_process.md

@@ -976,3 +976,5 @@ Optional:
 - `id` (String) The unique ID for this resource.
 - `name` (String) The name of this resource.
 - `properties` (Map of String) A list of properties associated with this package.
+
+

docs/resources/tentacle_certificate.md

@@ -0,0 +1,53 @@
+---
+page_title: "octopusdeploy_tentacle_certificate Resource - terraform-provider-octopusdeploy"
+subcategory: ""
+description: |-
+  Generates a X.509 self-signed certificate for use with a Octopus Deploy Tentacle.
+---
+
+# octopusdeploy_tentacle_certificate (Resource)
+
+Generates a X.509 self-signed certificate for use with a Octopus Deploy Tentacle.
+
+## Octopus certificates
+The X.509 certificates generated are self-signed, 2048-bit private keys and intended for use [only between Octopus Server and Tentacle](https://octopus.com/docs/security/octopus-tentacle-communication#Octopus-Tentaclecommunication-Octopuscertificates) communications. There is an insightful discussion of [why Octopus uses self-signed certificates](https://octopus.com/blog/why-self-signed-certificates) by default.
+
+Instead of generating a new certificate through this resource you can use an existing certificate and simply reference the appropriate thumbprint when registering the target.
+
+### State Persistence
+This resource that is generated will be stored in the state file and cannot be retrieved later from the external Octopus Server or Tentacle.
+
+## Example Usage
+
+```terraform
+resource "octopusdeploy_tentacle_certificate" "example" {}
+
+resource "octopusdeploy_tentacle_certificate" "example_with_dependencies" {
+  dependencies = {
+    "target" = octopusdeploy_kubernetes_agent_deployment_target.agent.id
+  }
+}
+
+# Usage
+resource "octopusdeploy_kubernetes_agent_deployment_target" "agent" {
+  name         = "agent"
+  environments = ["environments-1"]
+  roles        = ["role-1", "role-2"]
+  thumbprint   = octopusdeploy_tentacle_certificate.example_with_dependencies.thumbprint
+  uri          = "poll://kcxzcv2fpsxkn6tk9u6d/"
+}
+```
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Optional
+
+- `dependencies` (Map of String) Optional map of dependencies that when modified will trigger a re-creation of this resource.
+
+### Read-Only
+
+- `base64` (String, Sensitive) The base64 encoded pfx certificate.
+- `id` (String) The ID of this resource.
+- `thumbprint` (String) The SHA1 sum of the certificate represented in hexadecimal.
+
+

examples/data-sources/octopusdeploy_kubernetes_agent_deployment_targets/data-source.tf

@@ -0,0 +1,16 @@
+data "octopusdeploy_kubernetes_agent_deployment_targets" "kubernetes_agent_deployment_targets" {
+   deployment_id   = "Deployments-123"
+   environments    = ["Environments-123", "Environments-321"]
+   health_statuses = ["HasWarnings"]
+   ids             = ["Machines-123", "Machines-321"]
+   is_disabled     = false
+   name            = "Kubernetes Agent"
+   partial_name    = "Kubernetes Age"
+   roles           = ["Roles-123", "Roles-321"]
+   shell_names     = []
+   skip            = 5
+   take            = 100
+   tenant_tags     = ["TagSet1/Tag"]
+   tenants         = ["Tenants-123"]
+   thumbprint      = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+}

examples/resources/octopusdeploy_kubernetes_agent_deployment_target/import.sh

@@ -0,0 +1 @@
+terraform import [options] octopusdeploy_kubernetes_agent_deployment_target.<name> <machine-id>

examples/resources/octopusdeploy_kubernetes_agent_deployment_target/resource.tf

@@ -0,0 +1,30 @@
+resource "octopusdeploy_kubernetes_agent_deployment_target" "minimal" {
+  name         = "agent-minimal"
+  environments = ["environments-1"]
+  roles        = ["role-1", "role-2"]
+  thumbprint   = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+  uri          = "poll://kcxzcv2fpsxkn6tk9u6d/"
+}
+
+resource "octopusdeploy_kubernetes_agent_deployment_target" "optionals" {
+  name              = "agent-optionals"
+  environments      = ["environments-1"]
+  roles             = ["role-1", "role-2"]
+  thumbprint   = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+  uri          = "poll://kcxzcv2fpsxkn6tk9u6d/"
+  machine_policy_id = "machinepolicies-1"
+  default_namespace = "kubernetes-namespace"
+  upgrade_locked    = true
+  is_disabled       = true
+}
+
+resource "octopusdeploy_kubernetes_agent_deployment_target" "tenanted_agent" {
+  name                              = "agent-tenanted"
+  environments                      = ["environments-1"]
+  roles                             = ["role-1", "role-2"]
+  thumbprint   = "96203ED84246201C26A2F4360D7CBC36AC1D232D"
+  uri          = "poll://kcxzcv2fpsxkn6tk9u6d/"
+  tenanted_deployment_participation = "Tenanted"
+  tenants                           = ["tenants-1"]
+  tenant_tags                       = ["TagSets-1/Tags-1"]
+}