foreman_opentofu 0.0.4 → 0.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e3f7d22aa8036489bd3356eff61fb54608d15c1ced729e2a592257e3383213a5
-  data.tar.gz: 3a7272bc1b5e4a36974b859362d18209d3cbc36293e00c9722a2c6991bdcd0ee
+  metadata.gz: 13aa21537aa49784d6b945e5e0169c20509c46e361e951b6db79a17d330559ef
+  data.tar.gz: e0f23b3286a236bd161421d8464518a9b47878d61e7ebd03ab41b361cb0b513f
 SHA512:
-  metadata.gz: 7efbc5b6168046cac8b716864636ac9f16acd32b229e017ff876d93cde3aecf3ff4e94572e09407ecf2e3de6462592efd46e4bcacf49285c765aceba4e32787b
-  data.tar.gz: f7b2493f8dcca6913ab2167f9cb529610d0e9c91240d43ea324503b24352fa5b0cb774b8ffee4f1cf76791e38ef9440c90ad0bfdbe8390b3b62fa1d4d09d38f5
+  metadata.gz: f1459d8aa7ad4e99b3d43b2725093f7cdc06d7473073432ca8386f46b1d2db4a5ac3acad3ec7c3580830e2d13a11e25354713c9a702a1f3ac669a527a504137f
+  data.tar.gz: 4724e84ebc240ef60bdd95c65710fc3156f718628d38ba65570d8305df762be8883e00df13783002927589cdb2e7eed0304b98b414e5ac4e1edf9a48c5ca3d8c

data/README.md

@@ -64,7 +64,7 @@ Provisioning workflow:
 
 Provider-specific details (for example Nutanix, Hetzner) are handled entirely through OpenTofu scripts.
 
-### Create new ProviderType
+### Add support for a new Tofu-Provider
 
 This Plugin empowers you to add support of a new backend VM- or Cloud-Platform yourself.
 Follow these simple steps to do so:
@@ -80,11 +80,39 @@ You may use the UI-Editor in Hosts -> Templates -> Provisioning Templates to cre
 Either clone a pre-installed template or create one from scratch.
 In the latter case be sure to select the correct Template Type: OpenTofu Script template.
 
+
+#### Create Provider Type
+
+To let the Foreman OpenTofu Plugin know about your new Provider Type, one additional file has to be created in `/lib/foreman_opentofu/provider_types/`.
+
+A very simple ProviderType file to add a new Provider named `nutanix` has to be located in `lib/foreman_opentofu/provider_types/nutanix.rb` and might look like this:
+
+```ruby
+ForemanOpentofu::ProviderTypeManager.register('nutanix') do
+end
+```
+
+Additional informations about the ProviderType can be set within the `register`-block:
+
+##### `default_attributes`
+
+Define values that should be set as default for attributes.
+The values do not have to be defined in the config-file.
+If attributes are also defined in the config-file and therefore set during Host creation, the default\_attribute values will be overwritten.
+
+```ruby
+ForemanOpentofu::ProviderTypeManager.register('nutanix') do
+  @default_attributes = {
+    'enable_cpu_passthrough' => true,
+    'num_threads_per_core' => 2,
+  }
+end
+```
+
 #### Create Parameter Config
 
-To define which Virtual Machine parameters can be set for a new Host a new config file under `/config` must be added.
-Feel free to use either YAML or JSON (be sure to end the filename with `.json` or `.yaml`).
-The config file defines an array of dicts, where each dict represents a configuration-parameter.
+To define which Virtual Machine parameters can be set for a new Host the `self.provider_attrs` variable must be defined within the `register`-block.
+The `provider_attrs`-variable defines an Array of Dicts/Hashes, where each Dict/Hash represents a configuration-parameter.
 
 A config-parameter has the following values:
 
@@ -98,54 +126,53 @@ A config-parameter has the following values:
 * `help`: Tooltip describing what that value does and what values are allowed
 * `mandatory`: `true`/`false` defines if omitting the value triggers an error
 * `options`: array of strings representing the possible values
+* `default`: default-value should be specified if parameter is mandatory and options is empty
 * `group`: define where the value should be configured
    * `vm`: ones per Host in the 'Virtual Machine' tab,
    * `disk`: for each defined disk/volume in the 'Virtual Machine' tab
    * `nic`: for each defined network-interface on the 'Interfaces' tab
 
-A short config file might look like this:
-
-```json
-[
-  { "name": "memory_size_mib", "type": "number", "group": "vm", "mandatory": false,
-    "label": "Memory (MB)" },
-  { "name": "boot_type", "type": "select", "group": "vm", "mandatory": false,
-    "label": "Firmware", "options": [ "UEFI", "LEGACY", "SECURE_BOOT" ] },
-  { "name": "disk_size_mib", "type": "number", "group": "disk", "mandatory": true,
-    "label": "Size (MB)" },
-  { "name": "model", "type": "select", "group": "nic", "mandatory": true,
-    "options": [ "VIRTIO", "E1000" ] }
+A short definition might look like this:
+
+```ruby
+self.provider_attrs = [
+  { name: 'memory_size_mib', type: 'number', group: 'vm', mandatory: false,
+    label: 'Memory (MB)' },
+  { name: 'boot_type', type: 'select', group: 'vm', mandatory: false,
+    label: 'Firmware', options: [ 'UEFI', 'LEGACY', 'SECURE_BOOT' ] },
+  { name: 'disk_size_mib', type: 'number', group: 'disk', mandatory: true,
+    label: 'Size (MB)' },
+  { name: 'model', type: 'select', group: 'nic', mandatory: true,
+    options: [ 'VIRTIO', 'E1000' ] }
 ]
 ```
 
-The name of the file must be the same as the provider-type name we set in the next step (e.g. `/config/nutanix.json`).
-
 ##### Dynamic Config Parameter
 
 Sometimes it is necessary to provide a list of possible values that are defined by the backend-service.
 Curating the 'options'-Array is tedious at best or not possible if multiple instances of the backend service are in use.
 This can be addressed by specifiying an OpenTofu provider's [DataSource](https://opentofu.org/docs/language/data-sources/) in the following way:
 
-```json
+```ruby
 {
-  "name": "volume_group", "type": "select", "group": "disk", "mandatory": true, "label": "Volume Group",
-  "options": {
-    "data_source": {
-      "name": "nutanix_volume_groups_v2",
-      "arguments": {
-        "filter": "name eq 'volume_group_test'",
-        "limit": 20
+  name: 'volume_group', type: 'select', group: 'disk', mandatory: true, label: 'Volume Group',
+  options: {
+    data_source: {
+      name: 'nutanix_volume_groups_v2',
+      arguments: {
+        filter: 'name eq 'volume_group_test'',
+        limit: 20
       },
-      "entity": {
-        "id": "metadata.uuid"
+      entity: {
+        id: 'metadata.uuid'
       }
     },
-    "output_path_postfix": "volume_groups"
+    output_path_postfix: 'volume_groups'
   }
 }
 
 ```
-The GUI requires a list of objects that at least contain a name and an id for each select-option.
+The GUI requires a list of objects that at least contains a name and an id for each select-option.
 The `entity` section can be used to define a specific value from an object within the list that the DataSource returns.
 If the object already has `name` and `id` entries, these will automatically used.
 In the above example `name` exists in the object and can be used.
@@ -170,49 +197,57 @@ output "resources" {
 
 Some config parameter names have special meanings.
 For instance, Image-based Deployment requires binding images available on the backend-service with Operating Systems configured in Foreman.
+
+###### available\_images
+
 To enable Foreman OpenTofu to display the available images, a `select`-parameter with the name `available_images` must be specified.
 It is recommended to tie this to a data-source available in the OpenTofu provider.
 
-```json
+```ruby
 {
-  "name": "available_images", "type": "select",
-  "options": {
-    "data_source": {
-      "name": "hcloud_images",
-      "arguments": { "with_architecture": ["x86"] }
+  name: 'available_images', type: 'select',
+  options: {
+    data_source: {
+      name: 'hcloud_images',
+      arguments: { with_architecture: ['x86'] }
     },
-    "output_path_postfix": "images"
+    output_path_postfix: 'images'
   }
 }
 ```
 
+###### available\_ssh\_keys
 
-#### Create Provider Type
-
-To let the Foreman OpenTofu Plugin know about your new Provider Type, one additional file has to be created in `/lib/foreman_opentofu/provider_types/`.
-
-A very simple ProviderType file to add a new Provider named `nutanix` has to be located in `lib/foreman_opentofu/provider_types/nutanix.rb` and might look like this:
+Cloud-based Providers usually require an SSH key pair to configure image-based hosts.
+This dynamic data-source should provide a list of SSH keys known to the cloud-provider.
 
 ```ruby
-ForemanOpentofu::ProviderTypeManager.register('nutanix') do
-end
+{
+  name: 'available_ssh_keys', type: 'select',
+  label: 'SSH-Deployment-Keys', options: {
+    data_source: {
+      name: 'hcloud_ssh_keys',
+    },
+    entity: {
+      fingerprint: 'fingerprint',
+    },
+    output_path_postfix: 'ssh_keys',
+  }
+}
 ```
 
-Additional informations about the ProviderType can be set within the `register`-block:
+#### Protection against Accidental Resource Recreation
 
-##### `default_attributes`
+Depending on the settings that are changed for an existing resource (e.g. a Host), OpenTofu may decide that it has to destroy the existing resource and create a new one.
+This is almost never what we want for a managed Foreman Host.
+After editing a host, this Plugin checks OpenTofu's plan for applying the changes.
+If the plan includes a 'delete'-action, it will raise an exception and will not apply the changes.
 
-Define values that should be set as default for attributes.
-The values do not have to be defined in the config-file.
-If attributes are also defined in the config-file and therefore set during Host creation, the default\_attribute values will be overwritten.
+In case the recreation of a specific resource type is expected behavior, the resource type can be added to an allow-list within the ProviderType definition file.
+The following example allows OpenTofu to destroy and recreate resources of type `hcloud_volume`:
 
 ```ruby
-ForemanOpentofu::ProviderTypeManager.register('nutanix') do
-  @default_attributes = {
-    'enable_cpu_passthrough' => true,
-    'num_threads_per_core' => 2,
-  }
-end
+self.recreate_type_allow_list = ['hcloud_volume']
 ```
 
 

data/app/assets/javascripts/foreman_opentofu/locale/de_DE/foreman_opentofu.js

@@ -0,0 +1,136 @@
+ locales['foreman_opentofu'] = locales['foreman_opentofu'] || {}; locales['foreman_opentofu']['de_DE'] = {
+  "domain": "foreman_opentofu",
+  "locale_data": {
+    "foreman_opentofu": {
+      "": {
+        "Project-Id-Version": "foreman_opentofu 0.0.4",
+        "Report-Msgid-Bugs-To": "",
+        "PO-Revision-Date": "2026-02-16 11:45+0000",
+        "Last-Translator": "Markus Bucher <bucher@atix.de>, 2026",
+        "Language-Team": "German (Germany) (https://app.transifex.com/foreman/teams/114/de_DE/)",
+        "MIME-Version": "1.0",
+        "Content-Type": "text/plain; charset=UTF-8",
+        "Content-Transfer-Encoding": "8bit",
+        "Language": "de_DE",
+        "Plural-Forms": "nplurals=2; plural=(n != 1);",
+        "lang": "de_DE",
+        "domain": "foreman_opentofu",
+        "plural_forms": "nplurals=2; plural=(n != 1);"
+      },
+      "127.0.0.1": [
+        "127.0.0.1"
+      ],
+      "Add Interface": [
+        "Interface hinzufügen"
+      ],
+      "Add Volume": [
+        "Volume hinzufügen"
+      ],
+      "Cache slow calls to OpenTofu Compute resources to speed up page rendering": [
+        "Ergebnisse langsamer Abfragen zu OpenTofu zwischenspeichern um das Laden der Seiten zu beschleunigen"
+      ],
+      "Caching": [
+        "Zwischenspeicher"
+      ],
+      "Common fields": [
+        "Allgemeine Werte"
+      ],
+      "Disabled": [
+        "Deaktiviert"
+      ],
+      "Does this image support user data input (e.g. via cloud-init)?": [
+        "Unterstützt dieses Image die Eingabe von Benutzerdaten (z.B. via cloud-init)?"
+      ],
+      "Enable caching": [
+        "Caching aktivieren"
+      ],
+      "Enabled": [
+        "Aktiviert"
+      ],
+      "ID of the Image on the Hypervisor": [
+        "ID des Abbilds auf dem Hypervisor"
+      ],
+      "Image": [
+        "Abbild"
+      ],
+      "Image \\\"%{image}\\\" needs user data, but \\\"%{os}\\\" is not associated to any provisioning template of the kind user_data. Please associate it with a suitable template or uncheck 'User data' from the image definition.": [
+        "Abbild \\\"%{image}\\\" benötigt Benutzerdaten. Jedoch ist \\\"%{os}\\\" keine Bereitstellungsvorlage der Art user_data zugeordnet. Bitte weisen Sie eine geeignete Vorlage zu, oder deaktivieren sie \\\"Benutzerdaten\\\" in der Abbilddefinition."
+      ],
+      "Image ID": [
+        "Abbild ID"
+      ],
+      "Network interfaces": [
+        "Netzwerkinterface"
+      ],
+      "No networks found.": [
+        "Keine Netzwerke gefunden."
+      ],
+      "Number of Bits for the SSH-Key required to provision hosts on image-based providers.": [
+        "Bitanzahl des SSH-Schlüssels der für die abbildbasierte Bereitstellung von Hosts benötigt wird."
+      ],
+      "Number of seconds a run of OpenTofu command is allowed to report TfState back to the plugin.": [
+        "Anzahl der Sekunden in denen ein OpenTofu Befehl einen TfState an das Plugin zurücksenden darf."
+      ],
+      "OpenTofu": [
+        "OpenTofu"
+      ],
+      "OpenTofu Provider": [
+        "OpenTofu Provider"
+      ],
+      "OpenTofu Script template": [
+        "OpenTofu Script Vorlage"
+      ],
+      "OpenTofu Template": [
+        "OpenTofu Vorlage"
+      ],
+      "Password to authenticate with - used for SSH finish step.": [
+        "Passwort mit dem sich authentifiziert wird - benötigt, um den letzten Schritt mit SSH abzuschließen."
+      ],
+      "Please select an image": [
+        "Bitte Abbild auswählen"
+      ],
+      "Power change operations are not enabled on this host.": [
+        "Power-Operationen werden auf diesem Host nicht unterstützt"
+      ],
+      "SSH-Key Length": [
+        "SSH-Schlüssellänge"
+      ],
+      "TODO: Description of ForemanPluginTemplate.": [
+        ""
+      ],
+      "TfState Token Timeout": [
+        "TfState Token Timeout"
+      ],
+      "The user that is used to ssh into the instance, normally cloud-user, ec2-user, ubuntu, root etc": [
+        "Der Benutzer für die SSH-Verbindung zur Instanz. Normalerweise cloud-user, ec2-user, ubuntu, root, etc."
+      ],
+      "URL": [
+        "URL"
+      ],
+      "Unable to find template specified by %s setting": [
+        "Konnte Vorlage mit der %s-Einstellung nicht finden"
+      ],
+      "Unable to render provisioning template": [
+        "Bereitstellungsvorlage konnte nicht verarbeitet werden"
+      ],
+      "VM Config": [
+        "VM Konfiguration"
+      ],
+      "add new network interface": [
+        "neues Netzwerkinterface hinzufügen"
+      ],
+      "add new storage volume": [
+        "neues Speichervolume hinzufügen"
+      ],
+      "e.g. admin": [
+        "z.B. admin"
+      ],
+      "remove network interface": [
+        "Netzwerkinterface entfernen"
+      ],
+      "remove storage volume": [
+        "entferne Speichervolume"
+      ]
+    }
+  }
+};

data/app/assets/javascripts/foreman_opentofu/locale/en/foreman_opentofu.js

@@ -3,7 +3,7 @@
   "locale_data": {
     "foreman_opentofu": {
       "": {
-        "Project-Id-Version": "foreman_opentofu 1.0.0",
+        "Project-Id-Version": "foreman_opentofu 0.0.4",
         "Report-Msgid-Bugs-To": "",
         "PO-Revision-Date": "2026-02-16 18:46+0000",
         "Last-Translator": "FULL NAME <EMAIL@ADDRESS>",
@@ -20,9 +20,60 @@
       "127.0.0.1": [
         ""
       ],
+      "Add Interface": [
+        ""
+      ],
+      "Add Volume": [
+        ""
+      ],
+      "Cache slow calls to OpenTofu Compute resources to speed up page rendering": [
+        ""
+      ],
+      "Caching": [
+        ""
+      ],
       "Common fields": [
         ""
       ],
+      "Disabled": [
+        ""
+      ],
+      "Does this image support user data input (e.g. via cloud-init)?": [
+        ""
+      ],
+      "Enable caching": [
+        ""
+      ],
+      "Enabled": [
+        ""
+      ],
+      "ID of the Image on the Hypervisor": [
+        ""
+      ],
+      "Image": [
+        ""
+      ],
+      "Image \\\"%{image}\\\" needs user data, but \\\"%{os}\\\" is not associated to any provisioning template of the kind user_data. Please associate it with a suitable template or uncheck 'User data' from the image definition.": [
+        ""
+      ],
+      "Image ID": [
+        ""
+      ],
+      "Network interfaces": [
+        ""
+      ],
+      "No networks found.": [
+        ""
+      ],
+      "Number of Bits for the SSH-Key required to provision hosts on image-based providers.": [
+        ""
+      ],
+      "Number of seconds a run of OpenTofu command is allowed to report TfState back to the plugin.": [
+        ""
+      ],
+      "OpenTofu": [
+        ""
+      ],
       "OpenTofu Provider": [
         ""
       ],
@@ -32,12 +83,27 @@
       "OpenTofu Template": [
         ""
       ],
-      "Storage": [
+      "Password to authenticate with - used for SSH finish step.": [
+        ""
+      ],
+      "Please select an image": [
+        ""
+      ],
+      "Power change operations are not enabled on this host.": [
+        ""
+      ],
+      "SSH-Key Length": [
         ""
       ],
       "TODO: Description of ForemanPluginTemplate.": [
         ""
       ],
+      "TfState Token Timeout": [
+        ""
+      ],
+      "The user that is used to ssh into the instance, normally cloud-user, ec2-user, ubuntu, root etc": [
+        ""
+      ],
       "URL": [
         ""
       ],
@@ -50,8 +116,20 @@
       "VM Config": [
         ""
       ],
+      "add new network interface": [
+        ""
+      ],
+      "add new storage volume": [
+        ""
+      ],
       "e.g. admin": [
         ""
+      ],
+      "remove network interface": [
+        ""
+      ],
+      "remove storage volume": [
+        ""
       ]
     }
   }

data/app/controllers/concerns/foreman_opentofu/api/v2/hosts_controller_power_override.rb

@@ -0,0 +1,22 @@
+module ForemanOpentofu
+  module Api
+    module V2
+      module HostsControllerPowerOverride
+        def power
+          if ForemanOpentofu::PowerCapability.power_change_disabled_for_host?(@host)
+            return render_error :custom_error, status: :unprocessable_entity, locals: { message: _('Power change operations are not enabled on this host.') }
+          end
+
+          super
+        end
+
+        def power_status
+          result = PowerManager::PowerStatus.safe_power_state(@host, timeout: params[:timeout])
+          result[:statusText] = _('Power change operations are not enabled on this host.') if ForemanOpentofu::PowerCapability.power_change_disabled_for_host?(@host)
+
+          render json: result
+        end
+      end
+    end
+  end
+end

data/app/controllers/concerns/foreman_opentofu/hosts_controller_power_override.rb

@@ -0,0 +1,14 @@
+module ForemanOpentofu
+  module HostsControllerPowerOverride
+    def power
+      if ForemanOpentofu::PowerCapability.power_change_disabled_for_host?(@host)
+        return process_error(
+          redirect: :back,
+          error_msg: _('Power change operations are not enabled on this host.')
+        )
+      end
+
+      super
+    end
+  end
+end

data/app/lib/foreman_opentofu/concerns/base_template_scope_extensions.rb

@@ -48,9 +48,12 @@ module ForemanOpentofu
         block << block_to_hcl(%w[output resources])
         block << '{' << "\n"
         block << "  value = [ for e in data.#{resource[:name]}.all.#{resource.dig(:options, 'output_path_postfix')}: {\n"
-        block << "    id = e.#{resource.dig(:options, 'entity', 'id') || 'id'}\n"
-        block << "    name = e.#{resource.dig(:options, 'entity', 'name') || 'name'}\n"
-        # block << 'obj = e'
+        params = resource.dig(:options, 'entity') || {}
+        params[:id] = 'id' unless params.key? :id
+        params[:name] = 'name' unless params.key? :name
+        params.each do |key, value|
+          block << "    #{key} = e.#{value}\n"
+        end
         block << '  } ]' << "\n"
         block << '}' << "\n"
       end
@@ -94,21 +97,16 @@ module ForemanOpentofu
       end
 
       def build_disks
-        disks = @cr_attrs['volumes'].presence || @cr_attrs['volumes_attributes'].presence || @compute_resource.default_volumes
-        disks = [disks] if disks.is_a?(Hash)
-        disks.each_with_index.map do |disk, index|
-          data = @compute_resource.render_disk(disk, self, index)
-          render_provider_data(data)
+        disk_render_source.each_with_index.filter_map do |disk, index|
+          # drop removed disks; tofu will drop them automatically, if they are no longer defined
+          next if disk.respond_to?(:[]) && disk['_delete'].to_i == 1
+
+          rendered_disk(index, disk)
         end.join("\n")
       end
 
       def build_nics
-        nics = @cr_attrs['interfaces'].presence || @cr_attrs['interfaces_attributes'].presence || @compute_resource.default_interfaces
-        nics = normalize_interfaces(nics).map do |nic|
-          nic.respond_to?(:with_indifferent_access) ? nic.with_indifferent_access[:compute_attributes].presence || nic : nic
-        end
-
-        nics.each_with_index.map do |nic, index|
+        nics_from_cr_attrs.each_with_index.map do |nic, index|
           data = @compute_resource.render_nic(nic, self, index)
           render_provider_data(data)
         end.join("\n")
@@ -116,8 +114,34 @@ module ForemanOpentofu
 
       private
 
+      def disk_render_source
+        disks = @cr_attrs['volumes'].presence || @cr_attrs['volumes_attributes'].presence || @compute_resource.default_volumes
+        disks = [disks] if disks.is_a?(Hash)
+        disks = [] if disks.blank?
+        disks.empty? ? [nil] : disks
+      end
+
+      def rendered_disk(index, disk)
+        data = @compute_resource.render_disk(disk, self, index)
+        return if data.blank?
+
+        render_provider_data(data)
+      end
+
+      def nics_from_cr_attrs
+        nics = @cr_attrs['interfaces'].presence || @cr_attrs['interfaces_attributes'].presence || @compute_resource.default_interfaces
+        normalize_interfaces(nics).map do |nic|
+          # drop removed nics; tofu will drop them automatically, if they are no longer defined
+          next if nic['_destroy'].to_i == 1
+
+          nic.respond_to?(:with_indifferent_access) ? nic.with_indifferent_access[:compute_attributes].presence || nic : nic
+        end.compact
+      end
+
       def render_provider_data(data)
-        if data.is_a?(Hash) && data[:resource].present?
+        if data.is_a?(String)
+          data
+        elsif data.is_a?(Hash) && data[:resource].present?
           resource = data[:resource]
           block_to_hcl(['resource', resource[:type], resource[:name]], resource[:content], depth: 0)
         elsif data.is_a?(Hash) && data.size == 1 && data.values.first.is_a?(Hash)

data/app/models/concerns/foreman_opentofu/vm_command_collection_normalization.rb

@@ -3,6 +3,8 @@ module ForemanOpentofu
     private
 
     def normalize_vm_args_collections!(args)
+      args[:image_id] = args[:image] if args.key?(:image)
+      normalize_vm_boolean_args!(args)
       [:volumes, :interfaces].each do |collection|
         raw = args.delete(:"#{collection}_attributes") || args[collection]
         next if raw.nil?
@@ -11,6 +13,21 @@ module ForemanOpentofu
       end
     end
 
+    def normalize_vm_boolean_args!(args)
+      vm_boolean_keys.each do |key|
+        next unless args.key?(key)
+        args[key] = Foreman::Cast.to_bool(args[key])
+      end
+    end
+
+    def vm_boolean_keys
+      return [] unless respond_to?(:tofu_provider) && tofu_provider.respond_to?(:attributes)
+
+      tofu_provider.attributes('vm')
+                   .select { |attr| attr['type'] == 'bool' }
+                   .map { |attr| attr['name'].to_sym }
+    end
+
     def normalize_collection_input(collection, value)
       return nested_attributes_for(collection, value) if value.is_a?(Hash) || value.is_a?(ActionController::Parameters)
 
@@ -18,5 +35,30 @@ module ForemanOpentofu
         entry.respond_to?(:deep_symbolize_keys) ? entry.deep_symbolize_keys : entry
       end
     end
+
+    def prefill_mandatory_attributes(args)
+      # FIXME: add volume/nic attributes
+      res = {}
+      mandatory_attrs = tofu_provider.attributes('vm').select { |attr| attr['mandatory'] && !args.key?(attr['name']) }
+      mandatory_attrs.each do |attribute|
+        name = attribute['name'].to_sym
+        res[name] = determine_default(attribute) || ''
+      end
+      res
+    end
+
+    def determine_default(attribute)
+      return attribute['default'] if attribute.key? 'default'
+
+      options = attribute['options']
+      case options
+      when Array then options.first
+      when Hash
+        if options.dig('data_source', 'name')
+          dyn_res = fetch_resource(options.dig('data_source', 'name'), options)
+          dyn_res&.first&.fetch('id')
+        end
+      end
+    end
   end
 end