@three14/pulumi-argocd 1.1.0 → 1.1.1

package/project.d.ts

@@ -0,0 +1,202 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as inputs from "./types/input";
+import * as outputs from "./types/output";
+/**
+ * Manages [projects](https://argo-cd.readthedocs.io/en/stable/user-guide/projects/) within ArgoCD.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as argocd from "@three14/pulumi-argocd";
+ *
+ * const myproject = new argocd.Project("myproject", {
+ *     metadata: {
+ *         name: "myproject",
+ *         namespace: "argocd",
+ *         labels: {
+ *             acceptance: "true",
+ *         },
+ *         annotations: {
+ *             "this.is.a.really.long.nested.key": "yes, really!",
+ *         },
+ *     },
+ *     spec: {
+ *         description: "simple project",
+ *         sourceNamespaces: ["argocd"],
+ *         sourceRepos: ["*"],
+ *         destinations: [
+ *             {
+ *                 server: "https://kubernetes.default.svc",
+ *                 namespace: "default",
+ *             },
+ *             {
+ *                 server: "https://kubernetes.default.svc",
+ *                 namespace: "foo",
+ *             },
+ *             {
+ *                 name: "anothercluster",
+ *                 namespace: "bar",
+ *             },
+ *         ],
+ *         clusterResourceBlacklists: [{
+ *             group: "*",
+ *             kind: "*",
+ *         }],
+ *         clusterResourceWhitelists: [
+ *             {
+ *                 group: "rbac.authorization.k8s.io",
+ *                 kind: "ClusterRoleBinding",
+ *             },
+ *             {
+ *                 group: "rbac.authorization.k8s.io",
+ *                 kind: "ClusterRole",
+ *             },
+ *         ],
+ *         namespaceResourceBlacklists: [{
+ *             group: "networking.k8s.io",
+ *             kind: "Ingress",
+ *         }],
+ *         namespaceResourceWhitelists: [{
+ *             group: "*",
+ *             kind: "*",
+ *         }],
+ *         orphanedResources: [{
+ *             warn: true,
+ *             ignores: [
+ *                 {
+ *                     group: "apps/v1",
+ *                     kind: "Deployment",
+ *                     name: "ignored1",
+ *                 },
+ *                 {
+ *                     group: "apps/v1",
+ *                     kind: "Deployment",
+ *                     name: "ignored2",
+ *                 },
+ *             ],
+ *         }],
+ *         roles: [
+ *             {
+ *                 name: "testrole",
+ *                 policies: [
+ *                     "p, proj:myproject:testrole, applications, override, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, applications, sync, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, clusters, get, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, repositories, create, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, repositories, delete, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, repositories, update, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, logs, get, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, exec, create, myproject/*, allow",
+ *                 ],
+ *             },
+ *             {
+ *                 name: "anotherrole",
+ *                 policies: [
+ *                     "p, proj:myproject:testrole, applications, get, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, applications, sync, myproject/*, deny",
+ *                 ],
+ *             },
+ *         ],
+ *         syncWindows: [
+ *             {
+ *                 kind: "allow",
+ *                 applications: ["api-*"],
+ *                 clusters: ["*"],
+ *                 namespaces: ["*"],
+ *                 duration: "3600s",
+ *                 schedule: "10 1 * * *",
+ *                 manualSync: true,
+ *             },
+ *             {
+ *                 useAndOperator: true,
+ *                 kind: "deny",
+ *                 applications: [
+ *                     "foo",
+ *                     "bar",
+ *                 ],
+ *                 clusters: ["in-cluster"],
+ *                 namespaces: ["default"],
+ *                 duration: "12h",
+ *                 schedule: "22 1 5 * *",
+ *                 manualSync: false,
+ *                 timezone: "Europe/London",
+ *             },
+ *         ],
+ *         signatureKeys: [
+ *             "4AEE18F83AFDEB23",
+ *             "07E34825A909B250",
+ *         ],
+ *     },
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * The `pulumi import` command can be used, for example:
+ *
+ * Projects can be imported using the project name.
+ *
+ * ```sh
+ * $ pulumi import argocd:index/project:Project myproject myproject
+ * ```
+ */
+export declare class Project extends pulumi.CustomResource {
+    /**
+     * Get an existing Project resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProjectState, opts?: pulumi.CustomResourceOptions): Project;
+    /**
+     * Returns true if the given object is an instance of Project.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is Project;
+    /**
+     * Standard Kubernetes object metadata. For more info see the [Kubernetes reference](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata).
+     */
+    readonly metadata: pulumi.Output<outputs.ProjectMetadata>;
+    /**
+     * ArgoCD AppProject spec.
+     */
+    readonly spec: pulumi.Output<outputs.ProjectSpec>;
+    /**
+     * Create a Project resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args: ProjectArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering Project resources.
+ */
+export interface ProjectState {
+    /**
+     * Standard Kubernetes object metadata. For more info see the [Kubernetes reference](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata).
+     */
+    metadata?: pulumi.Input<inputs.ProjectMetadata>;
+    /**
+     * ArgoCD AppProject spec.
+     */
+    spec?: pulumi.Input<inputs.ProjectSpec>;
+}
+/**
+ * The set of arguments for constructing a Project resource.
+ */
+export interface ProjectArgs {
+    /**
+     * Standard Kubernetes object metadata. For more info see the [Kubernetes reference](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata).
+     */
+    metadata: pulumi.Input<inputs.ProjectMetadata>;
+    /**
+     * ArgoCD AppProject spec.
+     */
+    spec: pulumi.Input<inputs.ProjectSpec>;
+}

package/project.js

@@ -0,0 +1,197 @@
+"use strict";
+// *** WARNING: this file was generated by pulumi-language-nodejs. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Project = void 0;
+const pulumi = require("@pulumi/pulumi");
+const utilities = require("./utilities");
+/**
+ * Manages [projects](https://argo-cd.readthedocs.io/en/stable/user-guide/projects/) within ArgoCD.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as argocd from "@three14/pulumi-argocd";
+ *
+ * const myproject = new argocd.Project("myproject", {
+ *     metadata: {
+ *         name: "myproject",
+ *         namespace: "argocd",
+ *         labels: {
+ *             acceptance: "true",
+ *         },
+ *         annotations: {
+ *             "this.is.a.really.long.nested.key": "yes, really!",
+ *         },
+ *     },
+ *     spec: {
+ *         description: "simple project",
+ *         sourceNamespaces: ["argocd"],
+ *         sourceRepos: ["*"],
+ *         destinations: [
+ *             {
+ *                 server: "https://kubernetes.default.svc",
+ *                 namespace: "default",
+ *             },
+ *             {
+ *                 server: "https://kubernetes.default.svc",
+ *                 namespace: "foo",
+ *             },
+ *             {
+ *                 name: "anothercluster",
+ *                 namespace: "bar",
+ *             },
+ *         ],
+ *         clusterResourceBlacklists: [{
+ *             group: "*",
+ *             kind: "*",
+ *         }],
+ *         clusterResourceWhitelists: [
+ *             {
+ *                 group: "rbac.authorization.k8s.io",
+ *                 kind: "ClusterRoleBinding",
+ *             },
+ *             {
+ *                 group: "rbac.authorization.k8s.io",
+ *                 kind: "ClusterRole",
+ *             },
+ *         ],
+ *         namespaceResourceBlacklists: [{
+ *             group: "networking.k8s.io",
+ *             kind: "Ingress",
+ *         }],
+ *         namespaceResourceWhitelists: [{
+ *             group: "*",
+ *             kind: "*",
+ *         }],
+ *         orphanedResources: [{
+ *             warn: true,
+ *             ignores: [
+ *                 {
+ *                     group: "apps/v1",
+ *                     kind: "Deployment",
+ *                     name: "ignored1",
+ *                 },
+ *                 {
+ *                     group: "apps/v1",
+ *                     kind: "Deployment",
+ *                     name: "ignored2",
+ *                 },
+ *             ],
+ *         }],
+ *         roles: [
+ *             {
+ *                 name: "testrole",
+ *                 policies: [
+ *                     "p, proj:myproject:testrole, applications, override, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, applications, sync, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, clusters, get, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, repositories, create, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, repositories, delete, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, repositories, update, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, logs, get, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, exec, create, myproject/*, allow",
+ *                 ],
+ *             },
+ *             {
+ *                 name: "anotherrole",
+ *                 policies: [
+ *                     "p, proj:myproject:testrole, applications, get, myproject/*, allow",
+ *                     "p, proj:myproject:testrole, applications, sync, myproject/*, deny",
+ *                 ],
+ *             },
+ *         ],
+ *         syncWindows: [
+ *             {
+ *                 kind: "allow",
+ *                 applications: ["api-*"],
+ *                 clusters: ["*"],
+ *                 namespaces: ["*"],
+ *                 duration: "3600s",
+ *                 schedule: "10 1 * * *",
+ *                 manualSync: true,
+ *             },
+ *             {
+ *                 useAndOperator: true,
+ *                 kind: "deny",
+ *                 applications: [
+ *                     "foo",
+ *                     "bar",
+ *                 ],
+ *                 clusters: ["in-cluster"],
+ *                 namespaces: ["default"],
+ *                 duration: "12h",
+ *                 schedule: "22 1 5 * *",
+ *                 manualSync: false,
+ *                 timezone: "Europe/London",
+ *             },
+ *         ],
+ *         signatureKeys: [
+ *             "4AEE18F83AFDEB23",
+ *             "07E34825A909B250",
+ *         ],
+ *     },
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * The `pulumi import` command can be used, for example:
+ *
+ * Projects can be imported using the project name.
+ *
+ * ```sh
+ * $ pulumi import argocd:index/project:Project myproject myproject
+ * ```
+ */
+class Project extends pulumi.CustomResource {
+    /**
+     * Get an existing Project resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name, id, state, opts) {
+        return new Project(name, state, { ...opts, id: id });
+    }
+    /**
+     * Returns true if the given object is an instance of Project.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj) {
+        if (obj === undefined || obj === null) {
+            return false;
+        }
+        return obj['__pulumiType'] === Project.__pulumiType;
+    }
+    constructor(name, argsOrState, opts) {
+        let resourceInputs = {};
+        opts = opts || {};
+        if (opts.id) {
+            const state = argsOrState;
+            resourceInputs["metadata"] = state?.metadata;
+            resourceInputs["spec"] = state?.spec;
+        }
+        else {
+            const args = argsOrState;
+            if (args?.metadata === undefined && !opts.urn) {
+                throw new Error("Missing required property 'metadata'");
+            }
+            if (args?.spec === undefined && !opts.urn) {
+                throw new Error("Missing required property 'spec'");
+            }
+            resourceInputs["metadata"] = args?.metadata;
+            resourceInputs["spec"] = args?.spec;
+        }
+        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
+        super(Project.__pulumiType, name, resourceInputs, opts);
+    }
+}
+exports.Project = Project;
+/** @internal */
+Project.__pulumiType = 'argocd:index/project:Project';
+//# sourceMappingURL=project.js.map

package/project.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"project.js","sourceRoot":"","sources":["../project.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2IG;AACH,MAAa,OAAQ,SAAQ,MAAM,CAAC,cAAc;IAC9C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAoB,EAAE,IAAmC;QAClH,OAAO,IAAI,OAAO,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,OAAO,CAAC,YAAY,CAAC;IACxD,CAAC;IAmBD,YAAY,IAAY,EAAE,WAAwC,EAAE,IAAmC;QACnG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAuC,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;SACxC;aAAM;YACH,MAAM,IAAI,GAAG,WAAsC,CAAC;YACpD,IAAI,IAAI,EAAE,QAAQ,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC3C,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,IAAI,EAAE,IAAI,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;SACvC;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;;AAjEL,0BAkEC;AApDG,gBAAgB;AACO,oBAAY,GAAG,8BAA8B,CAAC"}

package/projectToken.d.ts

@@ -0,0 +1,152 @@
+import * as pulumi from "@pulumi/pulumi";
+/**
+ * Manages ArgoCD project role JWT tokens. See [Project Roles](https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-roles) for more info.
+ *
+ * > **Security Notice** The JWT token generated by this resource is treated as sensitive and, thus, not displayed in console output. However, it will be stored *unencrypted* in your Terraform state file. Read more about sensitive data handling in the Terraform documentation.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as argocd from "@three14/pulumi-argocd";
+ *
+ * const secret = new argocd.ProjectToken("secret", {
+ *     project: "someproject",
+ *     role: "foobar",
+ *     description: "short lived token",
+ *     expiresIn: "1h",
+ *     renewBefore: "30m",
+ * });
+ * ```
+ */
+export declare class ProjectToken extends pulumi.CustomResource {
+    /**
+     * Get an existing ProjectToken resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProjectTokenState, opts?: pulumi.CustomResourceOptions): ProjectToken;
+    /**
+     * Returns true if the given object is an instance of ProjectToken.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is ProjectToken;
+    /**
+     * Description of the token.
+     */
+    readonly description: pulumi.Output<string | undefined>;
+    /**
+     * If `expiresIn` is set, Unix timestamp upon which the token will expire.
+     */
+    readonly expiresAt: pulumi.Output<string>;
+    /**
+     * Duration before the token will expire. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. E.g. `30m`, `12h`. Default: No expiration.
+     */
+    readonly expiresIn: pulumi.Output<string | undefined>;
+    /**
+     * Unix timestamp at which the token was issued.
+     */
+    readonly issuedAt: pulumi.Output<string>;
+    /**
+     * The raw JWT.
+     */
+    readonly jwt: pulumi.Output<string>;
+    /**
+     * The project associated with the token.
+     */
+    readonly project: pulumi.Output<string>;
+    /**
+     * Duration to control token silent regeneration based on token age. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. If set, then the token will be regenerated if it is older than `renewAfter`. I.e. if `currentDate - issuedAt > renewAfter`.
+     */
+    readonly renewAfter: pulumi.Output<string | undefined>;
+    /**
+     * Duration to control token silent regeneration based on remaining token lifetime. If `expiresIn` is set, the provider will regenerate the token if `expiresAt - currentDate < renewBefore`. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`.
+     */
+    readonly renewBefore: pulumi.Output<string | undefined>;
+    /**
+     * The name of the role in the project associated with the token.
+     */
+    readonly role: pulumi.Output<string>;
+    /**
+     * Create a ProjectToken resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args: ProjectTokenArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering ProjectToken resources.
+ */
+export interface ProjectTokenState {
+    /**
+     * Description of the token.
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * If `expiresIn` is set, Unix timestamp upon which the token will expire.
+     */
+    expiresAt?: pulumi.Input<string>;
+    /**
+     * Duration before the token will expire. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. E.g. `30m`, `12h`. Default: No expiration.
+     */
+    expiresIn?: pulumi.Input<string>;
+    /**
+     * Unix timestamp at which the token was issued.
+     */
+    issuedAt?: pulumi.Input<string>;
+    /**
+     * The raw JWT.
+     */
+    jwt?: pulumi.Input<string>;
+    /**
+     * The project associated with the token.
+     */
+    project?: pulumi.Input<string>;
+    /**
+     * Duration to control token silent regeneration based on token age. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. If set, then the token will be regenerated if it is older than `renewAfter`. I.e. if `currentDate - issuedAt > renewAfter`.
+     */
+    renewAfter?: pulumi.Input<string>;
+    /**
+     * Duration to control token silent regeneration based on remaining token lifetime. If `expiresIn` is set, the provider will regenerate the token if `expiresAt - currentDate < renewBefore`. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`.
+     */
+    renewBefore?: pulumi.Input<string>;
+    /**
+     * The name of the role in the project associated with the token.
+     */
+    role?: pulumi.Input<string>;
+}
+/**
+ * The set of arguments for constructing a ProjectToken resource.
+ */
+export interface ProjectTokenArgs {
+    /**
+     * Description of the token.
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * Duration before the token will expire. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. E.g. `30m`, `12h`. Default: No expiration.
+     */
+    expiresIn?: pulumi.Input<string>;
+    /**
+     * The project associated with the token.
+     */
+    project: pulumi.Input<string>;
+    /**
+     * Duration to control token silent regeneration based on token age. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. If set, then the token will be regenerated if it is older than `renewAfter`. I.e. if `currentDate - issuedAt > renewAfter`.
+     */
+    renewAfter?: pulumi.Input<string>;
+    /**
+     * Duration to control token silent regeneration based on remaining token lifetime. If `expiresIn` is set, the provider will regenerate the token if `expiresAt - currentDate < renewBefore`. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`.
+     */
+    renewBefore?: pulumi.Input<string>;
+    /**
+     * The name of the role in the project associated with the token.
+     */
+    role: pulumi.Input<string>;
+}

package/projectToken.js

@@ -0,0 +1,93 @@
+"use strict";
+// *** WARNING: this file was generated by pulumi-language-nodejs. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProjectToken = void 0;
+const pulumi = require("@pulumi/pulumi");
+const utilities = require("./utilities");
+/**
+ * Manages ArgoCD project role JWT tokens. See [Project Roles](https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-roles) for more info.
+ *
+ * > **Security Notice** The JWT token generated by this resource is treated as sensitive and, thus, not displayed in console output. However, it will be stored *unencrypted* in your Terraform state file. Read more about sensitive data handling in the Terraform documentation.
+ *
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as argocd from "@three14/pulumi-argocd";
+ *
+ * const secret = new argocd.ProjectToken("secret", {
+ *     project: "someproject",
+ *     role: "foobar",
+ *     description: "short lived token",
+ *     expiresIn: "1h",
+ *     renewBefore: "30m",
+ * });
+ * ```
+ */
+class ProjectToken extends pulumi.CustomResource {
+    /**
+     * Get an existing ProjectToken resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name, id, state, opts) {
+        return new ProjectToken(name, state, { ...opts, id: id });
+    }
+    /**
+     * Returns true if the given object is an instance of ProjectToken.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj) {
+        if (obj === undefined || obj === null) {
+            return false;
+        }
+        return obj['__pulumiType'] === ProjectToken.__pulumiType;
+    }
+    constructor(name, argsOrState, opts) {
+        let resourceInputs = {};
+        opts = opts || {};
+        if (opts.id) {
+            const state = argsOrState;
+            resourceInputs["description"] = state?.description;
+            resourceInputs["expiresAt"] = state?.expiresAt;
+            resourceInputs["expiresIn"] = state?.expiresIn;
+            resourceInputs["issuedAt"] = state?.issuedAt;
+            resourceInputs["jwt"] = state?.jwt;
+            resourceInputs["project"] = state?.project;
+            resourceInputs["renewAfter"] = state?.renewAfter;
+            resourceInputs["renewBefore"] = state?.renewBefore;
+            resourceInputs["role"] = state?.role;
+        }
+        else {
+            const args = argsOrState;
+            if (args?.project === undefined && !opts.urn) {
+                throw new Error("Missing required property 'project'");
+            }
+            if (args?.role === undefined && !opts.urn) {
+                throw new Error("Missing required property 'role'");
+            }
+            resourceInputs["description"] = args?.description;
+            resourceInputs["expiresIn"] = args?.expiresIn;
+            resourceInputs["project"] = args?.project;
+            resourceInputs["renewAfter"] = args?.renewAfter;
+            resourceInputs["renewBefore"] = args?.renewBefore;
+            resourceInputs["role"] = args?.role;
+            resourceInputs["expiresAt"] = undefined /*out*/;
+            resourceInputs["issuedAt"] = undefined /*out*/;
+            resourceInputs["jwt"] = undefined /*out*/;
+        }
+        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
+        const secretOpts = { additionalSecretOutputs: ["jwt"] };
+        opts = pulumi.mergeOptions(opts, secretOpts);
+        super(ProjectToken.__pulumiType, name, resourceInputs, opts);
+    }
+}
+exports.ProjectToken = ProjectToken;
+/** @internal */
+ProjectToken.__pulumiType = 'argocd:index/projectToken:ProjectToken';
+//# sourceMappingURL=projectToken.js.map

package/projectToken.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"projectToken.js","sourceRoot":"","sources":["../projectToken.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAa,YAAa,SAAQ,MAAM,CAAC,cAAc;IACnD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAyB,EAAE,IAAmC;QACvH,OAAO,IAAI,YAAY,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACnE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,YAAY,CAAC,YAAY,CAAC;IAC7D,CAAC;IA+CD,YAAY,IAAY,EAAE,WAAkD,EAAE,IAAmC;QAC7G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA4C,CAAC;YAC3D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,EAAE,SAAS,CAAC;YAC/C,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,EAAE,GAAG,CAAC;YACnC,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;SACxC;aAAM;YACH,MAAM,IAAI,GAAG,WAA2C,CAAC;YACzD,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,IAAI,EAAE,IAAI,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvC,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,EAAE,SAAS,CAAC;YAC9C,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAChD,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC7C;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,YAAY,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACjE,CAAC;;AA7GL,oCA8GC;AAhGG,gBAAgB;AACO,yBAAY,GAAG,wCAAwC,CAAC"}