Add ssh keys to unifi_setting_mgmt

docs/resources/setting_mgmt.md

@@ -30,9 +30,24 @@ resource "unifi_setting_mgmt" "example" {
 
 - **auto_upgrade** (Boolean) Automatically upgrade device firmware.
 - **site** (String) The name of the site to associate the settings with.
+- **ssh_enabled** (Boolean) Enable SSH authentication.
+- **ssh_key** (Block Set) SSH key. (see [below for nested schema](#nestedblock--ssh_key))
 
 ### Read-Only
 
 - **id** (String) The ID of the settings.
 
+<a id="nestedblock--ssh_key"></a>
+### Nested Schema for `ssh_key`
+
+Required:
+
+- **name** (String) Name of SSH key.
+- **type** (String) Type of SSH key, e.g. ssh-rsa.
+
+Optional:
+
+- **comment** (String) Comment.
+- **key** (String) Public SSH key.
+
 

internal/provider/resource_setting_mgmt.go

@@ -2,6 +2,7 @@ package provider
 
 import (
 	"context"
+	"fmt"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/paultyng/go-unifi/unifi"
@@ -37,13 +38,100 @@ func resourceSettingMgmt() *schema.Resource {
 				Type:        schema.TypeBool,
 				Optional:    true,
 			},
+			"ssh_enabled": {
+				Description: "Enable SSH authentication.",
+				Type:        schema.TypeBool,
+				Optional:    true,
+			},
+			"ssh_key": {
+				Description: "SSH key.",
+				Type:        schema.TypeSet,
+				Optional:    true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"name": {
+							Description: "Name of SSH key.",
+							Type:        schema.TypeString,
+							Required:    true,
+						},
+						"type": {
+							Description: "Type of SSH key, e.g. ssh-rsa.",
+							Type:        schema.TypeString,
+							Required:    true,
+						},
+						"key": {
+							Description: "Public SSH key.",
+							Type:        schema.TypeString,
+							Optional:    true,
+						},
+						"comment": {
+							Description: "Comment.",
+							Type:        schema.TypeString,
+							Optional:    true,
+						},
+					},
+				},
+			},
 		},
 	}
 }
 
+func setToSshKeys(set *schema.Set) ([]unifi.SettingMgmtXSshKeys, error) {
+	var sshKeys []unifi.SettingMgmtXSshKeys
+	for _, item := range set.List() {
+		data, ok := item.(map[string]interface{})
+		if !ok {
+			return nil, fmt.Errorf("unexpected data in block")
+		}
+		sshKey, err := toSshKey(data)
+		if err != nil {
+			return nil, fmt.Errorf("unable to create port override: %w", err)
+		}
+		sshKeys = append(sshKeys, sshKey)
+	}
+	return sshKeys, nil
+}
+
+func toSshKey(data map[string]interface{}) (unifi.SettingMgmtXSshKeys, error) {
+	return unifi.SettingMgmtXSshKeys{
+		Name:    data["name"].(string),
+		KeyType: data["type"].(string),
+		Key:     data["key"].(string),
+		Comment: data["comment"].(string),
+	}, nil
+}
+
+func setFromSshKeys(sshKeys []unifi.SettingMgmtXSshKeys) ([]map[string]interface{}, error) {
+	list := make([]map[string]interface{}, 0, len(sshKeys))
+	for _, sshKey := range sshKeys {
+		v, err := fromSshKey(sshKey)
+		if err != nil {
+			return nil, fmt.Errorf("unable to parse ssh key: %w", err)
+		}
+		list = append(list, v)
+	}
+	return list, nil
+}
+
+func fromSshKey(sshKey unifi.SettingMgmtXSshKeys) (map[string]interface{}, error) {
+	return map[string]interface{}{
+		"name":    sshKey.Name,
+		"type":    sshKey.KeyType,
+		"key":     sshKey.Key,
+		"comment": sshKey.Comment,
+	}, nil
+}
+
 func resourceSettingMgmtGetResourceData(d *schema.ResourceData, meta interface{}) (*unifi.SettingMgmt, error) {
+	sshKeys, err := setToSshKeys(d.Get("ssh_key").(*schema.Set))
+	if err != nil {
+		return nil, fmt.Errorf("unable to process ssh_key block: %w", err)
+	}
+
 	return &unifi.SettingMgmt{
 		AutoUpgrade: d.Get("auto_upgrade").(bool),
+		XSshEnabled: d.Get("ssh_enabled").(bool),
+		XSshKeys:    sshKeys,
 	}, nil
 }
 
@@ -71,8 +159,15 @@ func resourceSettingMgmtCreate(d *schema.ResourceData, meta interface{}) error {
 }
 
 func resourceSettingMgmtSetResourceData(resp *unifi.SettingMgmt, d *schema.ResourceData, meta interface{}, site string) error {
+	sshKeys, err := setFromSshKeys(resp.XSshKeys)
+	if err != nil {
+		return err
+	}
+
 	d.Set("site", site)
 	d.Set("auto_upgrade", resp.AutoUpgrade)
+	d.Set("ssh_enabled", resp.XSshEnabled)
+	d.Set("ssh_key", sshKeys)
 	return nil
 }
 

internal/provider/resource_setting_mgmt_test.go

@@ -37,6 +37,24 @@ func TestAccSettingMgmt_site(t *testing.T) {
 	})
 }
 
+func TestAccSettingMgmt_sshKeys(t *testing.T) {
+	resource.ParallelTest(t, resource.TestCase{
+		ProviderFactories: providerFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccSettingMgmtConfig_sshKeys(),
+				Check:  resource.ComposeTestCheckFunc(),
+			},
+			{
+				ResourceName:      "unifi_setting_mgmt.test",
+				ImportState:       true,
+				ImportStateIdFunc: siteAndIDImportStateIDFunc("unifi_setting_mgmt.test"),
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func testAccSettingMgmtConfig_basic() string {
 	return `
 resource "unifi_setting_mgmt" "test" {
@@ -57,3 +75,22 @@ resource "unifi_setting_mgmt" "test" {
 }
 `
 }
+
+func testAccSettingMgmtConfig_sshKeys() string {
+	return `
+resource "unifi_site" "test" {
+	description = "test"
+}
+
+resource "unifi_setting_mgmt" "test" {
+	site = unifi_site.test.name
+	ssh_enabled = true
+	ssh_key {
+		name = "Test key"
+		type = "ssh-rsa"
+		key = "AAAAB3NzaC1yc2EAAAADAQABAAACAQDNWqT8zvVtmaks7sLlP+hmWmJVmruyNU9uk8JpLTX0oE+r9hjePsXCThTrft7s+vlaj+bLr8Yf5//TT8KS7LB/YIp2O3jPomOz9A4hIsG5R6FLfSggzQP4a7QSlNLCm/6WjKHP9DhRb7trnFz+KkCNmCVKLZgiyeUm2LydVKJ2QncHopA5yomtSpmb6x66zaKr+DbwzHC13WIEms5Ros0N9pEOcAghsSEVL42bfGBfSH37R+Kaw0nhWei4Y25jO66xsbtyZKoiF1+XXXBuEi77Tv7iQGHHOFRqNKKfGI1QhYvwlcjdzh9wu7Gtzeyh/+jpF8mwCLtFKle+W/zSs+lHCuCihvQEQtCIpZL5FapvxfxPZQJWL5RgsL9jieUaoF8EsWAOM83BCSZa/FB1RyfKdy4f7BQtDCKIm3nD5paCJSfS6DSw1TMvaFPeJLG3PuyHRbNvbVLmHRl9lK03na6/R9JX06nBUuPdP+FLjIZsyZz1DOUSDjCWHFk0+Ne2uEinV7SkOoxC6E2NxqlY/SyMnWZS+p95Zx6yOlNqB9sQ+Q4/YLGY5mUmqJrHPlH6LjXfudybKHMZUuVRF1NX3ESue8NSKc0SlJDQUXtJ9wkjjX1wAWvXCDwI72jtC86r/wzw+mcIfpks3jHQrOhpwCRmQL4vAs5DztA3hKxkgElYaw=="
+		comment = "test@example.com"
+	}
+}
+`
+}