pingone_davinci_application beta resource

betatemplates/resources/davinci_application.md.tmpl

@@ -0,0 +1,26 @@
+---
+page_title: "{{.Name}} {{.Type}} - {{.RenderedProviderName}}"
+subcategory: "DaVinci"
+description: |-
+{{ .Description | plainmarkdown | trimspace | prefixlines "  " }}
+---
+
+# {{.Name}} ({{.Type}})
+
+{{ .Description | trimspace }}
+
+{{ if .HasExample -}}
+## Example Usage
+
+{{ tffile (printf "%s%s%s" "examples/resources/" .Name "/resource.tf") }}
+{{- end }}
+
+{{ .SchemaMarkdown | trimspace }}
+
+{{ if .HasImport -}}
+## Import
+
+Import is supported using the following syntax, where attributes in `<>` brackets are replaced with the relevant ID.  For example, `<environment_id>` should be replaced with the ID of the environment to import from.
+
+{{ codefile "shell" (printf "%s%s%s" "examples/resources/" .Name "/import.sh") }}
+{{- end }}

betatemplates/resources/davinci_connector_instance.md.tmpl

@@ -0,0 +1,27 @@
+---
+page_title: "{{.Name}} {{.Type}} - {{.RenderedProviderName}}"
+subcategory: "DaVinci"
+description: |-
+{{ .Description | plainmarkdown | trimspace | prefixlines "  " }}
+---
+
+# {{.Name}} ({{.Type}})
+
+{{ .Description | trimspace }}
+
+{{ if .HasExample -}}
+## Example Usage
+
+{{ tffile (printf "%s%s%s" "examples/resources/" .Name "/resource.tf") }}
+{{- end }}
+
+{{ .SchemaMarkdown | trimspace }}
+
+{{ if .HasImport -}}
+## Import
+
+Import is supported using the following syntax, where attributes in `<>` brackets are replaced with the relevant ID.  For example, `<environment_id>` should be replaced with the ID of the environment to import from.
+
+{{ codefile "shell" (printf "%s%s%s" "examples/resources/" .Name "/import.sh") }}
+{{- end }}
+

contributing/beta.md

@@ -76,6 +76,14 @@ Creating the GitHub release will automatically trigger a GitHub Action that runs
 
 ---
 
+## Example Acceptance Test Command
+
+To run acceptance tests for a beta resource, you will need to include both the `beta` build tag and set the environment variable `TESTACC_BETA=true`. For example, to run all tests for the beta resource `pingone_davinci_connector_instance` in the `davinci` service:
+
+```
+TF_ACC=1 TESTACC_BETA=true go test -tags=beta -v -timeout 300s -run ^TestAccDavinciConnectorInstance github.com/pingidentity/terraform-provider-pingone/internal/service/davinci
+```
+
 ## VSCode Configuration Tip
 
 To compile files with a `beta` tag in VSCode, you can instruct the Go language server (`gopls`) to always use the `beta` build tag.

examples/resources/pingone_davinci_application/import.sh

@@ -0,0 +1 @@
+terraform import pingone_davinci_application.example <environment_id>/<application_id>

examples/resources/pingone_davinci_application/resource.tf

@@ -0,0 +1,44 @@
+resource "pingone_davinci_application" "my_awesome_application" {
+  environment_id = var.pingone_environment_id
+
+  name = "My Awesome Application"
+
+  oauth = {
+    grant_types                   = ["authorizationCode"]
+    scopes                        = ["openid", "profile"]
+    enforce_signed_request_openid = false
+    redirect_uris                 = ["https://auth.pingone.com/0000-0000-000/rp/callback/openid_connect"]
+  }
+}
+
+resource "pingone_davinci_application_flow_policy" "authentication_flow_policy" {
+  environment_id = var.pingone_environment_id
+  application_id = pingone_davinci_application.my_awesome_application.id
+
+  name   = "PingOne - Authentication"
+  status = "enabled"
+
+  flow_distributions = [
+    {
+      flow_id = pingone_davinci_flow.authentication.id
+      version = -1
+      weight  = 100
+    }
+  ]
+}
+
+resource "pingone_davinci_application_flow_policy" "registration_flow_policy" {
+  environment_id = var.pingone_environment_id
+  application_id = pingone_davinci_application.my_awesome_application.id
+
+  name   = "PingOne - Registration"
+  status = "enabled"
+
+  flow_distributions = [
+    {
+      flow_id = pingone_davinci_flow.registration.id
+      version = -1
+      weight  = 100
+    }
+  ]
+}

examples/resources/pingone_davinci_connector_instance/import.sh

@@ -0,0 +1 @@
+terraform import pingone_davinci_connector_instance.example <environment_id>/<instance_id>

examples/resources/pingone_davinci_connector_instance/resource.tf

@@ -0,0 +1,24 @@
+resource "pingone_davinci_connector_instance" "annotation_connector_example" {
+  environment_id = var.pingone_environment_id
+
+  connector = {
+    id = "annotationConnector"
+  }
+
+  name = "myAnnotationConnector"
+}
+
+resource "pingone_davinci_connector_instance" "crowdstrike_connector_example" {
+  environment_id = var.pingone_environment_id
+
+  connector = {
+    id = "crowdStrikeConnector"
+  }
+
+  name = "CrowdStrike"
+
+  properties = jsonencode({
+    "clientId" : var.crowdstrike_client_id,
+    "clientSecret" : var.crowdstrike_client_secret
+  })
+}

internal/framework/customtypes/jsontypes/normalized_obfuscatable_type.go

@@ -0,0 +1,73 @@
+// Copyright © 2025 Ping Identity Corporation
+
+package jsontypes
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/hashicorp/terraform-plugin-framework/attr"
+	"github.com/hashicorp/terraform-plugin-framework/diag"
+	"github.com/hashicorp/terraform-plugin-framework/types/basetypes"
+	"github.com/hashicorp/terraform-plugin-go/tftypes"
+)
+
+// Ensure the implementation satisfies the expected interfaces
+var _ basetypes.StringTypable = NormalizedObfuscatableType{}
+
+// NormalizedObfuscatableType is a custom type for handling JSON strings that might contain
+// obfuscated fields (represented as a string with non-zero length made up of only asterisks).
+// It allows for semantic equality checking that ignores these obfuscated fields.
+type NormalizedObfuscatableType struct {
+	basetypes.StringType
+}
+
+func (t NormalizedObfuscatableType) Equal(o attr.Type) bool {
+	other, ok := o.(NormalizedObfuscatableType)
+
+	if !ok {
+		return false
+	}
+
+	return t.StringType.Equal(other.StringType)
+}
+
+func (t NormalizedObfuscatableType) String() string {
+	return "jsontypes.NormalizedObfuscatableType"
+}
+
+func (t NormalizedObfuscatableType) ValueFromString(ctx context.Context, in basetypes.StringValue) (basetypes.StringValuable, diag.Diagnostics) {
+	// NormalizedObfuscatableValue defined in the value type file
+	value := NormalizedObfuscatableValue{
+		StringValue: in,
+	}
+
+	return value, nil
+}
+
+func (t NormalizedObfuscatableType) ValueFromTerraform(ctx context.Context, in tftypes.Value) (attr.Value, error) {
+	attrValue, err := t.StringType.ValueFromTerraform(ctx, in)
+
+	if err != nil {
+		return nil, err
+	}
+
+	stringValue, ok := attrValue.(basetypes.StringValue)
+
+	if !ok {
+		return nil, fmt.Errorf("unexpected value type of %T", attrValue)
+	}
+
+	stringValuable, diags := t.ValueFromString(ctx, stringValue)
+
+	if diags.HasError() {
+		return nil, fmt.Errorf("unexpected error converting StringValue to StringValuable: %v", diags)
+	}
+
+	return stringValuable, nil
+}
+
+func (t NormalizedObfuscatableType) ValueType(ctx context.Context) attr.Value {
+	// NormalizedObfuscatableValue defined in the value type file
+	return NormalizedObfuscatableValue{}
+}

internal/framework/customtypes/jsontypes/normalized_obfuscatable_value.go

@@ -0,0 +1,150 @@
+// Copyright © 2025 Ping Identity Corporation
+
+package jsontypes
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/hashicorp/terraform-plugin-framework/attr"
+	"github.com/hashicorp/terraform-plugin-framework/attr/xattr"
+	"github.com/hashicorp/terraform-plugin-framework/diag"
+	"github.com/hashicorp/terraform-plugin-framework/types/basetypes"
+)
+
+// Ensure the implementation satisfies the expected interfaces
+var _ basetypes.StringValuable = NormalizedObfuscatableValue{}
+var _ basetypes.StringValuableWithSemanticEquals = NormalizedObfuscatableValue{}
+var _ xattr.ValidateableAttribute = NormalizedObfuscatableValue{}
+
+// Alias useful in schemas and structs
+type NormalizedObfuscatable = NormalizedObfuscatableValue
+
+// NormalizedObfuscatableValue is a custom value for handling JSON strings that might contain
+// obfuscated fields (represented as a string with non-zero length made up of only asterisks).
+// It allows for semantic equality checking that ignores these obfuscated fields.
+type NormalizedObfuscatableValue struct {
+	basetypes.StringValue
+}
+
+func (v NormalizedObfuscatableValue) Equal(o attr.Value) bool {
+	other, ok := o.(NormalizedObfuscatableValue)
+
+	if !ok {
+		return false
+	}
+
+	return v.StringValue.Equal(other.StringValue)
+}
+
+func (v NormalizedObfuscatableValue) Type(ctx context.Context) attr.Type {
+	return NormalizedObfuscatableType{}
+}
+
+func (v NormalizedObfuscatableValue) StringSemanticEquals(ctx context.Context, newValuable basetypes.StringValuable) (bool, diag.Diagnostics) {
+	var diags diag.Diagnostics
+
+	// The framework should always pass the correct value type, but always check
+	newValue, ok := newValuable.(NormalizedObfuscatableValue)
+
+	if !ok {
+		diags.AddError(
+			"JSON String Type Semantic Equality Check Error",
+			"An unexpected value type was received while performing semantic equality checks. "+
+				"Please report this to the provider developers.\n\n"+
+				"Expected Value Type: "+fmt.Sprintf("%T", v)+"\n"+
+				"Got Value Type: "+fmt.Sprintf("%T", newValuable),
+		)
+
+		return false, diags
+	}
+
+	return semanticCompareJsonIgnoreObfuscated(v.StringValue.ValueString(), newValue.StringValue.ValueString()), diags
+}
+
+// Semantically compare the json blobs, ignoring fields that are strings of asterisks, which may have been obfuscated
+func semanticCompareJsonIgnoreObfuscated(json1, json2 string) bool {
+	var marshalled1, marshalled2 map[string]interface{}
+
+	// Unmarshal both JSON blobs into generic maps. Return false if parsing fails.
+	if err := json.Unmarshal([]byte(json1), &marshalled1); err != nil {
+		return false
+	}
+	if err := json.Unmarshal([]byte(json2), &marshalled2); err != nil {
+		return false
+	}
+
+	ignoreRedactedFields := cmp.FilterPath(func(p cmp.Path) bool {
+		// Get the values being compared at the current path
+		vx, vy := p.Last().Values()
+
+		if !vx.IsValid() || !vy.IsValid() {
+			return false
+		}
+
+		vxStr, okX := vx.Interface().(string)
+		vyStr, okY := vy.Interface().(string)
+
+		// If the values are strings, and one or both are strings of asterisks, we ignore this path
+		if okX && okY {
+			return isAllAsterisks(vxStr) || isAllAsterisks(vyStr)
+		}
+		return false
+	}, cmp.Ignore())
+
+	return cmp.Equal(marshalled1, marshalled2, ignoreRedactedFields)
+}
+
+func isAllAsterisks(s string) bool {
+	if len(s) == 0 {
+		return false
+	}
+	for _, char := range s {
+		if char != '*' {
+			return false
+		}
+	}
+	return true
+}
+
+func NormalizedObfuscatableNull() NormalizedObfuscatableValue {
+	return NormalizedObfuscatableValue{
+		StringValue: basetypes.NewStringNull(),
+	}
+}
+
+func NormalizedObfuscatableUnknown() NormalizedObfuscatableValue {
+	return NormalizedObfuscatableValue{
+		StringValue: basetypes.NewStringUnknown(),
+	}
+}
+
+func NormalizedObfuscatableStringValue(value string) NormalizedObfuscatableValue {
+	return NormalizedObfuscatableValue{
+		StringValue: basetypes.NewStringValue(value),
+	}
+}
+
+func NormalizedObfuscatableStringPointerValue(value *string) NormalizedObfuscatableValue {
+	return NormalizedObfuscatableValue{
+		StringValue: basetypes.NewStringPointerValue(value),
+	}
+}
+
+func (v NormalizedObfuscatableValue) ValidateAttribute(ctx context.Context, req xattr.ValidateAttributeRequest, resp *xattr.ValidateAttributeResponse) {
+	if v.IsNull() || v.IsUnknown() {
+		return
+	}
+
+	// Validate that the string is valid JSON
+	var jsonData interface{}
+	if err := json.Unmarshal([]byte(v.ValueString()), &jsonData); err != nil {
+		resp.Diagnostics.AddAttributeError(
+			req.Path,
+			"JSON String Type Validation Error",
+			fmt.Sprintf("The value could not be unmarshalled as JSON: %s", err.Error()),
+		)
+	}
+}

internal/framework/resource.go

@@ -478,6 +478,9 @@ func ParseImportID(id string, components ...ImportComponent) (map[string]string,
 
 	i := 0
 	for _, v := range components {
+		if v.Regexp == nil {
+			return nil, fmt.Errorf("cannot parse import ID as component %d has no Regexp", i)
+		}
 		keys[i] = v.Label
 		regexpList[i] = v.Regexp.String()
 		i++