feat: Add auth property to coder_agent_script (#5)

This enables explicit definition of auth type, so the agent
doesn't misinterpret the running environment.

This also adds "username" and "name" properties to "coder_workspace"
to allow for pretty resource naming inside a cloud.

Author: kylecarbs

Diff for: docs/data-sources/agent_script.md

@@ -37,6 +37,7 @@ resource "kubernetes_pod" "dev" {
 
 ### Optional
 
+- **auth** (String) The authentication type the agent will use. Must be one of: "token", "google-instance-identity", "aws-instance-identity", "azure-instance-identity".
 - **id** (String) The ID of this resource.
 
 ### Read-Only

Diff for: docs/data-sources/workspace.md

@@ -30,6 +30,8 @@ resource "kubernetes_pod" "dev" {
 
 ### Read-Only
 
+- **name** (String) Name of the workspace.
 - **transition** (String) Either "start" or "stop". Use this to start/stop resources with "count".
+- **username** (String) Username of the workspace owner.
 
 

Diff for: docs/resources/agent.md

@@ -40,21 +40,13 @@ resource "google_compute_instance" "dev" {
 
 ### Optional
 
-- **auth** (Block List, Max: 1) Authenticate an instance with zero-trust by using cloud metadata APIs. (see [below for nested schema](#nestedblock--auth))
 - **env** (Map of String) A mapping of environment variables to set inside the workspace.
 - **id** (String) The ID of this resource.
+- **instance_id** (String) An instance ID from a provisioned instance to enable zero-trust agent authentication.
 - **startup_script** (String) A script to run after the agent starts.
 
 ### Read-Only
 
 - **token** (String) Set the environment variable "CODER_TOKEN" with this token to authenticate an agent.
 
-<a id="nestedblock--auth"></a>
-### Nested Schema for `auth`
-
-Optional:
-
-- **instance_id** (String) A unique ID from the created compute resource to identify with cloud metadata APIs.
-- **type** (String) The authentication type to use. Must be one of: "google-instance-identity".
-
 

Diff for: internal/provider/provider.go

@@ -65,6 +65,8 @@ func New() *schema.Provider {
 						transition = "start"
 					}
 					rd.Set("transition", transition)
+					rd.Set("username", os.Getenv("CODER_WORKSPACE_USERNAME"))
+					rd.Set("name", os.Getenv("CODER_WORKSPACE_NAME"))
 					return nil
 				},
 				Schema: map[string]*schema.Schema{
@@ -73,6 +75,16 @@ func New() *schema.Provider {
 						Computed:    true,
 						Description: `Either "start" or "stop". Use this to start/stop resources with "count".`,
 					},
+					"username": {
+						Type:        schema.TypeString,
+						Computed:    true,
+						Description: "Username of the workspace owner.",
+					},
+					"name": {
+						Type:        schema.TypeString,
+						Computed:    true,
+						Description: "Name of the workspace.",
+					},
 				},
 			},
 			"coder_agent_script": {
@@ -82,6 +94,10 @@ func New() *schema.Provider {
 					if !valid {
 						return diag.Errorf("config was unexpected type %q", reflect.TypeOf(i).String())
 					}
+					auth, valid := resourceData.Get("auth").(string)
+					if !valid {
+						return diag.Errorf("auth was unexpected type %q", reflect.TypeOf(resourceData.Get("auth")))
+					}
 					operatingSystem, valid := resourceData.Get("os").(string)
 					if !valid {
 						return diag.Errorf("os was unexpected type %q", reflect.TypeOf(resourceData.Get("os")))
@@ -97,6 +113,7 @@ func New() *schema.Provider {
 					script := os.Getenv(fmt.Sprintf("CODER_AGENT_SCRIPT_%s_%s", operatingSystem, arch))
 					if script != "" {
 						script = strings.ReplaceAll(script, "${ACCESS_URL}", accessURL.String())
+						script = strings.ReplaceAll(script, "${AUTH_TYPE}", auth)
 					}
 					err = resourceData.Set("value", script)
 					if err != nil {
@@ -106,6 +123,13 @@ func New() *schema.Provider {
 					return nil
 				},
 				Schema: map[string]*schema.Schema{
+					"auth": {
+						Type:         schema.TypeString,
+						Default:      "token",
+						Optional:     true,
+						Description:  `The authentication type the agent will use. Must be one of: "token", "google-instance-identity", "aws-instance-identity", "azure-instance-identity".`,
+						ValidateFunc: validation.StringInSlice([]string{"token", "google-instance-identity", "aws-instance-identity", "azure-instance-identity"}, false),
+					},
 					"os": {
 						Type:         schema.TypeString,
 						Required:     true,
@@ -144,29 +168,11 @@ func New() *schema.Provider {
 					return nil
 				},
 				Schema: map[string]*schema.Schema{
-					"auth": {
+					"instance_id": {
 						ForceNew:    true,
-						Description: "Authenticate an instance with zero-trust by using cloud metadata APIs.",
-						Type:        schema.TypeList,
+						Description: "An instance ID from a provisioned instance to enable zero-trust agent authentication.",
 						Optional:    true,
-						MaxItems:    1,
-						Elem: &schema.Resource{
-							Schema: map[string]*schema.Schema{
-								"type": {
-									ForceNew:     true,
-									Description:  `The authentication type to use. Must be one of: "google-instance-identity".`,
-									Optional:     true,
-									Type:         schema.TypeString,
-									ValidateFunc: validation.StringInSlice([]string{"google-instance-identity"}, false),
-								},
-								"instance_id": {
-									ForceNew:    true,
-									Description: "A unique ID from the created compute resource to identify with cloud metadata APIs.",
-									Optional:    true,
-									Type:        schema.TypeString,
-								},
-							},
-						},
+						Type:        schema.TypeString,
 					},
 					"env": {
 						ForceNew:    true,

Diff for: internal/provider/provider_test.go

@@ -117,10 +117,7 @@ func TestAgent(t *testing.T) {
 					url = "https://example.com"
 				}
 				resource "coder_agent" "new" {
-					auth {
-						type = "google-instance-identity"
-						instance_id = "instance"
-					}
+					instance_id = "instance"
 					env = {
 						hi = "test"
 					}
@@ -133,8 +130,7 @@ func TestAgent(t *testing.T) {
 					require.NotNil(t, resource)
 					for _, key := range []string{
 						"token",
-						"auth.0.type",
-						"auth.0.instance_id",
+						"instance_id",
 						"env.hi",
 						"startup_script",
 					} {