Feature Request: Add Terraform Support for Generic OIDC #51059
Description
Summary
Currently, the project does not have Terraform support for Generic OIDC authentication provider. This feature would enable users to programmatically manage Generic OIDC integration through Infrastructure as Code (IaC) practices.
Problem Statement
Users who want to integrate Generic OIDC as an authentication provider must currently configure it manually through the UI or API calls but NOT with terraform.
Proposed Solution
Implement Terraform resource support for Generic OIDC authentication provider that allows users to:
- Enable/disable Generic OIDC authentication
Expected Terraform Configuration Example
resource "rancher2_auth_config_oidc" "generic_oidc" {
enabled = true
client_id = "your-oidc-client-id"
client_secret = "your-oidc-client-secret"
issuer_url = "https://your-oidc-provider.com"
auth_endpoint = "https://your-oidc-provider.com/auth"
token_endpoint = "https://your-oidc-provider.com/token"
userinfo_endpoint = "https://your-oidc-provider.com/userinfo"
jwks_endpoint = "https://your-oidc-provider.com/.well-known/jwks.json"
# Optional configurations
scopes = ["openid", "profile", "email", "groups"]
group_claim = "groups"
username_claim = "preferred_username"
display_name_claim = "name"
uid_claim = "sub"
# Certificate and validation settings
certificate = file("${path.module}/oidc-ca.pem")
skip_cert_verify = false
# Group mappings
group_mappings = {
"admin-group" = "cluster-admin"
"developers" = "project-member"
"readonly-users" = "project-readonly"
}
# Advanced OIDC settings
response_type = "code"
response_mode = "query"
access_mode = "required"
allowed_principal_ids = ["local://user-12345"]
# Custom claims mapping
custom_claims = {
"department" = "dept"
"location" = "office"
}
}