feat: add role binding data source

[markgoddard]

Separated from role binding resource PR
#73.

[gemini-code-assist]

Summary of Changes

Hello @markgoddard, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the Terraform Cofide provider by adding a new data source for role bindings. This allows users to fetch details of existing role bindings based on various criteria, providing read-only access to these configurations and complementing the existing resource management capabilities.

Highlights

• New Data Source: Introduced a new Terraform data source, cofide_connect_role_binding, allowing users to query and retrieve information about existing role bindings within the Cofide platform.
• Filtering Capabilities: The data source supports filtering by role_id, user (subject), group (claim value), and resource (type and ID) to precisely locate specific role bindings.
• Provider Integration: The new data source has been integrated into the main Cofide Terraform provider, making it discoverable and usable by Terraform configurations.
• Documentation and Examples: Comprehensive documentation and an example configuration have been added to guide users on how to effectively utilize the new cofide_connect_role_binding data source.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new data source cofide_connect_role_binding, which is a great addition. The implementation is mostly solid, including the schema, documentation, and test cases. I've identified a couple of areas for improvement in the data source implementation to better align with the Terraform Plugin Framework's best practices and to enhance user experience with better validation. My specific comments are detailed below.

[gemini-code-assist]

The current implementation returns an error when no role binding is found. According to the Terraform Plugin Framework documentation for data sources, if a resource is not found, the Read function should return with an empty state and no error diagnostics. The framework will then correctly inform the user that the data source did not return any results. Returning an error here will cause the Terraform plan/apply to fail, which is often not the desired behavior for a data source lookup.

Please change the implementation to remove the resource from the state when no role bindings are found.

	if len(roleBindings) == 0 {
		resp.State.RemoveResource(ctx)
		return
	}

[gemini-code-assist]

The user and group attributes are mutually exclusive. It's good practice to validate this in the provider to give early feedback to the user. A ConfigValidator is the ideal place for this, but adding the check here in the Read function is also a valid approach that prevents invalid configurations.

This check will prevent the provider from sending a potentially invalid filter to the API and will provide a clear error message to the user.

		return
	}

	if config.User != nil && config.Group != nil {
		resp.Diagnostics.AddError(
			"Conflicting configuration",
			"Cannot set both 'user' and 'group' attributes. Please choose only one.",
		)
		return
	}