Add notification rule, project/team scoping, and publisher data source

Add support for configuring DependencyTrack notifications via Terraform:

- dependencytrack_notification_rule: manages notification rules with full
  support for event-driven and scheduled triggers, all notification groups
  (SYSTEM and PORTFOLIO scopes), publisher config, notify_on, message,
  notify_children, log_successful_publish, schedule_cron, and
  schedule_skip_unchanged options.

- dependencytrack_notification_rule_project: scopes a notification rule
  to a specific project (PORTFOLIO scope only).

- dependencytrack_notification_rule_team: associates a team with a
  notification rule (for email publisher).

- dependencytrack_notification_publisher (data source): looks up a
  notification publisher by name to retrieve its UUID.

Uses SolarFactories/client-go fork with notification API support
(PR DependencyTrack/client-go#56).

https://claude.ai/code/session_019ocavNKpCndi448shsGs4Q

Author: claude

examples/data-sources/dependencytrack_notification_publisher/data-source.tf

@@ -0,0 +1,8 @@
+# Look up a built-in notification publisher by name
+data "dependencytrack_notification_publisher" "webhook" {
+  name = "Outbound Webhook"
+}
+
+# Other available publishers:
+# "Slack", "Microsoft Teams", "Mattermost", "Email",
+# "Console", "Cisco Webex", "Jira"

examples/resources/dependencytrack_notification_rule/resource.tf

@@ -0,0 +1,27 @@
+# Look up the Outbound Webhook publisher
+data "dependencytrack_notification_publisher" "webhook" {
+  name = "Outbound Webhook"
+}
+
+# Event-driven notification rule for new vulnerabilities
+resource "dependencytrack_notification_rule" "vuln_webhook" {
+  name               = "Vulnerability Webhook"
+  scope              = "PORTFOLIO"
+  notification_level = "INFORMATIONAL"
+  publisher_id       = data.dependencytrack_notification_publisher.webhook.id
+  notify_on          = ["NEW_VULNERABILITY", "NEW_VULNERABLE_DEPENDENCY"]
+  publisher_config   = jsonencode({ destination = "https://example.com/webhook" })
+}
+
+# Scheduled notification rule for daily vulnerability summary
+resource "dependencytrack_notification_rule" "daily_summary" {
+  name                    = "Daily Vulnerability Summary"
+  scope                   = "PORTFOLIO"
+  notification_level      = "INFORMATIONAL"
+  trigger_type            = "SCHEDULE"
+  publisher_id            = data.dependencytrack_notification_publisher.webhook.id
+  notify_on               = ["NEW_VULNERABILITIES_SUMMARY"]
+  schedule_cron           = "0 8 * * *"
+  schedule_skip_unchanged = true
+  publisher_config        = jsonencode({ destination = "https://example.com/webhook" })
+}

examples/resources/dependencytrack_notification_rule_project/resource.tf

@@ -0,0 +1,5 @@
+# Scope a notification rule to a specific project
+resource "dependencytrack_notification_rule_project" "example" {
+  rule    = dependencytrack_notification_rule.vuln_webhook.id
+  project = dependencytrack_project.example.id
+}

examples/resources/dependencytrack_notification_rule_team/resource.tf

@@ -0,0 +1,5 @@
+# Associate a team with an email notification rule
+resource "dependencytrack_notification_rule_team" "example" {
+  rule = dependencytrack_notification_rule.email_alerts.id
+  team = dependencytrack_team.security.id
+}

go.mod

@@ -62,3 +62,5 @@ require (
 	google.golang.org/grpc v1.79.2 // indirect
 	google.golang.org/protobuf v1.36.11 // indirect
 )
+
+replace github.com/DependencyTrack/client-go => github.com/SolarFactories/client-go v0.0.0-20260223220603-b82901019da9

go.sum

@@ -2,12 +2,12 @@ dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
 dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
-github.com/DependencyTrack/client-go v0.18.0 h1:HXOUuqKaxIIiksYzJTM6ltuqebxjUW0kFSbPsGSWX1Q=
-github.com/DependencyTrack/client-go v0.18.0/go.mod h1:T5iPG+foFcv6Bn5bTNbjywbmm+gwku4I1MuQWA77sR8=
 github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
 github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
 github.com/ProtonMail/go-crypto v1.3.0 h1:ILq8+Sf5If5DCpHQp4PbZdS1J7HDFRXz/+xKBiRGFrw=
 github.com/ProtonMail/go-crypto v1.3.0/go.mod h1:9whxjD8Rbs29b4XWbB8irEcE8KHMqaR2e7GWU1R+/PE=
+github.com/SolarFactories/client-go v0.0.0-20260223220603-b82901019da9 h1:DhpDPxH4DqTYuqeahSfH6mORjXr2OThIeg/Qb8d/4SM=
+github.com/SolarFactories/client-go v0.0.0-20260223220603-b82901019da9/go.mod h1:T5iPG+foFcv6Bn5bTNbjywbmm+gwku4I1MuQWA77sR8=
 github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE=
 github.com/agext/levenshtein v1.2.2/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
 github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec=

internal/provider/notification_publisher_data_source.go

@@ -0,0 +1,138 @@
+package provider
+
+import (
+	"context"
+	"fmt"
+
+	dtrack "github.com/DependencyTrack/client-go"
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/hashicorp/terraform-plugin-log/tflog"
+)
+
+var (
+	_ datasource.DataSource              = &notificationPublisherDataSource{}
+	_ datasource.DataSourceWithConfigure = &notificationPublisherDataSource{}
+)
+
+type (
+	notificationPublisherDataSource struct {
+		client *dtrack.Client
+		semver *Semver
+	}
+
+	notificationPublisherDataSourceModel struct {
+		ID               types.String `tfsdk:"id"`
+		Name             types.String `tfsdk:"name"`
+		Description      types.String `tfsdk:"description"`
+		PublisherClass   types.String `tfsdk:"publisher_class"`
+		DefaultPublisher types.Bool   `tfsdk:"default_publisher"`
+	}
+)
+
+func NewNotificationPublisherDataSource() datasource.DataSource {
+	return &notificationPublisherDataSource{}
+}
+
+func (*notificationPublisherDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_notification_publisher"
+}
+
+func (*notificationPublisherDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		Description: "Fetches a Notification Publisher by name.",
+		Attributes: map[string]schema.Attribute{
+			"name": schema.StringAttribute{
+				Description: "Name of the Notification Publisher to look up. " +
+					"Built-in publishers include: Slack, Microsoft Teams, Mattermost, Email, Console, Outbound Webhook, Cisco Webex, Jira.",
+				Required: true,
+			},
+			"id": schema.StringAttribute{
+				Description: "UUID of the Notification Publisher.",
+				Computed:    true,
+			},
+			"description": schema.StringAttribute{
+				Description: "Description of the Notification Publisher.",
+				Computed:    true,
+			},
+			"publisher_class": schema.StringAttribute{
+				Description: "Fully-qualified class name of the publisher implementation.",
+				Computed:    true,
+			},
+			"default_publisher": schema.BoolAttribute{
+				Description: "Whether this is a default built-in publisher.",
+				Computed:    true,
+			},
+		},
+	}
+}
+
+func (d *notificationPublisherDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+	var state notificationPublisherDataSourceModel
+	diags := req.Config.Get(ctx, &state)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	name := state.Name.ValueString()
+	tflog.Debug(ctx, "Reading Notification Publisher", map[string]any{
+		"name": name,
+	})
+
+	publishers, err := d.client.Notification.GetAllPublishers(ctx)
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Unable to fetch notification publishers",
+			"Error from: "+err.Error(),
+		)
+		return
+	}
+
+	publisher, err := Find(publishers, func(p dtrack.NotificationPublisher) bool {
+		return p.Name == name
+	})
+	if err != nil {
+		resp.Diagnostics.AddError(
+			"Unable to find notification publisher",
+			fmt.Sprintf("No publisher found with name '%s'. Error: %s", name, err.Error()),
+		)
+		return
+	}
+
+	state = notificationPublisherDataSourceModel{
+		ID:               types.StringValue(publisher.UUID.String()),
+		Name:             types.StringValue(publisher.Name),
+		Description:      types.StringValue(publisher.Description),
+		PublisherClass:   types.StringValue(publisher.PublisherClass),
+		DefaultPublisher: types.BoolValue(publisher.DefaultPublisher),
+	}
+
+	diags = resp.State.Set(ctx, &state)
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+	tflog.Debug(ctx, "Read Notification Publisher", map[string]any{
+		"id":   state.ID.ValueString(),
+		"name": state.Name.ValueString(),
+	})
+}
+
+func (d *notificationPublisherDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, resp *datasource.ConfigureResponse) {
+	if req.ProviderData == nil {
+		return
+	}
+	clientInfoData, ok := req.ProviderData.(clientInfo)
+
+	if !ok {
+		resp.Diagnostics.AddError(
+			"Unexpected Configure Type",
+			fmt.Sprintf("Expected provider.clientInfo, got %T. Please report this issue to the provider developers.", req.ProviderData),
+		)
+		return
+	}
+	d.client = clientInfoData.client
+	d.semver = clientInfoData.semver
+}

internal/provider/notification_publisher_data_source_test.go

@@ -0,0 +1,28 @@
+package provider
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+func TestAccNotificationPublisherDataSource(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: providerConfig + `
+data "dependencytrack_notification_publisher" "webhook" {
+	name = "Outbound Webhook"
+}
+`,
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttrSet("data.dependencytrack_notification_publisher.webhook", "id"),
+					resource.TestCheckResourceAttr("data.dependencytrack_notification_publisher.webhook", "name", "Outbound Webhook"),
+					resource.TestCheckResourceAttrSet("data.dependencytrack_notification_publisher.webhook", "publisher_class"),
+					resource.TestCheckResourceAttr("data.dependencytrack_notification_publisher.webhook", "default_publisher", "true"),
+				),
+			},
+		},
+	})
+}