feat: add code_mfa_enabled support to ory_project_config

[KT-Doan]

Description

Add the missing code_mfa_enabled attribute to the ory_project_config resource, allowing users to configure the code method as a second factor for MFA via Terraform.

This was reported in #122 — the mfa_enabled setting under selfservice->methods->code was not exposed in the provider.

Related Issues

Fixes #122

Type of Change

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update

Checklist

• I have read the CONTRIBUTING guide
• My code follows the existing code style
• I have added tests that prove my fix/feature works
• I have updated documentation as needed
• All new and existing tests pass (make test)
• I have run the linter (make format)

Testing

• Unit tests
• Acceptance tests
• Manual testing

Changes

• Model: Added CodeMFAEnabled field (tfsdk:"code_mfa_enabled")
• Schema: Added code_mfa_enabled boolean attribute with description
• Write (buildPatches): Maps to API path /services/identity/config/selfservice/methods/code/mfa_enabled
• Read (readProjectConfig): Reads from selfservice.methods.code.mfa_enabled
• Tests: Added TestAccProjectConfigResource_codeMFA with create, import, update, and no-diff verification steps
• Examples: Updated ory_project_config example to show code_mfa_enabled usage
• Docs: Auto-regenerated via make format

Acceptance Test Results

=== RUN   TestAccProjectConfigResource_codeMFA
--- PASS: TestAccProjectConfigResource_codeMFA (10.03s)

Pre-commit Checks

• make build — ✅
• make format — ✅ (0 lint issues)
• make test-short — ✅ (all unit tests pass)
• make sec — ✅ (govulncheck, gosec, gitleaks all clean)
• make sec-trivy — ✅ (no vulnerabilities)

Usage

resource "ory_project_config" "main" {
  enable_code      = true
  code_mfa_enabled = true
}

[Copilot]

Pull request overview

Adds Terraform support for configuring the Ory “code” self-service method as an MFA second factor via a new code_mfa_enabled attribute on ory_project_config.

Changes:

• Extend the project config resource model/schema with code_mfa_enabled.
• Wire read/write mapping to Ory config paths for selfservice.methods.code.mfa_enabled.
• Add acceptance coverage plus update examples/docs to demonstrate the new flag.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
internal/resources/projectconfig/testdata/code_mfa.tf.tmpl	Adds a test template exercising code_mfa_enabled.
internal/resources/projectconfig/resource_test.go	Adds an acceptance test that creates/updates/plans code_mfa_enabled.
internal/resources/projectconfig/resource.go	Adds the model field, schema attribute, and read/write mappings for code_mfa_enabled.
examples/resources/ory_project_config/resource.tf	Documents usage of code_mfa_enabled in an example config.
docs/resources/project_config.md	Updates generated docs and attribute list to include code_mfa_enabled.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.