feat: Support OIDC Provider OIDC Clients by bigkevmcd · Pull Request #2147 · rancher/terraform-provider-rancher2

bigkevmcd · 2026-04-21T14:52:03Z

Addresses #2156 and rancher/rancher#53639

Description

Adds support for CRUDding OIDCClients

Testing

Not a breaking change.

Copilot

Pull request overview

Adds a new Terraform resource to manage Rancher OIDC clients (CRUD) and registers it with the provider.

Changes:

Introduces rancher2_oidc_client resource implementation (schema + CRUD).
Adds unit tests for expand/flatten helpers.
Registers the new resource in Provider() resources map.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 11 comments.

File	Description
`rancher2/resource_rancher2_oidc_client.go`	New OIDC client resource schema + CRUD + expand/flatten helpers.
`rancher2/resource_rancher2_oidc_client_test.go`	Unit tests for expand/flatten behavior.
`rancher2/provider.go`	Registers the new `rancher2_oidc_client` resource.

Copilot

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.

Copilot

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.

Copilot

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.

Copilot

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.

Copilot

Pull request overview

Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.

Copilot

Pull request overview

Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.

JonCrowther

LGTM with just one nit related to the logging

Copilot

Pull request overview

Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.

This adds support for the OIDC Provider OIDCClient resource.

Copilot

Pull request overview

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

enrichman · 2026-05-27T15:45:14Z

+# rancher2\_oidc_client Resource
+
+Provides a Rancher OIDC Client. This can be used to configure the OIDC Clients
+available for the Rancher OIDC Provider.


Probably an auto-wrap for line length

Suggested change

available for the Rancher OIDC Provider.

Provides a Rancher OIDC Client. This can be used to configure the OIDC Clients available for the Rancher OIDC Provider.

enrichman · 2026-05-27T15:50:37Z

+### Creating a Rancher OIDC Client.
+
+```hcl
+resource "rancher2_oidc_client" "oidc-test-client" {
+  description = "Access for Test Client"


We should adhere to the same structure/conventions: https://registry.terraform.io/providers/rancher/rancher2/latest/docs/resources/user#example-usage

Suggested change

### Creating a Rancher OIDC Client.

```hcl

resource "rancher2_oidc_client" "oidc-test-client" {

description = "Access for Test Client"

```hcl

# Create a new rancher2 OIDC Client

resource "rancher2_oidc_client" "foo" {

description = "Foo OIDC Client"

enrichman · 2026-05-27T15:54:48Z

+* `description` - A human-readable description for the OIDC Client.
+* `token_expiration_seconds` - ID Token and Access Token will only be valid for this many seconds.
+* `refresh_token_expiration_seconds` - How long can the refresh token be used for?
+* `redirect_uris` - Provides a list of allowed redirect URIs for this OIDC Client.


Maybe it's clearer to put before the required args, also specifying if they are required/optional?

Suggested change

* `description` - A human-readable description for the OIDC Client.

* `token_expiration_seconds` - ID Token and Access Token will only be valid for this many seconds.

* `refresh_token_expiration_seconds` - How long can the refresh token be used for?

* `redirect_uris` - Provides a list of allowed redirect URIs for this OIDC Client.

* `redirect_uris` - (Required) List of allowed redirect URIs for this OIDC Client (list)

* `description` - (Optional) A human-readable description for the OIDC Client (string)

* `token_expiration_seconds` - (Optional/Computed) ID Token and Access Token will only be valid for this many seconds (int)

* `refresh_token_expiration_seconds` - (Optional/Computed) How long can the refresh token be used for (int)

enrichman · 2026-05-27T15:56:41Z

+OIDC Clients can be imported using the Client name in the format `<client_name>`
+
+```
+$ terraform import rancher2_oidc_client.foo &lt;CLIENT_NAME&gt;


Suggested change

$ terraform import rancher2_oidc_client.foo <CLIENT_NAME>

$ terraform import rancher2_oidc_client.foo <client_name>

enrichman

Just some comments related to the docs, but LGTM 🙂

bigkevmcd marked this pull request as ready for review April 24, 2026 14:30

Copilot AI review requested due to automatic review settings April 24, 2026 14:30

Copilot started reviewing on behalf of bigkevmcd April 24, 2026 14:30 View session

bigkevmcd force-pushed the support-oidcclients branch 2 times, most recently from 8c8fa7f to 7e15537 Compare April 24, 2026 14:35

Copilot AI reviewed Apr 24, 2026

View reviewed changes

This was referenced Apr 24, 2026

feat: Support OIDC Provider OIDC Clients #2156

Open

[release/v15] feat: Support OIDC Provider OIDC Clients #2157

Open

Copilot AI review requested due to automatic review settings April 24, 2026 14:49

bigkevmcd force-pushed the support-oidcclients branch from 7e15537 to 7b87e5c Compare April 24, 2026 14:49

Copilot started reviewing on behalf of bigkevmcd April 24, 2026 14:50 View session

Copilot AI reviewed Apr 24, 2026

View reviewed changes

bigkevmcd marked this pull request as draft April 24, 2026 14:56

bigkevmcd force-pushed the support-oidcclients branch from 7b87e5c to 4d388e7 Compare May 6, 2026 14:53

bigkevmcd requested a review from Copilot May 7, 2026 14:14

bigkevmcd marked this pull request as ready for review May 7, 2026 14:16

Copilot AI reviewed May 7, 2026

View reviewed changes

Comment thread rancher2/resource_rancher2_oidc_client.go

Comment thread rancher2/resource_rancher2_oidc_client.go

Comment thread rancher2/resource_rancher2_oidc_client.go

Comment thread rancher2/resource_rancher2_oidc_client.go

bigkevmcd marked this pull request as draft May 7, 2026 14:20

bigkevmcd force-pushed the support-oidcclients branch from 4d388e7 to dee3e92 Compare May 8, 2026 09:14

bigkevmcd requested a review from Copilot May 8, 2026 09:14

Copilot started reviewing on behalf of bigkevmcd May 8, 2026 09:15 View session

Copilot AI reviewed May 8, 2026

View reviewed changes

bigkevmcd force-pushed the support-oidcclients branch from dee3e92 to 478a5ef Compare May 8, 2026 09:43

bigkevmcd requested a review from Copilot May 8, 2026 09:49

Copilot started reviewing on behalf of bigkevmcd May 8, 2026 09:50 View session

Copilot AI reviewed May 8, 2026

View reviewed changes

Comment thread rancher2/resource_rancher2_oidc_client.go

Comment thread rancher2/resource_rancher2_oidc_client.go

Comment thread rancher2/resource_rancher2_oidc_client.go

Comment thread rancher2/resource_rancher2_oidc_client.go

Comment thread rancher2/resource_rancher2_oidc_client_test.go

bigkevmcd force-pushed the support-oidcclients branch 2 times, most recently from 367aae4 to ed00cc1 Compare May 8, 2026 13:08

bigkevmcd requested a review from Copilot May 8, 2026 14:42

Copilot started reviewing on behalf of bigkevmcd May 8, 2026 14:43 View session

Copilot started reviewing on behalf of bigkevmcd May 11, 2026 12:35 View session

Copilot AI reviewed May 11, 2026

View reviewed changes

Comment thread docs/resources/oidc_client.md

Comment thread rancher2/resource_rancher2_oidc_client_test.go

Copilot AI review requested due to automatic review settings May 11, 2026 12:42

Copilot started reviewing on behalf of bigkevmcd May 11, 2026 12:43 View session

bigkevmcd force-pushed the support-oidcclients branch from fb5d2b4 to 52dff94 Compare May 11, 2026 12:43

Copilot AI reviewed May 11, 2026

View reviewed changes

Comment thread rancher2/resource_rancher2_oidc_client.go

Comment thread docs/resources/oidc_client.md

Comment thread docs/resources/oidc_client.md

matttrach added the release/v15 Targets release v15.x correlating to Rancher's v2.15.x label May 11, 2026

JonCrowther reviewed May 15, 2026

View reviewed changes

Comment thread rancher2/resource_rancher2_oidc_client.go Outdated

Copilot AI review requested due to automatic review settings May 18, 2026 09:52

Copilot started reviewing on behalf of bigkevmcd May 18, 2026 09:52 View session

Copilot AI reviewed May 18, 2026

View reviewed changes

Comment thread rancher2/resource_rancher2_oidc_client.go Outdated

Comment thread docs/resources/oidc_client.md

bigkevmcd force-pushed the support-oidcclients branch from 140e5f0 to 493535e Compare May 18, 2026 11:03

bigkevmcd requested a review from JonCrowther May 19, 2026 06:20

feat: Add OIDC client resource.

5367660

This adds support for the OIDC Provider OIDCClient resource.

Copilot AI review requested due to automatic review settings May 19, 2026 10:13

bigkevmcd force-pushed the support-oidcclients branch from 493535e to 5367660 Compare May 19, 2026 10:13

Copilot started reviewing on behalf of bigkevmcd May 19, 2026 10:14 View session

Copilot AI reviewed May 19, 2026

View reviewed changes

Comment thread docs/resources/oidc_client.md

bigkevmcd mentioned this pull request May 19, 2026

[RFE] Terraform support for OAuth2 rancher/rancher#53639

Open

samjustus requested a review from enrichman May 26, 2026 11:59

JonCrowther approved these changes May 26, 2026

View reviewed changes

This was referenced May 26, 2026

[release/v15] feat: Support OIDC Provider OIDC Clients #2260

Open

feat: Support OIDC Provider OIDC Clients #2259

Open

Merge branch 'main' into support-oidcclients

234b7af

matttrach approved these changes May 27, 2026

View reviewed changes

enrichman reviewed May 27, 2026

View reviewed changes

	available for the Rancher OIDC Provider.
	Provides a Rancher OIDC Client. This can be used to configure the OIDC Clients available for the Rancher OIDC Provider.

	$ terraform import rancher2_oidc_client.foo <CLIENT_NAME>
	$ terraform import rancher2_oidc_client.foo <client_name>

Conversation

bigkevmcd commented Apr 21, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Testing

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

JonCrowther left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

bigkevmcd commented Apr 21, 2026 •

edited

Loading