pksunkara
commented
1 year ago As mentioned in #9, without linear containing provisioning capability, we won't have the user id to be able to add the user to relevant teams.
I am closing this as duplicate of #9.
I'd love to manage team membership via terraform (as well as
workspace:) ). We do this for our other third-party services and it takes a load of on/offboarding and team-movement acquire-permissions pain away.Apparently the API supports it: https://studio.apollographql.com/public/Linear-API/variant/current/schema/reference/objects/Mutation?query=team#teamMembershipUpdate.
Would you welcome a PR that adds this resource?
(To set expectations, I'd probably only contribute something if my company elects to adopt Linear; we're trying it out right now)
Linear slack thread
[@Brian](https://linearcustomers.slack.com/team/U0424AQ5J2Z) re: terraform + graphql API - we use terraform to drive our third-party service membership team-membership role/team-membership ... so that we source-control who's got an account and which permissions into what service. This lets us automate onboarding, offboarding, and gives us a consistent view of who has permission into what (allowing non-admins to understand what they should be able to do, and escalate if they can't). We do this to avoid admin-ClickOps; historically (elsewhere from where I am) this leads to "who has permission to x" and permission-accretion over time, and offboarding-toil-fail. Is it feasible to create (a la [github_membership](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/membership)) invites to linear workspaces via the graphql API? I want to declare via terraform who should be a workspace-member. what permissions they should have. to create (a la [github_team_membership](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/team_membership)) team-memberships for users via the graphql API? I want to declare via terraform who should be a team-member. (haven't figured out yet whether there're team-specific permissions) (I now appreciate the provider's maintained by someone not at Linear, so exploring the API capability first) (edited) :eyes: 1 1 reply Brian [10 hours ago](https://linearcustomers.slack.com/archives/C01GGHDBS21/p1683244168552649?thread_ts=1683106787.898639&cid=C01GGHDBS21) Hey Peter, thanks for the context! For your API questions: [organizationInviteCreate](https://studio.apollographql.com/public/Linear-API/variant/current/schema/reference/objects/Mutation?query=invite#organizationInviteCreate) should work! This mutation takes a role field for specifying permissions on the workspace level. [teamMembershipCreate](https://studio.apollographql.com/public/Linear-API/variant/current/schema/reference/objects/Mutation?query=team#teamMembershipUpdate) would be the go-to here. The only thing available about permissions at a team level is that in the case of private teams, [teamMembershipCreate](https://studio.apollographql.com/public/Linear-API/variant/current/schema/reference/objects/Mutation?query=team#teamMembershipUpdate) allows to define if the user added is an owner of team or not.