+ bucket

.gitignore

@@ -1 +1 @@
-providers/aws-credentials.txt
+providers/provider-family-aws/aws-credentials.txt

README.md

@@ -1,14 +0,0 @@
-- https://marketplace.upbound.io/providers/upbound/provider-family-aws/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-s3/
-- https://marketplace.upbound.io/providers/upbound/provider-aws-iam/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-account/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-eks/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-rds/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-vpc/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-acm/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-budgets/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-ec2/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-elbv2/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-organizations/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-redshift/v2.2.0
-- https://marketplace.upbound.io/providers/upbound/provider-aws-route53/v2.2.0

functions/patch-and-transform.yaml

@@ -0,0 +1,6 @@
+apiVersion: pkg.crossplane.io/v1
+kind: Function
+metadata:
+  name: function-patch-and-transform
+spec:
+  package: xpkg.crossplane.io/crossplane-contrib/function-patch-and-transform:v0.8.2

providers/provider-argocd/README.md

@@ -0,0 +1,2 @@
+  - https://marketplace.upbound.io/providers/crossplane-contrib/provider-argocd/latest
+  - https://github.com/crossplane-contrib/provider-argocd 

providers/provider-argocd/provider-argocd.yaml

@@ -0,0 +1,6 @@
+apiVersion: pkg.crossplane.io/v1
+kind: Provider
+metadata:
+  name: crossplane-contrib-provider-argocd
+spec:
+  package: xpkg.upbound.io/crossplane-contrib/provider-argocd:v0.14.1

providers/provider-family-aws/README.md

@@ -0,0 +1,16 @@
+  - https://marketplace.upbound.io/providers/upbound/provider-family-aws/latest
+  - https://github.com/crossplane-contrib/provider-upjet-aws
+
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-account/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-acm/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-budgets/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-ec2/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-eks/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-elbv2/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-iam/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-organizations/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-rds/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-redshift/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-route53/latest
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-s3/
+  - https://marketplace.upbound.io/providers/upbound/provider-aws-vpc/latest

providers/provider-family-aws/resources/ec2/imported-ec2.yaml

@@ -0,0 +1,13 @@
+apiVersion: ec2.aws.m.upbound.io/v1beta1
+kind: Instance
+metadata:
+  name: imported-ec2-instance
+  annotations:
+    crossplane.io/external-name: i-037556a7512bd1f4b
+spec:
+  managementPolicies: ["Observe"]
+  forProvider:
+    region: eu-west-3
+  providerConfigRef:
+    name: default
+    kind: ProviderConfig 

providers/provider-family-aws/resources/ec2/test.yaml

@@ -0,0 +1,17 @@
+apiVersion: ec2.aws.m.upbound.io/v1beta1
+kind: Instance
+metadata:
+  name: imported-ec2-instance
+  annotations:
+    crossplane.io/external-name: i-037556a7512bd1f4b
+spec:
+  managementPolicies: ["*"]
+  forProvider:
+    region: eu-west-3
+    tags:
+      company: mathod
+      project: app1
+      environment: production
+  providerConfigRef:
+    name: default
+    kind: ProviderConfig 

providers/provider-family-aws/resources/s3/compositions/composition.yaml

@@ -0,0 +1,184 @@
+apiVersion: apiextensions.crossplane.io/v1
+kind: Composition
+metadata:
+  name: s3bucket.aws.mathod.io
+  labels:
+    provider: aws
+    type: s3
+spec:
+  compositeTypeRef:
+    apiVersion: mathod.io/v1alpha1
+    kind: XObjectStorage
+  
+  mode: Pipeline
+  
+  pipeline:
+    - step: patch-and-transform
+      functionRef:
+        name: function-patch-and-transform
+      input:
+        apiVersion: pt.fn.crossplane.io/v1beta1
+        kind: Resources
+        resources:
+          # Bucket S3
+          - name: s3-bucket
+            base:
+              apiVersion: s3.aws.m.upbound.io/v1beta1
+              kind: Bucket
+              spec:
+                forProvider:
+                  region: eu-west-1
+                providerConfigRef:
+                  name: default
+                  kind: ProviderConfig
+            patches:
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.bucketName
+                toFieldPath: metadata.name
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.region
+                toFieldPath: spec.forProvider.region
+              - type: ToCompositeFieldPath
+                fromFieldPath: status.atProvider.arn
+                toFieldPath: status.bucketArn
+              - type: ToCompositeFieldPath
+                fromFieldPath: status.atProvider.bucketDomainName
+                toFieldPath: status.bucketDomain
+
+          # Configuration du versioning
+          - name: bucket-versioning
+            base:
+              apiVersion: s3.aws.m.upbound.io/v1beta1
+              kind: BucketVersioning
+              spec:
+                forProvider:
+                  region: eu-west-1
+                  bucketRef:
+                    name: ""
+                  versioningConfiguration:
+                    status: Disabled
+                providerConfigRef:
+                  name: default
+                  kind: ProviderConfig
+            patches:
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.region
+                toFieldPath: spec.forProvider.region
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.bucketName
+                toFieldPath: spec.forProvider.bucketRef.name
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.versioning
+                toFieldPath: spec.forProvider.versioningConfiguration.status
+                transforms:
+                  - type: convert
+                    convert:
+                      toType: string
+                  - type: map
+                    map:
+                      "true": Enabled
+                      "false": Suspended
+
+          # Configuration du chiffrement
+          - name: bucket-encryption
+            base:
+              apiVersion: s3.aws.m.upbound.io/v1beta1
+              kind: BucketServerSideEncryptionConfiguration
+              spec:
+                forProvider:
+                  region: eu-west-1
+                  bucketRef:
+                    name: ""
+                  rule:
+                    - applyServerSideEncryptionByDefault:
+                        sseAlgorithm: AES256
+                providerConfigRef:
+                  name: default
+                  kind: ProviderConfig
+            patches:
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.region
+                toFieldPath: spec.forProvider.region
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.bucketName
+                toFieldPath: spec.forProvider.bucketRef.name
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.encryption
+                toFieldPath: spec.forProvider.rule[0].applyServerSideEncryptionByDefault.sseAlgorithm
+                transforms:
+                  - type: convert
+                    convert:
+                      toType: string
+                  - type: map
+                    map:
+                      "true": AES256
+                      "false": ""
+
+          # Bloquer l'accès public
+          - name: bucket-public-access-block
+            base:
+              apiVersion: s3.aws.m.upbound.io/v1beta1
+              kind: BucketPublicAccessBlock
+              spec:
+                forProvider:
+                  region: eu-west-1
+                  bucketRef:
+                    name: ""
+                  blockPublicAcls: true
+                  blockPublicPolicy: true
+                  ignorePublicAcls: true
+                  restrictPublicBuckets: true
+                providerConfigRef:
+                  name: default
+                  kind: ProviderConfig
+            patches:
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.region
+                toFieldPath: spec.forProvider.region
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.bucketName
+                toFieldPath: spec.forProvider.bucketRef.name
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.publicAccess
+                toFieldPath: spec.forProvider.blockPublicAcls
+                transforms:
+                  - type: convert
+                    convert:
+                      toType: string
+                  - type: map
+                    map:
+                      "true": false
+                      "false": true
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.publicAccess
+                toFieldPath: spec.forProvider.blockPublicPolicy
+                transforms:
+                  - type: convert
+                    convert:
+                      toType: string
+                  - type: map
+                    map:
+                      "true": false
+                      "false": true
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.publicAccess
+                toFieldPath: spec.forProvider.ignorePublicAcls
+                transforms:
+                  - type: convert
+                    convert:
+                      toType: string
+                  - type: map
+                    map:
+                      "true": false
+                      "false": true
+              - type: FromCompositeFieldPath
+                fromFieldPath: spec.parameters.publicAccess
+                toFieldPath: spec.forProvider.restrictPublicBuckets
+                transforms:
+                  - type: convert
+                    convert:
+                      toType: string
+                  - type: map
+                    map:
+                      "true": false
+                      "false": true

providers/provider-family-aws/resources/s3/compositions/definition.yaml

@@ -0,0 +1,54 @@
+apiVersion: apiextensions.crossplane.io/v2
+kind: CompositeResourceDefinition
+metadata:
+  name: xobjectstorages.mathod.io
+spec:
+  scope: Namespaced
+  group: mathod.io
+  names:
+    kind: XObjectStorage
+    plural: xobjectstorages
+  versions:
+    - name: v1alpha1
+      served: true
+      referenceable: true
+      schema:
+        openAPIV3Schema:
+          type: object
+          properties:
+            spec:
+              type: object
+              properties:
+                parameters:
+                  type: object
+                  properties:
+                    bucketName:
+                      type: string
+                      description: "Nom du bucket S3"
+                    region:
+                      type: string
+                      description: "Région AWS"
+                      default: "eu-west-1"
+                    versioning:
+                      type: boolean
+                      description: "Activer le versioning"
+                      default: false
+                    encryption:
+                      type: boolean
+                      description: "Activer le chiffrement"
+                      default: true
+                    publicAccess:
+                      type: boolean
+                      description: "Autoriser l'accès public"
+                      default: false
+                  required:
+                    - bucketName
+              required:
+                - parameters
+            status:
+              type: object
+              properties:
+                bucketArn:
+                  type: string
+                bucketDomain:
+                  type: string

providers/provider-family-aws/resources/s3/compositions/objectstorage.yaml

@@ -0,0 +1,15 @@
+apiVersion: mathod.io/v1alpha1
+kind: XObjectStorage
+metadata:
+  name: my-s3-bucket-example
+  namespace: crossplane-system
+spec:
+  parameters:
+    bucketName: app1-bucket-mathod-93150
+    region: eu-west-1
+    versioning: true
+    encryption: true
+    publicAccess: false
+  crossplane:
+    compositionRef:
+      name: s3bucket.aws.mathod.io

providers/provider-family-aws/resources/s3/objects/bucket-generate.yaml

@@ -0,0 +1,16 @@
+---
+apiVersion: s3.aws.m.upbound.io/v1beta1
+kind: Bucket
+metadata:
+  generateName: app1-bucket-mathod-
+  namespace: crossplane-system
+spec:
+  forProvider:
+    region: eu-west-3
+    tags:
+      company: mathod
+      project: app1
+      environment: production
+  providerConfigRef:
+    name: default
+    kind: ProviderConfig

providers/provider-family-aws/resources/template/composite-resources.yaml

@@ -0,0 +1,18 @@
+# =============================================================================
+# EXEMPLE D'UTILISATION
+# Crée une instance de la ressource composite
+# =============================================================================
+apiVersion: mathod.io/v1alpha1
+kind: X<ResourceName>
+metadata:
+  name: <instance-name>
+  namespace: default
+spec:
+  parameters:
+    <paramName>: <value>
+    <boolParam>: true
+    <intParam>: 200
+  
+  crossplane:
+    compositionRef:
+      name: <resource>.<provider>.mathod.io

providers/provider-family-aws/resources/template/composition.yaml

@@ -0,0 +1,137 @@
+# =============================================================================
+# COMPOSITION
+# Configure comment créer les ressources réelles
+# =============================================================================
+apiVersion: apiextensions.crossplane.io/v1
+kind: Composition
+metadata:
+  # Format: <resource>.<provider>.<group>
+  # Exemple: database.aws.mathod.io, network.gcp.mathod.io
+  name: <resource>.<provider>.mathod.io
+  labels:
+    provider: <provider_name>
+    type: <resource_type>
+spec:
+  # Référence vers le XRD
+  compositeTypeRef:
+    apiVersion: mathod.io/v1alpha1
+    kind: X<ResourceName>
+  
+  # Mode Pipeline (recommandé pour Crossplane v2)
+  mode: Pipeline
+  
+  pipeline:
+  - step: patch-and-transform
+    functionRef:
+      name: function-patch-and-transform
+    input:
+      apiVersion: pt.fn.crossplane.io/v1beta1
+      kind: Resources
+      resources:
+        # =============================================
+        # RESSOURCE MANAGÉE #1
+        # =============================================
+        - name: <resource-name>
+          base:
+            # API de la ressource (provider specific)
+            apiVersion: <provider>.aws.upbound.io/v1beta1
+            kind: <ResourceKind>
+            spec:
+              forProvider:
+                # Configuration de base
+                <field>: <value>
+              
+              # Référence au ProviderConfig
+              providerConfigRef:
+                name: aws-provider
+          
+          patches:
+            # -------------------------------------
+            # FromCompositeFieldPath
+            # Copie depuis le XR vers la ressource
+            # -------------------------------------
+            - type: FromCompositeFieldPath
+              fromFieldPath: spec.parameters.<paramName>
+              toFieldPath: spec.forProvider.<targetField>
+            
+            # -------------------------------------
+            # ToCompositeFieldPath
+            # Copie depuis la ressource vers le XR
+            # -------------------------------------
+            - type: ToCompositeFieldPath
+              fromFieldPath: status.atProvider.<sourceField>
+              toFieldPath: status.<outputField>
+            
+            # -------------------------------------
+            # Transform - Map
+            # Transforme une valeur avec un mapping
+            # -------------------------------------
+            - type: FromCompositeFieldPath
+              fromFieldPath: spec.parameters.<boolParam>
+              toFieldPath: spec.forProvider.<targetField>
+              transforms:
+              - type: map
+                map:
+                  "true": Enabled
+                  "false": Disabled
+            
+            # -------------------------------------
+            # Transform - String
+            # Formate une string
+            # -------------------------------------
+            - type: FromCompositeFieldPath
+              fromFieldPath: spec.parameters.<paramName>
+              toFieldPath: spec.forProvider.<targetField>
+              transforms:
+              - type: string
+                string:
+                  fmt: "prefix-%s-suffix"
+            
+            # -------------------------------------
+            # Transform - Math
+            # Opération mathématique
+            # -------------------------------------
+            - type: FromCompositeFieldPath
+              fromFieldPath: spec.parameters.<intParam>
+              toFieldPath: spec.forProvider.<targetField>
+              transforms:
+              - type: math
+                math:
+                  multiply: 2
+            
+            # -------------------------------------
+            # CombineFromComposite
+            # Combine plusieurs champs
+            # -------------------------------------
+            - type: CombineFromComposite
+              combine:
+                variables:
+                - fromFieldPath: spec.parameters.<param1>
+                - fromFieldPath: spec.parameters.<param2>
+                strategy: string
+                string:
+                  fmt: "%s-%s"
+              toFieldPath: spec.forProvider.<targetField>
+        
+        # =============================================
+        # RESSOURCE MANAGÉE #2 (avec référence)
+        # =============================================
+        - name: <related-resource>
+          base:
+            apiVersion: <provider>.aws.upbound.io/v1beta1
+            kind: <RelatedResourceKind>
+            spec:
+              forProvider:
+                # Référence vers une autre ressource
+                <parent>Ref:
+                  name: ""
+              providerConfigRef:
+                name: aws-provider
+          
+          patches:
+            # Patch la référence
+            - type: FromCompositeFieldPath
+              fromFieldPath: spec.parameters.<paramName>
+              toFieldPath: spec.forProvider.<parent>Ref.name
+
+---

providers/provider-family-aws/resources/template/definition.yaml

@@ -0,0 +1,98 @@
+# =============================================================================
+# XRD (Composite Resource Definition)
+# Définit le schéma de ton API personnalisée
+# =============================================================================
+apiVersion: apiextensions.crossplane.io/v2
+kind: CompositeResourceDefinition
+metadata:
+  # Format: x<pluriel>.<group>
+  # Exemple: xdatabases.mathod.io, xnetworks.mathod.io
+  name: x<RESOURCE_PLURAL>s.mathod.io
+spec:
+  scope: Namespaced
+  
+  # Le groupe de ton API (doit matcher le suffix du name)
+  group: mathod.io
+  
+  names:
+    # Nom au singulier (PascalCase) - Commence par X
+    kind: X<ResourceName>
+    # Nom au pluriel (lowercase)
+    plural: x<resource_name>s
+  
+  versions:
+  - name: v1alpha1
+    served: true
+    referenceable: true
+    schema:
+      openAPIV3Schema:
+        type: object
+        properties:
+          spec:
+            type: object
+            properties:
+              parameters:
+                type: object
+                properties:
+                  # ========================================
+                  # Paramètres string
+                  # ========================================
+                  <paramName>:
+                    type: string
+                    description: "<Description du paramètre>"
+                    default: "<valeur_par_defaut>"
+                  
+                  # ========================================
+                  # Paramètres boolean
+                  # ========================================
+                  <boolParam>:
+                    type: boolean
+                    description: "<Description du paramètre>"
+                    default: false
+                  
+                  # ========================================
+                  # Paramètres integer
+                  # ========================================
+                  <intParam>:
+                    type: integer
+                    description: "<Description du paramètre>"
+                    default: 100
+                  
+                  # ========================================
+                  # Paramètres array
+                  # ========================================
+                  <arrayParam>:
+                    type: array
+                    description: "<Description du paramètre>"
+                    items:
+                      type: string
+                    default: []
+                  
+                  # ========================================
+                  # Paramètres object
+                  # ========================================
+                  <objectParam>:
+                    type: object
+                    description: "<Description du paramètre>"
+                    properties:
+                      <subField>:
+                        type: string
+                
+                # Paramètres obligatoires
+                required:
+                - <paramName>
+            
+            required:
+            - parameters
+          
+          # ========================================
+          # Status - Informations retournées
+          # ========================================
+          status:
+            type: object
+            properties:
+              <outputField>:
+                type: string
+                description: "<Description de la sortie>"
+
+---

providers/provider-gitlab/README.md

@@ -0,0 +1,2 @@
+  - https://marketplace.upbound.io/providers/crossplane-contrib/provider-gitlab/latest
+  - https://github.com/crossplane-contrib/provider-gitlab

providers/provider-gitlab/provider-gitlab.yaml

@@ -0,0 +1,6 @@
+apiVersion: pkg.crossplane.io/v1
+kind: Provider
+metadata:
+  name: crossplane-contrib-provider-gitlab
+spec:
+  package: xpkg.upbound.io/crossplane-contrib/provider-gitlab:v0.14.0

providers/provider-helm/README.md

@@ -0,0 +1,2 @@
+  - https://marketplace.upbound.io/providers/upbound/provider-helm/latest
+  - https://github.com/crossplane-contrib/provider-helm

providers/provider-helm/provider-helm.yaml

@@ -0,0 +1,6 @@
+apiVersion: pkg.crossplane.io/v1
+kind: Provider
+metadata:
+  name: upbound-provider-helm
+spec:
+  package: xpkg.upbound.io/upbound/provider-helm:v1.0.4

providers/provider-kubernetes/README.md

@@ -0,0 +1,2 @@
+  - https://marketplace.upbound.io/providers/upbound/provider-kubernetes/latest
+  - https://github.com/crossplane-contrib/provider-kubernetes

providers/provider-kubernetes/provider-kubernetes.yaml

@@ -0,0 +1,6 @@
+apiVersion: pkg.crossplane.io/v1
+kind: Provider
+metadata:
+  name: upbound-provider-kubernetes
+spec:
+  package: xpkg.upbound.io/upbound/provider-kubernetes:v1.1.0

providers/provider-opentofu/README.md

@@ -0,0 +1,2 @@
+  - https://marketplace.upbound.io/providers/upbound/provider-opentofu/latest
+  - https://github.com/upbound/provider-opentofu

providers/provider-opentofu/provider-opentofu.yaml

@@ -0,0 +1,6 @@
+apiVersion: pkg.crossplane.io/v1
+kind: Provider
+metadata:
+  name: upbound-provider-opentofu
+spec:
+  package: xpkg.upbound.io/upbound/provider-opentofu:v1.0.1

providers/provider-opentofu/resources/objects/test/02-secret-gitea-credentials.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gitea-credentials
+  namespace: crossplane-system
+type: Opaque
+stringData:
+  credentials: |
+    credentials "gitea.mathod.fr" {
+      token = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+    }

providers/provider-opentofu/resources/objects/test/03-providerconfig.yaml

@@ -0,0 +1,44 @@
+apiVersion: opentofu.m.upbound.io/v1beta1
+kind: ProviderConfig
+metadata:
+  name: gitea-tofu-config
+  namespace: crossplane-system
+spec:
+  configuration: |
+    terraform {
+      required_providers {
+        gitea = {
+          source = "go-gitea/gitea"
+          version = "~> 0.20.0"
+        }
+      }
+      
+      // Modules _must_ use remote state. The provider does not persist state.
+      backend "kubernetes" {
+        secret_suffix     = "providerconfig-gitea"
+        namespace         = "crossplane-system"
+        in_cluster_config = true
+      }
+    }
+    
+    provider "gitea" {
+      base_url = var.gitea_url
+      token    = var.gitea_token
+    }
+    
+    variable "gitea_url" {
+      type = string
+    }
+    
+    variable "gitea_token" {
+      type      = string
+      sensitive = true
+    }
+  pluginCache: true
+  credentials:
+    - filename: .tofurc
+      source: Secret
+      secretRef:
+        name: gitea-provider-creds
+        namespace: crossplane-system
+        key: credentials

providers/provider-opentofu/resources/objects/test/04-workspace-user.yaml

@@ -0,0 +1,68 @@
+apiVersion: opentofu.m.upbound.io/v1beta1
+kind: Workspace
+metadata:
+  name: gitea-user
+  namespace: crossplane-system
+spec:
+  forProvider:
+    source: Inline
+    module: |
+      resource "gitea_user" "developer" {
+        username             = var.username
+        login_name           = var.login_name
+        email                = var.email
+        password             = var.password
+        must_change_password = var.must_change_password
+        admin                = var.admin
+      }
+      
+      output "user_id" {
+        value = gitea_user.developer.id
+      }
+      
+      output "username" {
+        value = gitea_user.developer.username
+      }
+      
+      variable "username" {
+        type = string
+      }
+      
+      variable "login_name" {
+        type = string
+      }
+      
+      variable "email" {
+        type = string
+      }
+      
+      variable "password" {
+        type      = string
+        sensitive = true
+      }
+      
+      variable "must_change_password" {
+        type    = bool
+        default = true
+      }
+      
+      variable "admin" {
+        type    = bool
+        default = false
+      }
+    vars:
+      - key: username
+        value: "dev-user"
+      - key: login_name
+        value: "dev-user"
+      - key: email
+        value: "dev@example.com"
+      - key: password
+        value: "ChangeMe123!"
+      - key: must_change_password
+        value: "true"
+      - key: admin
+        value: "false"
+  providerConfigRef:
+    kind: ProviderConfig
+    name: gitea-tofu-config