From 5941f3fba6da6f9498129d6067075a103748b919 Mon Sep 17 00:00:00 2001 From: Netra Mali Date: Thu, 20 Jul 2023 15:56:35 -0400 Subject: [PATCH 1/6] init --- tfe/data_source_policy_set.go | 14 ++++++++++++++ tfe/data_source_policy_set_test.go | 22 ++++++++++++++++++++-- tfe/resource_tfe_policy_set.go | 12 ++++++++++++ 3 files changed, 46 insertions(+), 2 deletions(-) diff --git a/tfe/data_source_policy_set.go b/tfe/data_source_policy_set.go index 7cc9c84bf..df61d0d0f 100644 --- a/tfe/data_source_policy_set.go +++ b/tfe/data_source_policy_set.go @@ -97,6 +97,12 @@ func dataSourceTFEPolicySet() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, Computed: true, }, + + "project_ids": { + Type: schema.TypeSet, + Elem: &schema.Schema{Type: schema.TypeString}, + Computed: true, + }, }, } } @@ -164,6 +170,14 @@ func dataSourceTFEPolicySetRead(d *schema.ResourceData, meta interface{}) error } d.Set("workspace_ids", workspaceIDs) + var projectIDs []interface{} + if !policySet.Global { + for _, project := range policySet.Projects { + projectIDs = append(projectIDs, project.ID) + } + } + d.Set("project_ids", projectIDs) + d.SetId(policySet.ID) return nil diff --git a/tfe/data_source_policy_set_test.go b/tfe/data_source_policy_set_test.go index e3ad1f338..7fbf1042f 100644 --- a/tfe/data_source_policy_set_test.go +++ b/tfe/data_source_policy_set_test.go @@ -44,6 +44,8 @@ func TestAccTFEPolicySetDataSource_basic(t *testing.T) { "data.tfe_policy_set.bar", "policy_ids.#", "1"), resource.TestCheckResourceAttr( "data.tfe_policy_set.bar", "workspace_ids.#", "1"), + resource.TestCheckResourceAttr( + "data.tfe_policy_set.bar", "project_ids.#", "1"), resource.TestCheckResourceAttr( "data.tfe_policy_set.bar", "vcs_repo.#", "0"), ), @@ -87,6 +89,8 @@ func TestAccTFEPolicySetDataSourceOPA_basic(t *testing.T) { "data.tfe_policy_set.bar", "overridable", "true"), resource.TestCheckResourceAttr( "data.tfe_policy_set.bar", "workspace_ids.#", "1"), + resource.TestCheckResourceAttr( + "data.tfe_policy_set.bar", "project_ids.#", "1"), resource.TestCheckResourceAttr( "data.tfe_policy_set.bar", "vcs_repo.#", "0"), ), @@ -144,6 +148,8 @@ func TestAccTFEPolicySetDataSource_vcs(t *testing.T) { "data.tfe_policy_set.bar", "policy_ids.#", "0"), resource.TestCheckResourceAttr( "data.tfe_policy_set.bar", "workspace_ids.#", "0"), + resource.TestCheckResourceAttr( + "data.tfe_policy_set.bar", "project_ids.#", "0"), resource.TestCheckResourceAttr( "data.tfe_policy_set.bar", "vcs_repo.#", "1"), ), @@ -180,6 +186,11 @@ resource "tfe_workspace" "foobar" { organization = local.organization_name } +resource "tfe_project" "foobar" { + name = "project-foo-%d" + organization = local.organization_name +} + resource "tfe_sentinel_policy" "foo" { name = "policy-foo" policy = "main = rule { true }" @@ -192,12 +203,13 @@ resource "tfe_policy_set" "foobar" { organization = local.organization_name policy_ids = [tfe_sentinel_policy.foo.id] workspace_ids = [tfe_workspace.foobar.id] + project_ids = [tfe_project.foobar.id] } data "tfe_policy_set" "bar" { name = tfe_policy_set.foobar.name organization = local.organization_name -}`, organization, rInt, rInt) +}`, organization, rInt, rInt, rInt) } func testAccTFEPolicySetDataSourceConfigOPA_basic(organization string, rInt int) string { @@ -211,6 +223,11 @@ resource "tfe_workspace" "foobar" { organization = local.organization_name } +resource "tfe_project" "foobar" { + name = "project-foo-%d" + organization = local.organization_name +} + resource "tfe_policy_set" "foobar" { name = "tst-policy-set-%d" description = "Policy Set" @@ -218,13 +235,14 @@ resource "tfe_policy_set" "foobar" { kind = "opa" overridable = true workspace_ids = [tfe_workspace.foobar.id] + project_ids = [tfe_project.foobar.id] } data "tfe_policy_set" "bar" { name = tfe_policy_set.foobar.name organization = local.organization_name kind = "opa" -}`, organization, rInt, rInt) +}`, organization, rInt, rInt, rInt) } func testAccTFEPolicySetDataSourceConfig_vcs(organization string, rInt int) string { diff --git a/tfe/resource_tfe_policy_set.go b/tfe/resource_tfe_policy_set.go index eea964494..ae735d451 100644 --- a/tfe/resource_tfe_policy_set.go +++ b/tfe/resource_tfe_policy_set.go @@ -136,6 +136,14 @@ func resourceTFEPolicySet() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, ConflictsWith: []string{"global"}, }, + + "project_ids": { + Type: schema.TypeSet, + Optional: true, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + ConflictsWith: []string{"global"}, + }, }, } } @@ -197,6 +205,10 @@ func resourceTFEPolicySetCreate(d *schema.ResourceData, meta interface{}) error options.Workspaces = append(options.Workspaces, &tfe.Workspace{ID: workspaceID.(string)}) } + for _, projectID := range d.Get("project_ids").(*schema.Set).List() { + options.Projects = append(options.Projects, &tfe.Project{ID: projectID.(string)}) + } + log.Printf("[DEBUG] Create policy set %s for organization: %s", name, organization) policySet, err := config.Client.PolicySets.Create(ctx, organization, options) if err != nil { From 8eb838d79cc97a0f7ae0312e799446f4c770cef7 Mon Sep 17 00:00:00 2001 From: Netra Mali Date: Thu, 20 Jul 2023 16:41:39 -0400 Subject: [PATCH 2/6] reversing change --- tfe/resource_tfe_policy_set.go | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/tfe/resource_tfe_policy_set.go b/tfe/resource_tfe_policy_set.go index ae735d451..eea964494 100644 --- a/tfe/resource_tfe_policy_set.go +++ b/tfe/resource_tfe_policy_set.go @@ -136,14 +136,6 @@ func resourceTFEPolicySet() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, ConflictsWith: []string{"global"}, }, - - "project_ids": { - Type: schema.TypeSet, - Optional: true, - Computed: true, - Elem: &schema.Schema{Type: schema.TypeString}, - ConflictsWith: []string{"global"}, - }, }, } } @@ -205,10 +197,6 @@ func resourceTFEPolicySetCreate(d *schema.ResourceData, meta interface{}) error options.Workspaces = append(options.Workspaces, &tfe.Workspace{ID: workspaceID.(string)}) } - for _, projectID := range d.Get("project_ids").(*schema.Set).List() { - options.Projects = append(options.Projects, &tfe.Project{ID: projectID.(string)}) - } - log.Printf("[DEBUG] Create policy set %s for organization: %s", name, organization) policySet, err := config.Client.PolicySets.Create(ctx, organization, options) if err != nil { From 41f9a39dbae394503ea104c1f3c68cd98916aa6e Mon Sep 17 00:00:00 2001 From: Netra Mali Date: Mon, 24 Jul 2023 14:21:14 -0400 Subject: [PATCH 3/6] add the new resource --- tfe/data_source_policy_set_test.go | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/tfe/data_source_policy_set_test.go b/tfe/data_source_policy_set_test.go index 7fbf1042f..268894cbc 100644 --- a/tfe/data_source_policy_set_test.go +++ b/tfe/data_source_policy_set_test.go @@ -203,7 +203,12 @@ resource "tfe_policy_set" "foobar" { organization = local.organization_name policy_ids = [tfe_sentinel_policy.foo.id] workspace_ids = [tfe_workspace.foobar.id] - project_ids = [tfe_project.foobar.id] + +} + +resource "tfe_project_policy_set" "foobar" { + policy_set_id = tfe_policy_set.foobar.id + project_id = tfe_project.foobar.id } data "tfe_policy_set" "bar" { @@ -235,7 +240,11 @@ resource "tfe_policy_set" "foobar" { kind = "opa" overridable = true workspace_ids = [tfe_workspace.foobar.id] - project_ids = [tfe_project.foobar.id] +} + +resource "tfe_project_policy_set" "foobar" { + policy_set_id = tfe_policy_set.foobar.id + project_id = tfe_project.foobar.id } data "tfe_policy_set" "bar" { From d2f02cb12b7d070212217970a62c1cd272dc5e39 Mon Sep 17 00:00:00 2001 From: Netra Mali Date: Wed, 26 Jul 2023 11:16:37 -0400 Subject: [PATCH 4/6] resolve conflict --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f03a768d..5cce2fdc1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ FEATURES: * **New Resource**: `r/tfe_saml_settings` manages SAML Settings, by @karvounis-form3 [970](https://github.com/hashicorp/terraform-provider-tfe/pull/970) * `d/tfe_saml_settings`: Add PrivateKey (sensitive), SignatureSigningMethod, and SignatureDigestMethod attributes, by @karvounis-form3 [970](https://github.com/hashicorp/terraform-provider-tfe/pull/970) * **New Resource**: `r/tfe_project_policy_set` is a new resource to attach/detach an existing `project` to an existing `policy set`, by @Netra2104 [972](https://github.com/hashicorp/terraform-provider-tfe/pull/972) +* `d/tfe_policy_set`: Add `project_ids` attribute, by @Netra2104 [974](https://github.com/hashicorp/terraform-provider-tfe/pull/974/files) NOTES: * The provider is now using go-tfe [v1.30.0](https://github.com/hashicorp/go-tfe/releases/tag/v1.30.0), by @karvounis-form3 [970](https://github.com/hashicorp/terraform-provider-tfe/pull/970) From 4701de0a8883b8c566a881c22b7780f5d6d9286e Mon Sep 17 00:00:00 2001 From: Netra Mali Date: Mon, 24 Jul 2023 15:33:02 -0400 Subject: [PATCH 5/6] documentation update --- website/docs/d/policy_set.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/d/policy_set.html.markdown b/website/docs/d/policy_set.html.markdown index 32a7b8a37..3aab68f54 100644 --- a/website/docs/d/policy_set.html.markdown +++ b/website/docs/d/policy_set.html.markdown @@ -37,6 +37,7 @@ The following arguments are supported: * `kind` - The policy-as-code framework for the policy. Valid values are "sentinel" and "opa". * `overridable` - Whether users can override this policy when it fails during a run. Only valid for OPA policies. * `workspace_ids` - IDs of the workspaces that use the policy set. +* `project_ids` - IDs of the projects that use the policy set. * `policy_ids` - IDs of the policies attached to the policy set. * `policies_path` - The sub-path within the attached VCS repository when using `vcs_repo`. * `vcs_repo` - Settings for the workspace's VCS repository. From cc3ea50b87204a0b95fe12bbc23d904261874bfe Mon Sep 17 00:00:00 2001 From: Netra Mali Date: Wed, 26 Jul 2023 11:27:36 -0400 Subject: [PATCH 6/6] feature flag issue --- tfe/data_source_policy_set_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/tfe/data_source_policy_set_test.go b/tfe/data_source_policy_set_test.go index 268894cbc..2f35e75a0 100644 --- a/tfe/data_source_policy_set_test.go +++ b/tfe/data_source_policy_set_test.go @@ -14,6 +14,7 @@ import ( ) func TestAccTFEPolicySetDataSource_basic(t *testing.T) { + skipUnlessBeta(t) tfeClient, err := getClientUsingEnv() if err != nil { t.Fatal(err)