From 502692b3107b77146b4e68ccc116810758731f3c Mon Sep 17 00:00:00 2001 From: erikzaadi Date: Mon, 20 May 2024 10:15:36 +0300 Subject: [PATCH] [SQUASH] ALL ZE DOCS --- README.md | 2 +- docs/resources/port_action_permissions.md | 113 ++++++++++++----- examples/README.md | 6 + examples/{main.tf => provider.tf} | 12 +- examples/resources/port_action/main.tf | 104 +++++++++++++-- examples/resources/port_action/provider.tf | 1 + .../resources/port_action_permissions/main.tf | 120 +++++++++++------- .../port_action_permissions/provider.tf | 1 + .../port_aggregation_property/main.tf | 67 +++++----- .../port_aggregation_property/provider.tf | 1 + examples/resources/port_blueprint/main.tf | 83 ++++++++++++ examples/resources/port_blueprint/provider.tf | 1 + .../port_blueprint_permissions/main.tf | 19 +-- .../port_blueprint_permissions/provider.tf | 1 + examples/resources/port_entity/main.tf | 53 +++++++- examples/resources/port_entity/provider.tf | 1 + examples/resources/port_page/main.tf | 66 +++------- examples/resources/port_page/provider.tf | 1 + examples/resources/port_scorecard/main.tf | 57 ++++++++- examples/resources/port_scorecard/provider.tf | 1 + examples/resources/port_team/main.tf | 1 + examples/resources/port_team/provider.tf | 1 + examples/resources/port_webhook/main.tf | 30 ++++- examples/resources/port_webhook/provider.tf | 1 + internal/utils/utils.go | 11 ++ port/action-permissions/schema.go | 59 ++++++--- .../blueprintPermissionToPortBody.go | 13 +- 27 files changed, 591 insertions(+), 235 deletions(-) create mode 100644 examples/README.md rename examples/{main.tf => provider.tf} (56%) create mode 120000 examples/resources/port_action/provider.tf create mode 120000 examples/resources/port_action_permissions/provider.tf create mode 120000 examples/resources/port_aggregation_property/provider.tf create mode 120000 examples/resources/port_blueprint/provider.tf create mode 120000 examples/resources/port_blueprint_permissions/provider.tf create mode 120000 examples/resources/port_entity/provider.tf create mode 120000 examples/resources/port_page/provider.tf create mode 120000 examples/resources/port_scorecard/provider.tf create mode 120000 examples/resources/port_team/provider.tf create mode 120000 examples/resources/port_webhook/provider.tf diff --git a/README.md b/README.md index 54e42e04..8a40d795 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Port is the Developer Platform meant to supercharge your DevOps and Developers, ## Documentation -- [Terraform registry docs](https://registry.terraform.io/providers/port-labs/port/latest/docs) +- [Terraform registry docs](https://registry.terraform.io/providers/port-labs/port-labs/latest/docs) - [Port docs](https://docs.getport.io/build-your-software-catalog/sync-data-to-catalog/iac/terraform) ## Requirements diff --git a/docs/resources/port_action_permissions.md b/docs/resources/port_action_permissions.md index fa3bf70a..6e21c688 100644 --- a/docs/resources/port_action_permissions.md +++ b/docs/resources/port_action_permissions.md @@ -8,22 +8,22 @@ description: |- Example Usage hcl resource "port_action_permissions" "restart_microservice_permissions" { - action_identifier = port_action.restart_microservice.identifier - permissions = { - "execute" : { - "roles" : [ - "Admin" - ], - "users" : [], - "teams" : [], - "owned_by_team" : true - }, - "approve" : { - "roles" : ["Member", "Admin"], - "users" : [], - "teams" : [] + action_identifier = port_action.restart_microservice.identifier + permissions = { + "execute" : { + "roles" : [ + "admin" + ], + "users" : [], + "teams" : [], + "owned_by_team" : true + }, + "approve" : { + "roles" : ["member", "admin"], + "users" : [], + "teams" : [] + } } - } } Example Usage with Policy @@ -78,7 +78,29 @@ description: |- } ``` Disclaimer - Action permissions are created by default when creating a new action, this means that you should use this resource when you want to change the default permissions of an action.When deleting an action permissions resource using terraform, the action permissions will not be deleted from Port, as they are required for the action to work, instead, the action permissions will be removed from the terraform state. + Action permissions are created by default when creating a new action, this means that you should use this resource when you want to change the default permissions of an action.When deleting an action permissions resource using terraform, the action permissions will not be deleted from Port, as they are required for the action to work, instead, the action permissions will be removed from the terraform state.All the permission lists (roles, users, teams) are managed by Port in a sorted manner, this means that if your .tf has for example roles defined out of order, your state will be invalid + E.g: + hcl + resource "port_action_permissions" "restart_microservice_permissions" { + action_identifier = port_action.restart_microservice.identifier + permissions = { + # invalid + "execute" : { + "roles" : [ + "member", + "admin", + ], + ... + }, + # valid + "approve" : { + "roles" : [ + "admin", + "member", + ], + } + } + } --- # port_action_permissions (Resource) @@ -91,22 +113,22 @@ Docs for the Action Permissions resource can be found [here](https://docs.getpor ```hcl resource "port_action_permissions" "restart_microservice_permissions" { - action_identifier = port_action.restart_microservice.identifier - permissions = { - "execute" : { - "roles" : [ - "Admin" - ], - "users" : [], - "teams" : [], - "owned_by_team" : true - }, - "approve" : { - "roles" : ["Member", "Admin"], - "users" : [], - "teams" : [] - } - } + action_identifier = port_action.restart_microservice.identifier + permissions = { + "execute" : { + "roles" : [ + "admin" + ], + "users" : [], + "teams" : [], + "owned_by_team" : true + }, + "approve" : { + "roles" : ["member", "admin"], + "users" : [], + "teams" : [] + } + } } ``` @@ -166,10 +188,35 @@ resource "port_action_permissions" "restart_microservice_permissions" { } ``` -## Disclaimer +## Disclaimer - Action permissions are created by default when creating a new action, this means that you should use this resource when you want to change the default permissions of an action. - When deleting an action permissions resource using terraform, the action permissions will not be deleted from Port, as they are required for the action to work, instead, the action permissions will be removed from the terraform state. +- All the permission lists (roles, users, teams) are managed by Port in a sorted manner, this means that if your `.tf` has for example roles defined out of order, your state will be invalid + E.g: + + ```hcl + resource "port_action_permissions" "restart_microservice_permissions" { + action_identifier = port_action.restart_microservice.identifier + permissions = { + # invalid + "execute" : { + "roles" : [ + "member", + "admin", + ], + ... + }, + # valid + "approve" : { + "roles" : [ + "admin", + "member", + ], + } + } + } +``` diff --git a/examples/README.md b/examples/README.md new file mode 100644 index 00000000..964b7b97 --- /dev/null +++ b/examples/README.md @@ -0,0 +1,6 @@ +### TBD: + +Explanation about how to run the samples + + +* Edit the provider.tf in this directory, cd into any of the resources/*, `terraform init; terraform plan; terraform apply` diff --git a/examples/main.tf b/examples/provider.tf similarity index 56% rename from examples/main.tf rename to examples/provider.tf index b9ee92dd..35016d8c 100644 --- a/examples/main.tf +++ b/examples/provider.tf @@ -2,7 +2,7 @@ terraform { required_providers { port = { source = "port-labs/port-labs" - version = "~> 1.0.0" + version = "~> 2.0.0" } } } @@ -10,13 +10,3 @@ provider "port" { client_id = "{YOUR CLIENT ID}" # or set the environment variable PORT_CLIENT_ID secret = "{YOUR CLIENT SECRET}" # or set the environment variable PORT_CLIENT_SECRET } - -resource "port_entity" "microservice" { - title = "monolith" - blueprint = "microservice_blueprint" - properties { - string_props = { - "microservice_name" = "golang_monolith" - } - } -} diff --git a/examples/resources/port_action/main.tf b/examples/resources/port_action/main.tf index 427e8618..f7781514 100644 --- a/examples/resources/port_action/main.tf +++ b/examples/resources/port_action/main.tf @@ -1,22 +1,98 @@ +resource "port_blueprint" "environment" { + title = "Environment" + icon = "Environment" + identifier = "examples-action-env" + properties = { + string_props = { + "name" = { + type = "string" + title = "name" + } + "docs-url" = { + title = "Docs URL" + format = "url" + } + } + } +} + +resource "port_blueprint" "microservice" { + title = "VM" + icon = "GPU" + identifier = "examples-action-microservice" + properties = { + string_props = { + name = { + type = "string" + title = "Name" + }, + author = { + type = "string" + title = "Author" + }, + url = { + type = "string" + title = "URL" + }, + myStringIdentifier = { + description = "This is a string property" + title = "text" + icon = "Terraform" + required = true + min_length = 1 + max_length = 10 + default = "default" + enum = ["default", "default2"] + pattern = "^[a-zA-Z0-9]*$" + format = "user" + enum_colors = { + default = "red" + default2 = "green" + } + } + } + boolean_props = { + required = { + type = "boolean" + } + } + number_props = { + sum = { + type = "number" + } + } + } + + relations = { + "environment" = { + title = "Test Relation" + required = "true" + target = port_blueprint.environment.identifier + } + } +} + resource "port_action" "restart_microservice" { title = "Restart microservice" icon = "Terraform" - identifier = "restart-micrservice" - blueprint = port_blueprint.microservice.identifier - trigger = "DAY-2" + identifier = "examples-action-restart-microservice" + self_service_trigger = { + operation = "DAY-2" + blueprint_identifier = port_blueprint.microservice.identifier + user_properties = { + string_props = { + "webhook_url" = { + title = "Webhook URL" + description = "Webhook URL to send the request to" + format = "url" + default = "https://example.com" + pattern = "^https://.*" + } + } + } + } webhook_method = { type = "WEBHOOK" url = "https://app.getport.io" } - user_properties = { - string_props = { - "webhook_url" = { - title = "Webhook URL" - description = "Webhook URL to send the request to" - format = "url" - default = "https://example.com" - pattern = "^https://.*" - } - } - } } diff --git a/examples/resources/port_action/provider.tf b/examples/resources/port_action/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_action/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_action_permissions/main.tf b/examples/resources/port_action_permissions/main.tf index 976e6537..e70e225c 100644 --- a/examples/resources/port_action_permissions/main.tf +++ b/examples/resources/port_action_permissions/main.tf @@ -1,26 +1,77 @@ -resource "port_action_permissions" "restart_microservice_permissions_without_policy" { - action_identifier = port_action.restart_microservice.identifier - blueprint_identifier = port_blueprint.microservice.identifier - permissions = { - "execute" : { - "roles" : [ - "Admin" - ], - "users" : [], - "teams" : [], - "owned_by_team" : true - }, - "approve" : { - "roles" : ["Member", "Admin"], - "users" : [], - "teams" : [] +resource "port_blueprint" "microservice" { + title = "VM" + icon = "GPU" + identifier = "examples-action-perms-srv" + properties = { + string_props = { + name = { + type = "string" + title = "Name" + }, + author = { + type = "string" + title = "Author" + }, + url = { + type = "string" + title = "URL" + }, + myStringIdentifier = { + description = "This is a string property" + title = "text" + icon = "Terraform" + required = true + min_length = 1 + max_length = 10 + default = "default" + enum = ["default", "default2"] + pattern = "^[a-zA-Z0-9]*$" + format = "user" + enum_colors = { + default = "red" + default2 = "green" + } + } + } + boolean_props = { + required = { + type = "boolean" + } + } + number_props = { + sum = { + type = "number" + } } } } -resource "port_action_permissions" "restart_microservice_permissions_with_policy" { - action_identifier = port_action.restart_microservice.identifier - blueprint_identifier = port_blueprint.microservice.identifier +resource "port_action" "restart_microservice" { + title = "Restart microservice" + icon = "Terraform" + identifier = "examples-action-permissions-restart-mcsrvc" + self_service_trigger = { + operation = "DAY-2" + blueprint_identifier = port_blueprint.microservice.identifier + user_properties = { + string_props = { + "webhook_url" = { + title = "Webhook URL" + description = "Webhook URL to send the request to" + format = "url" + default = "https://example.com" + pattern = "^https://.*" + } + } + } + } + webhook_method = { + type = "WEBHOOK" + url = "https://app.getport.io" + } +} +resource "port_action_permissions" "restart_microservice_permissions" { + action_identifier = port_action.restart_microservice.identifier permissions = { "execute" : { "roles" : [ @@ -34,35 +85,6 @@ resource "port_action_permissions" "restart_microservice_permissions_with_policy "roles" : ["Member", "Admin"], "users" : [], "teams" : [] - "policy" : jsonencode( - { - queries : { - executingUser : { - rules : [ - { - value : "user", - operator : "=", - property : "$blueprint" - }, - { - value : "{{.trigger.user.email}}", - operator : "=", - property : "$identifier" - }, - { - value : "true", - operator : "=", - property : "$owned_by_team" - - } - ], - combinator : "or" - } - }, - conditions : [ - "true"] - } - ) } } -} \ No newline at end of file +} diff --git a/examples/resources/port_action_permissions/provider.tf b/examples/resources/port_action_permissions/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_action_permissions/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_aggregation_property/main.tf b/examples/resources/port_aggregation_property/main.tf index c97bfe45..f1a3a714 100644 --- a/examples/resources/port_aggregation_property/main.tf +++ b/examples/resources/port_aggregation_property/main.tf @@ -1,54 +1,47 @@ -resource "port_blueprint" "repository_blueprint" { - title = "Repository Blueprint" +resource "port_blueprint" "parent_blueprint" { + title = "Parent Blueprint" icon = "Terraform" - identifier = "repository" + identifier = "parent" description = "" + properties = { + number_props = { + "age" = { + title = "Age" + } + } + } } -resource "port_blueprint" "pull_request_blueprint" { - title = "Pull Request Blueprint" +resource "port_blueprint" "child_blueprint" { + title = "Child Blueprint" icon = "Terraform" - identifier = "pull_request" + identifier = "child" description = "" properties = { - string_props = { - "status" = { - title = "Status" + number_props = { + "age" = { + title = "Age" } } } relations = { - "repository" = { - title = "Repository" - target = port_blueprint.repository_blueprint.identifier + "parent" = { + title = "Parent" + target = port_blueprint.parent_blueprint.identifier } } } - -resource "port_aggregation_property" "fix_pull_requests_per_day" { - aggregation_identifier = "fix_pull_requests_count" - blueprint_identifier = port_blueprint.repository_blueprint.identifier - target_blueprint_identifier = port_blueprint.pull_request_blueprint.identifier - title = "Pull Requests Per Day" - icon = "Terraform" - description = "Pull Requests Per Day" - method = { - average_entities = { - average_of = "month" - measure_time_by = "$createdAt" +resource "port_aggregation_properties" "parent_aggregation_properties" { + blueprint_identifier = port_blueprint.parent_blueprint.identifier + properties = { + "count_kids" = { + target_blueprint_identifier = port_blueprint.child_blueprint.identifier + title = "Count Kids" + icon = "Terraform" + description = "Count Kids" + method = { + count_entities = true + } } } - query = jsonencode( - { - "combinator" : "and", - "rules" : [ - { - "property" : "$title", - "operator" : "ContainsAny", - "value" : ["fix", "fixed", "fixing", "Fix"] - } - ] - } - ) } - diff --git a/examples/resources/port_aggregation_property/provider.tf b/examples/resources/port_aggregation_property/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_aggregation_property/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_blueprint/main.tf b/examples/resources/port_blueprint/main.tf index e35d5ffd..3a4f35b2 100644 --- a/examples/resources/port_blueprint/main.tf +++ b/examples/resources/port_blueprint/main.tf @@ -36,3 +36,86 @@ resource "port_blueprint" "vm" { } } } + +resource "port_blueprint" "microservice" { + title = "VM" + icon = "GPU" + identifier = "hedwig-microservice" + properties = { + string_props = { + name = { + type = "string" + title = "Name" + }, + author = { + type = "string" + title = "Author" + }, + url = { + type = "string" + title = "URL" + }, + myStringIdentifier = { + description = "This is a string property" + title = "text" + icon = "Terraform" + required = true + min_length = 1 + max_length = 10 + default = "default" + enum = ["default", "default2"] + pattern = "^[a-zA-Z0-9]*$" + format = "user" + enum_colors = { + default = "red" + default2 = "green" + } + } + } + boolean_props = { + required = { + type = "boolean" + } + } + number_props = { + sum = { + type = "number" + } + } + } + + relations = { + "environment" = { + title = "Test Relation" + required = "true" + target = port_blueprint.environment.identifier + } + } +} + +resource "port_blueprint" "repository_blueprint" { + title = "Repository Blueprint" + icon = "Terraform" + identifier = "repository" + description = "" +} + +resource "port_blueprint" "pull_request_blueprint" { + title = "Pull Request Blueprint" + icon = "Terraform" + identifier = "pull_request" + description = "" + properties = { + string_props = { + "status" = { + title = "Status" + } + } + } + relations = { + "repository" = { + title = "Repository" + target = port_blueprint.repository_blueprint.identifier + } + } +} diff --git a/examples/resources/port_blueprint/provider.tf b/examples/resources/port_blueprint/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_blueprint/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_blueprint_permissions/main.tf b/examples/resources/port_blueprint_permissions/main.tf index b10d0eaf..20fb0488 100644 --- a/examples/resources/port_blueprint_permissions/main.tf +++ b/examples/resources/port_blueprint_permissions/main.tf @@ -1,7 +1,7 @@ resource "port_blueprint" "environment" { - title = "Env from Port TF examples" + title = "Environment" icon = "Environment" - identifier = "fenrir-env" + identifier = "examples-blueprint-perms-env" properties = { string_props = { "name" = { @@ -16,8 +16,9 @@ resource "port_blueprint" "environment" { } } + resource "port_blueprint" "microservice" { - identifier = "fenrir-microservice" + identifier = "examples-blueprint-perms-srvc" title = "Microsvc from Port TF Examples" icon = "Terraform" description = "" @@ -82,7 +83,7 @@ resource "port_blueprint_permissions" "microservice_permissions" { "icon" = { "roles" = [ "Admin", - "fenrir-microservice-moderator", + "${port_blueprint.microservice.identifier}-moderator", ], "users" = [], "teams" = [], @@ -92,7 +93,7 @@ resource "port_blueprint_permissions" "microservice_permissions" { "roles" = [ "Admin", "Member", - "fenrir-microservice-moderator", + "${port_blueprint.microservice.identifier}-moderator", ], "users" = [], "teams" = [], @@ -102,7 +103,7 @@ resource "port_blueprint_permissions" "microservice_permissions" { "roles" = [ "Admin", "Member", - "fenrir-microservice-moderator", + "${port_blueprint.microservice.identifier}-moderator", ], "users" = [], "teams" = [], @@ -112,7 +113,7 @@ resource "port_blueprint_permissions" "microservice_permissions" { "roles" = [ "Admin", "Member", - "fenrir-microservice-moderator", + "${port_blueprint.microservice.identifier}-moderator", ], "users" = [], "teams" = [], @@ -124,7 +125,7 @@ resource "port_blueprint_permissions" "microservice_permissions" { "roles" = [ "Admin", "Member", - "fenrir-microservice-moderator", + "${port_blueprint.microservice.identifier}-moderator", ], "users" = [], "teams" = [], @@ -136,7 +137,7 @@ resource "port_blueprint_permissions" "microservice_permissions" { "roles" = [ "Admin", "Member", - "fenrir-microservice-moderator", + "${port_blueprint.microservice.identifier}-moderator", ], "users" = [], "teams" = [], diff --git a/examples/resources/port_blueprint_permissions/provider.tf b/examples/resources/port_blueprint_permissions/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_blueprint_permissions/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_entity/main.tf b/examples/resources/port_entity/main.tf index 6076b0e7..ef35d079 100644 --- a/examples/resources/port_entity/main.tf +++ b/examples/resources/port_entity/main.tf @@ -1,10 +1,57 @@ +resource "port_blueprint" "environment" { + title = "Environment" + icon = "Environment" + identifier = "examples-entity-env" + properties = { + string_props = { + "name" = { + type = "string" + title = "name" + } + "docs-url" = { + title = "Docs URL" + format = "url" + } + } + } +} + +resource "port_blueprint" "microservice" { + identifier = "examples-entity-srvc" + title = "Microsvc from Port TF Examples" + icon = "Terraform" + description = "" + properties = { + string_props = { + myStringIdentifier = { + description = "This is a string property" + title = "text" + icon = "Terraform" + required = true + min_length = 1 + max_length = 10 + default = "default" + enum = ["default", "default2"] + pattern = "^[a-zA-Z0-9]*$" + format = "user" + enum_colors = { + default = "red" + default2 = "green" + } + } + } + } + +} + + resource "port_entity" "microservice" { title = "monolith" - blueprint = "microservice_blueprint" + blueprint = port_blueprint.microservice.identifier relations = { "tfRelation" = { "title" = "Test Relation" - "target" = port_entity.prod_env.id + "target" = port_blueprint.environment.identifier } } properties = { @@ -16,7 +63,7 @@ resource "port_entity" "microservice" { resource "port_entity" "prod_env" { title = "production" - blueprint = "environments" + blueprint = port_blueprint.environment.identifier properties = { string_props = { "name" = "production-env" diff --git a/examples/resources/port_entity/provider.tf b/examples/resources/port_entity/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_entity/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_page/main.tf b/examples/resources/port_page/main.tf index d7c2deb3..41af6b60 100644 --- a/examples/resources/port_page/main.tf +++ b/examples/resources/port_page/main.tf @@ -1,60 +1,32 @@ -resource "port_page" "microservice_blueprint_page" { - identifier = "microservice_blueprint_page" - title = "Microservices" - type = "blueprint-entities" - icon = "Microservice" - blueprint = port_blueprint.base_blueprint.identifier - description = "My microservice blueprint page" - widgets = [ - jsonencode( - { - "id" : "microservice-table-entities", - "type" : "table-entities-explorer", - "dataset" : { - "combinator" : "and", - "rules" : [ - { - "operator" : "=", - "property" : "$blueprint", - "value" : "{{`\"{{blueprint}}\"`}}" - } - ] - } - } - ) - ] -} - - resource "port_page" "microservice_dashboard_page" { - identifier = "microservice_dashboard_page" - title = "Microservices" - icon = "GitHub" - type = "dashboard" - widgets = [ + identifier = "microservice_dashboard_page" + title = "Microservices" + icon = "GitHub" + type = "dashboard" + widgets = [ jsonencode( { - "id" : "dashboardWidget", - "layout" : [ + "id" = "dashboardWidget", + "layout" = [ { - "height" : 400, - "columns" : [ + "height" = 400, + "columns" = [ { - "id" : "microserviceGuide", - "size" : 12 + "id" = "microserviceGuide", + "size" = 12 } ] } ], - "type" : "dashboard-widget", - "widgets" : [ + "type" = "dashboard-widget", + "widgets" = [ { - "title" : "Microservices Guide", - "icon" : "BlankPage", - "markdown" : "# This is the new Microservice Dashboard", - "type" : "markdown", - "description" : "", - "id" : "microserviceGuide" + "title" = "Microservices Guide", + "icon" = "BlankPage", + "markdown" = "# This is the new Microservice Dashboard", + "type" = "markdown", + "description" = "", + "id" = "microserviceGuide" } ], } diff --git a/examples/resources/port_page/provider.tf b/examples/resources/port_page/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_page/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_scorecard/main.tf b/examples/resources/port_scorecard/main.tf index ff853da1..ece8b026 100644 --- a/examples/resources/port_scorecard/main.tf +++ b/examples/resources/port_scorecard/main.tf @@ -1,18 +1,69 @@ +resource "port_blueprint" "microservice" { + title = "VM" + icon = "GPU" + identifier = "examples-scorecard-svc" + properties = { + string_props = { + name = { + type = "string" + title = "Name" + }, + author = { + type = "string" + title = "Author" + }, + url = { + type = "string" + title = "URL" + }, + myStringIdentifier = { + description = "This is a string property" + title = "text" + icon = "Terraform" + required = true + min_length = 1 + max_length = 10 + default = "default" + enum = ["default", "default2"] + pattern = "^[a-zA-Z0-9]*$" + format = "user" + enum_colors = { + default = "red" + default2 = "green" + } + } + } + boolean_props = { + required = { + type = "boolean" + } + } + number_props = { + sum = { + type = "number" + }, + replicaCount = { + type = "number" + } + } + } +} + resource "port_scorecard" "production_readiness" { identifier = "production-readiness" title = "Production Readiness" - blueprint = "microservice" + blueprint = port_blueprint.microservice.identifier rules = [{ identifier = "high-avalability" title = "High Availability" level = "Gold" query = { combinator = "and" - conditions = [{ + conditions = [jsonencode({ property = "replicaCount" operator = ">=" value = "4" - }] + })] } }] } diff --git a/examples/resources/port_scorecard/provider.tf b/examples/resources/port_scorecard/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_scorecard/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_team/main.tf b/examples/resources/port_team/main.tf index 98770627..bd7a60a6 100644 --- a/examples/resources/port_team/main.tf +++ b/examples/resources/port_team/main.tf @@ -1,6 +1,7 @@ resource "port_team" "example" { name = "example" description = "example" + # Note, this will need real users to work! users = [ "user1@test.com", "user2@test.com", diff --git a/examples/resources/port_team/provider.tf b/examples/resources/port_team/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_team/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/examples/resources/port_webhook/main.tf b/examples/resources/port_webhook/main.tf index 59d506c4..09a07cd9 100644 --- a/examples/resources/port_webhook/main.tf +++ b/examples/resources/port_webhook/main.tf @@ -1,3 +1,31 @@ +resource "port_blueprint" "microservice" { + identifier = "examples-webhook-svc" + title = "Microsvc from Port TF Examples" + icon = "Terraform" + description = "" + properties = { + string_props = { + url = { + type = "string" + } + author = { + icon = "github" + required = true + min_length = 1 + max_length = 10 + default = "default" + enum = ["default", "default2"] + pattern = "^[a-zA-Z0-9]*$" + format = "user" + enum_colors = { + default = "red" + default2 = "green" + } + } + } + } +} + resource "port_webhook" "github" { identifier = "github" title = "Github" @@ -5,7 +33,7 @@ resource "port_webhook" "github" { enabled = true mappings = [ { - "blueprint" : "pullRequest", + "blueprint" : port_blueprint.microservice.identifier, "filter" : ".headers.\"X-GitHub-Event\" == \"pull_request\"", "entity" : { "identifier" : ".body.pull_request.id | tostring", diff --git a/examples/resources/port_webhook/provider.tf b/examples/resources/port_webhook/provider.tf new file mode 120000 index 00000000..afe05fb3 --- /dev/null +++ b/examples/resources/port_webhook/provider.tf @@ -0,0 +1 @@ +../../provider.tf \ No newline at end of file diff --git a/internal/utils/utils.go b/internal/utils/utils.go index 5f04fbca..e3ceb761 100644 --- a/internal/utils/utils.go +++ b/internal/utils/utils.go @@ -133,3 +133,14 @@ func InterfaceToStringArray(o interface{}) []string { return res } + +func TFStringListToStringArray(list []types.String) []string { + res := make([]string, len(list)) + for i, item := range list{ + res[i] = item.ValueString() + } + + return res +} + + diff --git a/port/action-permissions/schema.go b/port/action-permissions/schema.go index ce6ec905..64be9edf 100644 --- a/port/action-permissions/schema.go +++ b/port/action-permissions/schema.go @@ -120,22 +120,22 @@ Docs for the Action Permissions resource can be found [here](https://docs.getpor ` + "```hcl" + ` resource "port_action_permissions" "restart_microservice_permissions" { - action_identifier = port_action.restart_microservice.identifier - permissions = { - "execute" : { - "roles" : [ - "Admin" - ], - "users" : [], - "teams" : [], - "owned_by_team" : true - }, - "approve" : { - "roles" : ["Member", "Admin"], - "users" : [], - "teams" : [] - } - } + action_identifier = port_action.restart_microservice.identifier + permissions = { + "execute" : { + "roles" : [ + "admin" + ], + "users" : [], + "teams" : [], + "owned_by_team" : true + }, + "approve" : { + "roles" : ["member", "admin"], + "users" : [], + "teams" : [] + } + } }` + "\n```" + ` ## Example Usage with Policy @@ -193,8 +193,31 @@ resource "port_action_permissions" "restart_microservice_permissions" { } }` + "\n```" + ` -## Disclaimer +## Disclaimer - Action permissions are created by default when creating a new action, this means that you should use this resource when you want to change the default permissions of an action. - When deleting an action permissions resource using terraform, the action permissions will not be deleted from Port, as they are required for the action to work, instead, the action permissions will be removed from the terraform state. -` +- All the permission lists (roles, users, teams) are managed by Port in a sorted manner, this means that if your ` + "`" + `.tf` + "`" + ` has for example roles defined out of order, your state will be invalid + E.g: + + ` + "```hcl" + ` + resource "port_action_permissions" "restart_microservice_permissions" { + action_identifier = port_action.restart_microservice.identifier + permissions = { + # invalid + "execute" : { + "roles" : [ + "member", + "admin", + ], + ... + }, + # valid + "approve" : { + "roles" : [ + "admin", + "member", + ], + } + } + }` + "\n```" diff --git a/port/blueprint-permissions/blueprintPermissionToPortBody.go b/port/blueprint-permissions/blueprintPermissionToPortBody.go index 00359931..2f715d8b 100644 --- a/port/blueprint-permissions/blueprintPermissionToPortBody.go +++ b/port/blueprint-permissions/blueprintPermissionToPortBody.go @@ -7,9 +7,9 @@ import ( func blueprintPermissionsTFBlockToBlueprintPermissionsBlock(block BlueprintPermissionsTFBlock) cli.BlueprintPermissionsBlock { return cli.BlueprintPermissionsBlock{ - Users: utils.InterfaceToStringArray(block.Users), - Roles: utils.InterfaceToStringArray(block.Roles), - Teams: utils.InterfaceToStringArray(block.Teams), + Users: utils.TFStringListToStringArray(block.Users), + Roles: utils.TFStringListToStringArray(block.Roles), + Teams: utils.TFStringListToStringArray(block.Teams), OwnedByTeam: block.OwnedByTeam.ValueBoolPointer(), } } @@ -23,12 +23,7 @@ func blueprintPermissionsToPortBody(state *BlueprintPermissionsModel) (*cli.Blue if state.Entities.UpdateRelations != nil { updateRelations = make(cli.BlueprintRolesOrPropertiesPermissionsBlock, len(*state.Entities.UpdateRelations)) for updateRelationKey, updateRelationValue := range *state.Entities.UpdateRelations { - updateRelations[updateRelationKey] = cli.BlueprintPermissionsBlock{ - Roles: utils.InterfaceToStringArray(updateRelationValue.Roles), - Teams: utils.InterfaceToStringArray(updateRelationValue.Teams), - Users: utils.InterfaceToStringArray(updateRelationValue.Users), - OwnedByTeam: updateRelationValue.OwnedByTeam.ValueBoolPointer(), - } + updateRelations[updateRelationKey] = blueprintPermissionsTFBlockToBlueprintPermissionsBlock(updateRelationValue) } }