Merge pull request #974 from hashicorp/Netra2104/TF-6351-add-project-ids-to-policy-sets-data-source

Add project ids to policy sets data source

Author: Netra2104

CHANGELOG.md

@@ -4,6 +4,7 @@ FEATURES:
 * **New Resource**: `r/tfe_saml_settings` manages SAML Settings, by @karvounis-form3 [970](https://github.com/hashicorp/terraform-provider-tfe/pull/970)
 * `d/tfe_saml_settings`: Add PrivateKey (sensitive), SignatureSigningMethod, and SignatureDigestMethod attributes, by @karvounis-form3 [970](https://github.com/hashicorp/terraform-provider-tfe/pull/970)
 * **New Resource**: `r/tfe_project_policy_set` is a new resource to attach/detach an existing `project` to an existing `policy set`, by @Netra2104 [972](https://github.com/hashicorp/terraform-provider-tfe/pull/972)
+* `d/tfe_policy_set`: Add `project_ids` attribute, by @Netra2104 [974](https://github.com/hashicorp/terraform-provider-tfe/pull/974/files)
 
 NOTES:
 * The provider is now using go-tfe [v1.30.0](https://github.com/hashicorp/go-tfe/releases/tag/v1.30.0), by @karvounis-form3 [970](https://github.com/hashicorp/terraform-provider-tfe/pull/970)

tfe/data_source_policy_set.go

@@ -97,6 +97,12 @@ func dataSourceTFEPolicySet() *schema.Resource {
 				Elem:     &schema.Schema{Type: schema.TypeString},
 				Computed: true,
 			},
+
+			"project_ids": {
+				Type:     schema.TypeSet,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Computed: true,
+			},
 		},
 	}
 }
@@ -164,6 +170,14 @@ func dataSourceTFEPolicySetRead(d *schema.ResourceData, meta interface{}) error
 				}
 				d.Set("workspace_ids", workspaceIDs)
 
+				var projectIDs []interface{}
+				if !policySet.Global {
+					for _, project := range policySet.Projects {
+						projectIDs = append(projectIDs, project.ID)
+					}
+				}
+				d.Set("project_ids", projectIDs)
+
 				d.SetId(policySet.ID)
 
 				return nil

tfe/data_source_policy_set_test.go

@@ -14,6 +14,7 @@ import (
 )
 
 func TestAccTFEPolicySetDataSource_basic(t *testing.T) {
+	skipUnlessBeta(t)
 	tfeClient, err := getClientUsingEnv()
 	if err != nil {
 		t.Fatal(err)
@@ -44,6 +45,8 @@ func TestAccTFEPolicySetDataSource_basic(t *testing.T) {
 						"data.tfe_policy_set.bar", "policy_ids.#", "1"),
 					resource.TestCheckResourceAttr(
 						"data.tfe_policy_set.bar", "workspace_ids.#", "1"),
+					resource.TestCheckResourceAttr(
+						"data.tfe_policy_set.bar", "project_ids.#", "1"),
 					resource.TestCheckResourceAttr(
 						"data.tfe_policy_set.bar", "vcs_repo.#", "0"),
 				),
@@ -87,6 +90,8 @@ func TestAccTFEPolicySetDataSourceOPA_basic(t *testing.T) {
 						"data.tfe_policy_set.bar", "overridable", "true"),
 					resource.TestCheckResourceAttr(
 						"data.tfe_policy_set.bar", "workspace_ids.#", "1"),
+					resource.TestCheckResourceAttr(
+						"data.tfe_policy_set.bar", "project_ids.#", "1"),
 					resource.TestCheckResourceAttr(
 						"data.tfe_policy_set.bar", "vcs_repo.#", "0"),
 				),
@@ -144,6 +149,8 @@ func TestAccTFEPolicySetDataSource_vcs(t *testing.T) {
 						"data.tfe_policy_set.bar", "policy_ids.#", "0"),
 					resource.TestCheckResourceAttr(
 						"data.tfe_policy_set.bar", "workspace_ids.#", "0"),
+					resource.TestCheckResourceAttr(
+						"data.tfe_policy_set.bar", "project_ids.#", "0"),
 					resource.TestCheckResourceAttr(
 						"data.tfe_policy_set.bar", "vcs_repo.#", "1"),
 				),
@@ -180,6 +187,11 @@ resource "tfe_workspace" "foobar" {
   organization = local.organization_name
 }
 
+resource "tfe_project" "foobar" {
+  name         = "project-foo-%d"
+  organization = local.organization_name
+}
+
 resource "tfe_sentinel_policy" "foo" {
   name         = "policy-foo"
   policy       = "main = rule { true }"
@@ -192,12 +204,18 @@ resource "tfe_policy_set" "foobar" {
   organization = local.organization_name
   policy_ids   = [tfe_sentinel_policy.foo.id]
   workspace_ids = [tfe_workspace.foobar.id]
+  
+}
+
+resource "tfe_project_policy_set" "foobar" {
+	policy_set_id = tfe_policy_set.foobar.id
+	project_id = tfe_project.foobar.id
 }
 
 data "tfe_policy_set" "bar" {
   name = tfe_policy_set.foobar.name
   organization = local.organization_name
-}`, organization, rInt, rInt)
+}`, organization, rInt, rInt, rInt)
 }
 
 func testAccTFEPolicySetDataSourceConfigOPA_basic(organization string, rInt int) string {
@@ -211,6 +229,11 @@ resource "tfe_workspace" "foobar" {
   organization = local.organization_name
 }
 
+resource "tfe_project" "foobar" {
+  name         = "project-foo-%d"
+  organization = local.organization_name
+}
+
 resource "tfe_policy_set" "foobar" {
   name         = "tst-policy-set-%d"
   description  = "Policy Set"
@@ -220,11 +243,16 @@ resource "tfe_policy_set" "foobar" {
   workspace_ids = [tfe_workspace.foobar.id]
 }
 
+resource "tfe_project_policy_set" "foobar" {
+	policy_set_id = tfe_policy_set.foobar.id
+	project_id = tfe_project.foobar.id
+}
+
 data "tfe_policy_set" "bar" {
   name = tfe_policy_set.foobar.name
   organization = local.organization_name
   kind = "opa"
-}`, organization, rInt, rInt)
+}`, organization, rInt, rInt, rInt)
 }
 
 func testAccTFEPolicySetDataSourceConfig_vcs(organization string, rInt int) string {

website/docs/d/policy_set.html.markdown

@@ -37,6 +37,7 @@ The following arguments are supported:
 * `kind` - The policy-as-code framework for the policy. Valid values are "sentinel" and "opa".
 * `overridable` - Whether users can override this policy when it fails during a run. Only valid for OPA policies.
 * `workspace_ids` - IDs of the workspaces that use the policy set.
+* `project_ids` - IDs of the projects that use the policy set.
 * `policy_ids` - IDs of the policies attached to the policy set.
 * `policies_path` - The sub-path within the attached VCS repository when using `vcs_repo`.
 * `vcs_repo` - Settings for the workspace's VCS repository.