Add default agent pool and execution mode support to projects

[tylerwolf]

Description

Adds new resources to allow agent pools to be scoped to Projects, and to allow projects to declare a default execution mode and agent pool for their workspaces to use.

The new resources are:

• tfe_agent_pool_allowed_projects: maps an agent_pool_id to a list of project IDs which are allowed to use that agent pool
• tfe_agent_pool_excluded_workspaces: maps an agent_pool_id to a list of workspace IDs which are explicitly not allowed to use that agent pool (even if they belong to a project which can)
• tfe_project_settings: a new resource for managing the settings of a specific project, similar to the tfe_workspace_settings resource. Initially, this just supports setting a default_execution_mode and a default_agent_pool_id. The resource exposes a setting_overwrites block which describes whether these settings are being inherited from the org, or overwritten on the project.

Also updates the tfe_agent_pool data source to expose the allowed project and excluded workspace IDs.

Remember to:

• Update the Change Log
• Update the Documentation

Testing plan

1. Project Settings:
   • Create a project settings block for a project, and check that it sets the default execution mode to inherit
   • Check that setting the default execution mode to remote in the settings block updates the project to explicitly override the default execution mode
   • Check that local and agent default execution modes work in the project settings block
   • Check that removing the project settings block updates the project to inherit the org level execution mode
   • Check that the settings resource does not cause errors when interacting with an older TFE version
   • Validate that default execution mode = agent requires an agent pool to be specified, and vice versa
2. Agent Pool Allowed Projects

• Check that the settings resource does not cause errors when interacting with an older TFE version
• add add + remove projects to the agent pool scoping using the new resource, and verify that the agent pool is correctly updated

1. Agent Pool Excluded workspaces

• Check that the settings resource does not cause errors when interacting with an older TFE version
• add + remove workspaces to the agent pool exclusions using the new resource, and verify that the agent pool is correctly updated

External links

Include any links here that might be helpful for people reviewing your PR. If there are none, feel free to delete this section.

• go-tfe documentation for agent pool scoping
• go-tfe documentation for project overwrites
• API documentation for agent pools
• API documentation for projects
• JIRA

Output from acceptance tests

Running tool: /usr/local/bin/go test -timeout 3000s -run ^(TestAccTFEAgentPoolAllowedProjects_create_update|TestAccTFEAgentPoolAllowedProjects_import)$ github.com/hashicorp/terraform-provider-tfe/internal/provider

=== RUN   TestAccTFEAgentPoolAllowedProjects_create_update
--- PASS: TestAccTFEAgentPoolAllowedProjects_create_update (23.34s)
=== RUN   TestAccTFEAgentPoolAllowedProjects_import
--- PASS: TestAccTFEAgentPoolAllowedProjects_import (13.85s)
PASS
ok      github.com/hashicorp/terraform-provider-tfe/internal/provider   38.931s

Running tool: /usr/local/bin/go test -timeout 3000s -run ^(TestAccTFEAgentPoolExcludedWorkspaces_create_update|TestAccTFEAgentPoolExcludedWorkspaces_import)$ github.com/hashicorp/terraform-provider-tfe/internal/provider

=== RUN   TestAccTFEAgentPoolExcludedWorkspaces_create_update
--- PASS: TestAccTFEAgentPoolExcludedWorkspaces_create_update (20.19s)
=== RUN   TestAccTFEAgentPoolExcludedWorkspaces_import
--- PASS: TestAccTFEAgentPoolExcludedWorkspaces_import (17.18s)
PASS
ok      github.com/hashicorp/terraform-provider-tfe/internal/provider   39.123s


Running tool: /usr/local/bin/go test -timeout 3000s -run ^(TestAccTFEProjectSettings_DefaultExecutionMode|TestAccTFEProjectSettingsImport|TestAccTFEProjectSettings_executionModeAgentPoolMismatch)$ github.com/hashicorp/terraform-provider-tfe/internal/provider

=== RUN   TestAccTFEProjectSettings_DefaultExecutionMode
--- PASS: TestAccTFEProjectSettings_DefaultExecutionMode (28.09s)
=== RUN   TestAccTFEProjectSettingsImport
--- PASS: TestAccTFEProjectSettingsImport (14.06s)
=== RUN   TestAccTFEProjectSettings_executionModeAgentPoolMismatch
--- PASS: TestAccTFEProjectSettings_executionModeAgentPoolMismatch (14.09s)
PASS
ok      github.com/hashicorp/terraform-provider-tfe/internal/provider   57.998s

Running tool: /usr/local/bin/go test -timeout 3000s -run ^(TestAccTFEAgentPoolDataSource_basic|TestAccTFEAgentPoolDataSource_allowed_workspaces|TestAccTFEAgentPoolDataSource_allowed_projects|TestAccTFEAgentPoolDataSource_excluded_workspaces)$ github.com/hashicorp/terraform-provider-tfe/internal/provider

=== RUN   TestAccTFEAgentPoolDataSource_basic
--- PASS: TestAccTFEAgentPoolDataSource_basic (12.11s)
=== RUN   TestAccTFEAgentPoolDataSource_allowed_workspaces
--- PASS: TestAccTFEAgentPoolDataSource_allowed_workspaces (15.76s)
=== RUN   TestAccTFEAgentPoolDataSource_allowed_projects
--- PASS: TestAccTFEAgentPoolDataSource_allowed_projects (12.60s)
=== RUN   TestAccTFEAgentPoolDataSource_excluded_workspaces
--- PASS: TestAccTFEAgentPoolDataSource_excluded_workspaces (12.35s)
PASS
ok      github.com/hashicorp/terraform-provider-tfe/internal/provider   54.558s

Rollback Plan

If problems are discovered before a release, we will revert the change

Changes to Security Controls

None