Fix: add support to new enforcePrCommenterPermissions policy in the o… (

#622) * Fix: add support to new enforcePrCommenterPermissions policy in the organization policy resource * updated integration tests
env0 · Mar 9, 2023 · a5fddf2 · a5fddf2
1 parent 990e223
commit a5fddf2
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 0 deletions.
diff --git a/client/organization.go b/client/organization.go
@@ -13,6 +13,7 @@ type Organization struct {
 	DoNotReportSkippedStatusChecks      bool    `json:"doNotReportSkippedStatusChecks"`
 	DoNotConsiderMergeCommitsForPrPlans bool    `json:"doNotConsiderMergeCommitsForPrPlans"`
 	EnableOidc                          bool    `json:"enableOidc"`
+	EnforcePrCommenterPermissions       bool    `json:"enforcePrCommenterPermissions"`
 	Description                         string  `json:"description"`
 	PhotoUrl                            string  `json:"photoUrl"`
 	CreatedBy                           string  `json:"createdBy"`
@@ -28,6 +29,7 @@ type OrganizationPolicyUpdatePayload struct {
 	DoNotReportSkippedStatusChecks      *bool   `json:"doNotReportSkippedStatusChecks,omitempty"`
 	DoNotConsiderMergeCommitsForPrPlans *bool   `json:"doNotConsiderMergeCommitsForPrPlans,omitempty"`
 	EnableOidc                          *bool   `json:"enableOidc,omitempty"`
+	EnforcePrCommenterPermissions       *bool   `json:"enforcePrCommenterPermissions,omitempty"`
 }
 
 func (client *ApiClient) Organization() (Organization, error) {

diff --git a/client/organization_test.go b/client/organization_test.go
@@ -100,6 +100,7 @@ var _ = Describe("Organization", func() {
 		updatedMockOrganization := mockOrganization
 		updatedMockOrganization.DoNotConsiderMergeCommitsForPrPlans = true
 		updatedMockOrganization.EnableOidc = true
+		updatedMockOrganization.EnforcePrCommenterPermissions = true
 		updatedMockOrganization.DefaultTtl = &hour12
 
 		var updatedOrganization *Organization
@@ -112,6 +113,7 @@ var _ = Describe("Organization", func() {
 					DefaultTtl:                          &hour12,
 					DoNotConsiderMergeCommitsForPrPlans: &t,
 					EnableOidc:                          &t,
+					EnforcePrCommenterPermissions:       &t,
 				}
 
 				httpCall = mockHttpClient.EXPECT().

diff --git a/env0/resource_organization_policy.go b/env0/resource_organization_policy.go
@@ -45,6 +45,12 @@ func resourceOrganizationPolicy() *schema.Resource {
 				Default:     false,
 				Description: "set to 'true' to enable OIDC token (JWT) availability during env0 deployments (defaults to 'false')",
 			},
+			"enforce_pr_commenter_permissions": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "set to 'true' to enforce PR commenter permissions during env0 deployments (defaults to 'false')",
+			},
 		},
 	}
 }

diff --git a/env0/resource_organization_policy_test.go b/env0/resource_organization_policy_test.go
@@ -30,6 +30,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) {
 		DoNotReportSkippedStatusChecks:      false,
 		DoNotConsiderMergeCommitsForPrPlans: true,
 		EnableOidc:                          false,
+		EnforcePrCommenterPermissions:       false,
 	}
 
 	organizationUpdated := client.Organization{
@@ -39,6 +40,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) {
 		DoNotReportSkippedStatusChecks:      true,
 		DoNotConsiderMergeCommitsForPrPlans: false,
 		EnableOidc:                          true,
+		EnforcePrCommenterPermissions:       true,
 	}
 
 	t.Run("Success", func(t *testing.T) {
@@ -57,20 +59,23 @@ func TestUnitOrganizationPolicyResource(t *testing.T) {
 						resource.TestCheckResourceAttr(accessor, "do_not_report_skipped_status_checks", strconv.FormatBool(organization.DoNotReportSkippedStatusChecks)),
 						resource.TestCheckResourceAttr(accessor, "do_not_consider_merge_commits_for_pr_plans", strconv.FormatBool(organization.DoNotConsiderMergeCommitsForPrPlans)),
 						resource.TestCheckResourceAttr(accessor, "enable_oidc", strconv.FormatBool(organization.EnableOidc)),
+						resource.TestCheckResourceAttr(accessor, "enforce_pr_commenter_permissions", strconv.FormatBool(organization.EnforcePrCommenterPermissions)),
 					),
 				},
 				{
 					Config: resourceConfigCreate(resourceType, resourceName, map[string]interface{}{
 						"default_ttl":                         *organizationUpdated.DefaultTtl,
 						"do_not_report_skipped_status_checks": organizationUpdated.DoNotReportSkippedStatusChecks,
 						"enable_oidc":                         organizationUpdated.EnableOidc,
+						"enforce_pr_commenter_permissions":    organizationUpdated.EnforcePrCommenterPermissions,
 					}),
 					Check: resource.ComposeAggregateTestCheckFunc(
 						resource.TestCheckResourceAttr(accessor, "id", organization.Id),
 						resource.TestCheckResourceAttr(accessor, "default_ttl", *organizationUpdated.DefaultTtl),
 						resource.TestCheckResourceAttr(accessor, "do_not_report_skipped_status_checks", strconv.FormatBool(organizationUpdated.DoNotReportSkippedStatusChecks)),
 						resource.TestCheckResourceAttr(accessor, "do_not_consider_merge_commits_for_pr_plans", strconv.FormatBool(organizationUpdated.DoNotConsiderMergeCommitsForPrPlans)),
 						resource.TestCheckResourceAttr(accessor, "enable_oidc", strconv.FormatBool(organizationUpdated.EnableOidc)),
+						resource.TestCheckResourceAttr(accessor, "enforce_pr_commenter_permissions", strconv.FormatBool(organizationUpdated.EnforcePrCommenterPermissions)),
 					),
 				},
 			},
@@ -84,12 +89,14 @@ func TestUnitOrganizationPolicyResource(t *testing.T) {
 					DoNotConsiderMergeCommitsForPrPlans: &organization.DoNotConsiderMergeCommitsForPrPlans,
 					DoNotReportSkippedStatusChecks:      boolPtr(false),
 					EnableOidc:                          boolPtr(false),
+					EnforcePrCommenterPermissions:       boolPtr(false),
 				}).Times(1).Return(&organization, nil),
 				mock.EXPECT().Organization().Times(2).Return(organization, nil),
 				mock.EXPECT().OrganizationPolicyUpdate(client.OrganizationPolicyUpdatePayload{
 					DefaultTtl:                          organizationUpdated.DefaultTtl,
 					DoNotReportSkippedStatusChecks:      &organizationUpdated.DoNotReportSkippedStatusChecks,
 					EnableOidc:                          &organizationUpdated.EnableOidc,
+					EnforcePrCommenterPermissions:       &organizationUpdated.EnforcePrCommenterPermissions,
 					DoNotConsiderMergeCommitsForPrPlans: boolPtr(false),
 					MaxTtl:                              stringPtr(""),
 				}).Times(1).Return(&organizationUpdated, nil),
@@ -136,6 +143,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) {
 				DoNotConsiderMergeCommitsForPrPlans: &organization.DoNotConsiderMergeCommitsForPrPlans,
 				DoNotReportSkippedStatusChecks:      boolPtr(false),
 				EnableOidc:                          boolPtr(false),
+				EnforcePrCommenterPermissions:       boolPtr(false),
 			}).Times(1).Return(nil, errors.New("error"))
 		})
 	})

diff --git a/tests/integration/001_organization/main.tf b/tests/integration/001_organization/main.tf
@@ -9,4 +9,5 @@ resource "env0_organization_policy" "my_organization_policy" {
   default_ttl                                = var.second_run ? "7-h" : "13-h"
   do_not_consider_merge_commits_for_pr_plans = var.second_run ? false : true
   enable_oidc                                = var.second_run ? false : true
+  enforce_pr_commenter_permissions           = var.second_run ? false : true
 }