From a5fddf2035650b646d84b0c56cc66dfec321bfcb Mon Sep 17 00:00:00 2001 From: Tomer Heber Date: Thu, 9 Mar 2023 07:46:24 -0600 Subject: [PATCH] =?UTF-8?q?Fix:=20add=20support=20to=20new=20enforcePrComm?= =?UTF-8?q?enterPermissions=20policy=20in=20the=20o=E2=80=A6=20(#622)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Fix: add support to new enforcePrCommenterPermissions policy in the organization policy resource * updated integration tests --- client/organization.go | 2 ++ client/organization_test.go | 2 ++ env0/resource_organization_policy.go | 6 ++++++ env0/resource_organization_policy_test.go | 8 ++++++++ tests/integration/001_organization/main.tf | 1 + 5 files changed, 19 insertions(+) diff --git a/client/organization.go b/client/organization.go index 4327b9f3..628f7c9b 100644 --- a/client/organization.go +++ b/client/organization.go @@ -13,6 +13,7 @@ type Organization struct { DoNotReportSkippedStatusChecks bool `json:"doNotReportSkippedStatusChecks"` DoNotConsiderMergeCommitsForPrPlans bool `json:"doNotConsiderMergeCommitsForPrPlans"` EnableOidc bool `json:"enableOidc"` + EnforcePrCommenterPermissions bool `json:"enforcePrCommenterPermissions"` Description string `json:"description"` PhotoUrl string `json:"photoUrl"` CreatedBy string `json:"createdBy"` @@ -28,6 +29,7 @@ type OrganizationPolicyUpdatePayload struct { DoNotReportSkippedStatusChecks *bool `json:"doNotReportSkippedStatusChecks,omitempty"` DoNotConsiderMergeCommitsForPrPlans *bool `json:"doNotConsiderMergeCommitsForPrPlans,omitempty"` EnableOidc *bool `json:"enableOidc,omitempty"` + EnforcePrCommenterPermissions *bool `json:"enforcePrCommenterPermissions,omitempty"` } func (client *ApiClient) Organization() (Organization, error) { diff --git a/client/organization_test.go b/client/organization_test.go index b60f6185..3c2a3a49 100644 --- a/client/organization_test.go +++ b/client/organization_test.go @@ -100,6 +100,7 @@ var _ = Describe("Organization", func() { updatedMockOrganization := mockOrganization updatedMockOrganization.DoNotConsiderMergeCommitsForPrPlans = true updatedMockOrganization.EnableOidc = true + updatedMockOrganization.EnforcePrCommenterPermissions = true updatedMockOrganization.DefaultTtl = &hour12 var updatedOrganization *Organization @@ -112,6 +113,7 @@ var _ = Describe("Organization", func() { DefaultTtl: &hour12, DoNotConsiderMergeCommitsForPrPlans: &t, EnableOidc: &t, + EnforcePrCommenterPermissions: &t, } httpCall = mockHttpClient.EXPECT(). diff --git a/env0/resource_organization_policy.go b/env0/resource_organization_policy.go index d9ca3d4b..688917cb 100644 --- a/env0/resource_organization_policy.go +++ b/env0/resource_organization_policy.go @@ -45,6 +45,12 @@ func resourceOrganizationPolicy() *schema.Resource { Default: false, Description: "set to 'true' to enable OIDC token (JWT) availability during env0 deployments (defaults to 'false')", }, + "enforce_pr_commenter_permissions": { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "set to 'true' to enforce PR commenter permissions during env0 deployments (defaults to 'false')", + }, }, } } diff --git a/env0/resource_organization_policy_test.go b/env0/resource_organization_policy_test.go index 298c846c..8905bd86 100644 --- a/env0/resource_organization_policy_test.go +++ b/env0/resource_organization_policy_test.go @@ -30,6 +30,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) { DoNotReportSkippedStatusChecks: false, DoNotConsiderMergeCommitsForPrPlans: true, EnableOidc: false, + EnforcePrCommenterPermissions: false, } organizationUpdated := client.Organization{ @@ -39,6 +40,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) { DoNotReportSkippedStatusChecks: true, DoNotConsiderMergeCommitsForPrPlans: false, EnableOidc: true, + EnforcePrCommenterPermissions: true, } t.Run("Success", func(t *testing.T) { @@ -57,6 +59,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) { resource.TestCheckResourceAttr(accessor, "do_not_report_skipped_status_checks", strconv.FormatBool(organization.DoNotReportSkippedStatusChecks)), resource.TestCheckResourceAttr(accessor, "do_not_consider_merge_commits_for_pr_plans", strconv.FormatBool(organization.DoNotConsiderMergeCommitsForPrPlans)), resource.TestCheckResourceAttr(accessor, "enable_oidc", strconv.FormatBool(organization.EnableOidc)), + resource.TestCheckResourceAttr(accessor, "enforce_pr_commenter_permissions", strconv.FormatBool(organization.EnforcePrCommenterPermissions)), ), }, { @@ -64,6 +67,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) { "default_ttl": *organizationUpdated.DefaultTtl, "do_not_report_skipped_status_checks": organizationUpdated.DoNotReportSkippedStatusChecks, "enable_oidc": organizationUpdated.EnableOidc, + "enforce_pr_commenter_permissions": organizationUpdated.EnforcePrCommenterPermissions, }), Check: resource.ComposeAggregateTestCheckFunc( resource.TestCheckResourceAttr(accessor, "id", organization.Id), @@ -71,6 +75,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) { resource.TestCheckResourceAttr(accessor, "do_not_report_skipped_status_checks", strconv.FormatBool(organizationUpdated.DoNotReportSkippedStatusChecks)), resource.TestCheckResourceAttr(accessor, "do_not_consider_merge_commits_for_pr_plans", strconv.FormatBool(organizationUpdated.DoNotConsiderMergeCommitsForPrPlans)), resource.TestCheckResourceAttr(accessor, "enable_oidc", strconv.FormatBool(organizationUpdated.EnableOidc)), + resource.TestCheckResourceAttr(accessor, "enforce_pr_commenter_permissions", strconv.FormatBool(organizationUpdated.EnforcePrCommenterPermissions)), ), }, }, @@ -84,12 +89,14 @@ func TestUnitOrganizationPolicyResource(t *testing.T) { DoNotConsiderMergeCommitsForPrPlans: &organization.DoNotConsiderMergeCommitsForPrPlans, DoNotReportSkippedStatusChecks: boolPtr(false), EnableOidc: boolPtr(false), + EnforcePrCommenterPermissions: boolPtr(false), }).Times(1).Return(&organization, nil), mock.EXPECT().Organization().Times(2).Return(organization, nil), mock.EXPECT().OrganizationPolicyUpdate(client.OrganizationPolicyUpdatePayload{ DefaultTtl: organizationUpdated.DefaultTtl, DoNotReportSkippedStatusChecks: &organizationUpdated.DoNotReportSkippedStatusChecks, EnableOidc: &organizationUpdated.EnableOidc, + EnforcePrCommenterPermissions: &organizationUpdated.EnforcePrCommenterPermissions, DoNotConsiderMergeCommitsForPrPlans: boolPtr(false), MaxTtl: stringPtr(""), }).Times(1).Return(&organizationUpdated, nil), @@ -136,6 +143,7 @@ func TestUnitOrganizationPolicyResource(t *testing.T) { DoNotConsiderMergeCommitsForPrPlans: &organization.DoNotConsiderMergeCommitsForPrPlans, DoNotReportSkippedStatusChecks: boolPtr(false), EnableOidc: boolPtr(false), + EnforcePrCommenterPermissions: boolPtr(false), }).Times(1).Return(nil, errors.New("error")) }) }) diff --git a/tests/integration/001_organization/main.tf b/tests/integration/001_organization/main.tf index 46cf7326..8b603cfc 100644 --- a/tests/integration/001_organization/main.tf +++ b/tests/integration/001_organization/main.tf @@ -9,4 +9,5 @@ resource "env0_organization_policy" "my_organization_policy" { default_ttl = var.second_run ? "7-h" : "13-h" do_not_consider_merge_commits_for_pr_plans = var.second_run ? false : true enable_oidc = var.second_run ? false : true + enforce_pr_commenter_permissions = var.second_run ? false : true }