Merge branch 'main' into PL-38509

harness · May 15, 2023 · 4bec4ab · 4bec4ab
2 parents d9d6a76 + 3847480
commit 4bec4ab
Show file tree

Hide file tree

Showing 22 changed files with 3,920 additions and 236 deletions.
diff --git a/.changelog/492.txt → .changelog/501.txt b/.changelog/492.txt → .changelog/501.txt
diff --git a/.changelog/509.txt b/.changelog/509.txt
@@ -0,0 +1,4 @@
+```release-note:enhancement
+resources/platform_role_assignments: Made resource_group_identifier, role_identifier and type under principal schema required.
+resources/platform_secret_sshkey: Updated the Behaviour of referencing the secrets at account, project and org Level. Made Key Field Required in SSH credential of type keyReference
+```
diff --git a/.changelog/534.txt b/.changelog/534.txt
@@ -0,0 +1,3 @@
+```release-note:fix
+resource/harness_platform_secret_file: Fixed Bug while creating this resource with tags separated by comma led to crashing.
+```
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,15 @@
+# 0.19.2 (May 11,2023) 
+
+FEATURES:
+
+* **New Resource:** `platform_connector_tas - Added tas connector resource in Harness terraform provider` ([#523](https://github.com/harness/terraform-provider-harness/issues/523))
+
+ENHANCEMENTS:
+
+* data-source/platform_manual_freeze - Added quarterly recurrence support for manual deployment freeze resource in Harness terraform provider ([#522](https://github.com/harness/terraform-provider-harness/issues/522))
+* resource/harness_platform_infrastructure: added force deletion support for infrastructures ([#527](https://github.com/harness/terraform-provider-harness/issues/527))
+* resource/harness_platform_triggers: added documentation links ([#501](https://github.com/harness/terraform-provider-harness/issues/501))
+
 # 0.19.1 (May 02,2023) 
 
 ENHANCEMENTS:

diff --git a/docs/resources/platform_role_assignments.md b/docs/resources/platform_role_assignments.md
@@ -88,6 +88,8 @@ resource "harness_platform_role_assignments" "example2" {
 ### Required
 
 - `principal` (Block List, Min: 1) Principal. (see [below for nested schema](#nestedblock--principal))
+- `resource_group_identifier` (String) Resource group identifier.
+- `role_identifier` (String) Role identifier.
 
 ### Optional
 
@@ -96,8 +98,6 @@ resource "harness_platform_role_assignments" "example2" {
 - `managed` (Boolean) Managed or not.
 - `org_id` (String) Org identifier.
 - `project_id` (String) Project Identifier
-- `resource_group_identifier` (String) Resource group identifier.
-- `role_identifier` (String) Role identifier.
 
 ### Read-Only
 
@@ -106,11 +106,14 @@ resource "harness_platform_role_assignments" "example2" {
 <a id="nestedblock--principal"></a>
 ### Nested Schema for `principal`
 
+Required:
+
+- `type` (String) Type.
+
 Optional:
 
 - `identifier` (String) Identifier.
 - `scope_level` (String) Scope level.
-- `type` (String) Type.
 
 ## Import
 

diff --git a/docs/resources/platform_secret_sshkey.md b/docs/resources/platform_secret_sshkey.md
@@ -37,7 +37,7 @@ resource "harness_platform_secret_sshkey" " tgt_password" {
   port        = 22
   kerberos {
     tgt_password_spec {
-      password = "password"
+      password = "account.${secret.id}"
     }
     principal             = "principal"
     realm                 = "realm"
@@ -54,8 +54,8 @@ resource "harness_platform_secret_sshkey" "sshkey_reference" {
   ssh {
     sshkey_reference_credential {
       user_name            = "user_name"
-      key                  = "key"
-      encrypted_passphrase = "encrypted_passphrase"
+      key                  = "account.${key.id}"
+      encrypted_passphrase = "account.${secret.id}"
     }
     credential_type = "KeyReference"
   }
@@ -86,7 +86,7 @@ resource "harness_platform_secret_sshkey" "ssh_password" {
   ssh {
     ssh_password_credential {
       user_name = "user_name"
-      password  = "password"
+      password  = "account.${secret.id}"
     }
     credential_type = "Password"
   }
@@ -142,7 +142,7 @@ Optional:
 
 Optional:
 
-- `password` (String) password
+- `password` (String) password. To reference a password at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a password at the account scope, prefix 'account` to the expression: account.{identifier}
 
 
 
@@ -164,7 +164,7 @@ Optional:
 
 Required:
 
-- `password` (String) SSH Password.
+- `password` (String) SSH Password. To reference a password at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a password at the account scope, prefix 'account` to the expression: account.{identifier}
 - `user_name` (String) SSH Username.
 
 
@@ -178,20 +178,20 @@ Required:
 
 Optional:
 
-- `encrypted_passphrase` (String) Encrypted Passphrase
+- `encrypted_passphrase` (String) Encrypted Passphrase . To reference a encryptedPassphrase at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a encryptedPassPhrase at the account scope, prefix 'account` to the expression: account.{identifier}
 
 
 <a id="nestedblock--ssh--sshkey_reference_credential"></a>
 ### Nested Schema for `ssh.sshkey_reference_credential`
 
 Required:
 
+- `key` (String) SSH key. To reference a key at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a key at the account scope, prefix 'account` to the expression: account.{identifier}
 - `user_name` (String) SSH Username.
 
 Optional:
 
-- `encrypted_passphrase` (String) Encrypted Passphrase
-- `key` (String) SSH key.
+- `encrypted_passphrase` (String) Encrypted Passphrase. To reference a encryptedPassphrase at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a encryptedPassPhrase at the account scope, prefix 'account` to the expression: account.{identifier}
 
 ## Import
 

diff --git a/examples/resources/harness_platform_secret_sshkey/resource.tf b/examples/resources/harness_platform_secret_sshkey/resource.tf
@@ -22,7 +22,7 @@ resource "harness_platform_secret_sshkey" " tgt_password" {
   port        = 22
   kerberos {
     tgt_password_spec {
-      password = "password"
+      password = "account.${secret.id}"
     }
     principal             = "principal"
     realm                 = "realm"
@@ -39,8 +39,8 @@ resource "harness_platform_secret_sshkey" "sshkey_reference" {
   ssh {
     sshkey_reference_credential {
       user_name            = "user_name"
-      key                  = "key"
-      encrypted_passphrase = "encrypted_passphrase"
+      key                  = "account.${key.id}"
+      encrypted_passphrase = "account.${secret.id}"
     }
     credential_type = "KeyReference"
   }
@@ -71,7 +71,7 @@ resource "harness_platform_secret_sshkey" "ssh_password" {
   ssh {
     ssh_password_credential {
       user_name = "user_name"
-      password  = "password"
+      password  = "account.${secret.id}"
     }
     credential_type = "Password"
   }

diff --git a/internal/service/platform/connector/aws_secret_manager_data_source_test.go b/internal/service/platform/connector/aws_secret_manager_data_source_test.go
@@ -36,6 +36,60 @@ func TestAccDataSourceConnectorAwsSm(t *testing.T) {
 	})
 }
 
+func TestAccDataSourceConnectorAwsSmProjectLevel(t *testing.T) {
+	var (
+		name         = fmt.Sprintf("%s_%s", t.Name(), utils.RandStringBytes(4))
+		resourceName = "data.harness_platform_connector_aws_secret_manager.test"
+	)
+
+	resource.UnitTest(t, resource.TestCase{
+		PreCheck:          func() { acctest.TestAccPreCheck(t) },
+		ProviderFactories: acctest.ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceConnectorAwsSmProjectLevel(name),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "id", name),
+					resource.TestCheckResourceAttr(resourceName, "identifier", name),
+					resource.TestCheckResourceAttr(resourceName, "name", name),
+					resource.TestCheckResourceAttr(resourceName, "description", "test"),
+					resource.TestCheckResourceAttr(resourceName, "tags.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "delegate_selectors.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "secret_name_prefix", "test"),
+					resource.TestCheckResourceAttr(resourceName, "credentials.0.inherit_from_delegate", "true"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccDataSourceConnectorAwsSmOrgLevel(t *testing.T) {
+	var (
+		name         = fmt.Sprintf("%s_%s", t.Name(), utils.RandStringBytes(4))
+		resourceName = "data.harness_platform_connector_aws_secret_manager.test"
+	)
+
+	resource.UnitTest(t, resource.TestCase{
+		PreCheck:          func() { acctest.TestAccPreCheck(t) },
+		ProviderFactories: acctest.ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceConnectorAwsSmOrgLevel(name),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "id", name),
+					resource.TestCheckResourceAttr(resourceName, "identifier", name),
+					resource.TestCheckResourceAttr(resourceName, "name", name),
+					resource.TestCheckResourceAttr(resourceName, "description", "test"),
+					resource.TestCheckResourceAttr(resourceName, "tags.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "delegate_selectors.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "secret_name_prefix", "test"),
+					resource.TestCheckResourceAttr(resourceName, "credentials.0.inherit_from_delegate", "true"),
+				),
+			},
+		},
+	})
+}
+
 func testAccDataSourceConnectorAwsSm(name string) string {
 	return fmt.Sprintf(`
 		resource "harness_platform_connector_aws_secret_manager" "test" {
@@ -58,3 +112,68 @@ func testAccDataSourceConnectorAwsSm(name string) string {
 		}
 	`, name)
 }
+
+func testAccDataSourceConnectorAwsSmProjectLevel(name string) string {
+	return fmt.Sprintf(`
+		resource "harness_platform_organization" "test" {
+		identifier = "%[1]s"
+		name = "%[1]s"
+		}
+	
+		resource "harness_platform_project" "test" {
+		identifier = "%[1]s"
+		name = "%[1]s"
+		org_id = harness_platform_organization.test.id
+		color = "#472848"
+		}
+
+		resource "harness_platform_connector_aws_secret_manager" "test" {
+			identifier = "%[1]s"
+			name = "%[1]s"
+			description = "test"
+			tags = ["foo:bar"]
+			org_id = harness_platform_organization.test.id
+			project_id = harness_platform_project.test.id
+			secret_name_prefix = "test"
+			region = "us-east-1"
+			delegate_selectors = ["harness-delegate"]
+			credentials {
+				inherit_from_delegate = true
+			}
+		}
+
+		data "harness_platform_connector_aws_secret_manager" "test" {
+			identifier = harness_platform_connector_aws_secret_manager.test.identifier
+			org_id = harness_platform_connector_aws_secret_manager.test.org_id
+			project_id = harness_platform_connector_aws_secret_manager.test.project_id
+			
+		}
+	`, name)
+}
+
+func testAccDataSourceConnectorAwsSmOrgLevel(name string) string {
+	return fmt.Sprintf(`
+		resource "harness_platform_organization" "test" {
+			identifier = "%[1]s"
+			name = "%[1]s"
+		}
+		resource "harness_platform_connector_aws_secret_manager" "test" {
+			identifier = "%[1]s"
+			name = "%[1]s"
+			description = "test"
+			tags = ["foo:bar"]
+			org_id = harness_platform_organization.test.id
+			secret_name_prefix = "test"
+			region = "us-east-1"
+			delegate_selectors = ["harness-delegate"]
+			credentials {
+				inherit_from_delegate = true
+			}
+		}
+
+		data "harness_platform_connector_aws_secret_manager" "test" {
+			identifier = harness_platform_connector_aws_secret_manager.test.identifier
+			org_id = harness_platform_connector_aws_secret_manager.test.org_id
+		}
+	`, name)
+}