policy check read handles nested data

[ibm-richard]

Description

The logic for handling policy-checks doesn't currently account for the data being nested within a data field within the run entry in the relationships. this makes every attempt to read policy check results fail.

Testing plan

    config = TFEConfig(address="https://app.terraform.io", token=TFE_TOKEN)
    tfe_client = TFEClient(config)        
    run_details = tfe_client.runs.read(run_id)
    print(f"run details: {run_details}\n\n")
    print(f"policy checks: {run_details.policy_checks}")
    for policy_check in run_details.policy_checks:
        print(f"policy check: {policy_check}")
        policy_check_id = policy_check.id
        print(f"policy check id: {policy_check_id}")
        policy_check_details = tfe_client.policy_checks.read(policy_check_id) # This line fails without this PR

External links

• API documentation

Output from tests

.venv) richardboyd@Richards-MacBook-Pro python-tfe % make test
.venv/bin/python -m pytest -v
========================================== test session starts ===========================================
platform darwin -- Python 3.14.2, pytest-9.0.2, pluggy-1.6.0 -- /Users/richardboyd/Developer/python-tfe/.venv/bin/python
cachedir: .pytest_cache
rootdir: /Users/richardboyd/Developer/python-tfe
configfile: pyproject.toml
plugins: anyio-4.12.1, mock-3.15.1
collected 396 items                                                                                      

tests/units/test_agent_pools.py::TestAgentPoolModels::test_agent_pool_model_basic PASSED           [  0%]
tests/units/test_agent_pools.py::TestAgentPoolModels::test_agent_pool_allowed_workspace_policy_enum PASSED [  0%]

[omitted for brevity]


tests/units/test_workspaces.py::TestWorkspaceOperations::test_set_data_retention_policy_dont_delete PASSED [ 99%]
tests/units/test_workspaces.py::TestWorkspaceOperations::test_set_data_retention_policy_legacy PASSED [ 99%]
tests/units/test_workspaces.py::TestWorkspaceOperations::test_delete_data_retention_policy PASSED  [100%]

========================================== 396 passed in 1.00s ===========================================

New unit test for Policy Checks

(.venv) richardboyd@Richards-MacBook-Pro python-tfe % python -m pytest tests/units/test_policy_check.py -v
======================================================= test session starts =======================================================
platform darwin -- Python 3.14.2, pytest-9.0.2, pluggy-1.6.0 -- /Users/richardboyd/Developer/python-tfe/.venv/bin/python
cachedir: .pytest_cache
rootdir: /Users/richardboyd/Developer/python-tfe
configfile: pyproject.toml
plugins: anyio-4.12.1, mock-3.15.1
collected 3 items                                                                                                                 

tests/units/test_policy_check.py::TestPolicyChecks::test_list_validations PASSED                                            [ 33%]
tests/units/test_policy_check.py::TestPolicyChecks::test_list_success_with_options PASSED                                   [ 66%]
tests/units/test_policy_check.py::TestPolicyChecks::test_list_empty_result PASSED                                           [100%]

======================================================== 3 passed in 0.19s ========================================================

Rollback Plan

git revert?

Changes to Security Controls

N/A

PCI review checklist

• I have documented a clear reason for, and description of, the change I am making.

• [N/A] If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.

• [N/A] If applicable, I've documented the impact of any changes to security controls.

  Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.

If you have any questions, please contact your direct supervisor, GRC (#team-grc), or the PCI working group (#proj-pci-reboot). You can also find more information at PCI Compliance.

[hashicorp-cla-app]

All committers have signed the CLA.

[ibm-richard]

I added a simple unit test for the policy-check endpoint but it'll need more test cases. will add those later tonight.

[aayushsingh2502]

Hi @ibm-richard
The changes looks good. Can you please add the screenshot of the new testcase run in the description

[ibm-richard]

done!

[aayushsingh2502]

LGTM

[aayushsingh2502]

We will release this with our upcoming 0.1.3 minor release

[isivaselvan]

Thank you @ibm-richard for your quick findings and contributing to our repo. Unfortunately, current changes was already planned as part of the release 0.1.3 and raised at PR113. Looking forward for further contributions.

[ibm-richard]

ahhh, I didn't see that next-0.1.3 branch. This PR can be closed.