Add ability to upload Policies in a PolicySet resource

[omarismail]

Description

This PR augments the tfe_policy_set resource to allow uploading of local policies. This is done primarily through the use of PolicySetVersions.

Example usage

This functionality only works when there is no VCS repo attached to a PolicySet. The usage is:

data "tfe_slug" "policy" {
  // path to local policies
  source_path = "policies/my-policy-set"
}

resource "tfe_policy_set" "test" {
  name          = "my-policy-set"
  description   = "A brand new policy set"
  organization  = "<org-name>"

  // reference to the tfe_slug data source
  slug = data.tfe_slug.policy
}

Behind the scenes, this creates a new PolicySetVersion and then Uploads the contents of the source_path in the tfe_slug data source.

Testing plan

1. Pull down this branch and make build the provider. Make sure to enable development override for the provider.
2. Create a new directory and terraform init
3. Copy the tfe/test-fixtures/policy-set-version directory to your local working directory under policies/my-policy-set
4. Add this to your config

data "tfe_slug" "policy" {
  source_path = "policies/my-policy-set"
}

resource "tfe_policy_set" "test" {
  name          = "my-policy-set"
  description   = "A brand new policy set"
  organization  = tfe_organization.test.name
  slug = data.tfe_slug.policy
}

output "policy" {
  value = tfe_policy_set.test
}

output "data_policy" {
  value = data.tfe_slug.policy
}

5. Run terraform apply
6. Validate in the UI in this organization that the policy set is created, and verify the terraform output that the status is ready. You can also curl to get the PolicySetVersion and confirm the status.
7. Then edit/add a new file in the policies/my-policy-set directory and run terraform apply and notice an PolicySet update taking place (terraform outputs 1 changed).

Documentation

Images of the new documentation is put as a PR comment near the file.

External links

• API documentation
• go-tfe PR

Closes #279

Output from acceptance tests

terraform-provider-tfe % TFE_TOKEN=<token> TFE_HOSTNAME=tfe-zone-4c292d5b.ngrok.io TF_ACC=1 TF_LOG_PROVIDER=DEBUG  gotestsum --format testname -- ./tfe/... -v -run TestAccTFEPolicySet_version
PASS tfe.TestAccTFEPolicySet_version (7.01s)
PASS tfe.TestAccTFEPolicySet_version_updateCreate (12.06s)
PASS tfe.TestAccTFEPolicySet_version_no_vcs_repo (1.20s)
PASS tfe

DONE 3 tests in 26.078s

[omarismail]

Will squash and clean the commit message before merging.

[omarismail]

[omarismail]

[chrisarcand]

Looks awesome! I really like how this turned out.

[chrisarcand]

This is true of any test in this suite, no? If so, I'd say this is unnecessary but also harmless to leave!

I think the way to 'solve' these potential leftovers is via the use of sweepers, but that's not within our scope here of course.

[omarismail]

Not sure I follow. Do you mean that having the extra removeFile function call below as a precaution isn't that useful because this would happen to any test fatal?

[chrisarcand]

Basically, yeah. It's a fix for this particular test but is something inherent to any of them. Harmless to leave, just figured I'd say I wouldn't expect it as that's a bigger issue with the whole suite 😩