From 1fa7a0ee99b730a256fe898367e748e86874ddf4 Mon Sep 17 00:00:00 2001 From: Tomer Heber Date: Thu, 21 Sep 2023 10:43:12 -0500 Subject: [PATCH] Fix: disallowing remote state access returns 400 bad request (#714) * Fix: disallowing remote state access returns 400 bad request * send an empty array * comment test * added a comment --- client/remote_state_access.go | 7 ++++++- tests/integration/012_environment/main.tf | 9 +++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/client/remote_state_access.go b/client/remote_state_access.go index 08177406..646e7425 100644 --- a/client/remote_state_access.go +++ b/client/remote_state_access.go @@ -8,7 +8,7 @@ type RemoteStateAccessConfiguration struct { type RemoteStateAccessConfigurationCreate struct { AccessibleFromEntireOrganization bool `json:"accessibleFromEntireOrganization"` - AllowedProjectIds []string `json:"allowedProjectIds,omitempty"` + AllowedProjectIds []string `json:"allowedProjectIds"` } func (client *ApiClient) RemoteStateAccessConfiguration(environmentId string) (*RemoteStateAccessConfiguration, error) { @@ -22,6 +22,11 @@ func (client *ApiClient) RemoteStateAccessConfiguration(environmentId string) (* } func (client *ApiClient) RemoteStateAccessConfigurationCreate(environmentId string, payload RemoteStateAccessConfigurationCreate) (*RemoteStateAccessConfiguration, error) { + // The API doesn't accept "null". If the array isn't set, pass "[]" instead. + if payload.AllowedProjectIds == nil { + payload.AllowedProjectIds = []string{} + } + var result RemoteStateAccessConfiguration if err := client.http.Put("/remote-backend/states/"+environmentId+"/access-control", payload, &result); err != nil { return nil, err diff --git a/tests/integration/012_environment/main.tf b/tests/integration/012_environment/main.tf index 7b000d22..3731b08e 100644 --- a/tests/integration/012_environment/main.tf +++ b/tests/integration/012_environment/main.tf @@ -76,10 +76,11 @@ resource "env0_team_environment_assignment" "team_role_environment_assignment" { role_id = var.second_run ? env0_custom_role.custom_role1.id : env0_custom_role.custom_role2.id } -/* TODO: need to add an integration test. -resource "env0_environment_state_access" "state_access" { - environment_id = env0_environment.example.id - allowed_project_ids = [env0_project.test_project.id] +/* TODO +resource "env0_environment_state_access" "disallow" { + environment_id = env0_environment.example.id + accessible_from_entire_organization = false + allowed_project_ids = [] } */