Skip to content

Commit

Permalink
feat:[CCM-16472]: Terraform support for Governance-Enforcements (#1052)
Browse files Browse the repository at this point in the history
  • Loading branch information
@iamanmolm
iamanmolm authored Sep 10, 2024
1 parent 10114cc commit d15461c
Show file tree
Hide file tree
Showing 14 changed files with 677 additions and 3 deletions.
3 changes: 3 additions & 0 deletions .changelog/1052.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-resource
harness_governance_rule_enforcement - Added Governance Enforcement resource in Harness terraform provider
```
41 changes: 41 additions & 0 deletions docs/data-sources/governance_rule_enforcement.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "harness_governance_rule_enforcement Data Source - terraform-provider-harness"
subcategory: "Next Gen"
description: |-
Datasource for looking up a rule enforcement.
---

# harness_governance_rule_enforcement (Data Source)

Datasource for looking up a rule enforcement.

## Example Usage

```terraform
data "harness_governance_rule_enforcement" "example" {
enforcement_id = "enforcement_id"
}
```

<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `enforcement_id` (String) Id of rule enforcement.

### Read-Only

- `cloud_provider` (String) The cloud provider for the rule enforcement.
- `description` (String) Description for rule enforcement.
- `execution_schedule` (String) Execution schedule in cron format.
- `execution_timezone` (String) Timezone for the execution schedule.
- `id` (String) The ID of this resource.
- `is_dry_run` (Boolean) Indicates if the rule enforcement is a dry run.
- `is_enabled` (Boolean) Indicates if the rule enforcement is enabled.
- `name` (String) Name of the rule enforcement.
- `rule_ids` (Map of String) List of rule IDs.
- `rule_set_ids` (Map of String) List of rule set IDs.
- `target_accounts` (List of String) List of target accounts.
- `target_regions` (List of String) List of target regions.
47 changes: 47 additions & 0 deletions docs/resources/governance_rule_enforcement.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "harness_governance_rule_enforcement Resource - terraform-provider-harness"
subcategory: "Next Gen"
description: |-
Resource for creating, updating, and managing rule enforcement.
---

# harness_governance_rule_enforcement (Resource)

Resource for creating, updating, and managing rule enforcement.



<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `cloud_provider` (String) The cloud provider for the rule enforcement. It should be either AWS, AZURE or GCP.
- `execution_schedule` (String) Execution schedule in cron format.
- `execution_timezone` (String) Timezone for the execution schedule.
- `name` (String) Name of the rule enforcement.
- `target_accounts` (List of String) List of target account which can be either AWS Account Ids or Azure Subscription Ids or Gcp Project Ids.

### Optional

- `description` (String) Description for rule enforcement.
- `is_dry_run` (Boolean) Indicates if the rule enforcement is a dry run. This by default is set to false.
- `is_enabled` (Boolean) Indicates if the rule enforcement is enabled. This by default is set to true.
- `rule_ids` (List of String) List of rule IDs. Either rule_ids or rule_set_ids should be provided.
- `rule_set_ids` (List of String) List of rule set IDs. Either rule_ids or rule_set_ids should be provided.
- `target_regions` (List of String) List of target regions. For GCP it should be left empty but is required in case of AWS or Azure.

### Read-Only

- `enforcement_id` (String) Id of the rule enforcement.
- `id` (String) The ID of this resource.

## Import

Import is supported using the following syntax:

```shell
# Import governance enforcement
terraform import harness_governance_rule_enforcement.example <enforcement_id>
```
3 changes: 3 additions & 0 deletions examples/data-sources/harness_governance_rule_enforcement/data-source.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
data "harness_governance_rule_enforcement" "example" {
enforcement_id = "enforcement_id"
}
2 changes: 2 additions & 0 deletions examples/resources/harness_governance_rule_enforcement/import.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# Import governance enforcement
terraform import harness_governance_rule_enforcement.example <enforcement_id>
14 changes: 14 additions & 0 deletions examples/resources/harness_governance_rule_enforcement/resources.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
resource "harness_governance_rule_enforcement" "example" {
identifier = "identifier"
name = "name"
cloud_provider = "AWS/AZURE/GCP"
rule_ids = ["rule_id1"]
rule_set_ids = ["rule_set_id1"]
execution_schedule = "0 0 * * * *"
execution_timezone = "UTC"
is_enabled = true
target_accounts = ["awsAccountId/azureSubscriptionId/gcpProjectId"]
target_regions = ["us-east-1/eastus"]
is_dry_run = false
description = "description"
}
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ require (
github.com/antihax/optional v1.0.0
github.com/aws/aws-sdk-go v1.46.4
github.com/docker/docker v24.0.5+incompatible
github.com/harness/harness-go-sdk v0.4.3
github.com/harness/harness-go-sdk v0.4.4
github.com/harness/harness-openapi-go-client v0.0.21
github.com/hashicorp/go-cleanhttp v0.5.2
github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,8 +54,8 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/harness/harness-go-sdk v0.4.3 h1:lAyQT7paCayYIOPrZPmCHOtG2uWCgUHugcaN9MJtYnE=
github.com/harness/harness-go-sdk v0.4.3/go.mod h1:a/1HYTgVEuNEoh3Z3IsOHZdlUNxl94KcX57ZSNVGll0=
github.com/harness/harness-go-sdk v0.4.4 h1:ob+zPJTcMjuq+s8u5O1/SGOR+ZjqRfwGloAdKvKgd/E=
github.com/harness/harness-go-sdk v0.4.4/go.mod h1:a/1HYTgVEuNEoh3Z3IsOHZdlUNxl94KcX57ZSNVGll0=
github.com/harness/harness-openapi-go-client v0.0.21 h1:VtJnpQKZvCAlaCmUPbNR69OT3c5WRdhNN5TOgUwtwZ4=
github.com/harness/harness-openapi-go-client v0.0.21/go.mod h1:u0vqYb994BJGotmEwJevF4L3BNAdU9i8ui2d22gmLPA=
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
Expand Down
10 changes: 10 additions & 0 deletions helpers/schema.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -610,3 +610,13 @@ var GitWebhookResourceImporter = &schema.ResourceImporter{
return []*schema.ResourceData{d}, nil
},
}

var AccountLevelResourceImporter = &schema.ResourceImporter{
State: func(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
if d.Id() != "" {
return []*schema.ResourceData{d}, nil
}

return nil, fmt.Errorf("invalid identifier: %s", d.Id())
},
}
3 changes: 3 additions & 0 deletions internal/provider/provider.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
dbinstance "github.com/harness/terraform-provider-harness/internal/service/platform/db_instance"
dbschema "github.com/harness/terraform-provider-harness/internal/service/platform/db_schema"
"github.com/harness/terraform-provider-harness/internal/service/platform/gitx/webhook"
governance_enforcement "github.com/harness/terraform-provider-harness/internal/service/platform/governance/enforcement"
"github.com/harness/terraform-provider-harness/internal/service/platform/notification_rule"

"github.com/harness/terraform-provider-harness/internal/service/platform/feature_flag"
Expand Down Expand Up @@ -280,6 +281,7 @@ func Provider(version string) func() *schema.Provider {
"harness_platform_repo_webhook": repo_webhook.DataSourceRepoWebhook(),
"harness_platform_gitops_app_project": gitops_project.DataSourceGitOpsProject(),
"harness_platform_gitx_webhook": webhook.DataSourceWebhook(),
"harness_governance_rule_enforcement": governance_enforcement.DatasourceRuleEnforcement(),
},
ResourcesMap: map[string]*schema.Resource{
"harness_platform_template": pl_template.ResourceTemplate(),
Expand Down Expand Up @@ -422,6 +424,7 @@ func Provider(version string) func() *schema.Provider {
"harness_platform_repo_webhook": repo_webhook.ResourceRepoWebhook(),
"harness_platform_connector_custom_secret_manager": connector.ResourceConnectorCSM(),
"harness_platform_gitx_webhook": webhook.ResourceWebhook(),
"harness_governance_rule_enforcement": governance_enforcement.ResourceRuleEnforcement(),
},
}

Expand Down
Loading

0 comments on commit d15461c

Please sign in to comment.