Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove default values from op_risk_custom criteria #140

Merged
merged 3 commits into from
Sep 27, 2023
Merged

Remove default values from op_risk_custom criteria #140

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5083e95
Remove default values from op_risk_custom criteria
alexhung Sep 26, 2023
52c399a
Update CHANGELOG
alexhung Sep 26, 2023
7a71d69
JFrog Pipelines - Add Artifactory and Xray versions to CHANGELOG.md
jfrogsolutioncicd Sep 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,12 @@
## 2.0.0 (September 27, 2023). Tested on Artifactory 7.68.11 and Xray 3.82.11

BREAKING CHANGES:

* resource/xray_operational_risk_policy: remove default values for attributes `op_risk_custom.release_date_greater_than_months`, `op_risk_custom.newer_versions_greater_than`, `op_risk_custom.release_cadence_per_year_less_than`, `op_risk_custom.commits_less_than`, and `op_risk_custom.committers_less_than`. They are now require to be defined explicitly if you wish to set any values. There may be state drifts for this policy resource as the provide code can't distinguish between default values vs configuration values so it can't automatically upgrade the TF state.

PR: [#140](https://github.com/jfrog/terraform-provider-xray/pull/140)
Issue: [#138](https://github.com/jfrog/terraform-provider-xray/issues/138)

## 1.18.0 (September 26, 2023). Tested on Artifactory 7.68.11 and Xray 3.82.11

FEATURES:
Expand Down
2 changes: 1 addition & 1 deletion GNUmakefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ install: clean build
terraform init

clean:
rm -fR dist terraform.d/ .terraform terraform.tfstate* terraform.d/ .terraform.lock.hcl
rm -fR dist terraform.d/ .terraform terraform.tfstate* .terraform.lock.hcl

release:
@git tag ${NEXT_VERSION} && git push --mirror
Expand Down
2 changes: 1 addition & 1 deletion docs/resources/operational_risk_policy.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -150,7 +150,7 @@ Optional:
Optional:

- `op_risk_custom` (Block List, Max: 1) Custom Condition (see [below for nested schema](#nestedblock--rule--criteria--op_risk_custom))
- `op_risk_min_risk` (String) The minimum operational risk that will be impacted by the policy.
- `op_risk_min_risk` (String) The minimum operational risk that will be impacted by the policy: High, Medium, Low

<a id="nestedblock--rule--criteria--op_risk_custom"></a>
### Nested Schema for `rule.criteria.op_risk_custom`
Expand Down
12 changes: 6 additions & 6 deletions pkg/xray/policies.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -187,12 +187,12 @@ type PolicyExposures struct {
type OperationalRiskCriteria struct {
UseAndCondition bool `json:"use_and_condition"`
IsEOL bool `json:"is_eol"`
ReleaseDateGreaterThanMonths int `json:"release_date_greater_than_months"`
NewerVersionsGreaterThan int `json:"newer_versions_greater_than"`
ReleaseCadencePerYearLessThan int `json:"release_cadence_per_year_less_than"`
CommitsLessThan int `json:"commits_less_than"`
CommittersLessThan int `json:"committers_less_than"`
Risk string `json:"risk"`
ReleaseDateGreaterThanMonths int `json:"release_date_greater_than_months,omitempty"`
NewerVersionsGreaterThan int `json:"newer_versions_greater_than,omitempty"`
ReleaseCadencePerYearLessThan int `json:"release_cadence_per_year_less_than,omitempty"`
CommitsLessThan int `json:"commits_less_than,omitempty"`
CommittersLessThan int `json:"committers_less_than,omitempty"`
Risk string `json:"risk,omitempty"`
}

type PolicyRuleCriteria struct {
Expand Down
7 changes: 1 addition & 6 deletions pkg/xray/resource_xray_operational_risk_policy.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ func resourceXrayOperationalRiskPolicy() *schema.Resource {
"op_risk_min_risk": {
Type: schema.TypeString,
Optional: true,
Description: "The minimum operational risk that will be impacted by the policy.",
Description: "The minimum operational risk that will be impacted by the policy: High, Medium, Low",
ValidateDiagFunc: validator.StringInSlice(true, "High", "Medium", "Low"),
},
"op_risk_custom": {
Expand All @@ -62,35 +62,30 @@ func resourceXrayOperationalRiskPolicy() *schema.Resource {
"release_date_greater_than_months": {
Type: schema.TypeInt,
Optional: true,
Default: 6,
Description: "Release age greater than (in months): 6, 12, 18, 24, 30, or 36",
ValidateDiagFunc: validation.ToDiagFunc(validation.IntInSlice([]int{6, 12, 18, 24, 30, 36})),
},
"newer_versions_greater_than": {
Type: schema.TypeInt,
Optional: true,
Default: 1,
Description: "Number of releases since greater than: 1, 2, 3, 4, or 5",
ValidateDiagFunc: validation.ToDiagFunc(validation.IntInSlice([]int{1, 2, 3, 4, 5})),
},
"release_cadence_per_year_less_than": {
Type: schema.TypeInt,
Optional: true,
Default: 1,
Description: "Release cadence less than per year: 1, 2, 3, 4, or 5",
ValidateDiagFunc: validation.ToDiagFunc(validation.IntInSlice([]int{1, 2, 3, 4, 5})),
},
"commits_less_than": {
Type: schema.TypeInt,
Optional: true,
Default: 10,
Description: "Number of commits less than per year: 10, 25, 50, or 100",
ValidateDiagFunc: validation.ToDiagFunc(validation.IntInSlice([]int{10, 25, 50, 100})),
},
"committers_less_than": {
Type: schema.TypeInt,
Optional: true,
Default: 1,
Description: "Number of committers less than per year: 1, 2, 3, 4, or 5",
ValidateDiagFunc: validation.ToDiagFunc(validation.IntInSlice([]int{1, 2, 3, 4, 5})),
},
Expand Down
124 changes: 124 additions & 0 deletions pkg/xray/resource_xray_operational_risk_policy_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,35 @@ func TestAccOperationalRiskPolicy_customCriteria(t *testing.T) {
testData["op_risk_custom_committers_less_than"] = testutil.RandSelect("1", "2", "3", "4", "5").(string)
testData["op_risk_custom_risk"] = testutil.RandSelect("high", "medium", "low").(string)

const opertionalRiskPolicyCustomUnset = `resource "xray_operational_risk_policy" "{{ .resource_name }}" {
name = "{{ .policy_name }}"
description = "{{ .policy_description }}"
type = "operational_risk"
rule {
name = "{{ .rule_name }}"
priority = 1
criteria {
op_risk_custom {
use_and_condition = {{ .op_risk_custom_use_and_condition }}
is_eol = {{ .op_risk_custom_is_eol }}
risk = "{{ .op_risk_custom_risk }}"
}
}
actions {
block_release_bundle_distribution = {{ .block_release_bundle_distribution }}
fail_build = {{ .fail_build }}
notify_watch_recipients = {{ .notify_watch_recipients }}
notify_deployer = {{ .notify_deployer }}
create_ticket_enabled = {{ .create_ticket_enabled }}
build_failure_grace_period_in_days = {{ .grace_period_days }}
block_download {
unscanned = {{ .block_unscanned }}
active = {{ .block_active }}
}
}
}
}`

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
CheckDestroy: verifyDeleted(fqrn, testCheckPolicy),
Expand All @@ -221,6 +250,20 @@ func TestAccOperationalRiskPolicy_customCriteria(t *testing.T) {
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.risk", testData["op_risk_custom_risk"]),
),
},
{
Config: sdk.ExecuteTemplate(fqrn, opertionalRiskPolicyCustomUnset, testData),
Check: resource.ComposeTestCheckFunc(
verifyOpertionalRiskPolicy(fqrn, testData),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.use_and_condition", testData["op_risk_custom_use_and_condition"]),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.is_eol", testData["op_risk_custom_is_eol"]),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.release_date_greater_than_months"),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.newer_versions_greater_than"),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.release_cadence_per_year_less_than"),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.commits_less_than"),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.committers_less_than"),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.risk", testData["op_risk_custom_risk"]),
),
},
{
ResourceName: fqrn,
ImportState: true,
Expand All @@ -230,6 +273,87 @@ func TestAccOperationalRiskPolicy_customCriteria(t *testing.T) {
})
}

func TestAccOperationalRiskPolicy_customCriteria_migration(t *testing.T) {
_, fqrn, resourceName := testutil.MkNames("policy-", "xray_operational_risk_policy")

const opertionalRiskPolicyCustom = `resource "xray_operational_risk_policy" "{{ .resource_name }}" {
name = "{{ .policy_name }}"
description = "{{ .policy_description }}"
type = "operational_risk"
rule {
name = "{{ .rule_name }}"
priority = 1
criteria {
op_risk_custom {
use_and_condition = {{ .op_risk_custom_use_and_condition }}
is_eol = {{ .op_risk_custom_is_eol }}
risk = "{{ .op_risk_custom_risk }}"
}
}
actions {
block_release_bundle_distribution = {{ .block_release_bundle_distribution }}
fail_build = {{ .fail_build }}
notify_watch_recipients = {{ .notify_watch_recipients }}
notify_deployer = {{ .notify_deployer }}
create_ticket_enabled = {{ .create_ticket_enabled }}
build_failure_grace_period_in_days = {{ .grace_period_days }}
block_download {
unscanned = {{ .block_unscanned }}
active = {{ .block_active }}
}
}
}
}`

testData := sdk.MergeMaps(testDataOperationalRisk)
testData["resource_name"] = resourceName
testData["op_risk_custom_use_and_condition"] = "true"
testData["op_risk_custom_is_eol"] = "false"
testData["op_risk_custom_risk"] = testutil.RandSelect("high", "medium", "low").(string)

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
CheckDestroy: verifyDeleted(fqrn, testCheckPolicy),
Steps: []resource.TestStep{
{
ExternalProviders: map[string]resource.ExternalProvider{
"xray": {
VersionConstraint: "1.18.0",
Source: "registry.terraform.io/jfrog/xray",
},
},
Config: sdk.ExecuteTemplate(fqrn, opertionalRiskPolicyCustom, testData),
Check: resource.ComposeTestCheckFunc(
verifyOpertionalRiskPolicy(fqrn, testData),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.use_and_condition", testData["op_risk_custom_use_and_condition"]),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.is_eol", testData["op_risk_custom_is_eol"]),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.release_date_greater_than_months", "6"),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.newer_versions_greater_than", "1"),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.release_cadence_per_year_less_than", "1"),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.commits_less_than", "10"),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.committers_less_than", "1"),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.risk", testData["op_risk_custom_risk"]),
),
},
{
ProviderFactories: testAccProviders(),
Config: sdk.ExecuteTemplate(fqrn, opertionalRiskPolicyCustom, testData),
Check: resource.ComposeTestCheckFunc(
verifyOpertionalRiskPolicy(fqrn, testData),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.use_and_condition", testData["op_risk_custom_use_and_condition"]),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.is_eol", testData["op_risk_custom_is_eol"]),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.release_date_greater_than_months"),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.newer_versions_greater_than"),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.release_cadence_per_year_less_than"),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.commits_less_than"),
resource.TestCheckNoResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.committers_less_than"),
resource.TestCheckResourceAttr(fqrn, "rule.0.criteria.0.op_risk_custom.0.risk", testData["op_risk_custom_risk"]),
),
},
},
})
}

func verifyOpertionalRiskPolicy(fqrn string, testData map[string]string) resource.TestCheckFunc {
return resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(fqrn, "name", testData["policy_name"]),
Expand Down