policy: set defaults

Author: wasaga

example/main.tf

@@ -16,7 +16,18 @@ provider "pomerium" {
 
 locals {
   root_namespace_id = "9d8dbd2c-8cce-4e66-9c1f-c490b4a07243"
+
+  any_authenticated_user_ppl = {
+    allow = {
+      and = [
+        {
+          authenticated_user = true
+        }
+      ]
+    }
+  }
 }
+
 # Create resources
 resource "pomerium_namespace" "test_namespace" {
   name      = "test-namespace"
@@ -36,16 +47,20 @@ resource "pomerium_settings" "settings" {
     api_key = "key"
     url     = "http://localhost"
   }
+
+  log_level       = "info"
+  proxy_log_level = "info"
+  # tracing_provider                  = "jaeger"
+  # tracing_sample_rate               = 1
+  # tracing_jaeger_collector_endpoint = "http://localhost:14268/api/traces"
+  # tracing_jaeger_agent_endpoint     = "localhost:6831"
+
   timeout_idle = "5m"
 }
 
 resource "pomerium_policy" "test_policy" {
   name         = "test-policy"
   namespace_id = pomerium_namespace.test_namespace.id
-  description  = "test policy"
-  enforced     = false
-  explanation  = "test policy explanation"
-  remediation  = "test policy remediation"
   ppl          = <<EOF
 - allow:
     and:

internal/provider/policy.go

@@ -7,7 +7,9 @@ import (
 	"github.com/hashicorp/terraform-plugin-framework/path"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/booldefault"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
@@ -56,6 +58,8 @@ func (r *PolicyResource) Schema(_ context.Context, _ resource.SchemaRequest, res
 			"description": schema.StringAttribute{
 				Description: "Description of the policy.",
 				Optional:    true,
+				Computed:    true,
+				Default:     stringdefault.StaticString(""),
 			},
 			"name": schema.StringAttribute{
 				Description: "Name of the policy.",
@@ -78,14 +82,20 @@ func (r *PolicyResource) Schema(_ context.Context, _ resource.SchemaRequest, res
 			"enforced": schema.BoolAttribute{
 				Description: "Whether the policy is enforced within the namespace hierarchy.",
 				Optional:    true,
+				Computed:    true,
+				Default:     booldefault.StaticBool(false),
 			},
 			"explanation": schema.StringAttribute{
 				Description: "Explanation of the policy.",
 				Optional:    true,
+				Computed:    true,
+				Default:     stringdefault.StaticString(""),
 			},
 			"remediation": schema.StringAttribute{
 				Description: "Remediation of the policy.",
 				Optional:    true,
+				Computed:    true,
+				Default:     stringdefault.StaticString(""),
 			},
 		},
 	}

internal/provider/policy_types.go

@@ -67,7 +67,7 @@ func (PolicyLanguageType) ValueFromString(
 	var diag diag.Diagnostics
 	v, err := PolicyLanguageType{}.Parse(in)
 	if err != nil {
-		diag.AddError("failed to parse PPL", err.Error())
+		diag.AddError("failed to parse PPL", err.Error()+">>"+in.ValueString()+"<<")
 		return nil, diag
 	}
 	return v, nil