From ec35d5ca2eaf8dc5fa08a33c5b78251d51b1582c Mon Sep 17 00:00:00 2001 From: Caleb Doxsey Date: Tue, 28 Jan 2025 14:31:36 -0700 Subject: [PATCH 1/2] policies: data fields --- .gitignore | 2 + internal/provider/policies_data_source.go | 78 ++++++++++++++++++++++- internal/provider/policy_data_source.go | 29 ++++++++- 3 files changed, 104 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 95afd31..4807b40 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,5 @@ go.work.sum .env .DS_Store bin + +.vscode diff --git a/internal/provider/policies_data_source.go b/internal/provider/policies_data_source.go index 5ffaa08..d8afe8b 100644 --- a/internal/provider/policies_data_source.go +++ b/internal/provider/policies_data_source.go @@ -4,8 +4,11 @@ import ( "context" "fmt" + "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator" "github.com/hashicorp/terraform-plugin-framework/datasource" "github.com/hashicorp/terraform-plugin-framework/datasource/schema" + "github.com/hashicorp/terraform-plugin-framework/schema/validator" + "github.com/hashicorp/terraform-plugin-framework/types" client "github.com/pomerium/enterprise-client-go" "github.com/pomerium/enterprise-client-go/pb" @@ -22,7 +25,13 @@ type PoliciesDataSource struct { } type PoliciesDataSourceModel struct { - Policies []PolicyModel `tfsdk:"policies"` + Namespace types.String `tfsdk:"namespace"` + Query types.String `tfsdk:"query"` + Offset types.Int64 `tfsdk:"offset"` + Limit types.Int64 `tfsdk:"limit"` + OrderBy types.String `tfsdk:"order_by"` + Policies []PolicyModel `tfsdk:"policies"` + TotalCount types.Int64 `tfsdk:"total_count"` } func (d *PoliciesDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) { @@ -34,6 +43,29 @@ func (d *PoliciesDataSource) Schema(_ context.Context, _ datasource.SchemaReques MarkdownDescription: "List all policies", Attributes: map[string]schema.Attribute{ + "namespace": schema.StringAttribute{ + Optional: true, + Description: "Namespace to list policies in.", + }, + "query": schema.StringAttribute{ + Optional: true, + Description: "Query for policies.", + }, + "offset": schema.Int64Attribute{ + Optional: true, + Description: "List offset.", + }, + "limit": schema.Int64Attribute{ + Optional: true, + Description: "List limit.", + }, + "order_by": schema.StringAttribute{ + Optional: true, + Description: "List order by.", + Validators: []validator.String{ + stringvalidator.OneOf("newest", "oldest", "name"), + }, + }, "policies": schema.ListNestedAttribute{ Computed: true, NestedObject: schema.NestedAttributeObject{ @@ -42,6 +74,10 @@ func (d *PoliciesDataSource) Schema(_ context.Context, _ datasource.SchemaReques Computed: true, Description: "Unique identifier for the policy.", }, + "description": schema.StringAttribute{ + Computed: true, + Description: "Description of the policy.", + }, "name": schema.StringAttribute{ Computed: true, Description: "Name of the policy.", @@ -53,10 +89,32 @@ func (d *PoliciesDataSource) Schema(_ context.Context, _ datasource.SchemaReques "ppl": schema.StringAttribute{ Computed: true, Description: "Policy Policy Language (PPL) string.", + CustomType: PolicyLanguageType{}, + }, + "rego": schema.ListAttribute{ + Computed: true, + Description: "Rego policies.", + ElementType: types.StringType, + }, + "enforced": schema.BoolAttribute{ + Computed: true, + Description: "Whether the policy is enforced within the namespace hierarchy.", + }, + "explanation": schema.StringAttribute{ + Computed: true, + Description: "Explanation of the policy.", + }, + "remediation": schema.StringAttribute{ + Computed: true, + Description: "Remediation of the policy.", }, }, }, }, + "total_count": schema.Int64Attribute{ + Optional: true, + Description: "Total number of policies.", + }, }, } } @@ -78,10 +136,23 @@ func (d *PoliciesDataSource) Configure(_ context.Context, req datasource.Configu d.client = client } -func (d *PoliciesDataSource) Read(ctx context.Context, _ datasource.ReadRequest, resp *datasource.ReadResponse) { +func (d *PoliciesDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) { var data PoliciesDataSourceModel - policiesResp, err := d.client.PolicyService.ListPolicies(ctx, &pb.ListPoliciesRequest{}) + resp.Diagnostics.Append(req.Config.Get(ctx, &data)...) + if resp.Diagnostics.HasError() { + return + } + + listReq := &pb.ListPoliciesRequest{ + Namespace: data.Namespace.ValueString(), + Query: data.Query.ValueStringPointer(), + Offset: data.Offset.ValueInt64Pointer(), + Limit: data.Limit.ValueInt64Pointer(), + OrderBy: data.OrderBy.ValueStringPointer(), + } + + policiesResp, err := d.client.PolicyService.ListPolicies(ctx, listReq) if err != nil { resp.Diagnostics.AddError("Error reading policies", err.Error()) return @@ -99,5 +170,6 @@ func (d *PoliciesDataSource) Read(ctx context.Context, _ datasource.ReadRequest, } data.Policies = policies + data.TotalCount = types.Int64Value(policiesResp.GetTotalCount()) resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) } diff --git a/internal/provider/policy_data_source.go b/internal/provider/policy_data_source.go index 94092b5..3b7e98c 100644 --- a/internal/provider/policy_data_source.go +++ b/internal/provider/policy_data_source.go @@ -6,6 +6,7 @@ import ( "github.com/hashicorp/terraform-plugin-framework/datasource" "github.com/hashicorp/terraform-plugin-framework/datasource/schema" + "github.com/hashicorp/terraform-plugin-framework/types" client "github.com/pomerium/enterprise-client-go" "github.com/pomerium/enterprise-client-go/pb" @@ -33,6 +34,10 @@ func (d *PolicyDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, Required: true, Description: "Unique identifier for the policy.", }, + "description": schema.StringAttribute{ + Computed: true, + Description: "Description of the policy.", + }, "name": schema.StringAttribute{ Computed: true, Description: "Name of the policy.", @@ -44,6 +49,24 @@ func (d *PolicyDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, "ppl": schema.StringAttribute{ Computed: true, Description: "Policy Policy Language (PPL) string.", + CustomType: PolicyLanguageType{}, + }, + "rego": schema.ListAttribute{ + Computed: true, + Description: "Rego policies.", + ElementType: types.StringType, + }, + "enforced": schema.BoolAttribute{ + Computed: true, + Description: "Whether the policy is enforced within the namespace hierarchy.", + }, + "explanation": schema.StringAttribute{ + Computed: true, + Description: "Explanation of the policy.", + }, + "remediation": schema.StringAttribute{ + Computed: true, + Description: "Remediation of the policy.", }, }, } @@ -82,11 +105,13 @@ func (d *PolicyDataSource) Read(ctx context.Context, req datasource.ReadRequest, return } - diags := ConvertPolicyFromPB(&data, policyResp.Policy) + var out PolicyModel + + diags := ConvertPolicyFromPB(&out, policyResp.Policy) resp.Diagnostics.Append(diags...) if resp.Diagnostics.HasError() { return } - resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) + resp.Diagnostics.Append(resp.State.Set(ctx, &out)...) } From dfc05e12ccda381dbe1da55fd87e3e7ba45aeee4 Mon Sep 17 00:00:00 2001 From: Caleb Doxsey Date: Wed, 29 Jan 2025 11:59:44 -0700 Subject: [PATCH 2/2] use namespace_id --- internal/provider/policies_data_source.go | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/internal/provider/policies_data_source.go b/internal/provider/policies_data_source.go index d8afe8b..d98ae2c 100644 --- a/internal/provider/policies_data_source.go +++ b/internal/provider/policies_data_source.go @@ -25,13 +25,13 @@ type PoliciesDataSource struct { } type PoliciesDataSourceModel struct { - Namespace types.String `tfsdk:"namespace"` - Query types.String `tfsdk:"query"` - Offset types.Int64 `tfsdk:"offset"` - Limit types.Int64 `tfsdk:"limit"` - OrderBy types.String `tfsdk:"order_by"` - Policies []PolicyModel `tfsdk:"policies"` - TotalCount types.Int64 `tfsdk:"total_count"` + NamespaceID types.String `tfsdk:"namespace_id"` + Query types.String `tfsdk:"query"` + Offset types.Int64 `tfsdk:"offset"` + Limit types.Int64 `tfsdk:"limit"` + OrderBy types.String `tfsdk:"order_by"` + Policies []PolicyModel `tfsdk:"policies"` + TotalCount types.Int64 `tfsdk:"total_count"` } func (d *PoliciesDataSource) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) { @@ -43,7 +43,7 @@ func (d *PoliciesDataSource) Schema(_ context.Context, _ datasource.SchemaReques MarkdownDescription: "List all policies", Attributes: map[string]schema.Attribute{ - "namespace": schema.StringAttribute{ + "namespace_id": schema.StringAttribute{ Optional: true, Description: "Namespace to list policies in.", }, @@ -145,7 +145,7 @@ func (d *PoliciesDataSource) Read(ctx context.Context, req datasource.ReadReques } listReq := &pb.ListPoliciesRequest{ - Namespace: data.Namespace.ValueString(), + Namespace: data.NamespaceID.ValueString(), Query: data.Query.ValueStringPointer(), Offset: data.Offset.ValueInt64Pointer(), Limit: data.Limit.ValueInt64Pointer(),