diff --git a/CHANGELOG.md b/CHANGELOG.md index c7edfb2f..a5adb353 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,19 @@ +## 3.0.0 (November 20, 2024). Tested on Artifactory 7.98.8 and Xray 3.104.18 with Terraform 1.9.8 and OpenTofu 1.8.5 + +BREAKING CHANGES: + +* provider: Deprecated attribute `check_license` is removed. + +BUG FIXES: + +* resource/xray_license_policy: Switch `allowed_licenses` and `banned_licenses` attribute type from `TypeSet` to `TypeList` to resolve performance issue with large number of licenses. Add validation to ensure `allowed_licenses` and `banned_licenses` attributes cannot be set at the same time. Issue: [#262](https://github.com/jfrog/terraform-provider-xray/issues/262) and [#271](https://github.com/jfrog/terraform-provider-xray/issues/271) PR: [#274](https://github.com/jfrog/terraform-provider-xray/issues/274) + ## 2.13.2 (November 11, 2024). Tested on Artifactory 7.98.8 and Xray 3.104.18 with Terraform 1.9.8 and OpenTofu 1.8.5 BUG FIXES: * resource/xray_security_policy: Fix "Provider produced inconsistent result after apply" error after resource creation. Issue: [#265](https://github.com/jfrog/terraform-provider-xray/issues/265) PR: [#268](https://github.com/jfrog/terraform-provider-xray/issues/268) - ## 2.13.1 (October 31, 2024). Tested on Artifactory 7.98.7 and Xray 3.104.18 with Terraform 1.9.8 and OpenTofu 1.8.4 BUG FIXES: diff --git a/docs/index.md b/docs/index.md index 4c9f9cbc..b749ba88 100644 --- a/docs/index.md +++ b/docs/index.md @@ -537,7 +537,6 @@ provider "xray" { ### Optional - `access_token` (String, Sensitive) This is a bearer token that can be given to you by your admin under `Identity and Access` -- `check_license` (Boolean, Deprecated) Toggle for pre-flight checking of Artifactory Pro and Enterprise license. Default to `true`. - `oidc_provider_name` (String) OIDC provider name. See [Configure an OIDC Integration](https://jfrog.com/help/r/jfrog-platform-administration-documentation/configure-an-oidc-integration) for more details. - `tfc_credential_tag_name` (String) Terraform Cloud Workload Identity Token tag name. Use for generating multiple TFC workload identity tokens. When set, the provider will attempt to use env var with this tag name as suffix. **Note:** this is case sensitive, so if set to `JFROG`, then env var `TFC_WORKLOAD_IDENTITY_TOKEN_JFROG` is used instead of `TFC_WORKLOAD_IDENTITY_TOKEN`. See [Generating Multiple Tokens](https://developer.hashicorp.com/terraform/cloud-docs/workspaces/dynamic-provider-credentials/manual-generation#generating-multiple-tokens) on HCP Terraform for more details. - `url` (String) URL of Xray. This can also be sourced from the `XRAY_URL` or `JFROG_URL` environment variable. Default to 'http://localhost:8081' if not set. diff --git a/docs/resources/license_policy.md b/docs/resources/license_policy.md index 3aefa72c..f7c901a5 100644 --- a/docs/resources/license_policy.md +++ b/docs/resources/license_policy.md @@ -132,7 +132,7 @@ Optional: - `block_download` (Block Set) Block download of artifacts that meet the Artifact Filter and Severity Filter specifications for this watch (see [below for nested schema](#nestedblock--rule--actions--block_download)) - `block_release_bundle_distribution` (Boolean) Blocks Release Bundle distribution to Edge nodes if a violation is found. Default value is `false`. - `block_release_bundle_promotion` (Boolean) Blocks Release Bundle promotion if a violation is found. Default value is `false`. -- `build_failure_grace_period_in_days` (Number) Allow grace period for certain number of days. All violations will be ignored during this time. To be used only if `fail_build` is enabled. +- `build_failure_grace_period_in_days` (Number) Allow grace period for certain number of days. All violations will be ignored during this time. To be used only if `fail_build` is enabled. Default value is `0` - `create_ticket_enabled` (Boolean) Create Jira Ticket for this Policy Violation. Requires configured Jira integration. Default value is `false`. - `custom_severity` (String) The severity of violation to be triggered if the `criteria` are met. - `fail_build` (Boolean) Whether or not the related CI build should be marked as failed if a violation is triggered. This option is only available when the policy is applied to an `xray_watch` resource with a `type` of `builds`. Default value is `false`. @@ -157,8 +157,8 @@ Optional: Optional: - `allow_unknown` (Boolean) A violation will be generated for artifacts with unknown licenses (`true` or `false`). -- `allowed_licenses` (Set of String) A list of OSS license names that may be attached to a component. Supports custom licenses added by the user, but there is no verification if the license exists on the Xray side. If the added license doesn't exist, the policy won't trigger the violation. -- `banned_licenses` (Set of String) A list of OSS license names that may not be attached to a component. Supports custom licenses added by the user, but there is no verification if the license exists on the Xray side. If the added license doesn't exist, the policy won't trigger the violation. +- `allowed_licenses` (List of String) A list of OSS license names that may be attached to a component. Supports custom licenses added by the user, but there is no verification if the license exists on the Xray side. If the added license doesn't exist, the policy won't trigger the violation. +- `banned_licenses` (List of String) A list of OSS license names that may not be attached to a component. Supports custom licenses added by the user, but there is no verification if the license exists on the Xray side. If the added license doesn't exist, the policy won't trigger the violation. - `multi_license_permissive` (Boolean) Do not generate a violation if at least one license is valid in cases whereby multiple licenses were detected on the component. ## Import diff --git a/docs/resources/operational_risk_policy.md b/docs/resources/operational_risk_policy.md index 384b4ea3..084a902b 100644 --- a/docs/resources/operational_risk_policy.md +++ b/docs/resources/operational_risk_policy.md @@ -128,7 +128,7 @@ Optional: - `block_download` (Block Set) Block download of artifacts that meet the Artifact Filter and Severity Filter specifications for this watch (see [below for nested schema](#nestedblock--rule--actions--block_download)) - `block_release_bundle_distribution` (Boolean) Blocks Release Bundle distribution to Edge nodes if a violation is found. Default value is `false`. - `block_release_bundle_promotion` (Boolean) Blocks Release Bundle promotion if a violation is found. Default value is `false`. -- `build_failure_grace_period_in_days` (Number) Allow grace period for certain number of days. All violations will be ignored during this time. To be used only if `fail_build` is enabled. +- `build_failure_grace_period_in_days` (Number) Allow grace period for certain number of days. All violations will be ignored during this time. To be used only if `fail_build` is enabled. Default value is `0` - `create_ticket_enabled` (Boolean) Create Jira Ticket for this Policy Violation. Requires configured Jira integration. Default value is `false`. - `fail_build` (Boolean) Whether or not the related CI build should be marked as failed if a violation is triggered. This option is only available when the policy is applied to an `xray_watch` resource with a `type` of `builds`. Default value is `false`. - `mails` (Set of String) A list of email addressed that will get emailed when a violation is triggered. diff --git a/docs/resources/security_policy.md b/docs/resources/security_policy.md index f30e69f1..c1ddaa92 100644 --- a/docs/resources/security_policy.md +++ b/docs/resources/security_policy.md @@ -162,7 +162,7 @@ Optional: - `block_download` (Block Set) Block download of artifacts that meet the Artifact Filter and Severity Filter specifications for this watch (see [below for nested schema](#nestedblock--rule--actions--block_download)) - `block_release_bundle_distribution` (Boolean) Blocks Release Bundle distribution to Edge nodes if a violation is found. Default value is `false`. - `block_release_bundle_promotion` (Boolean) Blocks Release Bundle promotion if a violation is found. Default value is `false`. -- `build_failure_grace_period_in_days` (Number) Allow grace period for certain number of days. All violations will be ignored during this time. To be used only if `fail_build` is enabled. +- `build_failure_grace_period_in_days` (Number) Allow grace period for certain number of days. All violations will be ignored during this time. To be used only if `fail_build` is enabled. Default value is `0` - `create_ticket_enabled` (Boolean) Create Jira Ticket for this Policy Violation. Requires configured Jira integration. Default value is `false`. - `fail_build` (Boolean) Whether or not the related CI build should be marked as failed if a violation is triggered. This option is only available when the policy is applied to an `xray_watch` resource with a `type` of `builds`. Default value is `false`. - `mails` (Set of String) A list of email addressed that will get emailed when a violation is triggered. @@ -185,15 +185,15 @@ Optional: Optional: -- `applicable_cves_only` (Boolean) Default value is `false`. Mark to skip CVEs that are not applicable in the context of the artifact. The contextual analysis operation might be long and affect build time if the `fail_build` action is set. +- `applicable_cves_only` (Boolean) Mark to skip CVEs that are not applicable in the context of the artifact. The contextual analysis operation might be long and affect build time if the `fail_build` action is set. ~>Only supported by JFrog Advanced Security - `cvss_range` (Block List) The CVSS score range to apply to the rule. This is used for a fine-grained control, rather than using the predefined severities. The score range is based on CVSS v3 scoring, and CVSS v2 score is CVSS v3 score is not available. (see [below for nested schema](#nestedblock--rule--criteria--cvss_range)) - `exposures` (Block List) Creates policy rules for specific exposures. ~>Only supported by JFrog Advanced Security (see [below for nested schema](#nestedblock--rule--criteria--exposures)) -- `fix_version_dependant` (Boolean) Default value is `false`. Issues that do not have a fixed version are not generated until a fixed version is available. Must be `false` with `malicious_package` enabled. -- `malicious_package` (Boolean) Default value is `false`. Generating a violation on a malicious package. +- `fix_version_dependant` (Boolean) Issues that do not have a fixed version are not generated until a fixed version is available. Must be `false` with `malicious_package` enabled. +- `malicious_package` (Boolean) Generating a violation on a malicious package. - `min_severity` (String) The minimum security vulnerability severity that will be impacted by the policy. Valid values: `All Severities`, `Critical`, `High`, `Medium`, `Low` - `package_name` (String) The package name to create a rule for - `package_type` (String) The package type to create a rule for diff --git a/go.mod b/go.mod index 8c80ce47..83f87cc9 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/jfrog/terraform-provider-xray +module github.com/jfrog/terraform-provider-xray/v3 // if you need to do local dev, literally just uncomment the line below // replace github.com/jfrog/terraform-provider-shared => ../terraform-provider-shared @@ -6,7 +6,7 @@ module github.com/jfrog/terraform-provider-xray go 1.22.7 require ( - github.com/go-resty/resty/v2 v2.16.0 + github.com/go-resty/resty/v2 v2.15.3 github.com/hashicorp/go-version v1.7.0 github.com/hashicorp/terraform-plugin-docs v0.20.0 github.com/hashicorp/terraform-plugin-framework v1.13.0 diff --git a/go.sum b/go.sum index e4236f57..1bc591c7 100644 --- a/go.sum +++ b/go.sum @@ -47,8 +47,8 @@ github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+ github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow= github.com/go-git/go-git/v5 v5.12.0 h1:7Md+ndsjrzZxbddRDZjF14qK+NN56sy6wkqaVrjZtys= github.com/go-git/go-git/v5 v5.12.0/go.mod h1:FTM9VKtnI2m65hNI/TenDDDnUf2Q9FHnXYjuz9i5OEY= -github.com/go-resty/resty/v2 v2.16.0 h1:qpKalHWI2bpp9BIKlyT8TYWEJXOk1NuKbfiT3RRnzWc= -github.com/go-resty/resty/v2 v2.16.0/go.mod h1:0fHAoK7JoBy/Ch36N8VFeMsK7xQOHhvWaC3iOktwmIU= +github.com/go-resty/resty/v2 v2.15.3 h1:bqff+hcqAflpiF591hhJzNdkRsFhlB96CYfBwSFvql8= +github.com/go-resty/resty/v2 v2.15.3/go.mod h1:0fHAoK7JoBy/Ch36N8VFeMsK7xQOHhvWaC3iOktwmIU= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= diff --git a/main.go b/main.go index 4836f0c9..60c46331 100644 --- a/main.go +++ b/main.go @@ -6,7 +6,7 @@ import ( "log" "github.com/hashicorp/terraform-plugin-framework/providerserver" - "github.com/jfrog/terraform-provider-xray/pkg/xray" + "github.com/jfrog/terraform-provider-xray/v3/pkg/xray" ) // Run the docs generation tool, check its repository for more information on how it works and how docs diff --git a/pkg/acctest/test.go b/pkg/acctest/test.go index 41b83ba5..021bf81b 100644 --- a/pkg/acctest/test.go +++ b/pkg/acctest/test.go @@ -13,7 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/terraform" "github.com/jfrog/terraform-provider-shared/client" "github.com/jfrog/terraform-provider-shared/testutil" - "github.com/jfrog/terraform-provider-xray/pkg/xray" + "github.com/jfrog/terraform-provider-xray/v3/pkg/xray" ) // Provider PreCheck(t) must be called before using this provider instance. diff --git a/pkg/xray/provider.go b/pkg/xray/provider.go index f5015f8f..2659a5f5 100644 --- a/pkg/xray/provider.go +++ b/pkg/xray/provider.go @@ -14,11 +14,11 @@ import ( "github.com/jfrog/terraform-provider-shared/client" "github.com/jfrog/terraform-provider-shared/util" validatorfw_string "github.com/jfrog/terraform-provider-shared/validator/fw/string" - xray_datasource "github.com/jfrog/terraform-provider-xray/pkg/xray/datasource" - xray_resource "github.com/jfrog/terraform-provider-xray/pkg/xray/resource" + xray_datasource "github.com/jfrog/terraform-provider-xray/v3/pkg/xray/datasource" + xray_resource "github.com/jfrog/terraform-provider-xray/v3/pkg/xray/resource" ) -var Version = "2.11.1" +var Version = "3.0.0" var productId = "terraform-provider-xray/" + Version // Ensure the implementation satisfies the provider.Provider interface. @@ -34,7 +34,6 @@ type XrayProviderModel struct { AccessToken types.String `tfsdk:"access_token"` OIDCProviderName types.String `tfsdk:"oidc_provider_name"` TFCCredentialTagName types.String `tfsdk:"tfc_credential_tag_name"` - CheckLicense types.Bool `tfsdk:"check_license"` } // Metadata satisfies the provider.Provider interface for ArtifactoryProvider @@ -76,11 +75,6 @@ func (p *XrayProvider) Schema(ctx context.Context, req provider.SchemaRequest, r }, Description: "Terraform Cloud Workload Identity Token tag name. Use for generating multiple TFC workload identity tokens. When set, the provider will attempt to use env var with this tag name as suffix. **Note:** this is case sensitive, so if set to `JFROG`, then env var `TFC_WORKLOAD_IDENTITY_TOKEN_JFROG` is used instead of `TFC_WORKLOAD_IDENTITY_TOKEN`. See [Generating Multiple Tokens](https://developer.hashicorp.com/terraform/cloud-docs/workspaces/dynamic-provider-credentials/manual-generation#generating-multiple-tokens) on HCP Terraform for more details.", }, - "check_license": schema.BoolAttribute{ - Optional: true, - Description: "Toggle for pre-flight checking of Artifactory Pro and Enterprise license. Default to `true`.", - DeprecationMessage: "Remove this attribute from your provider configuration as it is no longer used and the attribute will be removed in the next major version of the provider.", - }, }, } } diff --git a/pkg/xray/resource/resource_xray_binary_manager_builds_test.go b/pkg/xray/resource/resource_xray_binary_manager_builds_test.go index 168f1e38..366232b2 100644 --- a/pkg/xray/resource/resource_xray_binary_manager_builds_test.go +++ b/pkg/xray/resource/resource_xray_binary_manager_builds_test.go @@ -10,7 +10,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/terraform" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" "github.com/samber/lo" ) diff --git a/pkg/xray/resource/resource_xray_binary_manager_release_bundle_v2_test.go b/pkg/xray/resource/resource_xray_binary_manager_release_bundle_v2_test.go index 99368083..1e676de5 100644 --- a/pkg/xray/resource/resource_xray_binary_manager_release_bundle_v2_test.go +++ b/pkg/xray/resource/resource_xray_binary_manager_release_bundle_v2_test.go @@ -10,7 +10,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/terraform" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" "github.com/samber/lo" ) diff --git a/pkg/xray/resource/resource_xray_binary_manager_repos_test.go b/pkg/xray/resource/resource_xray_binary_manager_repos_test.go index 875bbdd4..847ab413 100644 --- a/pkg/xray/resource/resource_xray_binary_manager_repos_test.go +++ b/pkg/xray/resource/resource_xray_binary_manager_repos_test.go @@ -7,7 +7,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" "github.com/samber/lo" ) diff --git a/pkg/xray/resource/resource_xray_custom_issue_test.go b/pkg/xray/resource/resource_xray_custom_issue_test.go index cff573c6..defd83a2 100644 --- a/pkg/xray/resource/resource_xray_custom_issue_test.go +++ b/pkg/xray/resource/resource_xray_custom_issue_test.go @@ -9,7 +9,7 @@ import ( "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" "github.com/jfrog/terraform-provider-shared/util/sdk" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) func TestAccCustomIssue_UpgradeFromSDKv2(t *testing.T) { diff --git a/pkg/xray/resource/resource_xray_ignore_rule_test.go b/pkg/xray/resource/resource_xray_ignore_rule_test.go index c1e9aaf1..f4292394 100644 --- a/pkg/xray/resource/resource_xray_ignore_rule_test.go +++ b/pkg/xray/resource/resource_xray_ignore_rule_test.go @@ -12,7 +12,7 @@ import ( "github.com/jfrog/terraform-provider-shared/client" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) func TestAccIgnoreRule_UpgradeFromSDKv2(t *testing.T) { diff --git a/pkg/xray/resource/resource_xray_license_policy.go b/pkg/xray/resource/resource_xray_license_policy.go index 42b44bd4..45280ec3 100644 --- a/pkg/xray/resource/resource_xray_license_policy.go +++ b/pkg/xray/resource/resource_xray_license_policy.go @@ -3,9 +3,11 @@ package xray import ( "context" + "github.com/hashicorp/terraform-plugin-framework-validators/listvalidator" "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator" "github.com/hashicorp/terraform-plugin-framework/attr" "github.com/hashicorp/terraform-plugin-framework/diag" + "github.com/hashicorp/terraform-plugin-framework/path" "github.com/hashicorp/terraform-plugin-framework/resource" "github.com/hashicorp/terraform-plugin-framework/resource/schema" "github.com/hashicorp/terraform-plugin-framework/resource/schema/booldefault" @@ -42,13 +44,13 @@ func (r LicensePolicyResource) toCriteriaAPIModel(ctx context.Context, criteriaE attrs := criteriaElems[0].(types.Object).Attributes() var allowedLicenses []string - d := attrs["allowed_licenses"].(types.Set).ElementsAs(ctx, &allowedLicenses, false) + d := attrs["allowed_licenses"].(types.List).ElementsAs(ctx, &allowedLicenses, false) if d.HasError() { diags.Append(d...) } var bannedLicenses []string - d = attrs["banned_licenses"].(types.Set).ElementsAs(ctx, &bannedLicenses, false) + d = attrs["banned_licenses"].(types.List).ElementsAs(ctx, &bannedLicenses, false) if d.HasError() { diags.Append(d...) } @@ -82,8 +84,8 @@ func (r LicensePolicyResource) toAPIModel(ctx context.Context, plan PolicyResour var licenseCriteriaAttrTypes = lo.Assign( map[string]attr.Type{ "allow_unknown": types.BoolType, - "allowed_licenses": types.SetType{ElemType: types.StringType}, - "banned_licenses": types.SetType{ElemType: types.StringType}, + "allowed_licenses": types.ListType{ElemType: types.StringType}, + "banned_licenses": types.ListType{ElemType: types.StringType}, "multi_license_permissive": types.BoolType, }, ) @@ -97,12 +99,12 @@ func (r *LicensePolicyResource) fromCriteriaAPIModel(ctx context.Context, criter criteriaSet := types.SetNull(licenseCriteriaSetElementType) if criteraAPIModel != nil { - allowedLicenses, d := types.SetValueFrom(ctx, types.StringType, criteraAPIModel.AllowedLicenses) + allowedLicenses, d := types.ListValueFrom(ctx, types.StringType, criteraAPIModel.AllowedLicenses) if d.HasError() { diags.Append(d...) } - bannedLicenses, d := types.SetValueFrom(ctx, types.StringType, criteraAPIModel.BannedLicenses) + bannedLicenses, d := types.ListValueFrom(ctx, types.StringType, criteraAPIModel.BannedLicenses) if d.HasError() { diags.Append(d...) } @@ -232,14 +234,20 @@ var licenseRuleSetElementType = types.ObjectType{ } var licensePolicyCriteriaAttrs = map[string]schema.Attribute{ - "banned_licenses": schema.SetAttribute{ + "banned_licenses": schema.ListAttribute{ ElementType: types.StringType, Optional: true, + Validators: []validator.List{ + listvalidator.ConflictsWith(path.MatchRelative().AtParent().AtName("allowed_licenses")), + }, Description: "A list of OSS license names that may not be attached to a component. Supports custom licenses added by the user, but there is no verification if the license exists on the Xray side. If the added license doesn't exist, the policy won't trigger the violation.", }, - "allowed_licenses": schema.SetAttribute{ + "allowed_licenses": schema.ListAttribute{ ElementType: types.StringType, Optional: true, + Validators: []validator.List{ + listvalidator.ConflictsWith(path.MatchRelative().AtParent().AtName("banned_licenses")), + }, Description: "A list of OSS license names that may be attached to a component. Supports custom licenses added by the user, but there is no verification if the license exists on the Xray side. If the added license doesn't exist, the policy won't trigger the violation.", }, "allow_unknown": schema.BoolAttribute{ diff --git a/pkg/xray/resource/resource_xray_license_policy_test.go b/pkg/xray/resource/resource_xray_license_policy_test.go index e74d3493..e4e63759 100644 --- a/pkg/xray/resource/resource_xray_license_policy_test.go +++ b/pkg/xray/resource/resource_xray_license_policy_test.go @@ -10,7 +10,7 @@ import ( "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" "github.com/jfrog/terraform-provider-shared/util/sdk" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) var testDataLicense = map[string]string{ @@ -82,7 +82,6 @@ func TestAccLicensePolicy_UpgradeFromSDKv2(t *testing.T) { config := util.ExecuteTemplate(fqrn, template, testData) resource.Test(t, resource.TestCase{ - CheckDestroy: acctest.VerifyDeleted(fqrn, "", acctest.CheckPolicy), Steps: []resource.TestStep{ { ExternalProviders: map[string]resource.ExternalProvider{ @@ -97,8 +96,13 @@ func TestAccLicensePolicy_UpgradeFromSDKv2(t *testing.T) { ), }, { - Config: config, - ProtoV6ProviderFactories: acctest.ProtoV6ProviderFactories, + Config: config, + ExternalProviders: map[string]resource.ExternalProvider{ + "xray": { + Source: "jfrog/xray", + VersionConstraint: "2.13.2", + }, + }, ConfigPlanChecks: resource.ConfigPlanChecks{ PreApply: []plancheck.PlanCheck{ plancheck.ExpectEmptyPlan(), @@ -490,3 +494,77 @@ const licensePolicyTemplate = `resource "xray_license_policy" "{{ .resource_name } } }` + +func TestAccLicensePolicy_MigrateSetToList(t *testing.T) { + _, fqrn, resourceName := testutil.MkNames("policy-", "xray_license_policy") + + testData := sdk.MergeMaps(testDataLicense) + testData["resource_name"] = resourceName + testData["policy_name"] = fmt.Sprintf("terraform-license-policy-3-%d", testutil.RandomInt()) + testData["rule_name"] = fmt.Sprintf("test-license-rule-3-%d", testutil.RandomInt()) + testData["multi_license_permissive"] = "true" + testData["allowedOrBanned"] = "allowed_licenses" + + template := ` + resource "xray_license_policy" "{{ .resource_name }}" { + name = "{{ .policy_name }}" + description = "{{ .policy_description }}" + type = "license" + + rule { + name = "{{ .rule_name }}" + priority = 1 + + criteria { + allowed_licenses = ["{{ .license_0 }}","{{ .license_1 }}"] + allow_unknown = {{ .allow_unknown }} + multi_license_permissive = {{ .multi_license_permissive }} + } + + actions { + mails = ["{{ .mails_0 }}", "{{ .mails_1 }}"] + block_download { + unscanned = {{ .block_unscanned }} + active = {{ .block_active }} + } + block_release_bundle_distribution = {{ .block_release_bundle_distribution }} + block_release_bundle_promotion = {{ .block_release_bundle_promotion }} + fail_build = {{ .fail_build }} + notify_watch_recipients = {{ .notify_watch_recipients }} + notify_deployer = {{ .notify_deployer }} + create_ticket_enabled = {{ .create_ticket_enabled }} + custom_severity = "{{ .custom_severity }}" + build_failure_grace_period_in_days = {{ .grace_period_days }} + } + } + }` + + config := util.ExecuteTemplate(fqrn, template, testData) + + resource.Test(t, resource.TestCase{ + CheckDestroy: acctest.VerifyDeleted(fqrn, testData["resource_name"], acctest.CheckPolicy), + Steps: []resource.TestStep{ + { + ExternalProviders: map[string]resource.ExternalProvider{ + "xray": { + Source: "jfrog/xray", + VersionConstraint: "2.13.2", + }, + }, + Config: config, + Check: resource.ComposeTestCheckFunc( + verifyLicensePolicy(fqrn, testData, testData["allowedOrBanned"]), + ), + }, + { + Config: config, + ProtoV6ProviderFactories: acctest.ProtoV6ProviderFactories, + ConfigPlanChecks: resource.ConfigPlanChecks{ + PreApply: []plancheck.PlanCheck{ + plancheck.ExpectEmptyPlan(), + }, + }, + }, + }, + }) +} diff --git a/pkg/xray/resource/resource_xray_operational_risk_policy_test.go b/pkg/xray/resource/resource_xray_operational_risk_policy_test.go index 832b9a12..cb9bd27b 100644 --- a/pkg/xray/resource/resource_xray_operational_risk_policy_test.go +++ b/pkg/xray/resource/resource_xray_operational_risk_policy_test.go @@ -10,7 +10,7 @@ import ( "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" "github.com/jfrog/terraform-provider-shared/util/sdk" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) var testDataOperationalRisk = map[string]string{ diff --git a/pkg/xray/resource/resource_xray_report_test.go b/pkg/xray/resource/resource_xray_report_test.go index cbf2680c..4d0c7ff4 100644 --- a/pkg/xray/resource/resource_xray_report_test.go +++ b/pkg/xray/resource/resource_xray_report_test.go @@ -10,7 +10,7 @@ import ( "github.com/jfrog/terraform-provider-shared/client" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util/sdk" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) var licenseFilterFields = map[string]interface{}{ diff --git a/pkg/xray/resource/resource_xray_repository_config_test.go b/pkg/xray/resource/resource_xray_repository_config_test.go index 3e51135a..e7123a8a 100644 --- a/pkg/xray/resource/resource_xray_repository_config_test.go +++ b/pkg/xray/resource/resource_xray_repository_config_test.go @@ -11,7 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/plancheck" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) func TestAccRepositoryConfig_UpgradeFromSDKv2(t *testing.T) { diff --git a/pkg/xray/resource/resource_xray_security_policy_test.go b/pkg/xray/resource/resource_xray_security_policy_test.go index c831365e..1f03bd39 100644 --- a/pkg/xray/resource/resource_xray_security_policy_test.go +++ b/pkg/xray/resource/resource_xray_security_policy_test.go @@ -12,7 +12,7 @@ import ( "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" "github.com/jfrog/terraform-provider-shared/util/sdk" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) const criteriaTypeCvss = "cvss" diff --git a/pkg/xray/resource/resource_xray_settings_test.go b/pkg/xray/resource/resource_xray_settings_test.go index e8f7b0df..8c7c54a3 100644 --- a/pkg/xray/resource/resource_xray_settings_test.go +++ b/pkg/xray/resource/resource_xray_settings_test.go @@ -9,7 +9,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/plancheck" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) func TestAccSettings_UpgradeFromSDKv2(t *testing.T) { diff --git a/pkg/xray/resource/resource_xray_watch_test.go b/pkg/xray/resource/resource_xray_watch_test.go index e2dc47ce..bcd60637 100644 --- a/pkg/xray/resource/resource_xray_watch_test.go +++ b/pkg/xray/resource/resource_xray_watch_test.go @@ -12,7 +12,7 @@ import ( "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" "github.com/jfrog/terraform-provider-shared/util/sdk" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) var testDataWatch = map[string]string{ diff --git a/pkg/xray/resource/resource_xray_webhook_test.go b/pkg/xray/resource/resource_xray_webhook_test.go index 762b6984..f373591f 100644 --- a/pkg/xray/resource/resource_xray_webhook_test.go +++ b/pkg/xray/resource/resource_xray_webhook_test.go @@ -9,7 +9,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) func TestAccWebhook_UpgradeFromSDKv2(t *testing.T) { diff --git a/pkg/xray/resource/resource_xray_workers_count_test.go b/pkg/xray/resource/resource_xray_workers_count_test.go index ca33a8c7..1a1be65e 100644 --- a/pkg/xray/resource/resource_xray_workers_count_test.go +++ b/pkg/xray/resource/resource_xray_workers_count_test.go @@ -6,7 +6,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/jfrog/terraform-provider-shared/testutil" "github.com/jfrog/terraform-provider-shared/util" - "github.com/jfrog/terraform-provider-xray/pkg/acctest" + "github.com/jfrog/terraform-provider-xray/v3/pkg/acctest" ) func TestAccWorkersCount_full(t *testing.T) { diff --git a/sample.tf b/sample.tf index fd67578c..12828273 100644 --- a/sample.tf +++ b/sample.tf @@ -3,7 +3,7 @@ terraform { required_providers { xray = { source = "jfrog/xray" - version = "2.3.0" + version = "3.0.0" } } }