diff --git a/CHANGELOG.md b/CHANGELOG.md index 7131b0ef..8675a633 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,19 @@ +## 1.3.1 (October 4, 2023). Tested on Artifactory 7.68.13 and Xray 3.82.11 + +IMPROVEMENTS: + +* resource/project: + * Add clarification to `block_deployments_on_limit` attribute documentation with regards to difference behavior between self-hosted and cloud environments. + * Update documentation and remove `role` attributes in HCL example. +* resource/project_role: Add HCL example to documentation. +* Update `sample.tf` to use `project_role` resource instead of `project.role` attribute. + +PR: [#87](https://github.com/jfrog/terraform-provider-project/pull/87) + ## 1.3.0 (September 25, 2023). Tested on Artifactory 7.68.11 and Xray 3.82.11 FEATURES: + * **New Resource:** `project_role` - Separate resource to manage project role. * resource/project: Add `use_project_role_resource` attribute to toggle if `project` resource should use its `roles` or not to manage project roles. Should be set to `true` when using in conjunction with `project_role` resource. diff --git a/GNUmakefile b/GNUmakefile index 339a79db..8c0abf19 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -65,7 +65,7 @@ fmt: @go fmt ./... doc: - rm -r -v docs/* + rm -rfv docs/* go generate .PHONY: build fmt \ No newline at end of file diff --git a/docs/resources/project.md b/docs/resources/project.md index 84aa1e5e..b876b86e 100644 --- a/docs/resources/project.md +++ b/docs/resources/project.md @@ -59,6 +59,7 @@ resource "project" "myproject" { max_storage_in_gibibytes = 10 block_deployments_on_limit = false email_notification = true + use_project_role_resource = true member { name = "user1" @@ -80,22 +81,6 @@ resource "project" "myproject" { roles = ["release manager"] } - role { - name = "developer" - description = "Developer role" - type = "CUSTOM" - environments = ["DEV"] - actions = ["READ_REPOSITORY", "ANNOTATE_REPOSITORY", "DEPLOY_CACHE_REPOSITORY", "DELETE_OVERWRITE_REPOSITORY", "TRIGGER_PIPELINE", "READ_INTEGRATIONS_PIPELINE", "READ_POOLS_PIPELINE", "MANAGE_INTEGRATIONS_PIPELINE", "MANAGE_SOURCES_PIPELINE", "MANAGE_POOLS_PIPELINE"] - } - - role { - name = "devop" - description = "DevOp role" - type = "CUSTOM" - environments = ["DEV", "PROD"] - actions = ["READ_REPOSITORY", "ANNOTATE_REPOSITORY", "DEPLOY_CACHE_REPOSITORY", "DELETE_OVERWRITE_REPOSITORY", "TRIGGER_PIPELINE", "READ_INTEGRATIONS_PIPELINE", "READ_POOLS_PIPELINE", "MANAGE_INTEGRATIONS_PIPELINE", "MANAGE_SOURCES_PIPELINE", "MANAGE_POOLS_PIPELINE", "READ_BUILD", "ANNOTATE_BUILD", "DEPLOY_BUILD", "DELETE_BUILD",] - } - repos = ["docker-local", "rpm-local"] } ``` @@ -112,6 +97,8 @@ resource "project" "myproject" { ### Optional - `block_deployments_on_limit` (Boolean) Block deployment of artifacts if storage quota is exceeded. + +~>This setting only applies to self-hosted environment. See [Manage Storage Quotas](https://jfrog.com/help/r/jfrog-platform-administration-documentation/manage-storage-quotas). - `description` (String) - `email_notification` (Boolean) Alerts will be sent when reaching 75% and 95% of the storage quota. This serves as a notification only and is not a blocker - `group` (Block Set) Project group. Element has one to one mapping with the [JFrog Project Groups API](https://www.jfrog.com/confluence/display/JFROG/Artifactory+REST+API#ArtifactoryRESTAPI-UpdateGroupinProject) (see [below for nested schema](#nestedblock--group)) diff --git a/docs/resources/role.md b/docs/resources/role.md index 9d45b4fd..5fe2210a 100644 --- a/docs/resources/role.md +++ b/docs/resources/role.md @@ -10,7 +10,18 @@ description: |- Create a project role. Element has one to one mapping with the [JFrog Project Roles API](https://www.jfrog.com/confluence/display/JFROG/Artifactory+REST+API#ArtifactoryRESTAPI-AddaNewRole). Requires a user assigned with the 'Administer the Platform' role or Project Admin permissions if `admin_privileges.manage_resoures` is enabled. - +## Example Usage + +```terraform +resource "project_role" "myrole" { + name = "myrole" + type = "CUSTOM" + project_key = project.myproject.key + + environments = ["DEV"] + actions = ["READ_REPOSITORY", "ANNOTATE_REPOSITORY"] +} +``` ## Schema diff --git a/examples/resources/project/resource.tf b/examples/resources/project/resource.tf index e19e7bbd..f8f1e2d0 100644 --- a/examples/resources/project/resource.tf +++ b/examples/resources/project/resource.tf @@ -10,6 +10,7 @@ resource "project" "myproject" { max_storage_in_gibibytes = 10 block_deployments_on_limit = false email_notification = true + use_project_role_resource = true member { name = "user1" @@ -31,21 +32,5 @@ resource "project" "myproject" { roles = ["release manager"] } - role { - name = "developer" - description = "Developer role" - type = "CUSTOM" - environments = ["DEV"] - actions = ["READ_REPOSITORY", "ANNOTATE_REPOSITORY", "DEPLOY_CACHE_REPOSITORY", "DELETE_OVERWRITE_REPOSITORY", "TRIGGER_PIPELINE", "READ_INTEGRATIONS_PIPELINE", "READ_POOLS_PIPELINE", "MANAGE_INTEGRATIONS_PIPELINE", "MANAGE_SOURCES_PIPELINE", "MANAGE_POOLS_PIPELINE"] - } - - role { - name = "devop" - description = "DevOp role" - type = "CUSTOM" - environments = ["DEV", "PROD"] - actions = ["READ_REPOSITORY", "ANNOTATE_REPOSITORY", "DEPLOY_CACHE_REPOSITORY", "DELETE_OVERWRITE_REPOSITORY", "TRIGGER_PIPELINE", "READ_INTEGRATIONS_PIPELINE", "READ_POOLS_PIPELINE", "MANAGE_INTEGRATIONS_PIPELINE", "MANAGE_SOURCES_PIPELINE", "MANAGE_POOLS_PIPELINE", "READ_BUILD", "ANNOTATE_BUILD", "DEPLOY_BUILD", "DELETE_BUILD",] - } - repos = ["docker-local", "rpm-local"] } diff --git a/examples/resources/project_role/resource.tf b/examples/resources/project_role/resource.tf new file mode 100644 index 00000000..907cb511 --- /dev/null +++ b/examples/resources/project_role/resource.tf @@ -0,0 +1,8 @@ +resource "project_role" "myrole" { + name = "myrole" + type = "CUSTOM" + project_key = project.myproject.key + + environments = ["DEV"] + actions = ["READ_REPOSITORY", "ANNOTATE_REPOSITORY"] +} diff --git a/pkg/project/resource_project.go b/pkg/project/resource_project.go index 5199ff5b..a44cc654 100644 --- a/pkg/project/resource_project.go +++ b/pkg/project/resource_project.go @@ -119,7 +119,7 @@ func projectResource() *schema.Resource { Type: schema.TypeBool, Optional: true, Default: false, - Description: "Block deployment of artifacts if storage quota is exceeded.", + Description: "Block deployment of artifacts if storage quota is exceeded.\n\n~>This setting only applies to self-hosted environment. See [Manage Storage Quotas](https://jfrog.com/help/r/jfrog-platform-administration-documentation/manage-storage-quotas).", }, "email_notification": { Type: schema.TypeBool, diff --git a/sample.tf b/sample.tf index 565d5a21..f2ff85a1 100644 --- a/sample.tf +++ b/sample.tf @@ -30,6 +30,7 @@ resource "project" "myproject" { max_storage_in_gibibytes = 10 block_deployments_on_limit = false email_notification = true + use_project_role_resource = true member { name = "user1" // Must exist already in Artifactory @@ -51,22 +52,6 @@ resource "project" "myproject" { roles = ["Release Manager"] } - role { - name = "qa" - description = "QA role" - type = "CUSTOM" - environments = ["DEV"] - actions = var.qa_roles - } - - role { - name = "devop" - description = "DevOp role" - type = "CUSTOM" - environments = ["DEV", "PROD"] - actions = var.devop_roles - } - repos = ["docker-local", "npm-remote"] // Must exist already in Artifactory } @@ -74,3 +59,21 @@ resource "project_environment" "myenv" { name = "myenv" project_key = project.myproj.key } + +resource "project_role" "qa" { + name = "qa" + type = "CUSTOM" + project_key = project.myproject.key + + environments = ["DEV"] + actions = var.qa_roles +} + +resource "project_role" "devop" { + name = "devop" + type = "CUSTOM" + project_key = project.myproject.key + + environments = ["DEV", "PROD"] + actions = var.devop_roles +}