Merge pull request #104 from jfrog/GH-103-oper-risk-watch

GH-103 add support for `operational_risk` policies in Xray watches
jfrog · Feb 10, 2023 · 9461717 · 9461717
2 parents 5703a8c + ed19088
commit 9461717
Show file tree

Hide file tree

Showing 5 changed files with 125 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,11 @@
+## 1.9.10 (February 10, 2023). Tested on Artifactory 7.49.6 and Xray 3.66.6
+
+BUG FIXES:
+
+* resource/xray_watch: added missing support for `operational_risk` policy types.
+  Issue [#103](https://github.com/jfrog/terraform-provider-xray/issues/103)
+  PR [#104](https://github.com/jfrog/terraform-provider-xray/pull/104)
+
 ## 1.9.9 (January 31, 2023). Tested on Artifactory 7.49.6 and Xray 3.65.3
 
 IMPROVEMENTS:

diff --git a/docs/resources/watch.md b/docs/resources/watch.md
@@ -41,6 +41,11 @@ resource "xray_watch" "all-repos" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -84,6 +89,11 @@ resource "xray_watch" "repository" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -138,6 +148,11 @@ resource "xray_watch" "repository-ant-filter" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -167,6 +182,11 @@ resource "xray_watch" "all-builds-with-filters" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -198,6 +218,11 @@ resource "xray_watch" "build" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -222,6 +247,11 @@ resource "xray_watch" "all-projects" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -251,6 +281,11 @@ resource "xray_watch" "all-projects-with-filters" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -279,6 +314,11 @@ resource "xray_watch" "project" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 ```
@@ -309,7 +349,7 @@ resource "xray_watch" "project" {
 Required:
 
 - `name` (String) The name of the policy that will be applied
-- `type` (String) The type of the policy - security or license
+- `type` (String) The type of the policy - security, license or operational risk
 
 
 <a id="nestedblock--watch_resource"></a>

diff --git a/examples/resources/xray_watch/resource.tf b/examples/resources/xray_watch/resource.tf
@@ -23,6 +23,11 @@ resource "xray_watch" "all-repos" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -66,6 +71,11 @@ resource "xray_watch" "repository" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -120,6 +130,11 @@ resource "xray_watch" "repository-ant-filter" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -149,6 +164,11 @@ resource "xray_watch" "all-builds-with-filters" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -180,6 +200,11 @@ resource "xray_watch" "build" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -204,6 +229,11 @@ resource "xray_watch" "all-projects" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -233,6 +263,11 @@ resource "xray_watch" "all-projects-with-filters" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
 
@@ -261,5 +296,10 @@ resource "xray_watch" "project" {
     type = "license"
   }
 
+  assigned_policy {
+    name = xray_operational_risk_policy.op_risk.name
+    type = "operational_risk"
+  }
+
   watch_recipients = ["[email protected]", "[email protected]"]
 }
diff --git a/pkg/xray/resource_xray_watch.go b/pkg/xray/resource_xray_watch.go
@@ -162,8 +162,8 @@ func resourceXrayWatch() *schema.Resource {
 							"type": {
 								Type:             schema.TypeString,
 								Required:         true,
-								Description:      "The type of the policy - security or license",
-								ValidateDiagFunc: validator.StringInSlice(true, "security", "license"),
+								Description:      "The type of the policy - security, license or operational risk",
+								ValidateDiagFunc: validator.StringInSlice(true, "security", "license", "operational_risk"),
 							},
 						},
 					},

diff --git a/pkg/xray/resource_xray_watch_test.go b/pkg/xray/resource_xray_watch_test.go
@@ -179,12 +179,14 @@ func TestAccWatch_allReposMultiplePolicies(t *testing.T) {
 	testData["watch_name"] = fmt.Sprintf("xray-watch-%d", test.RandomInt())
 	testData["policy_name_0"] = fmt.Sprintf("xray-policy-1%d", test.RandomInt())
 	testData["policy_name_1"] = fmt.Sprintf("xray-policy-2%d", test.RandomInt())
+	testData["policy_name_2"] = fmt.Sprintf("xray-policy-3%d", test.RandomInt())
 
 	resource.Test(t, resource.TestCase{
 		PreCheck: func() { testAccPreCheck(t) },
 		CheckDestroy: verifyDeleted(fqrn, func(id string, request *resty.Request) (*resty.Response, error) {
 			testCheckPolicyDeleted(testData["policy_name_0"], t, request)
 			testCheckPolicyDeleted(testData["policy_name_1"], t, request)
+			testCheckPolicyDeleted(testData["policy_name_2"], t, request)
 			resp, err := testCheckWatch(id, request)
 			return resp, err
 		}),
@@ -209,6 +211,8 @@ func TestAccWatch_allReposMultiplePolicies(t *testing.T) {
 					resource.TestCheckResourceAttr(fqrn, "assigned_policy.0.type", "security"),
 					resource.TestCheckResourceAttr(fqrn, "assigned_policy.1.name", testData["policy_name_1"]),
 					resource.TestCheckResourceAttr(fqrn, "assigned_policy.1.type", "license"),
+					resource.TestCheckResourceAttr(fqrn, "assigned_policy.2.name", testData["policy_name_2"]),
+					resource.TestCheckResourceAttr(fqrn, "assigned_policy.2.type", "operational_risk"),
 				),
 			},
 		},
@@ -1050,6 +1054,31 @@ resource "xray_license_policy" "license" {
   }
 }
 
+resource "xray_operational_risk_policy" "op-risk-policy" {
+		name = "{{ .policy_name_2 }}"
+		description = "Operational risk policy description"
+		type = "operational_risk"
+		rule {
+			name = "Op_risk_rule"
+			priority = 1
+			criteria {
+				op_risk_min_risk = "Low"
+			}
+			actions {
+				block_release_bundle_distribution 	= false
+				fail_build 							= true
+				notify_watch_recipients 			= false
+				notify_deployer 					= false
+				create_ticket_enabled 				= false
+				build_failure_grace_period_in_days 	= 5
+				block_download {
+					unscanned 	= false
+					active 		= true
+				}
+			}
+		}
+	}
+
 resource "xray_watch" "{{ .resource_name }}" {
   name        	= "{{ .watch_name }}"
   description 	= "{{ .description }}"
@@ -1075,6 +1104,11 @@ resource "xray_watch" "{{ .resource_name }}" {
   	type 	= "license"
   }
 
+  assigned_policy {
+  	name 	= xray_operational_risk_policy.op-risk-policy.name
+  	type 	= "operational_risk"
+  }
+
   watch_recipients = ["{{ .watch_recipient_0 }}", "{{ .watch_recipient_1 }}"]
 }`