Skip to content

Add support for debug permission #32

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Feb 16, 2021
Merged

Add support for debug permission #32

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions codefresh/resource_permission.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,10 @@ package codefresh

import (
"fmt"
"log"

cfClient "github.com/codefresh-io/terraform-provider-codefresh/client"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"log"
)

func resourcePermission() *schema.Resource {
Expand Down Expand Up @@ -42,8 +43,8 @@ func resourcePermission() *schema.Resource {
Required: true,
ValidateFunc: func(val interface{}, key string) (warns []string, errs []error) {
v := val.(string)
if v != "create" && v != "read" && v != "update" && v != "delete" && v != "run" && v != "approve" {
errs = append(errs, fmt.Errorf("%q must be between one of create,read,update,delete,approve, got: %s", key, v))
if v != "create" && v != "read" && v != "update" && v != "delete" && v != "run" && v != "approve" && v != "debug" {
errs = append(errs, fmt.Errorf("%q must be between one of create,read,update,delete,approve,debug got: %s", key, v))
}
return
},
Expand Down
45 changes: 44 additions & 1 deletion docs/resources/permissions.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,49 @@
# resource codefresh_permission
Permission are used to setup access control and allow to define which teams have access to which clusters and pipelines based on tags
See the [documentation](https://codefresh.io/docs/docs/administration/access-control/).

## Example usage

```hcl
resource "codefresh_team" "developers" {
name = "developers"

users = [
"5efc3cb6355c6647041b6e49",
"59009221c102763beda7cf04"
]
}

resource "codefresh_permission" "developers" {

team = codefresh_team.developers.id
resource = "pipeline"
action = "run"
tags = [
"demo",
"test"
]
}
```

## Argument Reference

- `action` - (Required) Action to be allowed. Possible values:
- __create__
- __read__
- __update__
- __delete__
- __run__ (Only valid for `pipeline` resource)
- __approve__ (Only valid for `pipeline` resource)
- __debug__ (Only valid for `pipeline` resource)
- `resource` - (Required) The type of resource the permission applies to. Possible values:
- __pipeline__
- __cluster__
- `team` - (Required) The Id of the team the permissions apply to.
- `tags` - (Optional) The effective tags to apply the permission. It supports 2 custom tags:
- __untagged__ is a “tag” which refers to all clusters that don’t have any tag.
- __*__ (the star character) means all tags.

## Attributes Reference

```
- `id` - The permission ID.