Merge pull request #583 from hashicorp/mr/TF-1450-policy-evaluation

Support for Policy Evaluation and Policy set outcome API's
hashicorp · Nov 10, 2022 · f2188c9 · f2188c9
2 parents 3b3a69e + e9f6b08
commit f2188c9
Show file tree

Hide file tree

Showing 9 changed files with 650 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,7 @@
 
 * Add OPA support to the Policy Set APIs by @mrinalirao [#575](https://github.com/hashicorp/go-tfe/pull/575)
 * Add OPA support to the Policy APIs by @mrinalirao [#579](https://github.com/hashicorp/go-tfe/pull/579)
+* Add Policy Evaluation and Policy Set Outcome APIs by @mrinalirao [#583](https://github.com/hashicorp/go-tfe/pull/583)
 
 # v1.12.0
 

diff --git a/errors.go b/errors.go
@@ -116,6 +116,10 @@ var (
 
 	ErrInvalidPolicyCheckID = errors.New("invalid value for policy check ID")
 
+	ErrInvalidPolicyEvaluationID = errors.New("invalid value for policy evaluation ID")
+
+	ErrInvalidPolicySetOutcomeID = errors.New("invalid value for policy set outcome ID")
+
 	ErrInvalidTag = errors.New("invalid tag id")
 
 	ErrInvalidPlanExportID = errors.New("invalid value for plan export ID")

diff --git a/generate_mocks.sh b/generate_mocks.sh
@@ -61,3 +61,4 @@ mockgen -source=variable_set_variable.go -destination=mocks/variable_set_variabl
 mockgen -source=workspace.go -destination=mocks/workspace_mocks.go -package=mocks
 mockgen -source=workspace_run_task.go -destination=mocks/workspace_run_tasks_mocks.go -package=mocks
 mockgen -source=agent.go -destination=mocks/agents.go -package=mocks
+mockgen -source=policy_evaluation.go -destination=mocks/policy_evaluation.go -package=mocks
diff --git a/helper_test.go b/helper_test.go
@@ -622,11 +622,20 @@ func createPolicyWithOptions(t *testing.T, client *Client, org *Organization, op
 	}
 
 	name := randomString(t)
+	path := name + ".sentinel"
+	if opts.Kind == OPA {
+		path = name + ".rego"
+	}
 	options := PolicyCreateOptions{
-		Name:    String(name),
-		Kind:    opts.Kind,
-		Query:   opts.Query,
-		Enforce: opts.Enforce,
+		Name:  String(name),
+		Kind:  opts.Kind,
+		Query: opts.Query,
+		Enforce: []*EnforcementOptions{
+			{
+				Path: String(path),
+				Mode: opts.Enforce[0].Mode,
+			},
+		},
 	}
 
 	ctx := context.Background()
@@ -687,7 +696,14 @@ func createUploadedPolicyWithOptions(t *testing.T, client *Client, pass bool, or
 	p, pCleanup := createPolicyWithOptions(t, client, org, opts)
 
 	ctx := context.Background()
-	err := client.Policies.Upload(ctx, p.ID, []byte(fmt.Sprintf("main = rule { %t }", pass)))
+	policy := fmt.Sprintf("main = rule { %t }", pass)
+	if opts.Kind == OPA {
+		policy = `package example rule["not allowed"] { false }`
+		if !pass {
+			policy = `package example rule["not allowed"] { true }`
+		}
+	}
+	err := client.Policies.Upload(ctx, p.ID, []byte(policy))
 	if err != nil {
 		t.Fatal(err)
 	}

diff --git a/mocks/policy_evaluation.go b/mocks/policy_evaluation.go