New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add safe-delete workspace API, and org setting to restrict force-delete #539
Changes from 7 commits
7e7faed
8730b72
51341b4
16d153b
2213c1e
e8b91ef
01e5267
dc48cae
d86cb66
f3a30d5
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -565,7 +565,43 @@ func TestOrganizationsReadRunTasksEntitlement(t *testing.T) { | |
assert.NotEmpty(t, entitlements.ID) | ||
assert.True(t, entitlements.RunTasks) | ||
}) | ||
} | ||
|
||
func TestOrganizationsAllowForceDeleteSetting(t *testing.T) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Our docs should be much more explicit, but we've recently introduced test splitting in our CI and we're requiring all top-level tests to call |
||
skipIfNotCINode(t) | ||
|
||
client := testClient(t) | ||
ctx := context.Background() | ||
|
||
t.Run("creates and updates allow force delete", func(t *testing.T) { | ||
options := OrganizationCreateOptions{ | ||
Name: String(randomString(t)), | ||
Email: String(randomString(t) + "@tfe.local"), | ||
AllowForceDeleteWorkspaces: Bool(true), | ||
} | ||
|
||
org, err := client.Organizations.Create(ctx, options) | ||
require.NoError(t, err) | ||
|
||
t.Cleanup(func() { | ||
err := client.Organizations.Delete(ctx, org.Name) | ||
if err != nil { | ||
t.Errorf("error deleting organization (%s): %s", org.Name, err) | ||
} | ||
}) | ||
|
||
assert.Equal(t, *options.Name, org.Name) | ||
assert.Equal(t, *options.Email, org.Email) | ||
assert.True(t, org.AllowForceDeleteWorkspaces) | ||
|
||
org, err = client.Organizations.Update(ctx, org.Name, OrganizationUpdateOptions{AllowForceDeleteWorkspaces: Bool(false)}) | ||
require.NoError(t, err) | ||
assert.False(t, org.AllowForceDeleteWorkspaces) | ||
|
||
org, err = client.Organizations.Read(ctx, org.Name) | ||
require.NoError(t, err) | ||
assert.False(t, org.AllowForceDeleteWorkspaces) | ||
}) | ||
} | ||
|
||
func orgItemsContainsName(items []*Organization, name string) bool { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, a recurring pain point for us. I tried introducing this in #527 but it was ultimately rejected considering it could obfuscate an authorization bug. So unfortunately will have to reject it here -- I think we can omit the cleanup for now if an "already deleted" workspace is causing this error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Interesting...I think I would lean the other direction on that, since a test creating a workspace and then being unable to "see" it when it goes for a delete seems unlikely, but I definitely see the logic
I removed the
ErrResourceNotFound
check, and switched a lot of the tests to usingt.Cleanup
instead ofdefer
for the cleanup callbacks, and that does seem to have cleared up most of the cleanup errors~I also changed this to delete the workspace by ID instead of Name, because we had one test which changes the workspace name (causing this cleanup to fail)