From 32eddec418d98ff3d563c78710a234b2cbc1e655 Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Wed, 13 Jul 2022 17:42:08 -0400 Subject: [PATCH 01/16] Add support for managing srift detection setting on workspaces --- tfe/data_source_workspace.go | 6 +++ tfe/data_source_workspace_test.go | 3 ++ tfe/resource_tfe_workspace.go | 11 ++++- tfe/resource_tfe_workspace_test.go | 60 ++++++++++++++++++++++++++ website/docs/d/workspace.html.markdown | 1 + website/docs/r/workspace.html.markdown | 1 + 6 files changed, 81 insertions(+), 1 deletion(-) diff --git a/tfe/data_source_workspace.go b/tfe/data_source_workspace.go index 396cc5add..48b43991e 100644 --- a/tfe/data_source_workspace.go +++ b/tfe/data_source_workspace.go @@ -54,6 +54,11 @@ func dataSourceTFEWorkspace() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, }, + "drift_detection": { + Type: schema.TypeBool, + Computed: true, + }, + "operations": { Type: schema.TypeBool, Computed: true, @@ -183,6 +188,7 @@ func dataSourceTFEWorkspaceRead(d *schema.ResourceData, meta interface{}) error d.Set("allow_destroy_plan", workspace.AllowDestroyPlan) d.Set("auto_apply", workspace.AutoApply) d.Set("description", workspace.Description) + d.Set("drift_detection", workspace.DriftDetection) d.Set("file_triggers_enabled", workspace.FileTriggersEnabled) d.Set("operations", workspace.Operations) d.Set("policy_check_failures", workspace.PolicyCheckFailures) diff --git a/tfe/data_source_workspace_test.go b/tfe/data_source_workspace_test.go index f816fdeff..66eadbe82 100644 --- a/tfe/data_source_workspace_test.go +++ b/tfe/data_source_workspace_test.go @@ -91,6 +91,8 @@ func TestAccTFEWorkspaceDataSource_basic(t *testing.T) { "data.tfe_workspace.foobar", "runs_count", "0"), resource.TestCheckResourceAttr( "data.tfe_workspace.foobar", "speculative_enabled", "true"), + resource.TestCheckResourceAttr( + "data.tfe_workspace.foobar", "drift_detection", "false"), resource.TestCheckResourceAttr( "data.tfe_workspace.foobar", "structured_run_output_enabled", "true"), resource.TestCheckResourceAttr( @@ -174,6 +176,7 @@ resource "tfe_workspace" "foobar" { file_triggers_enabled = true queue_all_runs = false speculative_enabled = true + drift_detection = false tag_names = ["modules", "shared"] terraform_version = "0.11.1" trigger_prefixes = ["/modules", "/shared"] diff --git a/tfe/resource_tfe_workspace.go b/tfe/resource_tfe_workspace.go index 5be30d65c..5286dd1e1 100644 --- a/tfe/resource_tfe_workspace.go +++ b/tfe/resource_tfe_workspace.go @@ -123,6 +123,12 @@ func resourceTFEWorkspace() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, }, + "drift_detection": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + "operations": { Type: schema.TypeBool, Optional: true, @@ -241,6 +247,7 @@ func resourceTFEWorkspaceCreate(d *schema.ResourceData, meta interface{}) error AllowDestroyPlan: tfe.Bool(d.Get("allow_destroy_plan").(bool)), AutoApply: tfe.Bool(d.Get("auto_apply").(bool)), Description: tfe.String(d.Get("description").(string)), + DriftDetection: tfe.Bool(d.Get("drift_detection").(bool)), FileTriggersEnabled: tfe.Bool(d.Get("file_triggers_enabled").(bool)), QueueAllRuns: tfe.Bool(d.Get("queue_all_runs").(bool)), SpeculativeEnabled: tfe.Bool(d.Get("speculative_enabled").(bool)), @@ -438,13 +445,15 @@ func resourceTFEWorkspaceUpdate(d *schema.ResourceData, meta interface{}) error d.HasChange("allow_destroy_plan") || d.HasChange("speculative_enabled") || d.HasChange("operations") || d.HasChange("execution_mode") || d.HasChange("description") || d.HasChange("agent_pool_id") || - d.HasChange("global_remote_state") || d.HasChange("structured_run_output_enabled") { + d.HasChange("global_remote_state") || d.HasChange("structured_run_output_enabled") || + d.HasChange("drift_detection") { // Create a new options struct. options := tfe.WorkspaceUpdateOptions{ Name: tfe.String(d.Get("name").(string)), AllowDestroyPlan: tfe.Bool(d.Get("allow_destroy_plan").(bool)), AutoApply: tfe.Bool(d.Get("auto_apply").(bool)), Description: tfe.String(d.Get("description").(string)), + DriftDetection: tfe.Bool(d.Get("drift_detection").(bool)), FileTriggersEnabled: tfe.Bool(d.Get("file_triggers_enabled").(bool)), GlobalRemoteState: tfe.Bool(d.Get("global_remote_state").(bool)), QueueAllRuns: tfe.Bool(d.Get("queue_all_runs").(bool)), diff --git a/tfe/resource_tfe_workspace_test.go b/tfe/resource_tfe_workspace_test.go index 2d749d5e1..93482bf45 100644 --- a/tfe/resource_tfe_workspace_test.go +++ b/tfe/resource_tfe_workspace_test.go @@ -47,6 +47,8 @@ func TestAccTFEWorkspace_basic(t *testing.T) { "tfe_workspace.foobar", "queue_all_runs", "true"), resource.TestCheckResourceAttr( "tfe_workspace.foobar", "speculative_enabled", "true"), + resource.TestCheckResourceAttr( + "tfe_workspace.foobar", "drift_detection", "false"), resource.TestCheckResourceAttr( "tfe_workspace.foobar", "structured_run_output_enabled", "true"), resource.TestCheckResourceAttr( @@ -2154,6 +2156,45 @@ func testAccCheckTFEWorkspaceDestroy(s *terraform.State) error { return nil } +func TestAccTFEWorkspace_basicDriftDetection(t *testing.T) { + skipIfFreeOnly(t) + skipIfEnterprise(t) + + workspace := &tfe.Workspace{} + rInt := rand.New(rand.NewSource(time.Now().UnixNano())).Int() + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckTFEWorkspaceDestroy, + Steps: []resource.TestStep{ + { + Config: testAccTFEWorkspace_basic(rInt), + Check: resource.ComposeTestCheckFunc( + testAccCheckTFEWorkspaceExists( + "tfe_workspace.foobar", workspace), + testAccCheckTFEWorkspaceAttributes(workspace), + resource.TestCheckResourceAttr( + "tfe_workspace.foobar", "name", "workspace-test"), + resource.TestCheckResourceAttr( + "tfe_workspace.foobar", "drift_detection", "false"), + ), + }, + { + Config: testAccTFEWorkspace_updateDriftDetection(rInt), + Check: resource.ComposeTestCheckFunc( + testAccCheckTFEWorkspaceExists( + "tfe_workspace.foobar", workspace), + resource.TestCheckResourceAttr( + "tfe_workspace.foobar", "name", "workspace-updated"), + resource.TestCheckResourceAttr( + "tfe_workspace.foobar", "drift_detection", "true"), + ), + }, + }, + }) +} + func testAccTFEWorkspace_basic(rInt int) string { return fmt.Sprintf(` resource "tfe_organization" "foobar" { @@ -2381,6 +2422,25 @@ resource "tfe_workspace" "foobar" { }`, rInt) } +func testAccTFEWorkspace_updateDriftDetection(rInt int) string { + return fmt.Sprintf(` +resource "tfe_organization" "foobar" { + name = "tst-terraform-%d" + email = "admin@company.com" +} + +resource "tfe_workspace" "foobar" { + name = "workspace-updated" + organization = tfe_organization.foobar.id + description = "My favorite workspace!" + drift_detection = true + allow_destroy_plan = false + auto_apply = true + tag_names = ["fav", "test"] + terraform_version = "0.15.4" +}`, rInt) +} + func testAccTFEWorkspace_updateAddWorkingDirectory(rInt int) string { return fmt.Sprintf(` resource "tfe_organization" "foobar" { diff --git a/website/docs/d/workspace.html.markdown b/website/docs/d/workspace.html.markdown index 978e7381b..235a16912 100644 --- a/website/docs/d/workspace.html.markdown +++ b/website/docs/d/workspace.html.markdown @@ -35,6 +35,7 @@ In addition to all arguments above, the following attributes are exported: * `id` - The workspace ID. * `allow_destroy_plan` - Indicates whether destroy plans can be queued on the workspace. * `auto_apply` - Indicates whether to automatically apply changes when a Terraform plan is successful. + `drift_detection` - Indicates whether drift detection is enabled for the workspace. * `file_triggers_enabled` - Indicates whether runs are triggered based on the changed files in a VCS push (if `true`) or always triggered on every push (if `false`). * `global_remote_state` - (Optional) Whether the workspace should allow all workspaces in the organization to access its state data during runs. If false, then only specifically approved workspaces can access its state (determined by the `remote_state_consumer_ids` argument). * `remote_state_consumer_ids` - (Optional) A set of workspace IDs that will be set as the remote state consumers for the given workspace. Cannot be used if `global_remote_state` is set to `true`. diff --git a/website/docs/r/workspace.html.markdown b/website/docs/r/workspace.html.markdown index baf26fa92..e30460884 100644 --- a/website/docs/r/workspace.html.markdown +++ b/website/docs/r/workspace.html.markdown @@ -69,6 +69,7 @@ The following arguments are supported: execution modes are valid. When set to `local`, the workspace will be used for state storage only. This value _must not_ be provided if `operations` is provided. +* `drift_detection` - (Optional) Whether to regularly run drift detection assessments on the workspace. Defaults to `false`. * `file_triggers_enabled` - (Optional) Whether to filter runs based on the changed files in a VCS push. Defaults to `false`. If enabled, the working directory and trigger prefixes describe a set of paths which must contain changes for a From aca2698f39e2f8dd4b40e22140727b8c0c814e9f Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Thu, 15 Sep 2022 13:13:45 -0400 Subject: [PATCH 02/16] changelog update --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 441954306..ccbbc63f1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ ## Unreleased * r/tfe_workspace: Changes in `agent_pool_id` and `execution_mode` attributes are now detected and applied. ([#607](https://github.com/hashicorp/terraform-provider-tfe/pull/607)) + * r/tfe_workspace: Added attribute for drift detection setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * d/tfe_workspace: Added attribute for drift detection setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + FEATURES: * r/tfe_workspace_run_task, d/tfe_workspace_run_task: Add `stage` attribute to workspace run tasks. ([#555](https://github.com/hashicorp/terraform-provider-tfe/pull/555)) From c27848087b73641a3216735410d183eafcb92d6f Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Tue, 6 Sep 2022 22:17:23 -0400 Subject: [PATCH 03/16] use 'assessments_enabled' instead of 'drift_detection' --- tfe/data_source_workspace.go | 4 ++-- tfe/data_source_workspace_test.go | 4 ++-- tfe/resource_tfe_workspace.go | 8 ++++---- tfe/resource_tfe_workspace_test.go | 14 +++++++------- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/tfe/data_source_workspace.go b/tfe/data_source_workspace.go index 48b43991e..bd6f974fa 100644 --- a/tfe/data_source_workspace.go +++ b/tfe/data_source_workspace.go @@ -54,7 +54,7 @@ func dataSourceTFEWorkspace() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, }, - "drift_detection": { + "assessments_enabled": { Type: schema.TypeBool, Computed: true, }, @@ -188,7 +188,7 @@ func dataSourceTFEWorkspaceRead(d *schema.ResourceData, meta interface{}) error d.Set("allow_destroy_plan", workspace.AllowDestroyPlan) d.Set("auto_apply", workspace.AutoApply) d.Set("description", workspace.Description) - d.Set("drift_detection", workspace.DriftDetection) + d.Set("assessments_enabled", workspace.AssessmentsEnabled) d.Set("file_triggers_enabled", workspace.FileTriggersEnabled) d.Set("operations", workspace.Operations) d.Set("policy_check_failures", workspace.PolicyCheckFailures) diff --git a/tfe/data_source_workspace_test.go b/tfe/data_source_workspace_test.go index 66eadbe82..182397e7f 100644 --- a/tfe/data_source_workspace_test.go +++ b/tfe/data_source_workspace_test.go @@ -92,7 +92,7 @@ func TestAccTFEWorkspaceDataSource_basic(t *testing.T) { resource.TestCheckResourceAttr( "data.tfe_workspace.foobar", "speculative_enabled", "true"), resource.TestCheckResourceAttr( - "data.tfe_workspace.foobar", "drift_detection", "false"), + "data.tfe_workspace.foobar", "assessments_enabled", "false"), resource.TestCheckResourceAttr( "data.tfe_workspace.foobar", "structured_run_output_enabled", "true"), resource.TestCheckResourceAttr( @@ -176,7 +176,7 @@ resource "tfe_workspace" "foobar" { file_triggers_enabled = true queue_all_runs = false speculative_enabled = true - drift_detection = false + assessments_enabled = false tag_names = ["modules", "shared"] terraform_version = "0.11.1" trigger_prefixes = ["/modules", "/shared"] diff --git a/tfe/resource_tfe_workspace.go b/tfe/resource_tfe_workspace.go index 5286dd1e1..b41b3cdd6 100644 --- a/tfe/resource_tfe_workspace.go +++ b/tfe/resource_tfe_workspace.go @@ -123,7 +123,7 @@ func resourceTFEWorkspace() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, }, - "drift_detection": { + "assessments_enabled": { Type: schema.TypeBool, Optional: true, Default: false, @@ -247,7 +247,7 @@ func resourceTFEWorkspaceCreate(d *schema.ResourceData, meta interface{}) error AllowDestroyPlan: tfe.Bool(d.Get("allow_destroy_plan").(bool)), AutoApply: tfe.Bool(d.Get("auto_apply").(bool)), Description: tfe.String(d.Get("description").(string)), - DriftDetection: tfe.Bool(d.Get("drift_detection").(bool)), + AssessmentsEnabled: tfe.Bool(d.Get("assessments_enabled").(bool)), FileTriggersEnabled: tfe.Bool(d.Get("file_triggers_enabled").(bool)), QueueAllRuns: tfe.Bool(d.Get("queue_all_runs").(bool)), SpeculativeEnabled: tfe.Bool(d.Get("speculative_enabled").(bool)), @@ -446,14 +446,14 @@ func resourceTFEWorkspaceUpdate(d *schema.ResourceData, meta interface{}) error d.HasChange("operations") || d.HasChange("execution_mode") || d.HasChange("description") || d.HasChange("agent_pool_id") || d.HasChange("global_remote_state") || d.HasChange("structured_run_output_enabled") || - d.HasChange("drift_detection") { + d.HasChange("assessments_enabled") { // Create a new options struct. options := tfe.WorkspaceUpdateOptions{ Name: tfe.String(d.Get("name").(string)), AllowDestroyPlan: tfe.Bool(d.Get("allow_destroy_plan").(bool)), AutoApply: tfe.Bool(d.Get("auto_apply").(bool)), Description: tfe.String(d.Get("description").(string)), - DriftDetection: tfe.Bool(d.Get("drift_detection").(bool)), + AssessmentsEnabled: tfe.Bool(d.Get("assessments_enabled").(bool)), FileTriggersEnabled: tfe.Bool(d.Get("file_triggers_enabled").(bool)), GlobalRemoteState: tfe.Bool(d.Get("global_remote_state").(bool)), QueueAllRuns: tfe.Bool(d.Get("queue_all_runs").(bool)), diff --git a/tfe/resource_tfe_workspace_test.go b/tfe/resource_tfe_workspace_test.go index 93482bf45..e33cf651e 100644 --- a/tfe/resource_tfe_workspace_test.go +++ b/tfe/resource_tfe_workspace_test.go @@ -48,7 +48,7 @@ func TestAccTFEWorkspace_basic(t *testing.T) { resource.TestCheckResourceAttr( "tfe_workspace.foobar", "speculative_enabled", "true"), resource.TestCheckResourceAttr( - "tfe_workspace.foobar", "drift_detection", "false"), + "tfe_workspace.foobar", "assessments_enabled", "false"), resource.TestCheckResourceAttr( "tfe_workspace.foobar", "structured_run_output_enabled", "true"), resource.TestCheckResourceAttr( @@ -2156,7 +2156,7 @@ func testAccCheckTFEWorkspaceDestroy(s *terraform.State) error { return nil } -func TestAccTFEWorkspace_basicDriftDetection(t *testing.T) { +func TestAccTFEWorkspace_basicAssessmentsEnabled(t *testing.T) { skipIfFreeOnly(t) skipIfEnterprise(t) @@ -2177,18 +2177,18 @@ func TestAccTFEWorkspace_basicDriftDetection(t *testing.T) { resource.TestCheckResourceAttr( "tfe_workspace.foobar", "name", "workspace-test"), resource.TestCheckResourceAttr( - "tfe_workspace.foobar", "drift_detection", "false"), + "tfe_workspace.foobar", "assessments_enabled", "false"), ), }, { - Config: testAccTFEWorkspace_updateDriftDetection(rInt), + Config: testAccTFEWorkspace_updateAssessmentsEnabled(rInt), Check: resource.ComposeTestCheckFunc( testAccCheckTFEWorkspaceExists( "tfe_workspace.foobar", workspace), resource.TestCheckResourceAttr( "tfe_workspace.foobar", "name", "workspace-updated"), resource.TestCheckResourceAttr( - "tfe_workspace.foobar", "drift_detection", "true"), + "tfe_workspace.foobar", "assessments_enabled", "true"), ), }, }, @@ -2422,7 +2422,7 @@ resource "tfe_workspace" "foobar" { }`, rInt) } -func testAccTFEWorkspace_updateDriftDetection(rInt int) string { +func testAccTFEWorkspace_updateAssessmentsEnabled(rInt int) string { return fmt.Sprintf(` resource "tfe_organization" "foobar" { name = "tst-terraform-%d" @@ -2433,7 +2433,7 @@ resource "tfe_workspace" "foobar" { name = "workspace-updated" organization = tfe_organization.foobar.id description = "My favorite workspace!" - drift_detection = true + assessments_enabled = true allow_destroy_plan = false auto_apply = true tag_names = ["fav", "test"] From 1d1ade5c46131721efbc339dfe1140f2469b877e Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Tue, 6 Sep 2022 22:18:02 -0400 Subject: [PATCH 04/16] Add support for org-wide assessments setting --- tfe/data_source_organization.go | 6 ++++++ tfe/resource_tfe_organization.go | 12 ++++++++++++ tfe/resource_tfe_organization_test.go | 18 ++++++++++++++---- 3 files changed, 32 insertions(+), 4 deletions(-) diff --git a/tfe/data_source_organization.go b/tfe/data_source_organization.go index f6d68d3e2..a8d65ea17 100644 --- a/tfe/data_source_organization.go +++ b/tfe/data_source_organization.go @@ -52,6 +52,11 @@ func dataSourceTFEOrganization() *schema.Resource { Type: schema.TypeBool, Computed: true, }, + + "assessments_enforced": { + Type: schema.TypeBool, + Computed: true, + }, }, } } @@ -79,6 +84,7 @@ func dataSourceTFEOrganizationRead(d *schema.ResourceData, meta interface{}) err d.Set("owners_team_saml_role_id", org.OwnersTeamSAMLRoleID) d.Set("two_factor_conformant", org.TwoFactorConformant) d.Set("send_passing_statuses_for_untriggered_speculative_plans", org.SendPassingStatusesForUntriggeredSpeculativePlans) + d.Set("assessments_enforced", org.AssessmentsEnforced) return nil } diff --git a/tfe/resource_tfe_organization.go b/tfe/resource_tfe_organization.go index 3af957a7f..6cbb58215 100644 --- a/tfe/resource_tfe_organization.go +++ b/tfe/resource_tfe_organization.go @@ -73,6 +73,12 @@ func resourceTFEOrganization() *schema.Resource { Optional: true, Computed: true, }, + + "assessments_enforced": { + Type: schema.TypeBool, + Optional: true, + Computed: true, + }, }, } } @@ -123,6 +129,7 @@ func resourceTFEOrganizationRead(d *schema.ResourceData, meta interface{}) error d.Set("owners_team_saml_role_id", org.OwnersTeamSAMLRoleID) d.Set("cost_estimation_enabled", org.CostEstimationEnabled) d.Set("send_passing_statuses_for_untriggered_speculative_plans", org.SendPassingStatusesForUntriggeredSpeculativePlans) + d.Set("assessments_enforced", org.AssessmentsEnforced) return nil } @@ -166,6 +173,11 @@ func resourceTFEOrganizationUpdate(d *schema.ResourceData, meta interface{}) err options.SendPassingStatusesForUntriggeredSpeculativePlans = tfe.Bool(sendPassingStatusesForUntriggeredSpeculativePlans.(bool)) } + // If cost_estimation_enabled is supplied, set it using the options struct. + if assessmentsEnforced, ok := d.GetOkExists("assessments_enforced"); ok { + options.assessmentsEnforced = tfe.Bool(assessmentsEnforced.(bool)) + } + log.Printf("[DEBUG] Update configuration of organization: %s", d.Id()) org, err := tfeClient.Organizations.Update(ctx, d.Id(), options) if err != nil { diff --git a/tfe/resource_tfe_organization_test.go b/tfe/resource_tfe_organization_test.go index ccba0dfc3..dd3bedb09 100644 --- a/tfe/resource_tfe_organization_test.go +++ b/tfe/resource_tfe_organization_test.go @@ -72,6 +72,8 @@ func TestAccTFEOrganization_full(t *testing.T) { "tfe_organization.foobar", "cost_estimation_enabled", "false"), resource.TestCheckResourceAttr( "tfe_organization.foobar", "send_passing_statuses_for_untriggered_speculative_plans", "false"), + resource.TestCheckResourceAttr( + "tfe_organization.foobar", "assessments_enforced", "false"), ), }, }, @@ -91,9 +93,11 @@ func TestAccTFEOrganization_update_costEstimation(t *testing.T) { // First update costEstimationEnabled1 := true + assessmentsEnforced1 := true // Second update costEstimationEnabled2 := false + assessmentsEnforced2 := false updatedName := org.Name + "_foobar" resource.Test(t, resource.TestCase{ @@ -102,7 +106,7 @@ func TestAccTFEOrganization_update_costEstimation(t *testing.T) { CheckDestroy: testAccCheckTFEOrganizationDestroy, Steps: []resource.TestStep{ { - Config: testAccTFEOrganization_update(org.Name, org.Email, costEstimationEnabled1), + Config: testAccTFEOrganization_update(org.Name, org.Email, costEstimationEnabled1, assessmentsEnforced1), Check: resource.ComposeTestCheckFunc( testAccCheckTFEOrganizationExists( "tfe_organization.foobar", org), @@ -123,11 +127,13 @@ func TestAccTFEOrganization_update_costEstimation(t *testing.T) { "tfe_organization.foobar", "cost_estimation_enabled", strconv.FormatBool(costEstimationEnabled1)), resource.TestCheckResourceAttr( "tfe_organization.foobar", "send_passing_statuses_for_untriggered_speculative_plans", "false"), + resource.TestCheckResourceAttr( + "tfe_organization.foobar", "assessments_enforced", strconv.FormatBool(assessmentsEnforced1)), ), }, { - Config: testAccTFEOrganization_update(updatedName, org.Email, costEstimationEnabled2), + Config: testAccTFEOrganization_update(updatedName, org.Email, costEstimationEnabled2, assessmentsEnforced2), Check: resource.ComposeTestCheckFunc( testAccCheckTFEOrganizationExists( "tfe_organization.foobar", org), @@ -146,6 +152,8 @@ func TestAccTFEOrganization_update_costEstimation(t *testing.T) { "tfe_organization.foobar", "owners_team_saml_role_id", "owners"), resource.TestCheckResourceAttr( "tfe_organization.foobar", "cost_estimation_enabled", strconv.FormatBool(costEstimationEnabled2)), + resource.TestCheckResourceAttr( + "tfe_organization.foobar", "assessments_enforced", strconv.FormatBool(assessmentsEnforced2)), ), }, }, @@ -370,10 +378,11 @@ resource "tfe_organization" "foobar" { collaborator_auth_policy = "password" owners_team_saml_role_id = "owners" cost_estimation_enabled = false + assessments_enforced = false }`, rInt) } -func testAccTFEOrganization_update(orgName string, orgEmail string, costEstimationEnabled bool) string { +func testAccTFEOrganization_update(orgName string, orgEmail string, costEstimationEnabled bool, assessmentsEnforced bool) string { return fmt.Sprintf(` resource "tfe_organization" "foobar" { name = "%s" @@ -382,5 +391,6 @@ resource "tfe_organization" "foobar" { session_remember_minutes = 3600 owners_team_saml_role_id = "owners" cost_estimation_enabled = %t -}`, orgName, orgEmail, costEstimationEnabled) + assessments_enforced = %t +}`, orgName, orgEmail, costEstimationEnabled, assessmentsEnforced) } From 4ee58ffc0140d7183f8c4a013dce79cf86ad1043 Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Thu, 15 Sep 2022 13:15:08 -0400 Subject: [PATCH 05/16] changelog update --- CHANGELOG.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ccbbc63f1..8e9965701 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,7 @@ ## Unreleased * r/tfe_workspace: Changes in `agent_pool_id` and `execution_mode` attributes are now detected and applied. ([#607](https://github.com/hashicorp/terraform-provider-tfe/pull/607)) - * r/tfe_workspace: Added attribute for drift detection setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - * d/tfe_workspace: Added attribute for drift detection setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - + * r/tfe_workspace: Added attribute for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * d/tfe_workspace: Added attribute for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) FEATURES: * r/tfe_workspace_run_task, d/tfe_workspace_run_task: Add `stage` attribute to workspace run tasks. ([#555](https://github.com/hashicorp/terraform-provider-tfe/pull/555)) From 154f7d189af917f4b9a3c35d69d8d3cd2725c128 Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Thu, 15 Sep 2022 13:56:04 -0400 Subject: [PATCH 06/16] Fix typo and dead refs --- tfe/resource_tfe_organization.go | 2 +- tfe/resource_tfe_workspace_test.go | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/tfe/resource_tfe_organization.go b/tfe/resource_tfe_organization.go index 6cbb58215..51caaa2cb 100644 --- a/tfe/resource_tfe_organization.go +++ b/tfe/resource_tfe_organization.go @@ -175,7 +175,7 @@ func resourceTFEOrganizationUpdate(d *schema.ResourceData, meta interface{}) err // If cost_estimation_enabled is supplied, set it using the options struct. if assessmentsEnforced, ok := d.GetOkExists("assessments_enforced"); ok { - options.assessmentsEnforced = tfe.Bool(assessmentsEnforced.(bool)) + options.AssessmentsEnforced = tfe.Bool(assessmentsEnforced.(bool)) } log.Printf("[DEBUG] Update configuration of organization: %s", d.Id()) diff --git a/tfe/resource_tfe_workspace_test.go b/tfe/resource_tfe_workspace_test.go index e33cf651e..5cf8c9f29 100644 --- a/tfe/resource_tfe_workspace_test.go +++ b/tfe/resource_tfe_workspace_test.go @@ -2157,7 +2157,6 @@ func testAccCheckTFEWorkspaceDestroy(s *terraform.State) error { } func TestAccTFEWorkspace_basicAssessmentsEnabled(t *testing.T) { - skipIfFreeOnly(t) skipIfEnterprise(t) workspace := &tfe.Workspace{} From 8f5f81b89a53bc3d9ffc3cdff63d669d51fdeeaf Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Thu, 15 Sep 2022 18:36:17 -0400 Subject: [PATCH 07/16] Account for cases where assessments feature is unavailable (TFE) --- tfe/resource_tfe_organization.go | 7 +++++-- tfe/resource_tfe_workspace.go | 17 +++++++++++++---- tfe/resource_tfe_workspace_migrate.go | 5 +++++ 3 files changed, 23 insertions(+), 6 deletions(-) diff --git a/tfe/resource_tfe_organization.go b/tfe/resource_tfe_organization.go index 51caaa2cb..769bb7bc8 100644 --- a/tfe/resource_tfe_organization.go +++ b/tfe/resource_tfe_organization.go @@ -77,7 +77,6 @@ func resourceTFEOrganization() *schema.Resource { "assessments_enforced": { Type: schema.TypeBool, Optional: true, - Computed: true, }, }, } @@ -129,7 +128,11 @@ func resourceTFEOrganizationRead(d *schema.ResourceData, meta interface{}) error d.Set("owners_team_saml_role_id", org.OwnersTeamSAMLRoleID) d.Set("cost_estimation_enabled", org.CostEstimationEnabled) d.Set("send_passing_statuses_for_untriggered_speculative_plans", org.SendPassingStatusesForUntriggeredSpeculativePlans) - d.Set("assessments_enforced", org.AssessmentsEnforced) + + //TFE (onprem) does not have access to this feature yet and cannot be expected to return this attribute + if org.AssessmentsEnforced != nil { + d.Set("assessments_enforced", org.AssessmentsEnforced) + } return nil } diff --git a/tfe/resource_tfe_workspace.go b/tfe/resource_tfe_workspace.go index b41b3cdd6..f829778e1 100644 --- a/tfe/resource_tfe_workspace.go +++ b/tfe/resource_tfe_workspace.go @@ -126,7 +126,6 @@ func resourceTFEWorkspace() *schema.Resource { "assessments_enabled": { Type: schema.TypeBool, Optional: true, - Default: false, }, "operations": { @@ -372,6 +371,12 @@ func resourceTFEWorkspaceRead(d *schema.ResourceData, meta interface{}) error { // Update the config. d.Set("name", workspace.Name) d.Set("allow_destroy_plan", workspace.AllowDestroyPlan) + + //TFE (onprem) does not currently have this feature and this value won't be returned in those cases + if workspace.AssessmentsEnabled != nil { + d.Set("assessments_enabled", workspace.AssessmentsEnabled) + } + d.Set("auto_apply", workspace.AutoApply) d.Set("description", workspace.Description) d.Set("file_triggers_enabled", workspace.FileTriggersEnabled) @@ -445,15 +450,13 @@ func resourceTFEWorkspaceUpdate(d *schema.ResourceData, meta interface{}) error d.HasChange("allow_destroy_plan") || d.HasChange("speculative_enabled") || d.HasChange("operations") || d.HasChange("execution_mode") || d.HasChange("description") || d.HasChange("agent_pool_id") || - d.HasChange("global_remote_state") || d.HasChange("structured_run_output_enabled") || - d.HasChange("assessments_enabled") { + d.HasChange("global_remote_state") || d.HasChange("structured_run_output_enabled") { // Create a new options struct. options := tfe.WorkspaceUpdateOptions{ Name: tfe.String(d.Get("name").(string)), AllowDestroyPlan: tfe.Bool(d.Get("allow_destroy_plan").(bool)), AutoApply: tfe.Bool(d.Get("auto_apply").(bool)), Description: tfe.String(d.Get("description").(string)), - AssessmentsEnabled: tfe.Bool(d.Get("assessments_enabled").(bool)), FileTriggersEnabled: tfe.Bool(d.Get("file_triggers_enabled").(bool)), GlobalRemoteState: tfe.Bool(d.Get("global_remote_state").(bool)), QueueAllRuns: tfe.Bool(d.Get("queue_all_runs").(bool)), @@ -462,6 +465,12 @@ func resourceTFEWorkspaceUpdate(d *schema.ResourceData, meta interface{}) error WorkingDirectory: tfe.String(d.Get("working_directory").(string)), } + if d.HasChange("assessments_enabled") { + if v, ok := d.GetOkExists("assessments_enabled"); ok { + options.AssessmentsEnabled = tfe.Bool(d.Get("assessments_enabled").(bool)) + } + } + if d.HasChange("agent_pool_id") { if v, ok := d.GetOk("agent_pool_id"); ok && v.(string) != "" { options.AgentPoolID = tfe.String(v.(string)) diff --git a/tfe/resource_tfe_workspace_migrate.go b/tfe/resource_tfe_workspace_migrate.go index e9e977c9e..e64a8e315 100644 --- a/tfe/resource_tfe_workspace_migrate.go +++ b/tfe/resource_tfe_workspace_migrate.go @@ -20,6 +20,11 @@ func resourceTfeWorkspaceResourceV0() *schema.Resource { ForceNew: true, }, + "assessments_enabled": { + Type: schema.TypeBool, + Optional: true + }, + "auto_apply": { Type: schema.TypeBool, Optional: true, From 9bb110a6f95272d129f8b043806c85f2cf30f2e7 Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Fri, 16 Sep 2022 12:00:38 -0400 Subject: [PATCH 08/16] lint fix --- tfe/resource_tfe_workspace_migrate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tfe/resource_tfe_workspace_migrate.go b/tfe/resource_tfe_workspace_migrate.go index e64a8e315..509e087ee 100644 --- a/tfe/resource_tfe_workspace_migrate.go +++ b/tfe/resource_tfe_workspace_migrate.go @@ -22,7 +22,7 @@ func resourceTfeWorkspaceResourceV0() *schema.Resource { "assessments_enabled": { Type: schema.TypeBool, - Optional: true + Optional: true, }, "auto_apply": { From 22f397fc6e1fc2c2622525541af866bd8ee60418 Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Tue, 20 Sep 2022 13:05:05 -0400 Subject: [PATCH 09/16] Improve comments and logic around settings --- tfe/resource_tfe_organization.go | 8 +++----- tfe/resource_tfe_workspace.go | 9 ++++----- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/tfe/resource_tfe_organization.go b/tfe/resource_tfe_organization.go index 769bb7bc8..6c1c1299a 100644 --- a/tfe/resource_tfe_organization.go +++ b/tfe/resource_tfe_organization.go @@ -128,11 +128,9 @@ func resourceTFEOrganizationRead(d *schema.ResourceData, meta interface{}) error d.Set("owners_team_saml_role_id", org.OwnersTeamSAMLRoleID) d.Set("cost_estimation_enabled", org.CostEstimationEnabled) d.Set("send_passing_statuses_for_untriggered_speculative_plans", org.SendPassingStatusesForUntriggeredSpeculativePlans) - - //TFE (onprem) does not have access to this feature yet and cannot be expected to return this attribute - if org.AssessmentsEnforced != nil { - d.Set("assessments_enforced", org.AssessmentsEnforced) - } + // TFE (onprem) does not currently have this feature and this value won't be returned in those cases. + // org.AssessmentsEnforced will default to false + d.Set("assessments_enforced", org.AssessmentsEnforced) return nil } diff --git a/tfe/resource_tfe_workspace.go b/tfe/resource_tfe_workspace.go index f829778e1..fda8b5f74 100644 --- a/tfe/resource_tfe_workspace.go +++ b/tfe/resource_tfe_workspace.go @@ -372,10 +372,9 @@ func resourceTFEWorkspaceRead(d *schema.ResourceData, meta interface{}) error { d.Set("name", workspace.Name) d.Set("allow_destroy_plan", workspace.AllowDestroyPlan) - //TFE (onprem) does not currently have this feature and this value won't be returned in those cases - if workspace.AssessmentsEnabled != nil { - d.Set("assessments_enabled", workspace.AssessmentsEnabled) - } + // TFE (onprem) does not currently have this feature and this value won't be returned in those cases. + // workspace.AssessmentsEnabled will default to false + d.Set("assessments_enabled", workspace.AssessmentsEnabled) d.Set("auto_apply", workspace.AutoApply) d.Set("description", workspace.Description) @@ -467,7 +466,7 @@ func resourceTFEWorkspaceUpdate(d *schema.ResourceData, meta interface{}) error if d.HasChange("assessments_enabled") { if v, ok := d.GetOkExists("assessments_enabled"); ok { - options.AssessmentsEnabled = tfe.Bool(d.Get("assessments_enabled").(bool)) + options.AssessmentsEnabled = tfe.Bool(v.(bool)) } } From 8c85cf312a1a9a2b5621ca235ed49cac7b341eeb Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Fri, 23 Sep 2022 14:31:47 -0400 Subject: [PATCH 10/16] Update changelog for more attribute detail --- CHANGELOG.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8e9965701..6f7a0bda8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,9 @@ ## Unreleased * r/tfe_workspace: Changes in `agent_pool_id` and `execution_mode` attributes are now detected and applied. ([#607](https://github.com/hashicorp/terraform-provider-tfe/pull/607)) - * r/tfe_workspace: Added attribute for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - * d/tfe_workspace: Added attribute for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * r/tfe_workspace: Added attribute, `assessments_enabled`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * d/tfe_workspace: Added attribute, `assessments_enabled`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * r/tfe_organization: Added attribute, `assessments_enforced`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * d/tfe_organization: Added attribute, `assessments_enforced`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) FEATURES: * r/tfe_workspace_run_task, d/tfe_workspace_run_task: Add `stage` attribute to workspace run tasks. ([#555](https://github.com/hashicorp/terraform-provider-tfe/pull/555)) From 4f8ddc8128df3c37fe24b61cdcc61c47a276a648 Mon Sep 17 00:00:00 2001 From: Alexander Redinger Date: Mon, 26 Sep 2022 16:39:10 -0400 Subject: [PATCH 11/16] Update website/docs/r/workspace.html.markdown Co-authored-by: Anna Winkler <3526523+annawinkler@users.noreply.github.com> --- website/docs/r/workspace.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/workspace.html.markdown b/website/docs/r/workspace.html.markdown index e30460884..a263f530e 100644 --- a/website/docs/r/workspace.html.markdown +++ b/website/docs/r/workspace.html.markdown @@ -69,7 +69,7 @@ The following arguments are supported: execution modes are valid. When set to `local`, the workspace will be used for state storage only. This value _must not_ be provided if `operations` is provided. -* `drift_detection` - (Optional) Whether to regularly run drift detection assessments on the workspace. Defaults to `false`. +* `assessments_enabled` - (Optional) Whether to regularly run health assessments such as drift detection on the workspace. Defaults to `false`. * `file_triggers_enabled` - (Optional) Whether to filter runs based on the changed files in a VCS push. Defaults to `false`. If enabled, the working directory and trigger prefixes describe a set of paths which must contain changes for a From 8260cc2dbab5a4e39f8c71a9c26440000b2bfd50 Mon Sep 17 00:00:00 2001 From: Alexander Redinger Date: Mon, 26 Sep 2022 16:40:08 -0400 Subject: [PATCH 12/16] Update website/docs/d/workspace.html.markdown Co-authored-by: Anna Winkler <3526523+annawinkler@users.noreply.github.com> --- website/docs/d/workspace.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/d/workspace.html.markdown b/website/docs/d/workspace.html.markdown index 235a16912..f5409fe3a 100644 --- a/website/docs/d/workspace.html.markdown +++ b/website/docs/d/workspace.html.markdown @@ -35,7 +35,7 @@ In addition to all arguments above, the following attributes are exported: * `id` - The workspace ID. * `allow_destroy_plan` - Indicates whether destroy plans can be queued on the workspace. * `auto_apply` - Indicates whether to automatically apply changes when a Terraform plan is successful. - `drift_detection` - Indicates whether drift detection is enabled for the workspace. + `assessments_enabled` - Indicates whether health assessments such as drift detection are enabled for the workspace. * `file_triggers_enabled` - Indicates whether runs are triggered based on the changed files in a VCS push (if `true`) or always triggered on every push (if `false`). * `global_remote_state` - (Optional) Whether the workspace should allow all workspaces in the organization to access its state data during runs. If false, then only specifically approved workspaces can access its state (determined by the `remote_state_consumer_ids` argument). * `remote_state_consumer_ids` - (Optional) A set of workspace IDs that will be set as the remote state consumers for the given workspace. Cannot be used if `global_remote_state` is set to `true`. From 3add16480b5928ad99cd56b234eb724e136ef16d Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Mon, 26 Sep 2022 16:47:16 -0400 Subject: [PATCH 13/16] add docs for organization changes --- website/docs/d/organization.html.markdown | 1 + website/docs/r/organization.html.markdown | 1 + 2 files changed, 2 insertions(+) diff --git a/website/docs/d/organization.html.markdown b/website/docs/d/organization.html.markdown index 9cce994df..473c776ad 100644 --- a/website/docs/d/organization.html.markdown +++ b/website/docs/d/organization.html.markdown @@ -30,6 +30,7 @@ In addition to all arguments above, the following attributes are exported: * `name` - Name of the organization. * `email` - Admin email address. * `external_id` - An identifier for the organization. +* `assessments_enforced` - (TFC only) Whether to force health assessments (drift detection) on all eligible workspaces or allow workspaces to set thier own preferences. * `collaborator_auth_policy` - Authentication policy (`password` or `two_factor_mandatory`). Defaults to `password`. * `cost_estimation_enabled` - Whether or not the cost estimation feature is enabled for all workspaces in the organization. Defaults to true. In a Terraform Cloud organization which does not have Teams & Governance features, this value is always false and cannot be changed. In Terraform Enterprise, Cost Estimation must also be enabled in Site Administration. * `owners_team_saml_role_id` - The name of the "owners" team. diff --git a/website/docs/r/organization.html.markdown b/website/docs/r/organization.html.markdown index 73466933c..0cc969819 100644 --- a/website/docs/r/organization.html.markdown +++ b/website/docs/r/organization.html.markdown @@ -36,6 +36,7 @@ The following arguments are supported: * `owners_team_saml_role_id` - (Optional) The name of the "owners" team. * `cost_estimation_enabled` - (Optional) Whether or not the cost estimation feature is enabled for all workspaces in the organization. Defaults to true. In a Terraform Cloud organization which does not have Teams & Governance features, this value is always false and cannot be changed. In Terraform Enterprise, Cost Estimation must also be enabled in Site Administration. * `send_passing_statuses_for_untriggered_speculative_plans` - (Optional) Whether or not to send VCS status updates for untriggered speculative plans. This can be useful if large numbers of untriggered workspaces are exhausting request limits for connected version control service providers like GitHub. Defaults to false. In Terraform Enterprise, this setting has no effect and cannot be changed but is also available in Site Administration. +* `assessments_enforced` - (Optional) (TFC only) Whether to force health assessments (drift detection) on all eligible workspaces or allow workspaces to set thier own preferences. ## Attributes Reference From dae00b68ce8bc791632d53655da6591ba415843e Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Mon, 26 Sep 2022 17:28:04 -0400 Subject: [PATCH 14/16] spell it out --- CHANGELOG.md | 8 ++++---- website/docs/d/organization.html.markdown | 2 +- website/docs/r/organization.html.markdown | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6f7a0bda8..b72312e9e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,9 @@ ## Unreleased * r/tfe_workspace: Changes in `agent_pool_id` and `execution_mode` attributes are now detected and applied. ([#607](https://github.com/hashicorp/terraform-provider-tfe/pull/607)) - * r/tfe_workspace: Added attribute, `assessments_enabled`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - * d/tfe_workspace: Added attribute, `assessments_enabled`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - * r/tfe_organization: Added attribute, `assessments_enforced`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - * d/tfe_organization: Added attribute, `assessments_enforced`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * r/tfe_workspace: (Available only in Terraform Cloud) Added attribute, `assessments_enabled`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * d/tfe_workspace: (Available only in Terraform Cloud) Added attribute, `assessments_enabled`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * r/tfe_organization: (Available only in Terraform Cloud) Added attribute, `assessments_enforced`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) + * d/tfe_organization: (Available only in Terraform Cloud) Added attribute, `assessments_enforced`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) FEATURES: * r/tfe_workspace_run_task, d/tfe_workspace_run_task: Add `stage` attribute to workspace run tasks. ([#555](https://github.com/hashicorp/terraform-provider-tfe/pull/555)) diff --git a/website/docs/d/organization.html.markdown b/website/docs/d/organization.html.markdown index 473c776ad..bc686c722 100644 --- a/website/docs/d/organization.html.markdown +++ b/website/docs/d/organization.html.markdown @@ -30,7 +30,7 @@ In addition to all arguments above, the following attributes are exported: * `name` - Name of the organization. * `email` - Admin email address. * `external_id` - An identifier for the organization. -* `assessments_enforced` - (TFC only) Whether to force health assessments (drift detection) on all eligible workspaces or allow workspaces to set thier own preferences. +* `assessments_enforced` - (Available only in Terraform Cloud) Whether to force health assessments (drift detection) on all eligible workspaces or allow workspaces to set thier own preferences. * `collaborator_auth_policy` - Authentication policy (`password` or `two_factor_mandatory`). Defaults to `password`. * `cost_estimation_enabled` - Whether or not the cost estimation feature is enabled for all workspaces in the organization. Defaults to true. In a Terraform Cloud organization which does not have Teams & Governance features, this value is always false and cannot be changed. In Terraform Enterprise, Cost Estimation must also be enabled in Site Administration. * `owners_team_saml_role_id` - The name of the "owners" team. diff --git a/website/docs/r/organization.html.markdown b/website/docs/r/organization.html.markdown index 0cc969819..2516355c7 100644 --- a/website/docs/r/organization.html.markdown +++ b/website/docs/r/organization.html.markdown @@ -36,7 +36,7 @@ The following arguments are supported: * `owners_team_saml_role_id` - (Optional) The name of the "owners" team. * `cost_estimation_enabled` - (Optional) Whether or not the cost estimation feature is enabled for all workspaces in the organization. Defaults to true. In a Terraform Cloud organization which does not have Teams & Governance features, this value is always false and cannot be changed. In Terraform Enterprise, Cost Estimation must also be enabled in Site Administration. * `send_passing_statuses_for_untriggered_speculative_plans` - (Optional) Whether or not to send VCS status updates for untriggered speculative plans. This can be useful if large numbers of untriggered workspaces are exhausting request limits for connected version control service providers like GitHub. Defaults to false. In Terraform Enterprise, this setting has no effect and cannot be changed but is also available in Site Administration. -* `assessments_enforced` - (Optional) (TFC only) Whether to force health assessments (drift detection) on all eligible workspaces or allow workspaces to set thier own preferences. +* `assessments_enforced` - (Optional) (Available only in Terraform Cloud) Whether to force health assessments (drift detection) on all eligible workspaces or allow workspaces to set thier own preferences. ## Attributes Reference From 1eca8273284277c442e6659122669dce8061f47a Mon Sep 17 00:00:00 2001 From: Rexredinger Date: Mon, 26 Sep 2022 17:56:14 -0400 Subject: [PATCH 15/16] fancy new changelog --- CHANGELOG.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b72312e9e..1c47d6981 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,10 @@ ## Unreleased * r/tfe_workspace: Changes in `agent_pool_id` and `execution_mode` attributes are now detected and applied. ([#607](https://github.com/hashicorp/terraform-provider-tfe/pull/607)) - * r/tfe_workspace: (Available only in Terraform Cloud) Added attribute, `assessments_enabled`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - * d/tfe_workspace: (Available only in Terraform Cloud) Added attribute, `assessments_enabled`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - * r/tfe_organization: (Available only in Terraform Cloud) Added attribute, `assessments_enforced`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) - * d/tfe_organization: (Available only in Terraform Cloud) Added attribute, `assessments_enforced`, for health assessments (drift detection) setting ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)) +* Added attributes for health assessments (drift detection) - available only in Terraform Cloud ([550](https://github.com/hashicorp/terraform-provider-tfe/pull/550)): + * r/tfe_workspace: Added attribute, `assessments_enabled`, for health assessments (drift detection) setting + * d/tfe_workspace: Added attribute, `assessments_enabled`, for health assessments (drift detection) setting + * r/tfe_organization: Added attribute, `assessments_enforced`, for health assessments (drift detection) setting + * d/tfe_organization: Added attribute, `assessments_enforced`, for health assessments (drift detection) setting FEATURES: * r/tfe_workspace_run_task, d/tfe_workspace_run_task: Add `stage` attribute to workspace run tasks. ([#555](https://github.com/hashicorp/terraform-provider-tfe/pull/555)) From 5f255175c1a2cfdb324f42e562100fe5d8666ef8 Mon Sep 17 00:00:00 2001 From: Alexander Redinger Date: Mon, 26 Sep 2022 18:05:45 -0400 Subject: [PATCH 16/16] Update website/docs/d/workspace.html.markdown Co-authored-by: Anna Winkler <3526523+annawinkler@users.noreply.github.com> --- website/docs/d/workspace.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/d/workspace.html.markdown b/website/docs/d/workspace.html.markdown index f5409fe3a..773629fc8 100644 --- a/website/docs/d/workspace.html.markdown +++ b/website/docs/d/workspace.html.markdown @@ -35,7 +35,7 @@ In addition to all arguments above, the following attributes are exported: * `id` - The workspace ID. * `allow_destroy_plan` - Indicates whether destroy plans can be queued on the workspace. * `auto_apply` - Indicates whether to automatically apply changes when a Terraform plan is successful. - `assessments_enabled` - Indicates whether health assessments such as drift detection are enabled for the workspace. + `assessments_enabled` - (Available only in Terraform Cloud) Indicates whether health assessments such as drift detection are enabled for the workspace. * `file_triggers_enabled` - Indicates whether runs are triggered based on the changed files in a VCS push (if `true`) or always triggered on every push (if `false`). * `global_remote_state` - (Optional) Whether the workspace should allow all workspaces in the organization to access its state data during runs. If false, then only specifically approved workspaces can access its state (determined by the `remote_state_consumer_ids` argument). * `remote_state_consumer_ids` - (Optional) A set of workspace IDs that will be set as the remote state consumers for the given workspace. Cannot be used if `global_remote_state` is set to `true`.