SCALRCORE-33013 - Allow users to link the OPA common functions folder…

… to the policy group in Scalr provider

CHANGELOG.md

@@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+- `scalr_policy_group` and `data.scalr_policy_group`: new attribute `common_functions_folder` ([#380](https://github.com/Scalr/terraform-provider-scalr/pull/380))
+
 ## [2.3.0] - 2024-12-20
 
 ### Changed

GNUmakefile

@@ -6,7 +6,7 @@ BUILD_ENV=CGO_ENABLED=0
 TAG=$(shell PAGER= git tag --points-at HEAD)
 BRANCH=$(subst /,-,$(shell git branch --show-current))
 VERSION=$(if $(VER),$(VER),$(if $(TAG),$(TAG),$(BRANCH)))
-USER_PLUGIN_DIR=${HOME}/.terraform.d/plugins/scalr.io/scalr/scalr/$(VERSION)/$(PLATFORM)
+USER_PLUGIN_DIR=${HOME}/.terraform.d/plugins/registry.scalr.io/scalr/scalr/$(VERSION)/$(PLATFORM)
 BIN_NAME := terraform-provider-scalr_$(VERSION)
 ARGS=-ldflags='-X github.com/scalr/terraform-provider-scalr/version.ProviderVersion=$(TAG) -X github.com/scalr/terraform-provider-scalr/version.Branch=$(BRANCH)'
 UPSTREAM_COMMIT_DESCRIPTION="Scalr terraform provider acceptance tests"
@@ -22,6 +22,11 @@ test:
 	echo $(TEST) | \
 		$(BUILD_ENV) xargs -t -n4  go test $(TESTARGS) -timeout=30s -parallel=4
 
+
+install: build
+	@echo "Installing version $(VERSION) for $(PLATFORM)"
+	mkdir -p $(USER_PLUGIN_DIR); cp $(BIN_NAME) $(USER_PLUGIN_DIR)
+
 testacc:
 	TF_ACC=1 go test -race $(TEST) -v $(TESTARGS) -timeout 15m  -covermode atomic -coverprofile=covprofile
 

docs/data-sources/policy_group.md

@@ -42,6 +42,7 @@ data "scalr_policy_group" "example2" {
 - `status` (String) A system status of the policy group.
 - `vcs_provider_id` (String) The VCS provider identifier for the repository where the policy group resides. In the format `vcs-<RANDOM STRING>`.
 - `vcs_repo` (List of Object) Contains VCS-related meta-data for the policy group. (see [below for nested schema](#nestedatt--vcs_repo))
+- `common_functions_folder` (String) An absolute path from the repository root to the folder that contains common rego functions.
 
 <a id="nestedatt--policies"></a>
 ### Nested Schema for `policies`

docs/resources/policy_group.md

@@ -40,6 +40,7 @@ resource "scalr_policy_group" "example" {
 - `account_id` (String) The identifier of the Scalr account, in the format `acc-<RANDOM STRING>`.
 - `environments` (List of String) A list of the environments the policy group is linked to. Use `["*"]` to enforce in all environments. To manage a linkage use either this attribute or the `scalr_policy_group_linkage` resource.
 - `opa_version` (String) The version of Open Policy Agent to run policies against. If omitted, the system default version is assigned.
+- `common_functions_folder` (String) An absolute path from the repository root to the folder that contains common rego functions.
 
 ### Read-Only
 

go.mod

@@ -14,7 +14,7 @@ require (
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.35.0
 	github.com/hashicorp/terraform-plugin-testing v1.11.0
 	github.com/hashicorp/terraform-svchost v0.1.1
-	github.com/scalr/go-scalr v0.0.0-20241217115214-520118b5f6e3
+	github.com/scalr/go-scalr v0.0.0-20250103145145-68d9f3d4c0d7
 )
 
 require (

go.sum

@@ -203,6 +203,8 @@ github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3V
 github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY=
 github.com/scalr/go-scalr v0.0.0-20241217115214-520118b5f6e3 h1:S1NUPU0JSImn29HJfPRaRxQLPSR4G8HwWi6tl99bgbo=
 github.com/scalr/go-scalr v0.0.0-20241217115214-520118b5f6e3/go.mod h1:p34SHb25YRvbgft7SUjSDYESeoQhWzAlxGXId/BbaSE=
+github.com/scalr/go-scalr v0.0.0-20250103145145-68d9f3d4c0d7 h1:rL9BwqZBtgtwnRHisucQcTFQtBFnPK+D04bwkAPA/+A=
+github.com/scalr/go-scalr v0.0.0-20250103145145-68d9f3d4c0d7/go.mod h1:p34SHb25YRvbgft7SUjSDYESeoQhWzAlxGXId/BbaSE=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
 github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=

internal/provider/data_source_scalr_policy_group.go

@@ -71,6 +71,12 @@ func dataSourceScalrPolicyGroup() *schema.Resource {
 					},
 				},
 			},
+			"common_functions_folder": {
+				Description: "An absolute path from the repository root to the folder that contains common rego functions.",
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+			},
 			"account_id": {
 				Description: "The identifier of the Scalr account.",
 				Type:        schema.TypeString,
@@ -156,6 +162,7 @@ func dataSourceScalrPolicyGroupRead(ctx context.Context, d *schema.ResourceData,
 	_ = d.Set("status", pg.Status)
 	_ = d.Set("error_message", pg.ErrorMessage)
 	_ = d.Set("opa_version", pg.OpaVersion)
+	_ = d.Set("common_functions_folder", pg.CommonFunctionsFolder)
 
 	if pg.VcsProvider != nil {
 		_ = d.Set("vcs_provider_id", pg.VcsProvider.ID)

internal/provider/resource_scalr_policy_group.go

@@ -70,6 +70,11 @@ func resourceScalrPolicyGroup() *schema.Resource {
 					},
 				},
 			},
+			"common_functions_folder": {
+				Description: "An absolute path from the repository root to the folder that contains common rego functions.",
+				Type:        schema.TypeString,
+				Optional:    true,
+			},
 			"account_id": {
 				Description: "The identifier of the Scalr account, in the format `acc-<RANDOM STRING>`.",
 				Type:        schema.TypeString,
@@ -168,6 +173,10 @@ func resourceScalrPolicyGroupCreate(ctx context.Context, d *schema.ResourceData,
 		opts.OpaVersion = ptr(opaVersion.(string))
 	}
 
+	if commonFunctionFolder, ok := d.GetOk("common_functions_folder"); ok {
+		opts.CommonFunctionsFolder = ptr(commonFunctionFolder.(string))
+	}
+
 	pg, err := scalrClient.PolicyGroups.Create(ctx, opts)
 	if err != nil {
 		return diag.Errorf("error creating policy group: %v", err)
@@ -216,6 +225,7 @@ func resourceScalrPolicyGroupRead(ctx context.Context, d *schema.ResourceData, m
 	_ = d.Set("status", pg.Status)
 	_ = d.Set("error_message", pg.ErrorMessage)
 	_ = d.Set("opa_version", pg.OpaVersion)
+	_ = d.Set("common_functions_folder", pg.CommonFunctionsFolder)
 	_ = d.Set("account_id", pg.Account.ID)
 	_ = d.Set("vcs_provider_id", pg.VcsProvider.ID)
 	_ = d.Set("vcs_repo", []map[string]interface{}{{
@@ -257,7 +267,7 @@ func resourceScalrPolicyGroupUpdate(ctx context.Context, d *schema.ResourceData,
 
 	if d.HasChange("name") || d.HasChange("opa_version") ||
 		d.HasChange("vcs_provider_id") || d.HasChange("vcs_repo") ||
-		d.HasChange("environments") {
+		d.HasChange("environments") || d.HasChange("common_functions_folder") {
 
 		name := d.Get("name").(string)
 		vcsProviderID := d.Get("vcs_provider_id").(string)
@@ -283,6 +293,10 @@ func resourceScalrPolicyGroupUpdate(ctx context.Context, d *schema.ResourceData,
 			opts.OpaVersion = ptr(opaVersion.(string))
 		}
 
+		if commonFunctionsFolder, ok := d.GetOk("common_functions_folder"); ok {
+			opts.CommonFunctionsFolder = ptr(commonFunctionsFolder.(string))
+		}
+
 		environments := make([]*scalr.Environment, 0)
 		if environmentsI, ok := d.GetOk("environments"); ok {
 			environmentsIDs := environmentsI.([]interface{})

internal/provider/resource_scalr_policy_group_test.go

@@ -14,6 +14,7 @@ import (
 const (
 	policyGroupVcsRepoID   = "Scalr/tf-revizor-fixtures"
 	policyGroupVcsRepoPath = "policies/clouds"
+	commonFunctionsFolder  = "policies/instances"
 )
 
 func TestAccPolicyGroup_basic(t *testing.T) {
@@ -63,6 +64,11 @@ func TestAccPolicyGroup_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "vcs_repo.0.branch"),
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "policies.#"),
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "environments.#"),
+					resource.TestCheckResourceAttr(
+						"scalr_policy_group.test",
+						"common_functions_folder",
+						commonFunctionsFolder,
+					),
 				),
 			},
 		},
@@ -116,6 +122,11 @@ func TestAccPolicyGroup_update(t *testing.T) {
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "vcs_repo.0.branch"),
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "policies.#"),
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "environments.#"),
+					resource.TestCheckResourceAttr(
+						"scalr_policy_group.test",
+						"common_functions_folder",
+						commonFunctionsFolder,
+					),
 				),
 			},
 			{
@@ -153,6 +164,7 @@ func TestAccPolicyGroup_update(t *testing.T) {
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "vcs_repo.0.branch"),
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "policies.#"),
 					resource.TestCheckResourceAttrSet("scalr_policy_group.test", "environments.#"),
+					resource.TestCheckResourceAttr("scalr_policy_group.test", "common_functions_folder", ""),
 				),
 			},
 		},
@@ -350,8 +362,17 @@ resource "scalr_policy_group" "test" {
 	identifier = "%s"
     path       = "%s"
   }
+  common_functions_folder = "%s"
 }
-`, rInt, string(scalr.Github), githubToken, defaultAccount, policyGroupVcsRepoID, policyGroupVcsRepoPath)
+`,
+		rInt,
+		string(scalr.Github),
+		githubToken,
+		defaultAccount,
+		policyGroupVcsRepoID,
+		policyGroupVcsRepoPath,
+		commonFunctionsFolder,
+	)
 }
 
 func testAccPolicyGroupUpdateConfig(rInt int) string {