Add spacelift_policies data source

[alexjurkiewicz]

This can be used to find all policies of a certain type (PLAN, ACCESS, etc) with specific tags.

One example use-case is in attaching all policies with a specific tag to new stacks:

resource "spacelift_stack" "this" {
 # ...
}

data "spacelift_policies" "plan_autoattach" {
 type = "PLAN"
 tags = ["standard_policies"]
}

resource "spacelift_policy_attachment" "this" {
 for_each  = data.spcelift_policies.plan_autoattach
 policy_id = each.value.id
 stack_id  = spacelift_stack.this.id
}

Type of change

• [ ] Bug fix (non-breaking change that fixes an issue)
• [x] New feature (non-breaking change that adds functionality)
• [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
• [ ] Documentation (non-breaking change that adds documentation)

Related issues

Checklists

Development

• [x] Lint rules pass locally
• [ ] The code changed/added as part of this pull request has been covered with tests
• [ ] All tests related to the changed code pass in development

Code review

• [x] This pull request has a descriptive title and information useful to a reviewer. There may be a screenshot or screencast attached
• [x] Pull Request is no longer marked as "draft"
• [ ] Reviewers have been assigned
• [ ] Changes have been reviewed by at least one other engineer
• [ ] The target branch is future unless the change is going directly into production

[alexjurkiewicz]

Three questions:

1. What's the process to generate docs?
2. What's the process to run only my new acceptance tests locally?
3. What's the next step?

[marcinwyszynski]

What's the process to generate docs?

We use this tool.

What's the process to run only my new acceptance tests locally?

You can populate these 3 variables to point at your account and just run this single unit test.

What's the next step?

Once the suggestions are implemented, we will merge this PR and create a new provider release.

[alexjurkiewicz]

As requested previously, please have the enumeration return a richer collection, not just a list of IDs. Otherwise LGTM.

I was modelling this data source on aws_subnet_ids (link) which only returns the list of IDs. But do you suggest I return a map of policies with more metadata? Like returning map(object({name=string,type=string,labels=list(string)})) (and the policy ID is the map key).

[alexjurkiewicz]

I ended up writing my own smoke test to be sure this data source works as expected. Here's an example Terraform configuration that tests all four possible states:

1. Load all policies
2. Load policies of a given type
3. Load policies with a given tag
4. Load policies of a given type with a given tag

It worked 😊

main.tf

```terraform terraform { required_providers { spacelift = { source = "spacelift-io/spacelift" } } } provider "spacelift" {} resource "spacelift_policy" "test" { count = 5 name = "test ${count.index}" labels = ["spacelift_policies_test"] type = "ACCESS" body = <

Apply output

``` Apply complete! Resources: 6 added, 0 changed, 0 destroyed. Outputs: login_policy = { "id" = "login-policy" "labels" = toset([]) "name" = "login-policy" "type" = "LOGIN" } number_of_labelled_access_policies = 5 number_of_labelled_policies = 6 number_of_total_policies = 1028 ```

[alexjurkiewicz]

I tried generating docs with v0.8.1 of terraform-plugin-docs, but it tried to rewrite every docs page, it looks like there have been substantial changes to the output format. So I haven't committed any docs page.

[adamconnelly]

I tried generating docs with v0.8.1 of terraform-plugin-docs, but it tried to rewrite every docs page, it looks like there have been substantial changes to the output format. So I haven't committed any docs page.

@alexjurkiewicz I've just merged a change to update to tfplugindocs v0.8.1, so can you pull the latest changes from future and try again?

[alexjurkiewicz]

yup, LGTM!