diff --git a/.changes/unreleased/BUG FIXES-20230420-215304.yaml b/.changes/unreleased/BUG FIXES-20230420-215304.yaml new file mode 100644 index 00000000..f8b5edbe --- /dev/null +++ b/.changes/unreleased/BUG FIXES-20230420-215304.yaml @@ -0,0 +1,6 @@ +kind: BUG FIXES +body: 'resource/environment: Fix `offline_cleanup_timeout_hours` validation to match + behavior of the BastionZero API' +time: 2023-04-20T21:53:04.52468-04:00 +custom: + Issues: "15" diff --git a/bastionzero/environment/environment.go b/bastionzero/environment/environment.go index b3ef5df4..1cb7435a 100644 --- a/bastionzero/environment/environment.go +++ b/bastionzero/environment/environment.go @@ -31,6 +31,12 @@ const ( // DefaultOfflineCleanupTimeoutHours is the default cleanup value to use if // practitioner does not provide one DefaultOfflineCleanupTimeoutHours = 24 * 90 + // MaxOfflineCleanupTimeoutHours is the max value + // offline_cleanup_timeout_hours can be set to + MaxOfflineCleanupTimeoutHours = 24 * 180 + // MinOfflineCleanupTimeoutHours is the min value + // offline_cleanup_timeout_hours can be set to + MinOfflineCleanupTimeoutHours = 0 ) // environmentModel maps the environment schema data. @@ -140,13 +146,14 @@ func makeEnvironmentResourceSchema() map[string]schema.Attribute { Description: fmt.Sprintf("The time this environment was created in BastionZero %s.", internal.PrettyRFC3339Timestamp()), }, "offline_cleanup_timeout_hours": schema.Int64Attribute{ - Optional: true, - Computed: true, - Description: "The amount of time (in hours) to wait until offline targets are automatically removed by BastionZero (Defaults to `2160` hours [90 days]).", + Optional: true, + Computed: true, + Description: "The amount of time (in hours) to wait until offline targets are automatically removed by BastionZero (Defaults to `2160` hours [90 days])." + + " If this value is `0`, then offline target cleanup is disabled.", // Default to 90 days like in webapp Default: int64default.StaticInt64(DefaultOfflineCleanupTimeoutHours), Validators: []validator.Int64{ - int64validator.AtLeast(1), + int64validator.Between(MinOfflineCleanupTimeoutHours, MaxOfflineCleanupTimeoutHours), }, }, "targets": schema.MapNestedAttribute{ diff --git a/bastionzero/environment/resource_environment_test.go b/bastionzero/environment/resource_environment_test.go index 3aca047e..e12031fe 100644 --- a/bastionzero/environment/resource_environment_test.go +++ b/bastionzero/environment/resource_environment_test.go @@ -189,6 +189,32 @@ func TestAccEnvironment_OfflineCleanupTimeoutHours(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "offline_cleanup_timeout_hours", strconv.Itoa(timeout2)), ), }, + // Try setting it to the max value + { + Config: testAccEnvironmentConfigOfflineCleanupTimeoutHours(rName, strconv.Itoa(environment.MaxOfflineCleanupTimeoutHours)), + Check: resource.ComposeTestCheckFunc( + testAccCheckEnvironmentExists(resourceName, &env), + testAccCheckEnvironmentAttributes(&env, &expectedEnvironment{ + Name: &rName, + OfflineCleanupTimeoutHours: bastionzero.PtrTo(environment.MaxOfflineCleanupTimeoutHours), + }), + testAccCheckResourceEnvironmentComputedAttr(resourceName), + resource.TestCheckResourceAttr(resourceName, "offline_cleanup_timeout_hours", strconv.Itoa(environment.MaxOfflineCleanupTimeoutHours)), + ), + }, + // Try setting it to the min value + { + Config: testAccEnvironmentConfigOfflineCleanupTimeoutHours(rName, strconv.Itoa(environment.MinOfflineCleanupTimeoutHours)), + Check: resource.ComposeTestCheckFunc( + testAccCheckEnvironmentExists(resourceName, &env), + testAccCheckEnvironmentAttributes(&env, &expectedEnvironment{ + Name: &rName, + OfflineCleanupTimeoutHours: bastionzero.PtrTo(environment.MinOfflineCleanupTimeoutHours), + }), + testAccCheckResourceEnvironmentComputedAttr(resourceName), + resource.TestCheckResourceAttr(resourceName, "offline_cleanup_timeout_hours", strconv.Itoa(environment.MinOfflineCleanupTimeoutHours)), + ), + }, }, }) } @@ -244,9 +270,14 @@ func TestEnvironment_InvalidOfflineCleanupTimeoutHours(t *testing.T) { ProtoV6ProviderFactories: acctest.TestProtoV6ProviderFactories, Steps: []resource.TestStep{ { - // Hours cannot be 0 - Config: testAccEnvironmentConfigOfflineCleanupTimeoutHours("test", "0"), - ExpectError: regexp.MustCompile(`must be at least 1`), + // Hours cannot go below the min + Config: testAccEnvironmentConfigOfflineCleanupTimeoutHours("test", strconv.Itoa(environment.MinOfflineCleanupTimeoutHours-1)), + ExpectError: regexp.MustCompile(`Invalid Attribute Value`), + }, + { + // Hours cannot go above the max + Config: testAccEnvironmentConfigOfflineCleanupTimeoutHours("test", strconv.Itoa(environment.MaxOfflineCleanupTimeoutHours+1)), + ExpectError: regexp.MustCompile(`Invalid Attribute Value`), }, }, }) diff --git a/docs/data-sources/environment.md b/docs/data-sources/environment.md index 72e47b28..652cf3ab 100644 --- a/docs/data-sources/environment.md +++ b/docs/data-sources/environment.md @@ -39,7 +39,7 @@ output "example_env_targets" { - `description` (String) The environment's description. - `is_default` (Boolean) If `true`, this environment is the default environment; `false` otherwise. - `name` (String) The environment's name. -- `offline_cleanup_timeout_hours` (Number) The amount of time (in hours) to wait until offline targets are automatically removed by BastionZero (Defaults to `2160` hours [90 days]). +- `offline_cleanup_timeout_hours` (Number) The amount of time (in hours) to wait until offline targets are automatically removed by BastionZero (Defaults to `2160` hours [90 days]). If this value is `0`, then offline target cleanup is disabled. - `organization_id` (String) The environment's organization's ID. - `targets` (Attributes Map) Map of targets that belong to this environment. The map is keyed by a target's unique ID. (see [below for nested schema](#nestedatt--targets)) - `time_created` (String) The time this environment was created in BastionZero formatted as a UTC timestamp string in [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339) format. diff --git a/docs/data-sources/environments.md b/docs/data-sources/environments.md index 0cfaea22..bb5db274 100644 --- a/docs/data-sources/environments.md +++ b/docs/data-sources/environments.md @@ -64,7 +64,7 @@ Read-Only: - `id` (String) The environment's unique ID. - `is_default` (Boolean) If `true`, this environment is the default environment; `false` otherwise. - `name` (String) The environment's name. -- `offline_cleanup_timeout_hours` (Number) The amount of time (in hours) to wait until offline targets are automatically removed by BastionZero (Defaults to `2160` hours [90 days]). +- `offline_cleanup_timeout_hours` (Number) The amount of time (in hours) to wait until offline targets are automatically removed by BastionZero (Defaults to `2160` hours [90 days]). If this value is `0`, then offline target cleanup is disabled. - `organization_id` (String) The environment's organization's ID. - `targets` (Attributes Map) Map of targets that belong to this environment. The map is keyed by a target's unique ID. (see [below for nested schema](#nestedatt--environments--targets)) - `time_created` (String) The time this environment was created in BastionZero formatted as a UTC timestamp string in [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339) format. diff --git a/docs/resources/environment.md b/docs/resources/environment.md index 145cb8ff..fc367d94 100644 --- a/docs/resources/environment.md +++ b/docs/resources/environment.md @@ -35,7 +35,7 @@ resource "bastionzero_environment" "example" { ### Optional - `description` (String) The environment's description. -- `offline_cleanup_timeout_hours` (Number) The amount of time (in hours) to wait until offline targets are automatically removed by BastionZero (Defaults to `2160` hours [90 days]). +- `offline_cleanup_timeout_hours` (Number) The amount of time (in hours) to wait until offline targets are automatically removed by BastionZero (Defaults to `2160` hours [90 days]). If this value is `0`, then offline target cleanup is disabled. ### Read-Only