-
Notifications
You must be signed in to change notification settings - Fork 272
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add tagging permissions #510
Conversation
"project_id": { | ||
Type: schema.TypeString, | ||
ValidateFunc: validation.IsUUID, | ||
Required: true, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can be optional
to set global (organization wide) permissions for Tagging
func createTaggingToken(d *schema.ResourceData, clients *client.AggregatedClient) (string, error) { | ||
projectID, ok := d.GetOk("project_id") | ||
if !ok { | ||
return "ProjectID", nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If project_id
is not specified return an empty string ""
as token.
|
||
The following arguments are supported: | ||
|
||
* `project_id` - (Required) The ID of the project to assign the permissions. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
optional
: if not set, organization wide permissions for tagging are managed.
|
||
## Permission levels | ||
|
||
Permissions for tagging within Azure DevOps can be applied only on Project level. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can be applied on a specific project and globally on the organization
@tmeckel Thank you for the comments, I have resolved them 😃 |
resource.TestCheckResourceAttr(tfNodeRoot, "permissions.ViewSubscriptions", "deny"), | ||
resource.TestCheckResourceAttr(tfNodeRoot, "permissions.EditSubscriptions", "notset"), | ||
resource.TestCheckResourceAttr(tfNodeRoot, "permissions.DeleteSubscriptions", "deny"), | ||
resource.TestCheckResourceAttr(tfNodeRoot, "permissions.PublishEvents", "deny"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Test check does not map the HCl configures above.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@xuzhang3 thank you for reviewing, forgot this copy paste error, but resolved it now.
|
LGTM |
I've been waiting for the tagging permissions. Thank you for your contribution! When will be the next release of the provider including this feature? |
All Submissions:
Explanation of the changes
My team is currently working on getting all our Azure DevOps permissions in code. This is one of the last permissions that we still only implement with Powershell rather than Terraform. I would love to have all our permissions in Terraform.
What about the current behavior has changed?
Implementing the security permissions for the
tagging
feature in Azure DevOps.Does this introduce a change to
go.mod
,go.sum
orvendor/
?Does this introduce a breaking change?