feat: add runtime-environment resource support to codefresh_permission resource (#164)

## What

## Why

## Notes
<!-- Add any notes here -->

## Checklist

* [ ] _I have read
[CONTRIBUTING.md](https://github.com/codefresh-io/terraform-provider-codefresh/blob/master/CONTRIBUTING.md)._
* [ ] _I have [allowed changes to my fork to be
made](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)._
* [ ] _I have added tests, assuming new tests are warranted_.
* [ ] _I understand that the `/test` comment will be ignored by the CI
trigger [unless it is made by a repo admin or
collaborator](https://codefresh.io/docs/docs/pipelines/triggers/git-triggers/#support-for-building-pull-requests-from-forks)._

Author: ilia-medvedev-codefresh

codefresh/data_current_account_user.go

@@ -78,7 +78,6 @@ func mapDataCurrentAccountUserToResource(currentAccount *cfclient.CurrentAccount
 				return err
 			}
 
-
 			err = d.Set("email", user.Email)
 
 			if err != nil {

codefresh/data_idps.go

@@ -147,19 +147,19 @@ func mapDataIdpToResource(idp cfclient.IDP, d *schema.ResourceData) error {
 	//d.Set("apiURL", idp.ApiURL) //          string   `json:"apiURL,omitempty"`
 	//d.Set("appId", idp.AppId) //          string   `json:"appId,omitempty"`
 	//d.Set("authURL", idp.AuthURL) //        string   `json:"authURL,omitempty"`
-	err = d.Set("client_host", idp.ClientHost)     //     string   `json:"clientHost,omitempty"`
+	err = d.Set("client_host", idp.ClientHost) //     string   `json:"clientHost,omitempty"`
 
 	if err != nil {
 		return err
 	}
 
-	err = d.Set("client_id", idp.ClientId)         //       string   `json:"clientId,omitempty"`
+	err = d.Set("client_id", idp.ClientId) //       string   `json:"clientId,omitempty"`
 
 	if err != nil {
 		return err
 	}
 
-	err = d.Set("client_name", idp.ClientName)     //     string   `json:"clientName,omitempty"`
+	err = d.Set("client_name", idp.ClientName) //     string   `json:"clientName,omitempty"`
 
 	if err != nil {
 		return err
@@ -171,32 +171,31 @@ func mapDataIdpToResource(idp cfclient.IDP, d *schema.ResourceData) error {
 		return err
 	}
 
-	err = d.Set("client_type", idp.ClientType)     //      string   `json:"clientType,omitempty"`
+	err = d.Set("client_type", idp.ClientType) //      string   `json:"clientType,omitempty"`
 
 	if err != nil {
 		return err
 	}
 
-
-	err = d.Set("cookie_iv", idp.CookieIv)         //        string   `json:"cookieIv,omitempty"`
+	err = d.Set("cookie_iv", idp.CookieIv) //        string   `json:"cookieIv,omitempty"`
 
 	if err != nil {
 		return err
 	}
 
-	err = d.Set("cookie_key", idp.CookieKey)       //       string   `json:"cookieKey,omitempty"`
+	err = d.Set("cookie_key", idp.CookieKey) //       string   `json:"cookieKey,omitempty"`
 
 	if err != nil {
 		return err
 	}
 
-	err = d.Set("display_name", idp.DisplayName)   //     string   `json:"displayName,omitempty"`
+	err = d.Set("display_name", idp.DisplayName) //     string   `json:"displayName,omitempty"`
 
 	if err != nil {
 		return err
 	}
 
-	err = d.Set("_id", idp.ID)                     //              string   `json:"_id,omitempty"`
+	err = d.Set("_id", idp.ID) //              string   `json:"_id,omitempty"`
 
 	if err != nil {
 		return err
@@ -212,7 +211,7 @@ func mapDataIdpToResource(idp cfclient.IDP, d *schema.ResourceData) error {
 		return err
 	}
 
-	err = d.Set("tenant", idp.Tenant)                            //          string   `json:"tenant,omitempty"`
+	err = d.Set("tenant", idp.Tenant) //          string   `json:"tenant,omitempty"`
 
 	if err != nil {
 		return err

codefresh/internal/datautil/yaml.go

@@ -1,10 +1,10 @@
 package datautil
 
 import (
-	"io"
-	"strings"
 	"github.com/mikefarah/yq/v4/pkg/yqlib"
 	"gopkg.in/op/go-logging.v1"
+	"io"
+	"strings"
 )
 
 const (

codefresh/resource_account_user_association.go

@@ -98,7 +98,6 @@ func resourceAccountUserAssociationRead(d *schema.ResourceData, meta interface{}
 	if userID == "" {
 		d.SetId("")
 
-
 		return nil
 	}
 

codefresh/resource_permission.go

@@ -10,7 +10,6 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
-	funk "github.com/thoas/go-funk"
 )
 
 func resourcePermission() *schema.Resource {
@@ -41,13 +40,15 @@ The type of resources the permission applies to. Possible values:
 	* pipeline
 	* cluster
 	* project
+	* runtime-environment
 				`,
 				Type:     schema.TypeString,
 				Required: true,
 				ValidateFunc: validation.StringInSlice([]string{
 					"pipeline",
 					"cluster",
 					"project",
+					"runtime-environment",
 				}, false),
 			},
 			"related_resource": {
@@ -65,7 +66,7 @@ Specifies the resource to use when evaluating the tags. Possible values:
 				Description: `
 Action to be allowed. Possible values:
 	* create
-	* read
+	* read (For runtime-environment resource, 'read' means 'assign')
 	* update
 	* delete
 	* run (Only valid for pipeline resource)
@@ -110,7 +111,7 @@ func resourcePermissionCustomDiff(ctx context.Context, diff *schema.ResourceDiff
 		}
 	}
 	if diff.HasChanges("resource", "action") {
-		if funk.Contains([]string{"run", "approve", "debug"}, diff.Get("action").(string)) && diff.Get("resource").(string) != "pipeline" {
+		if contains([]string{"run", "approve", "debug"}, diff.Get("action").(string)) && diff.Get("resource").(string) != "pipeline" {
 			return fmt.Errorf("action %v is only valid when resource is 'pipeline'", diff.Get("action").(string))
 		}
 	}

codefresh/resource_permission_test.go

@@ -42,6 +42,16 @@ func TestAccCodefreshPermissionConfig(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "tags.1", "production"),
 				),
 			},
+			{
+				Config: testAccCodefreshNoRelatedResourcePermissionConfig("create", "runtime-environment", []string{"production", "*"}),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckCodefreshPermissionExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "action", "create"),
+					resource.TestCheckResourceAttr(resourceName, "resource", "runtime-environment"),
+					resource.TestCheckResourceAttr(resourceName, "tags.0", "*"),
+					resource.TestCheckResourceAttr(resourceName, "tags.1", "production"),
+				),
+			},
 			{
 				ResourceName:      resourceName,
 				ImportState:       true,
@@ -96,3 +106,26 @@ func testAccCodefreshPermissionConfig(action, resource, relatedResource string,
 	}
 `, escapeString(action), escapeString(resource), escapeString(relatedResource), strings.Join(tagsEscaped[:], ","))
 }
+
+func testAccCodefreshNoRelatedResourcePermissionConfig(action, resource string, tags []string) string {
+	escapeString := func(str string) string {
+		if str == "null" {
+			return str // null means Terraform should ignore this field
+		}
+		return fmt.Sprintf(`"%s"`, str)
+	}
+	tagsEscaped := funk.Map(tags, escapeString).([]string)
+
+	return fmt.Sprintf(`
+	data "codefresh_team" "users" {
+		name = "users"
+	}
+
+	resource "codefresh_permission" "test" {
+		team             = data.codefresh_team.users.id
+		action           = %s
+		resource         = %s
+		tags             = [%s]
+	}
+`, escapeString(action), escapeString(resource), strings.Join(tagsEscaped[:], ","))
+}

codefresh/resource_step_types.go

@@ -10,8 +10,8 @@ import (
 
 	"github.com/Masterminds/semver"
 	"github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient"
-	"github.com/codefresh-io/terraform-provider-codefresh/codefresh/internal/schemautil"
 	"github.com/codefresh-io/terraform-provider-codefresh/codefresh/internal/datautil"
+	"github.com/codefresh-io/terraform-provider-codefresh/codefresh/internal/schemautil"
 	ghodss "github.com/ghodss/yaml"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

docs/resources/permission.md

@@ -42,7 +42,7 @@ resource "codefresh_permission" "developers" {
 
 - `action` (String) Action to be allowed. Possible values:
 	* create
-	* read
+	* read (For runtime-environment resource, 'read' means 'assign')
 	* update
 	* delete
 	* run (Only valid for pipeline resource)
@@ -52,6 +52,7 @@ resource "codefresh_permission" "developers" {
 	* pipeline
 	* cluster
 	* project
+	* runtime-environment
 - `team` (String) The Id of the team the permissions apply to.
 
 ### Optional