diff --git a/cli/cmd/digger/default.go b/cli/cmd/digger/default.go index d22769b34..c980d4ab0 100644 --- a/cli/cmd/digger/default.go +++ b/cli/cmd/digger/default.go @@ -36,7 +36,7 @@ var defaultCmd = &cobra.Command{ lib_spec.LockProvider{}, lib_spec.ReporterProvider{}, lib_spec.BackendApiProvider{}, - lib_spec.PolicyProvider{}, + lib_spec.BasicPolicyProvider{}, lib_spec.PlanStorageProvider{}, comment_updater.CommentUpdaterProviderBasic{}, ) diff --git a/cli/cmd/digger/run_spec.go b/cli/cmd/digger/run_spec.go index b6f1d22b0..9f003991d 100644 --- a/cli/cmd/digger/run_spec.go +++ b/cli/cmd/digger/run_spec.go @@ -38,7 +38,7 @@ var runSpecCmd = &cobra.Command{ lib_spec.LockProvider{}, lib_spec.ReporterProvider{}, lib_spec.BackendApiProvider{}, - lib_spec.PolicyProvider{}, + lib_spec.BasicPolicyProvider{}, lib_spec.PlanStorageProvider{}, comment_summary.CommentUpdaterProviderBasic{}, ) diff --git a/cli/pkg/spec/spec.go b/cli/pkg/spec/spec.go index a0a84b6bc..18b064ce4 100644 --- a/cli/pkg/spec/spec.go +++ b/cli/pkg/spec/spec.go @@ -22,7 +22,7 @@ func RunSpec( lockProvider spec.LockProvider, reporterProvider spec.ReporterProvider, backedProvider spec.BackendApiProvider, - policyProvider spec.PolicyProvider, + policyProvider spec.SpecPolicyProvider, PlanStorageProvider spec.PlanStorageProvider, commentUpdaterProvider comment_summary.CommentUpdaterProvider, ) error { diff --git a/docs/ee/ee-setup.mdx b/docs/ee/ee-setup.mdx index 7dd3e8bb5..86f83f6f5 100644 --- a/docs/ee/ee-setup.mdx +++ b/docs/ee/ee-setup.mdx @@ -28,6 +28,6 @@ Since you are using To test digger with a plan you can create a PR to one of your terragrunt directories. You will see that digger will start performing a plan and comment it in your Pull request like in the image below: -![Screenshot 2024-06-05 at 18.56.26.png](https://prod-files-secure.s3.us-west-2.amazonaws.com/3f5b7835-e421-4ee4-82ea-ac3b7af79507/81a7a374-6a6f-4472-b8f9-dbf26615fd36/Screenshot_2024-06-05_at_18.56.26.png) +![](images/ee/example-plan.png) Now in order to perform the apply for this change you just need to comment `digger apply` which will go ahead and apply the changes in the right environment. \ No newline at end of file diff --git a/docs/images/ee/example-plan.png b/docs/images/ee/example-plan.png new file mode 100644 index 000000000..b4e80e0c7 Binary files /dev/null and b/docs/images/ee/example-plan.png differ diff --git a/ee/cli/cmd/digger/default.go b/ee/cli/cmd/digger/default.go index f52b1d88d..0eaed0910 100644 --- a/ee/cli/cmd/digger/default.go +++ b/ee/cli/cmd/digger/default.go @@ -37,7 +37,7 @@ var defaultCmd = &cobra.Command{ lib_spec.LockProvider{}, lib_spec.ReporterProvider{}, lib_spec.BackendApiProvider{}, - lib_spec.PolicyProvider{}, + policy.AdvancedPolicyProvider{}, lib_spec.PlanStorageProvider{}, comment_summary.CommentUpdaterProviderBasic{}, ) diff --git a/ee/cli/cmd/digger/run_spec.go b/ee/cli/cmd/digger/run_spec.go index b6f1d22b0..1c2996cc9 100644 --- a/ee/cli/cmd/digger/run_spec.go +++ b/ee/cli/cmd/digger/run_spec.go @@ -5,6 +5,7 @@ import ( "fmt" spec2 "github.com/diggerhq/digger/cli/pkg/spec" "github.com/diggerhq/digger/cli/pkg/usage" + "github.com/diggerhq/digger/ee/cli/pkg/policy" comment_summary "github.com/diggerhq/digger/libs/comment_utils/summary" lib_spec "github.com/diggerhq/digger/libs/spec" "github.com/spf13/cobra" @@ -38,7 +39,7 @@ var runSpecCmd = &cobra.Command{ lib_spec.LockProvider{}, lib_spec.ReporterProvider{}, lib_spec.BackendApiProvider{}, - lib_spec.PolicyProvider{}, + policy.AdvancedPolicyProvider{}, lib_spec.PlanStorageProvider{}, comment_summary.CommentUpdaterProviderBasic{}, ) diff --git a/ee/cli/pkg/policy/providers.go b/ee/cli/pkg/policy/providers.go index 71a7f0406..826aea700 100644 --- a/ee/cli/pkg/policy/providers.go +++ b/ee/cli/pkg/policy/providers.go @@ -4,9 +4,31 @@ import ( "fmt" core_policy "github.com/diggerhq/digger/cli/pkg/core/policy" "github.com/diggerhq/digger/cli/pkg/policy" + lib_spec "github.com/diggerhq/digger/libs/spec" "os" ) +type AdvancedPolicyProvider struct{} + +func (p AdvancedPolicyProvider) GetPolicyProvider(policySpec lib_spec.PolicySpec, diggerHost string, diggerOrg string, token string) (core_policy.Checker, error) { + managementRepo := os.Getenv("DIGGER_MANAGEMENT_REPO") + if managementRepo != "" { + token := os.Getenv("GITHUB_TOKEN") + if token == "" { + return nil, fmt.Errorf("failed to get managent repo policy provider: GITHUB_TOKEN not specified") + } + return policy.DiggerPolicyChecker{ + PolicyProvider: DiggerRepoPolicyProvider{ + ManagementRepoUrl: managementRepo, + GitToken: token, + }, + }, nil + } + + checker, err := lib_spec.BasicPolicyProvider{}.GetPolicyProvider(policySpec, diggerHost, diggerOrg, token) + return checker, err +} + type PolicyCheckerProviderAdvanced struct{} func (p PolicyCheckerProviderAdvanced) Get(hostname string, organisationName string, authToken string) (core_policy.Checker, error) { diff --git a/libs/spec/providers.go b/libs/spec/providers.go index d7c718ab9..cfc02e2a3 100644 --- a/libs/spec/providers.go +++ b/libs/spec/providers.go @@ -182,9 +182,13 @@ func (v VCSProvider) GetPrService(vcsSpec VcsSpec) (orchestrator.PullRequestServ } } -type PolicyProvider struct{} +type SpecPolicyProvider interface { + GetPolicyProvider(policySpec PolicySpec, diggerHost string, diggerOrg string, token string) (policy.Checker, error) +} + +type BasicPolicyProvider struct{} -func (p PolicyProvider) GetPolicyProvider(policySpec PolicySpec, diggerHost string, diggerOrg string, token string) (policy.Checker, error) { +func (p BasicPolicyProvider) GetPolicyProvider(policySpec PolicySpec, diggerHost string, diggerOrg string, token string) (policy.Checker, error) { switch policySpec.PolicyType { case "http": return policy2.DiggerPolicyChecker{