add region_override field to opslevel_aws_integration resource (#500)

* add region_override field to opslevel_aws_integration resource

* Update .changes/unreleased/Feature-20241007-131137.yaml

Co-authored-by: Kyle <kyle@opslevel.com>

* update submodule hash

* only update aws regionOverride if tracked by TF state or in plan

* set region override on create if known

---------

Co-authored-by: Kyle <kyle@opslevel.com>

.changes/unreleased/Feature-20241007-131137.yaml

@@ -0,0 +1,3 @@
+kind: Feature
+body: can override aws regions with "region_override" field on opslevel_aws_integration resource
+time: 2024-10-07T13:11:37.315799-05:00

examples/resources/opslevel_integration_aws/resource.tf

@@ -97,4 +97,5 @@ resource "opslevel_integration_aws" "dev" {
   external_id             = random_string.external_id.result
   ownership_tag_overrides = true
   ownership_tag_keys      = ["owner", "team", "group"]
+  region_override         = ["eu-west-1", "us-east-1"]
 }

opslevel/resource_opslevel_integration_aws.go

@@ -40,6 +40,7 @@ type IntegrationAwsResourceModel struct {
 	Name                  types.String `tfsdk:"name"`
 	OwnershipTagOverrides types.Bool   `tfsdk:"ownership_tag_overrides"`
 	OwnershipTagKeys      types.List   `tfsdk:"ownership_tag_keys"`
+	RegionOverride        types.List   `tfsdk:"region_override"`
 }
 
 func NewIntegrationAwsResourceModel(awsIntegration opslevel.Integration) IntegrationAwsResourceModel {
@@ -50,6 +51,7 @@ func NewIntegrationAwsResourceModel(awsIntegration opslevel.Integration) Integra
 		Name:                  RequiredStringValue(awsIntegration.Name),
 		OwnershipTagKeys:      OptionalStringListValue(awsIntegration.AWSIntegrationFragment.OwnershipTagKeys),
 		OwnershipTagOverrides: types.BoolValue(awsIntegration.OwnershipTagOverride),
+		RegionOverride:        OptionalStringListValue(awsIntegration.AWSIntegrationFragment.RegionOverride),
 	}
 }
 
@@ -101,6 +103,11 @@ func (r *IntegrationAwsResource) Schema(ctx context.Context, req resource.Schema
 				Description: "The name of the integration.",
 				Required:    true,
 			},
+			"region_override": schema.ListAttribute{
+				ElementType: types.StringType,
+				Description: "Overrides the AWS region(s) that will be synchronized by this integration.",
+				Optional:    true,
+			},
 		},
 	}
 }
@@ -126,6 +133,14 @@ func (r *IntegrationAwsResource) Create(ctx context.Context, req resource.Create
 		OwnershipTagOverride: planModel.OwnershipTagOverrides.ValueBoolPointer(),
 		OwnershipTagKeys:     ownershipTagKeys,
 	}
+	if !planModel.RegionOverride.IsNull() && !planModel.RegionOverride.IsUnknown() {
+		regionOverride, diags := ListValueToStringSlice(ctx, planModel.RegionOverride)
+		if diags != nil && diags.HasError() {
+			resp.Diagnostics.Append(diags...)
+			return
+		}
+		input.RegionOverride = &regionOverride
+	}
 
 	awsIntegration, err := r.client.CreateIntegrationAWS(input)
 	if err != nil {
@@ -162,10 +177,11 @@ func (r *IntegrationAwsResource) Read(ctx context.Context, req resource.ReadRequ
 }
 
 func (r *IntegrationAwsResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
-	var planModel IntegrationAwsResourceModel
+	var planModel, stateModel IntegrationAwsResourceModel
 
 	// Read Terraform plan data into the model
 	resp.Diagnostics.Append(req.Plan.Get(ctx, &planModel)...)
+	resp.Diagnostics.Append(req.State.Get(ctx, &stateModel)...)
 	if resp.Diagnostics.HasError() {
 		return
 	}
@@ -183,13 +199,22 @@ func (r *IntegrationAwsResource) Update(ctx context.Context, req resource.Update
 		OwnershipTagKeys:     ownershipTagKeys,
 	}
 
+	if !planModel.RegionOverride.IsNull() || !stateModel.RegionOverride.IsNull() {
+		regionOverride, diags := ListValueToStringSlice(ctx, planModel.RegionOverride)
+		if diags != nil && diags.HasError() {
+			resp.Diagnostics.Append(diags...)
+			return
+		}
+		input.RegionOverride = &regionOverride
+	}
+
 	awsIntegration, err := r.client.UpdateIntegrationAWS(planModel.Id.ValueString(), input)
 	if err != nil {
 		resp.Diagnostics.AddError("opslevel client error", fmt.Sprintf("Unable to update AWS integration, got error: %s", err))
 		return
 	}
 
-	stateModel := NewIntegrationAwsResourceModel(*awsIntegration)
+	stateModel = NewIntegrationAwsResourceModel(*awsIntegration)
 
 	tflog.Trace(ctx, "updated an AWS integration resource")
 	resp.Diagnostics.Append(resp.State.Set(ctx, &stateModel)...)

tests/remote/integration_aws/main.tf

@@ -4,4 +4,5 @@ resource "opslevel_integration_aws" "this" {
   external_id             = var.external_id
   ownership_tag_overrides = var.ownership_tag_overrides
   ownership_tag_keys      = var.ownership_tag_keys
+  region_override         = var.region_override
 }

tests/remote/integration_aws/variables.tf

@@ -24,3 +24,9 @@ variable "name" {
   type        = string
   description = "The name of the integration."
 }
+
+variable "region_override" {
+  type        = list(string)
+  description = "Overrides the AWS region(s) that will be synchronized by this integration."
+  default     = null
+}

tests/remote/integration_aws_all.tftest.hcl

@@ -9,6 +9,7 @@ variables {
   # optional fields
   ownership_tag_overrides = false
   ownership_tag_keys      = ["one", "two", "three", "four", "five"]
+  region_override         = ["eu-west-1", "us-east-1"]
 
   # default values - computed from API
   default_ownership_tag_keys      = tolist(["owner"])
@@ -29,6 +30,7 @@ run "resource_integration_aws_create_with_all_fields" {
       can(opslevel_integration_aws.this.ownership_tag_keys),
       can(opslevel_integration_aws.this.ownership_tag_overrides),
       can(opslevel_integration_aws.this.name),
+      can(opslevel_integration_aws.this.region_override),
     ])
     error_message = replace(var.error_unexpected_resource_fields, "TYPE", var.resource_name)
   }
@@ -83,6 +85,15 @@ run "resource_integration_aws_create_with_all_fields" {
     )
   }
 
+  assert {
+    condition = opslevel_integration_aws.this.region_override == var.region_override
+    error_message = format(
+      "expected '%v' but got '%v'",
+      var.region_override,
+      opslevel_integration_aws.this.region_override,
+    )
+  }
+
 }
 
 run "resource_integration_aws_unset_ownership_tag_keys" {
@@ -126,3 +137,20 @@ run "resource_integration_aws_unset_ownership_tag_overrides" {
   }
 
 }
+
+run "resource_integration_aws_unset_region_override" {
+
+  variables {
+    region_override = null
+  }
+
+  module {
+    source = "./integration_aws"
+  }
+
+  assert {
+    condition     = opslevel_integration_aws.this.region_override == null
+    error_message = var.error_expected_null_field
+  }
+
+}

tests/remote/integration_aws_min.tftest.hcl

@@ -9,6 +9,7 @@ variables {
   # optional fields
   ownership_tag_overrides = null
   ownership_tag_keys      = null
+  region_override         = null
 
   # default values - computed from API
   default_ownership_tag_keys      = tolist(["owner"])
@@ -71,6 +72,11 @@ run "resource_integration_aws_create_with_required_fields" {
     )
   }
 
+  assert {
+    condition     = opslevel_integration_aws.this.region_override == null
+    error_message = var.error_expected_null_field
+  }
+
 }
 
 run "resource_integration_aws_set_ownership_tag_keys" {
@@ -115,3 +121,24 @@ run "resource_integration_aws_set_ownership_tag_overrides" {
 
 }
 
+
+run "resource_integration_aws_set_region_override" {
+
+  variables {
+    region_override = ["eu-west-1", "us-east-1"]
+  }
+
+  module {
+    source = "./integration_aws"
+  }
+
+  assert {
+    condition = opslevel_integration_aws.this.region_override == var.region_override
+    error_message = format(
+      "expected '%v' but got '%v'",
+      var.region_override,
+      opslevel_integration_aws.this.region_override,
+    )
+  }
+
+}