fix abac rule update and tags inconsistency

Author: ilia-medvedev

codefresh/cfclient/gitops_abac_rules.go

@@ -31,6 +31,7 @@ type GitopsAbacRuleResponse struct {
 	Data struct {
 		AbacRule       GitopsAbacRule `json:"abacRule,omitempty"`
 		CreateAbacRule GitopsAbacRule `json:"createAbacRule,omitempty"`
+		UpdateAbacRule GitopsAbacRule `json:"updateAbacRule,omitempty"`
 		RemoveAbacRule GitopsAbacRule `json:"removeAbacRule,omitempty"`
 	} `json:"data"`
 }
@@ -165,6 +166,54 @@ func (client *Client) CreateAbacRule(gitopsAbacRule *GitopsAbacRule) (*GitopsAba
 	return &gitopsAbacRuleResponse.Data.CreateAbacRule, nil
 }
 
+func (client *Client) UpdateAbacRule(gitopsAbacRule *GitopsAbacRule) (*GitopsAbacRule, error) {
+	acc, err := client.GetCurrentAccount()
+	gitopsAbacRule.AccountId = acc.ID
+	if err != nil {
+		return nil, err
+	}
+
+	request := GraphQLRequest{
+		Query: `mutation ($accountId: String!, $updateAbacRuleInput: UpdateAbacRuleInput!) {
+					updateAbacRule(
+						accountId: $accountId
+						updateAbacRuleInput: $updateAbacRuleInput
+					) {
+						id
+						accountId
+						entityType
+						teams
+						tags
+						actions
+						attributes {
+						name
+						key
+						value
+						}
+					}
+				}
+		`,
+		Variables: map[string]interface{}{
+			"accountId":           acc.ID,
+			"updateAbacRuleInput": gitopsAbacRule,
+		},
+	}
+
+	response, err := client.SendGqlRequest(request)
+	if err != nil {
+		fmt.Println("Error:", err)
+		return nil, err
+	}
+
+	var gitopsAbacRuleResponse GitopsAbacRuleResponse
+	err = DecodeGraphQLResponseInto(response, &gitopsAbacRuleResponse)
+	if err != nil {
+		return nil, err
+	}
+
+	return &gitopsAbacRuleResponse.Data.UpdateAbacRule, nil
+}
+
 func (client *Client) DeleteAbacRule(id string) (*GitopsAbacRule, error) {
 	request := GraphQLRequest{
 		Query: `

codefresh/resource_abac_rules.go

@@ -3,7 +3,6 @@ package codefresh
 import (
 	"context"
 	"fmt"
-	"log"
 
 	"github.com/codefresh-io/terraform-provider-codefresh/codefresh/cfclient"
 	"github.com/codefresh-io/terraform-provider-codefresh/codefresh/internal/datautil"
@@ -58,6 +57,10 @@ The effective tags of the resource to apply the permission to. There are two spe
 				`,
 				Type:     schema.TypeSet,
 				Optional: true,
+				Computed: true,
+				DefaultFunc: func() (interface{}, error) {
+					return []string{"*", "untagged"}, nil
+				},
 				Elem: &schema.Schema{
 					Type: schema.TypeString,
 				},
@@ -102,7 +105,6 @@ Action to be allowed. Possible values:
 		},
 		CustomizeDiff: func(ctx context.Context, diff *schema.ResourceDiff, v interface{}) error {
 			actions := diff.Get("actions").(*schema.Set).List()
-
 			for _, action := range actions {
 				actionStr := action.(string)
 				if !contains(validSetValues, actionStr) {
@@ -169,17 +171,11 @@ func resourceGitopsAbacRuleUpdate(d *schema.ResourceData, meta interface{}) erro
 	client := meta.(*cfclient.Client)
 
 	abacRule := *mapResourceToGitopsAbacRule(d)
-	resp, err := client.CreateAbacRule(&abacRule)
+	_, err := client.UpdateAbacRule(&abacRule)
 	if err != nil {
 		return err
 	}
 
-	deleteErr := resourceGitopsAbacRuleDelete(d, meta)
-	if deleteErr != nil {
-		log.Printf("[WARN] failed to delete permission %v: %v", abacRule, deleteErr)
-	}
-	d.SetId(resp.ID)
-
 	return resourceGitopsAbacRuleRead(d, meta)
 }