Merge pull request #1056 from jfrog/add-package-cleanup-policy-resource

Add `artifactory_package_cleanup_policy` resource

.github/workflows/acceptance-tests.yml

@@ -122,7 +122,7 @@ jobs:
           cp sample.tf.tmp sample.tf && rm sample.tf.tmp
           TERRAFORM_CLI=${{ matrix.cli }} make install
       - name: Clean up Docker container
-        if: always()
+        if: always() && steps.run_artifactory_container.conclusion == 'success'
         run: docker stop artifactory
       - name: Send workflow status to Slack
         uses: slackapi/slack-github-action@v1.26.0

.github/workflows/release.yml

@@ -17,29 +17,22 @@ on:
 jobs:
   goreleaser:
     runs-on: ubuntu-latest
-    if: |
-      (startsWith(github.ref, 'refs/tags/') && github.event.base_ref == 'refs/heads/master') 
-      || (startsWith(github.ref, 'refs/tags/') && github.event.base_ref == 'refs/heads/v6')
+    if: (startsWith(github.ref, 'refs/tags/') && github.event.base_ref == 'refs/heads/master')
     steps:
-      -
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@v4
-      -
-        name: Unshallow
+      - name: Unshallow
         run: git fetch --prune --unshallow
-      -
-        name: Set up Go
+      - name: Set up Go
         uses: actions/setup-go@v5
         with:
           go-version: 1.22
-      -
-        name: Import GPG key
+      - name: Import GPG key
         id: import_gpg
         uses: crazy-max/ghaction-import-gpg@v6
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.PASSPHRASE }}
-      -
         name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v6
         with:

CHANGELOG.md

@@ -1,3 +1,9 @@
+## 11.7.0 (August 22, 2024). Tested on Artifactory 7.90.8 with Terraform 1.9.5 and OpenTofu 1.8.1
+
+FEATURES:
+
+**New Resource:** `artifactory_package_cleanup_policy` to support [Retention Policy](https://jfrog.com/help/r/jfrog-platform-administration-documentation/retention-policies) PR: [#1056](https://github.com/jfrog/terraform-provider-artifactory/pull/1056)
+
 ## 11.6.0 (August 12, 2024). Tested on Artifactory 7.90.7 with Terraform 1.9.4 and OpenTofu 1.8.1
 
 NOTES:

docs/index.md

@@ -99,7 +99,7 @@ During the provider start up, if it finds env var `TFC_WORKLOAD_IDENTITY_TOKEN`
 
 Follow [confgure an OIDC integration](https://jfrog.com/help/r/jfrog-platform-administration-documentation/configure-an-oidc-integration). Enter a name for the provider, e.g. `terraform-cloud`. Use `https://app.terraform.io` for "Provider URL". Choose your own value for "Audience", e.g. `jfrog-terraform-cloud`.
 
-Then [configure an identity mapping](https://jfrog.com/help/r/jfrog-platform-administration-documentation/configure-identity-mappings) with an empty "Claims JSON" (`{}`), and select the "Token scope", "User", and "Service" as desired.
+Then [configure an identity mapping](https://jfrog.com/help/r/jfrog-platform-administration-documentation/configure-identity-mappings) with appropriate "Claims JSON" (e.g. `aud`, `sub` at minimum. See [Terraform Workload Identity - Configuring Trust with your Cloud Platform](https://developer.hashicorp.com/terraform/cloud-docs/workspaces/dynamic-provider-credentials/workload-identity-tokens#configuring-trust-with-your-cloud-platform)), and select the "Token scope", "User", and "Service" as desired.
 
 #### Set environment variable in your Terraform Workspace
 

docs/resources/package_cleanup_policy.md

@@ -0,0 +1,80 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "artifactory_package_cleanup_policy Resource - terraform-provider-artifactory"
+subcategory: "Configuration"
+description: |-
+  Provides an Artifactory Package Cleanup Policy resource. This resource enable system administrators to define and customize policies based on specific criteria for removing unused binaries from across their JFrog platform. See Rentation Policies https://jfrog.com/help/r/jfrog-platform-administration-documentation/retention-policies for more details.
+  ->Only available for Artifactory 7.90.1 or later.
+---
+
+# artifactory_package_cleanup_policy (Resource)
+
+Provides an Artifactory Package Cleanup Policy resource. This resource enable system administrators to define and customize policies based on specific criteria for removing unused binaries from across their JFrog platform. See [Rentation Policies](https://jfrog.com/help/r/jfrog-platform-administration-documentation/retention-policies) for more details.
+
+->Only available for Artifactory 7.90.1 or later.
+
+## Example Usage
+
+```terraform
+resource "artifactory_package_cleanup_policy" "my-cleanup-policy" {
+  key = "my-policy"
+  description = "My package cleanup policy"
+  cron_expression = "0 0 2 ? * MON-SAT *"
+  duration_in_minutes = 60
+  enabled = true
+  skip_trashcan = false
+  
+  search_criteria = {
+    package_types = ["docker"]
+    repos = ["my-docker-local"]
+    included_projects = ["myproj"]
+    included_packages = ["**"]
+    excluded_packages = ["com/jfrog/latest"]
+    created_before_in_months = 1
+    last_downloaded_before_in_months = 6
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `key` (String) Policy key. It has to be unique. It should not be used for other policies and configuration entities like archive policies, key pairs, repo layouts, property sets, backups, proxies, reverse proxies etc.
+- `search_criteria` (Attributes) (see [below for nested schema](#nestedatt--search_criteria))
+
+### Optional
+
+- `cron_expression` (String) The Cron expression that sets the schedule of policy execution. For example, `0 0 2 * * ?` executes the policy every day at 02:00 AM. The minimum recurrent time for policy execution is 6 hours.
+- `description` (String)
+- `duration_in_minutes` (Number) Enable and select the maximum duration for policy execution. Note: using this setting can cause the policy to stop before completion.
+- `enabled` (Boolean) Enables or disabled the package cleanup policy. This allows the user to run the policy manually. If a policy has a valid cron expression, then it will be scheduled for execution based on it. If a policy is disabled, its future executions will be unscheduled. Defaults to `true`
+- `skip_trashcan` (Boolean) When enabled, deleted packages are permanently removed from Artifactory without an option to restore them. Defaults to `false`
+
+<a id="nestedatt--search_criteria"></a>
+### Nested Schema for `search_criteria`
+
+Required:
+
+- `included_packages` (Set of String) Specify a pattern for a package name or an explicit package name. It accept only single element which can be specific package or pattern, and for including all packages use `**`. Example: `included_packages = ["**"]`
+- `package_types` (Set of String) Types of packages to be removed. Support: conan, docker, generic, gradle, maven, npm, nuget, rpm.
+- `repos` (Set of String) Specify patterns for repository names or explicit repository names. For including all repos use `**`. Example: `repos = ["**"]`
+
+Optional:
+
+- `created_before_in_months` (Number) Remove packages based on when they were created.
+- `excluded_packages` (Set of String) Specify explicit package names that you want excluded from the policy.
+- `excluded_repos` (Set of String) Specify patterns for repository names or explicit repository names that you want excluded from the policy. It can not accept any pattern only list of specific repositories.
+- `include_all_projects` (Boolean)
+- `included_projects` (Set of String) List of projects name(s) to apply the policy to.
+- `keep_last_n_versions` (Number) Select the number of latest version to keep. The policy will remove all versions (based on creation date) prior to the selected number. Some package types may not be supported. [Learn more](https://jfrog.com/help/r/jfrog-platform-administration-documentation/retention-policies/package-types-coverage)
+- `last_downloaded_before_in_months` (Number) Remove packages based on when they were last downloaded.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import artifactory_package_cleanup_policy.my-cleanup-policy my-policy
+```

examples/resources/artifactory_package_cleanup_policy/import.sh

@@ -0,0 +1 @@
+terraform import artifactory_package_cleanup_policy.my-cleanup-policy my-policy

examples/resources/artifactory_package_cleanup_policy/resource.tf

@@ -0,0 +1,18 @@
+resource "artifactory_package_cleanup_policy" "my-cleanup-policy" {
+  key = "my-policy"
+  description = "My package cleanup policy"
+  cron_expression = "0 0 2 ? * MON-SAT *"
+  duration_in_minutes = 60
+  enabled = true
+  skip_trashcan = false
+
+  search_criteria = {
+    package_types = ["docker"]
+    repos = ["my-docker-local"]
+    included_projects = ["myproj"]
+    included_packages = ["**"]
+    excluded_packages = ["com/jfrog/latest"]
+    created_before_in_months = 1
+    last_downloaded_before_in_months = 6
+  }
+}

pkg/artifactory/datasource/artifact/datasource_artifactory_file_list.go

@@ -16,11 +16,14 @@ import (
 )
 
 func NewFileListDataSource() datasource.DataSource {
-	return &FileListDataSource{}
+	return &FileListDataSource{
+		TypeName: "artifactory_file_list",
+	}
 }
 
 type FileListDataSource struct {
 	ProviderData util.ProviderMetadata
+	TypeName     string
 }
 
 type FileListDataSourceModel struct {
@@ -118,7 +121,7 @@ type FileListMetadataTimestamps struct {
 }
 
 func (d *FileListDataSource) Metadata(ctx context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
-	resp.TypeName = req.ProviderTypeName + "_file_list"
+	resp.TypeName = d.TypeName
 }
 
 func (d *FileListDataSource) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) {

pkg/artifactory/provider/framework.go

@@ -217,6 +217,7 @@ func (p *ArtifactoryProvider) Resources(ctx context.Context) []func() resource.R
 		configuration.NewBackupResource,
 		configuration.NewGeneralSecurityResource,
 		configuration.NewMailServerResource,
+		configuration.NewPackageCleanupPolicyResource,
 		configuration.NewPropertySetResource,
 		configuration.NewProxyResource,
 		configuration.NewRepositoryLayoutResource,

pkg/artifactory/resource/artifact/resource_artifactory_artifact.go

@@ -21,7 +21,9 @@ import (
 )
 
 func NewArtifactResource() resource.Resource {
-	return &ArtifactResource{}
+	return &ArtifactResource{
+		TypeName: "artifactory_artifact",
+	}
 }
 
 type ArtifactResource struct {
@@ -89,8 +91,7 @@ type ArtifactResourceAPIModel struct {
 }
 
 func (r *ArtifactResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
-	resp.TypeName = req.ProviderTypeName + "_artifact"
-	r.TypeName = resp.TypeName
+	resp.TypeName = r.TypeName
 }
 
 func (r *ArtifactResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {

pkg/artifactory/resource/configuration/resource_artifactory_general_security.go

@@ -16,7 +16,9 @@ import (
 )
 
 func NewGeneralSecurityResource() resource.Resource {
-	return &GeneralSecurityResource{}
+	return &GeneralSecurityResource{
+		TypeName: "artifactory_general_security",
+	}
 }
 
 type GeneralSecurityResource struct {
@@ -38,8 +40,7 @@ type GeneralSettingsAPIModel struct {
 }
 
 func (r *GeneralSecurityResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
-	resp.TypeName = req.ProviderTypeName + "_general_security"
-	r.TypeName = resp.TypeName
+	resp.TypeName = r.TypeName
 }
 
 func (r *GeneralSecurityResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {