feat(workspace_git_outbound_policy): onboard new resource and data source

[catalina-gav]

📥 Pull Request

❓ What are you trying to address

Close #841
Close #842

[github-actions]

Changelog Preview

v1.8.1-dev - March 09, 2026

✨ Added

• #841 Added fabric_workspace_git_outbound_policy data source
• #842 Added fabric_workspace_git_outbound_policy resource

[Copilot]

Pull request overview

Adds support for managing and reading Microsoft Fabric Workspace Git Outbound Policy via a new Terraform resource and data source, and wires them into the provider to close issues #841 and #842.

Changes:

• Introduces fabric_workspace_git_outbound_policy resource (CRUD via Set/Get API; delete resets to defaults).
• Introduces fabric_workspace_git_outbound_policy data source (read via Get API).
• Registers both in the provider and adds docs, examples, changelog entries, and unit/acceptance tests.

Reviewed changes

Copilot reviewed 20 out of 20 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
internal/services/workspacegop/base.go	Defines type metadata (name/type/docs URL/SPN support).
internal/services/workspacegop/base_test.go	Exposes ItemTypeInfo for tests.
internal/services/workspacegop/schema.go	Adds shared schema for resource/data source (workspace_id, default_action, timeouts).
internal/services/workspacegop/models.go	Adds TF models and request mapping to SDK types.
internal/services/workspacegop/resource_workspace_git_outbound_policy.go	Implements resource CRUD using WorkspacesClient Get/SetGitOutboundPolicy.
internal/services/workspacegop/data_workspace_git_outbound_policy.go	Implements data source read using WorkspacesClient GetGitOutboundPolicy.
internal/services/workspacegop/fake_test.go	Adds fakes for Get/Set Git outbound policy for unit tests.
internal/services/workspacegop/resource_workspace_git_outbound_policy_test.go	Adds unit tests for schema validation + CRUD, plus acceptance CRUD.
internal/services/workspacegop/data_workspace_git_outbound_policy_test.go	Adds unit + acceptance tests for data source read scenarios.
internal/provider/provider.go	Registers the new resource and data source with the provider.
examples/resources/fabric_workspace_git_outbound_policy/providers.tf	Adds example provider configuration for the new resource.
examples/resources/fabric_workspace_git_outbound_policy/resource.tf	Adds example resource usage.
examples/resources/fabric_workspace_git_outbound_policy/outputs.tf	Adds example output for the resource.
examples/data-sources/fabric_workspace_git_outbound_policy/providers.tf	Adds example provider configuration for the new data source.
examples/data-sources/fabric_workspace_git_outbound_policy/data-source.tf	Adds example data source usage.
examples/data-sources/fabric_workspace_git_outbound_policy/outputs.tf	Adds example output for the data source.
docs/resources/workspace_git_outbound_policy.md	Generated docs for the new resource.
docs/data-sources/workspace_git_outbound_policy.md	Generated docs for the new data source.
.changes/unreleased/added-20260309-142940.yaml	Changelog entry for data source addition (Issue 841).
.changes/unreleased/added-20260309-143029.yaml	Changelog entry for resource addition (Issue 842).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[OrBaubergMicrosoft]

when is it null?

[catalina-gav]

on delete

[OrBaubergMicrosoft]

what is the default value?
should we have another property for behavior on deletion?
preserving or allowing with one as default value?

[catalina-gav]

When having sent an empty request body to the API i received DefaultAction set to Deny and rules as []. So I would assume Deny is the default value, but it is not documented anywhere so I think that if this is meant to reset to defaults, sending the empty request body is the most accurate one in getting the default values as intended. For other resources for example, default value seems to be Allow, so it's not consistent