Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix attribute validation #254

Merged
merged 3 commits into from
Oct 4, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,14 @@
## 2.12.0 (October 4, 2024). Tested on Artifactory 7.90.13 and Xray 3.104.15 with Terraform 1.9.7 and OpenTofu 1.8.2

BUG FIXES:

* resource/xray_license_policy: Fix case insensitive attribute validations for `actions.custom_severity`.
* resource/xray_operational_risk_policy: Fix case insensitive attribute validations for `criteria.op_risk_min_risk`, `criteria.op_risk_custom.risk`.
* resource/xray_security_policy: Fix case insensitive attribute validations for `criteria.min_severity`, `criteria.exposures.min_severity`, and `criteria.package_type`.
* resource/xray_violations_report: Fix case insensitive attribute validations for `filter.type`.

PR: [#254](https://github.com/jfrog/terraform-provider-xray/pull/254) Issue: [#253](https://github.com/jfrog/terraform-provider-xray/issues/253)

## 2.11.2 (September 23, 2024). Tested on Artifactory 7.90.10 and Xray 3.104.11 with Terraform 1.9.6 and OpenTofu 1.8.2

BUG FIXES:
Expand Down
38 changes: 18 additions & 20 deletions pkg/xray/resource/policies.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,26 +29,24 @@ const (
)

var validPackageTypesSupportedXraySecPolicies = []string{
"alpine",
"bower",
"cargo",
"composer",
"conan",
"conda",
"cran",
"debian",
"docker",
"generic",
"go",
"huggingface",
"maven",
"npm",
"nuget",
"oci",
"pypi",
"rpm",
"rubygems",
"terraformbe",
"Alpine",
"Cargo",
"Composer",
"Conan",
"Conda",
"Cran",
"Debian",
"Docker",
"Generic",
"Go",
"HuggingFace",
"Maven",
"Npm",
"NuGet",
"Oci",
"Pypi",
"Rpm",
"Rubygems",
}

type PolicyResource struct {
Expand Down
2 changes: 1 addition & 1 deletion pkg/xray/resource/resource_xray_license_policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -266,7 +266,7 @@ var licensePolicyActionsAttrs = lo.Assign(
Computed: true,
Default: stringdefault.StaticString("High"),
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("Critical", "High", "Medium", "Low"),
stringvalidator.OneOf("Critical", "High", "Medium", "Low"),
},
Description: "The severity of violation to be triggered if the `criteria` are met.",
},
Expand Down
8 changes: 4 additions & 4 deletions pkg/xray/resource/resource_xray_operational_risk_policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ var opRiskPolicyCriteriaAttrs = map[string]schema.Attribute{
"op_risk_min_risk": schema.StringAttribute{
Optional: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("High", "Medium", "Low"),
stringvalidator.OneOf("High", "Medium", "Low"),
stringvalidator.ConflictsWith(
path.MatchRelative().AtParent().AtName("op_risk_custom"),
),
Expand Down Expand Up @@ -138,11 +138,11 @@ var opRiskPolicyCriteriaBlocks = map[string]schema.Block{
"risk": schema.StringAttribute{
Optional: true,
Computed: true,
Default: stringdefault.StaticString("low"),
Default: stringdefault.StaticString("Low"),
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("high", "medium", "low"),
stringvalidator.OneOf("High", "Medium", "Low"),
},
Description: "Risk severity: low, medium, high",
Description: "Risk severity: Low, Medium, High",
},
},
},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -283,7 +283,7 @@ func TestAccOperationalRiskPolicy_customCriteria(t *testing.T) {
testData["op_risk_custom_release_cadence_per_year_less_than"] = testutil.RandSelect("1", "2", "3", "4", "5").(string)
testData["op_risk_custom_commits_less_than"] = testutil.RandSelect("10", "25", "50", "100").(string)
testData["op_risk_custom_committers_less_than"] = testutil.RandSelect("1", "2", "3", "4", "5").(string)
testData["op_risk_custom_risk"] = testutil.RandSelect("high", "medium", "low").(string)
testData["op_risk_custom_risk"] = testutil.RandSelect("High", "Medium", "Low").(string)

const opertionalRiskPolicyCustomUnset = `resource "xray_operational_risk_policy" "{{ .resource_name }}" {
name = "{{ .policy_name }}"
Expand Down Expand Up @@ -394,7 +394,7 @@ func TestAccOperationalRiskPolicy_customCriteria_migration(t *testing.T) {
testData["policy_name"] = fmt.Sprintf("terraform-operational-risk-policy-%d", testutil.RandomInt())
testData["op_risk_custom_use_and_condition"] = "true"
testData["op_risk_custom_is_eol"] = "false"
testData["op_risk_custom_risk"] = testutil.RandSelect("high", "medium", "low").(string)
testData["op_risk_custom_risk"] = testutil.RandSelect("High", "Medium", "Low").(string)
delete(testData, "block_release_bundle_promotion")

resource.Test(t, resource.TestCase{
Expand Down
13 changes: 9 additions & 4 deletions pkg/xray/resource/resource_xray_repository_config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -255,8 +255,8 @@ func TestAccRepositoryConfig_JasDisabled_exposures_set(t *testing.T) {

func TestAccRepositoryConfig_RepoConfig_Create_VulnContextualAnalysis(t *testing.T) {
jasDisabled := os.Getenv("JFROG_JAS_DISABLED")
if strings.ToLower(jasDisabled) == "true" {
t.Skipf("Env var JFROG_JAS_DISABLED is set to 'true'")
if strings.ToLower(jasDisabled) != "false" {
t.Skipf("Env var JFROG_JAS_DISABLED is not set to 'false'")
}

testCase := []struct {
Expand Down Expand Up @@ -331,8 +331,8 @@ func testAccRepositoryConfigRepoConfigCreate_VulnContextualAnalysis(packageType,

func TestAccRepositoryConfig_RepoConfigCreate_exposure(t *testing.T) {
jasDisabled := os.Getenv("JFROG_JAS_DISABLED")
if strings.ToLower(jasDisabled) == "true" {
t.Skipf("Env var JFROG_JAS_DISABLED is set to 'true'")
if strings.ToLower(jasDisabled) != "false" {
t.Skipf("Env var JFROG_JAS_DISABLED is not set to 'false'")
}

testCase := []struct {
Expand Down Expand Up @@ -566,6 +566,11 @@ func TestAccRepositoryConfig_Missing_RetentionInDays(t *testing.T) {
}

func TestAccRepositoryConfig_RepoPathsUpdate(t *testing.T) {
jasDisabled := os.Getenv("JFROG_JAS_DISABLED")
if strings.ToLower(jasDisabled) == "true" {
t.Skipf("Env var JFROG_JAS_DISABLED is set to 'true'")
}

_, fqrn, resourceName := testutil.MkNames("xray-repo-config-", "xray_repository_config")
_, _, repoName := testutil.MkNames("generic-local", "artifactory_local_generic_repository")

Expand Down
17 changes: 12 additions & 5 deletions pkg/xray/resource/resource_xray_security_policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ import (
"github.com/hashicorp/terraform-plugin-framework/schema/validator"
"github.com/hashicorp/terraform-plugin-framework/types"
"github.com/jfrog/terraform-provider-shared/util"
"github.com/samber/lo"
)

var _ resource.Resource = &SecurityPolicyResource{}
Expand Down Expand Up @@ -145,10 +146,16 @@ func (r *SecurityPolicyResource) fromCriteriaAPIModel(ctx context.Context, crite

exposuresList := types.ListNull(exposuresElementType)
if criteraAPIModel.Exposures != nil {
var minSeverity *string
if criteraAPIModel.Exposures.MinSeverity != nil {
s := lo.Capitalize(*criteraAPIModel.Exposures.MinSeverity)
minSeverity = &s
}

exposures, d := types.ObjectValue(
exposuresAttrType,
map[string]attr.Value{
"min_severity": types.StringPointerValue(criteraAPIModel.Exposures.MinSeverity),
"min_severity": types.StringPointerValue(minSeverity),
"secrets": types.BoolPointerValue(criteraAPIModel.Exposures.Secrets),
"applications": types.BoolPointerValue(criteraAPIModel.Exposures.Applications),
"services": types.BoolPointerValue(criteraAPIModel.Exposures.Services),
Expand Down Expand Up @@ -310,9 +317,9 @@ var securityPolicyCriteriaBlocks = map[string]schema.Block{
"min_severity": schema.StringAttribute{
Optional: true,
Computed: true,
Default: stringdefault.StaticString("All Severities"),
Default: stringdefault.StaticString("All severities"),
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("All Severities", "Critical", "High", "Medium", "Low"),
stringvalidator.OneOf("All severities", "Critical", "High", "Medium", "Low"),
},
MarkdownDescription: "The minimum security vulnerability severity that will be impacted by the policy. Valid values: `All Severities`, `Critical`, `High`, `Medium`, `Low`",
},
Expand Down Expand Up @@ -365,7 +372,7 @@ var securityPolicyCriteriaAttrs = map[string]schema.Attribute{
"min_severity": schema.StringAttribute{
Optional: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("All Severities", "Critical", "High", "Medium", "Low"),
stringvalidator.OneOf("All severities", "Critical", "High", "Medium", "Low"),
stringvalidator.ConflictsWith(
path.MatchRelative().AtParent().AtName("cvss_range"),
),
Expand Down Expand Up @@ -438,7 +445,7 @@ var securityPolicyCriteriaAttrs = map[string]schema.Attribute{
"package_type": schema.StringAttribute{
Optional: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive(validPackageTypesSupportedXraySecPolicies...),
stringvalidator.OneOf(validPackageTypesSupportedXraySecPolicies...),
stringvalidator.AlsoRequires(
path.MatchRelative().AtParent().AtName("package_name"),
),
Expand Down
2 changes: 1 addition & 1 deletion pkg/xray/resource/resource_xray_security_policy_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -859,7 +859,7 @@ func TestAccSecurityPolicy_exposures(t *testing.T) {
testData["resource_name"] = resourceName
testData["policy_name"] = fmt.Sprintf("terraform-security-policy-6-%d", testutil.RandomInt())
testData["rule_name"] = fmt.Sprintf("test-security-rule-6-%d", testutil.RandomInt())
testData["exposures_min_severity"] = "high"
testData["exposures_min_severity"] = "High"
testData["exposures_secrets"] = "true"
testData["exposures_applications"] = "true"
testData["exposures_services"] = "true"
Expand Down
2 changes: 1 addition & 1 deletion pkg/xray/resource/resource_xray_violations_report.go
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ var violationsFiltersAttrs = map[string]schema.Attribute{
Optional: true,
Validators: []validator.String{
stringvalidator.LengthAtLeast(1),
stringvalidator.OneOfCaseInsensitive("security", "license", "operational_risk"),
stringvalidator.OneOf("security", "license", "operational_risk"),
},
Description: "Violation type.",
},
Expand Down
10 changes: 5 additions & 5 deletions pkg/xray/resource/resource_xray_watch.go
Original file line number Diff line number Diff line change
Expand Up @@ -575,7 +575,7 @@ func (r *WatchResource) Schema(ctx context.Context, req resource.SchemaRequest,
"type": schema.StringAttribute{
Required: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive(supportedResourceTypes...),
stringvalidator.OneOf(supportedResourceTypes...),
},
Description: fmt.Sprintf("Type of resource to be watched. Options: %s.", strings.Join(supportedResourceTypes, ", ")),
},
Expand All @@ -592,7 +592,7 @@ func (r *WatchResource) Schema(ctx context.Context, req resource.SchemaRequest,
"repo_type": schema.StringAttribute{
Optional: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("local", "remote"),
stringvalidator.OneOf("local", "remote"),
},
Description: "Type of repository. Only applicable when `type` is `repository`. Options: `local` or `remote`.",
},
Expand All @@ -604,7 +604,7 @@ func (r *WatchResource) Schema(ctx context.Context, req resource.SchemaRequest,
"type": schema.StringAttribute{
Required: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("regex", "path-regex", "package-type", "mime-type"),
stringvalidator.OneOf("regex", "path-regex", "package-type", "mime-type"),
},
Description: "The type of filter, such as `regex`, `path-regex`, `package-type`, or `mime-type`",
},
Expand Down Expand Up @@ -668,7 +668,7 @@ func (r *WatchResource) Schema(ctx context.Context, req resource.SchemaRequest,
"type": schema.StringAttribute{
Required: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("property"),
stringvalidator.OneOf("property"),
},
Description: "The type of filter. Currently only support `property`",
},
Expand Down Expand Up @@ -706,7 +706,7 @@ func (r *WatchResource) Schema(ctx context.Context, req resource.SchemaRequest,
"type": schema.StringAttribute{
Required: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive("security", "license", "operational_risk"),
stringvalidator.OneOf("security", "license", "operational_risk"),
},

Description: "The type of the policy - security, license or operational risk",
Expand Down