Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed #286 by forcing new a saved search resource if the name changes… #287

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fixed #286 by forcing new a saved search resource if the name changes… #287

wants to merge 2 commits into from

Conversation

comrumino
Copy link

  1. Fixed Handle renaming saved searches #286 by forcing new a saved search resource if the name changes — copy & delete search as expected by user, but update would copy without deletion.
  2. Fixed Saved search cannot be deleted #181 by introducing support for updating search queries and documenting the need for the lifecycle create_before_destroy to be true.

Description

Usability improvements around updating saved search name and updating the the underlying query.

Motivation and Context

The provider doesn't behave as expected.

How Has This Been Tested?

Used the script and module below to test various state changes.

#!/usr/bin/env zsh
outpath="$PWD/test-286.out"
mkdir -pv "$outpath" || exit 1
find "$outpath" -type f -exec rm {} \;
export TF_LOG=INFO

pushd "$HOME/repo/terraform-provider-prismacloud"
goreleaser build --clean --single-target --snapshot || exit 1
find dist -name 'terraform-provider-prismacloud_v1.5.5*' -execdir mv -f {} "$HOME/.terraform.d/plugins/terraform.local/comrumino/prismacloud/1.5.5/darwin_arm64/terraform-provider-prismacloud_v1.5.5" \;
popd
rm -rf "$PWD/.terraform/providers/terraform.local" "$PWD/.terraform.lock.hcl"
terraform init

function apply_with_name() {
    local name="$1"
    local query="$2"
    printf '{"saved_search_name":"%s","query":"%s"}' "$name" "$query" | jq -r . > "$PWD/terraform.tfvars.json"
    terraform graph -draw-cycles -type=plan | dot -Tpng > "$outpath/$name-graph.png"
    TF_LOG_PATH="$outpath/$name-apply-tf.log" terraform apply -var saved_search_name="$name" -auto-approve &>> "$outpath/stdout-$name-apply-tf.log"
}
apply_with_name "prototype" "config from cloud.resource where api.name = 'aws-guardduty-detector' AND json.rule = status equals \\\"ENABLED\\\""
apply_with_name "prototype" "config from cloud.resource where api.name = 'aws-guardduty-detector' AND json.rule = status equals \\\"DISABLED\\\""
apply_with_name "prototype2" "config from cloud.resource where api.name = 'aws-guardduty-detector' AND json.rule = status equals \\\"DISABLED\\\""
TF_LOG_PATH="$outpath/destroy-tf.log" terraform destroy -auto-approve &> "$outpath/stdout-destroy-tf.log"
printf '\n\nLogged to %s\n' "$outpath"


variable "saved_search_name" {
  type = string
}
variable "query" {
  type = string
}
locals { 
  search_query_name = "prototype"
}
data "aws_secretsmanager_secret" "redlock" {
  name = "redlock"
}
data "aws_secretsmanager_secret_version" "redlock" {
  secret_id = data.aws_secretsmanager_secret.redlock.id
}
locals {
  redlock = nonsensitive(jsondecode(data.aws_secretsmanager_secret_version.redlock.secret_string))
}

provider "prismacloud" {
  url      = substr(local.redlock["rest_api_url"], 8, -1)
  username = local.redlock["user"]
  password = local.redlock["password"]
  protocol = "https"
  logging = {
    action  = true
    path    = true
    send    = true
    receive = true
  }
  timeout = 300
}

resource "prismacloud_rql_search" "prototype" {
  search_type = "config"
  query       = var.query
  limit       = -1
  skip_result = true
  time_range {
    relative {
      unit   = "hour"
      amount = 24
    }
  }
}

resource "prismacloud_saved_search" "prototype" {
  name        = var.saved_search_name
  description = "prototype"
  search_id   = prismacloud_rql_search.prototype.search_id
  query       = prismacloud_rql_search.prototype.query
  cloud_type  = "aws"
  time_range {
    relative {
      unit   = prismacloud_rql_search.prototype.time_range[0].relative[0].unit
      amount = prismacloud_rql_search.prototype.time_range[0].relative[0].amount
    }
  }
  lifecycle {
    create_before_destroy = true
  }
}

resource "prismacloud_policy" "prototype" {
  count          = 1
  name           = local.search_query_name
  policy_type    = "config"
  description    = "prototype desc"
  severity       = "high"
  recommendation = "prototype recommendation"
  cloud_type     = "aws"
  enabled        = false
  rule {
    name = local.search_query_name
    parameters = {
      savedSearch = true
      withIac     = false
    }
    rule_type = "Config"
    criteria  = prismacloud_saved_search.prototype.id
  }
}

Types of changes

  • Bug fix (non-breaking change which fixes an issue)

Checklist

  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes if appropriate.
  • All new and existing tests passed.

James Stronz added 2 commits March 31, 2024 21:55
Fixed PaloAltoNetworks#286 by forcing new a saved search resource if …
10f70ab 
…the name changes — copy & delete search as expected by user, but update would copy without deletion. Fixed PaloAltoNetworks#181 by introducing support for updating search queries and documenting the need for the lifecycle create_before_destroy to be true.
Ran gofmt of prismacloud/
ffbf838
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AnushreeHS AnushreeHS Awaiting requested review from AnushreeHS

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Handle renaming saved searches Saved search cannot be deleted
1 participant
@comrumino