Skip to content

Add security list resource #1489

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
Nov 27, 2025
Merged

Add security list resource #1489

merged 14 commits into from
Nov 27, 2025

Conversation

@nick-benoit
Copy link
Contributor

@nick-benoit nick-benoit commented Nov 25, 2025
edited
Loading

Adds Security List resource Docs.

This is supporting work for Security Exceptions.

On it's own this resource is not tremendously useful, but will quickly be followed by PRs for the following:

@nick-benoit nick-benoit force-pushed the add_security_lists branch 2 times, most recently from 560756c to ac6107a Compare November 25, 2025 22:19
@nick-benoit nick-benoit requested a review from Copilot November 25, 2025 22:36

This comment was marked as resolved.

Sign in to view

@nick-benoit nick-benoit marked this pull request as ready for review November 25, 2025 22:44
@nick-benoit nick-benoit requested a review from Copilot November 25, 2025 22:44

This comment was marked as resolved.

Sign in to view

@elastic elastic deleted a comment from Copilot AI Nov 25, 2025
@elastic elastic deleted a comment from Copilot AI Nov 25, 2025
nick-benoit
nick-benoit commented Nov 25, 2025
View reviewed changes
@nick-benoit nick-benoit requested a review from Copilot November 25, 2025 23:27

This comment was marked as resolved.

Sign in to view

@nick-benoit
Copy link
Contributor Author

nick-benoit commented Nov 25, 2025

@copilot Implement the above suggestions

Copilot AI mentioned this pull request Nov 25, 2025
Closed
Copy link
Contributor

Copilot AI commented Nov 25, 2025

@nick-benoit I've opened a new pull request, #1490, to work on those changes. Once the pull request is ready, I'll request review from you.

@elastic elastic deleted a comment from Copilot AI Nov 26, 2025
@elastic elastic deleted a comment from Copilot AI Nov 26, 2025
nick-benoit
nick-benoit commented Nov 26, 2025
View reviewed changes
CODING_STANDARDS.md
- Prefer using existing util functions over longer form, duplicated code:
- `utils.IsKnown(val)` instead of `!val.IsNull() && !val.IsUnknown()`
- `utils.ListTypeAs` instead of `val.ElementsAs` or similar for other collection types
- The final state for a resource should be derived from a read request following a mutative request (eg create or update). We should not use the response from a mutative request to build the final resource state.
Copy link
Contributor Author

@nick-benoit nick-benoit Nov 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot kept suggesting that I use the create / update response instead of doing a secondary read. Adding this seems to help with that.

@nick-benoit nick-benoit requested a review from tobio November 26, 2025 00:56
@tobio tobio requested a review from Copilot November 26, 2025 20:49
Copilot AI reviewed Nov 26, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 22 out of 24 changed files in this pull request and generated 3 comments.

@nick-benoit nick-benoit mentioned this pull request Nov 26, 2025
Merged
tobio
tobio reviewed Nov 26, 2025
View reviewed changes
internal/clients/kibana_oapi/security_lists.go

switch resp.StatusCode() {
case http.StatusOK:
return resp, nil
Copy link
Member

@tobio tobio Nov 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
return resp, nil
return resp.JSON200, nil

Does it make sense to return the parsed response models from these helpers?

Copy link
Contributor Author

@nick-benoit nick-benoit Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it does. I may opt to do that refactor in the list item PR though for the sake of easily pulling these changes into that dependent PR.

internal/kibana/security_list/models.go Outdated
Comment on lines 126 to 130
if apiList.UnderscoreVersion != nil {
m.VersionID = types.StringValue(string(*apiList.UnderscoreVersion))
} else {
m.VersionID = types.StringNull()
}
Copy link
Member

@tobio tobio Nov 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have this pattern a lot where the API returns a custom string type and so we can't use types.StringPointerValue.

Want to create a new typesutil package with something like:

func StringishPointerValue[T ~string](ptr *T) types.String {
	if ptr == nil {
		return types.StringNull()
	}
	return types.StringValue(string(*ptr))
}

so this code can just be

Suggested change
if apiList.UnderscoreVersion != nil {
m.VersionID = types.StringValue(string(*apiList.UnderscoreVersion))
} else {
m.VersionID = types.StringNull()
}
m.VersionID = typesutil.StringishPointerValue(apiList.UnderscoreVersion)

Copy link
Contributor Author

@nick-benoit nick-benoit Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seemed like these utilities fit pretty well into the existing utils/utils.go file. Happy to add a dedicated package if you prefer that though.

52c50ba

Copy link
Member

@tobio tobio Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Happy to leave this for a follow up PR. A catch-all utils package is discouraged by the Golang gods, so I was thinking we could start moving these TF type specific helpers to a dedicated typeutils package.

Copy link
Contributor Author

@nick-benoit nick-benoit Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll make a note and add that to the security list item PR 👍

@nick-benoit nick-benoit requested a review from tobio November 27, 2025 01:00
nick-benoit
nick-benoit commented Nov 27, 2025
View reviewed changes
internal/kibana/security_list/read.go
listID := state.ListID.ValueString()

// Try to parse as composite ID from state.ID
if compId, diags := clients.CompositeIdFromStrFw(state.ID.ValueString()); !diags.HasError() {
Copy link
Contributor Author

@nick-benoit nick-benoit Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tobio FYI I realized while adding an import test that we were not using the internal composite ID properly. I just pushed that up in this commit: 20b443d

tobio
tobio reviewed Nov 27, 2025
View reviewed changes
Copy link
Member

@tobio tobio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One last change

internal/kibana/security_list/models.go Outdated
Comment on lines 142 to 146
if apiList.Deserializer != nil {
m.Deserializer = utils.StringishPointerValue(apiList.Deserializer)
} else {
m.Deserializer = types.StringNull()
}
Copy link
Member

@tobio tobio Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't need the if/else for these with this new helper

Suggested change
if apiList.Deserializer != nil {
m.Deserializer = utils.StringishPointerValue(apiList.Deserializer)
} else {
m.Deserializer = types.StringNull()
}
m.Deserializer = utils.StringishPointerValue(apiList.Deserializer)

Copy link
Contributor Author

@nick-benoit nick-benoit Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ahh good call: 1907787

@nick-benoit nick-benoit requested a review from tobio November 27, 2025 17:08
tobio
tobio approved these changes Nov 27, 2025
View reviewed changes
Copy link
Member

@tobio tobio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉

@nick-benoit nick-benoit merged commit 0570ebd into main Nov 27, 2025
54 checks passed
@nick-benoit nick-benoit deleted the add_security_lists branch November 27, 2025 20:38
@tobio tobio mentioned this pull request Nov 28, 2025
Draft
tobio added a commit that referenced this pull request Nov 28, 2025
@tobio
Merge remote-tracking branch 'origin/main' into copilot/add-default-d…
ff85a43 
…ata-view-resource

* origin/main:
  fix(deps): update module github.com/hashicorp/go-version to v1.8.0 (#1498)
  chore(deps): update kibana-openapi-spec digest to e84e2eb (#1497)
  Add security list resource (#1489)
  Migrate from deprecated Goreleaser config (#1493)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@tobio tobio tobio approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nick-benoit @tobio