Bug Fix - adding fix for cloudguard detector rule condition paramter unmarshalling issue

Terraform Team Automation · sagarp337 · commit f8daea2f5e59 · 2023-05-19T15:21:17.000-05:00
diff --git a/internal/integrationtest/cloud_guard_detector_recipe_test.go b/internal/integrationtest/cloud_guard_detector_recipe_test.go
@@ -360,6 +360,86 @@ func TestCloudGuardDetectorRecipeResource_basic(t *testing.T) {
 	})
 }
 
+func TestCloudGuardDetectorRecipeResource_updateOptionalParamsWithoutDestroy(t *testing.T) {
+	httpreplay.SetScenario("TestCloudGuardDetectorRecipeResource_basic")
+	defer httpreplay.SaveScenario()
+
+	config := acctest.ProviderTestConfig()
+
+	compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid")
+	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
+
+	resourceName := "oci_cloud_guard_detector_recipe.test_detector_recipe"
+	var resId string
+	// Save TF content to Create resource with optional properties. This has to be exactly the same as the config part in the "Create with optionals" step in the test.
+	acctest.SaveConfigContent(config+compartmentIdVariableStr+CloudGuardDetectorRecipeResourceDependencies+
+		acctest.GenerateResourceFromRepresentationMap("oci_cloud_guard_detector_recipe", "test_detector_recipe", acctest.Optional, acctest.Create, CloudGuardDetectorRecipeRepresentation), "cloudguard", "detectorRecipe", t)
+
+	acctest.ResourceTest(t, testAccCheckCloudGuardDetectorRecipeDestroy, []resource.TestStep{
+		// verify Create Recipe
+		{
+			Config: config + compartmentIdVariableStr + CloudGuardDetectorRecipeResourceDependencies +
+				acctest.GenerateResourceFromRepresentationMap("oci_cloud_guard_detector_recipe", "test_detector_recipe", acctest.Required, acctest.Create, CloudGuardDetectorRecipeRepresentation),
+			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
+				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
+				resource.TestCheckResourceAttr(resourceName, "display_name", "displayName"),
+				resource.TestCheckResourceAttrSet(resourceName, "source_detector_recipe_id"),
+
+				func(s *terraform.State) (err error) {
+					resId, err = acctest.FromInstanceState(s, resourceName, "id")
+					return err
+				},
+			),
+		},
+		// verify Create with optionals
+		{
+			Config: config + compartmentIdVariableStr + CloudGuardDetectorRecipeResourceDependencies +
+				acctest.GenerateResourceFromRepresentationMap("oci_cloud_guard_detector_recipe", "test_detector_recipe", acctest.Optional, acctest.Create, CloudGuardDetectorRecipeRepresentation),
+			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
+				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
+				resource.TestCheckResourceAttr(resourceName, "description", "description"),
+				resource.TestCheckResourceAttr(resourceName, "detector", "IAAS_CONFIGURATION_DETECTOR"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.#", "1"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.#", "1"),
+				//Just checking it being set, it being a JSON
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.condition", "{\"kind\":\"SIMPLE\",\"parameter\":\"lbCertificateExpiringSoonFilter\",\"value\":\"10\",\"operator\":\"EQUALS\",\"valueType\":\"CUSTOM\"}"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.#", "1"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.0.config_key", "lbCertificateExpiringSoonConfig"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.0.data_type", "int"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.0.name", "Days before expiring"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.0.value", "30"),
+				// Configuration values will be set only if data_type is complex such as multiList
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.0.values.#", "0"),
+				//resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.0.values.0.list_type", "CUSTOM"),
+				//resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.0.values.0.managed_list_type", "RESOURCE_OCID"),
+				//resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.configurations.0.values.0.value", "resourceOcid1"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.is_enabled", "false"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.labels.#", "1"),
+				resource.TestCheckResourceAttr(resourceName, "detector_rules.0.details.0.risk_level", "CRITICAL"),
+				resource.TestCheckResourceAttrSet(resourceName, "detector_rules.0.detector"),
+				resource.TestCheckResourceAttrSet(resourceName, "detector_rules.0.detector_rule_id"),
+				resource.TestCheckResourceAttrSet(resourceName, "detector_rules.0.resource_type"),
+				resource.TestCheckResourceAttrSet(resourceName, "detector_rules.0.service_type"),
+				resource.TestCheckResourceAttr(resourceName, "display_name", "displayName"),
+				resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
+				resource.TestCheckResourceAttrSet(resourceName, "id"),
+				resource.TestCheckResourceAttrSet(resourceName, "owner"),
+				resource.TestCheckResourceAttrSet(resourceName, "source_detector_recipe_id"),
+
+				func(s *terraform.State) (err error) {
+					resId, err = acctest.FromInstanceState(s, resourceName, "id")
+					if isEnableExportCompartment, _ := strconv.ParseBool(utils.GetEnvSettingWithDefault("enable_export_compartment", "true")); isEnableExportCompartment {
+						if errExport := resourcediscovery.TestExportCompartmentWithResourceName(&resId, &compartmentId, resourceName); errExport != nil {
+							return errExport
+						}
+					}
+					return err
+				},
+			),
+		},
+	})
+}
+
 func testAccCheckCloudGuardDetectorRecipeDestroy(s *terraform.State) error {
 	noResourceFound := true
 	client := acctest.TestAccProvider.Meta().(*tf_client.OracleClients).CloudGuardClient()
diff --git a/internal/service/cloud_guard/cloud_guard_detector_recipe_resource.go b/internal/service/cloud_guard/cloud_guard_detector_recipe_resource.go
@@ -6,7 +6,9 @@ package cloud_guard
 import (
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
+	"strings"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 
@@ -1118,12 +1120,13 @@ func (s *CloudGuardDetectorRecipeResourceCrud) mapToUpdateDetectorRuleDetails(fi
 	//Condition Modelling
 	if condition, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "condition")); ok {
 		tmp := condition.(string)
-		var conditionObj oci_cloud_guard.Condition
-		err := json.Unmarshal([]byte(tmp), &conditionObj)
-		if err != nil {
-			return result, err
+		if len(strings.TrimSpace(tmp)) > 0 {
+			var err error
+			result.Condition, err = jsonToCondition(tmp)
+			if err != nil {
+				return result, err
+			}
 		}
-		result.Condition = &conditionObj
 	}
 
 	if configurations, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "configurations")); ok {
@@ -1200,6 +1203,38 @@ func (s *CloudGuardDetectorRecipeResourceCrud) mapToUpdateDetectorRuleDetails(fi
 	return result, nil
 }
 
+func jsonToCondition(data string) (oci_cloud_guard.Condition, error) {
+	var val cloudGuardCondition
+	var err error
+	if err := json.Unmarshal([]byte(data), &val); err == nil {
+		if schemaData, err := UnmarshalPolymorphicConditionJSON(val.Kind, data); err == nil {
+			return schemaData, nil
+		}
+	}
+	return nil, err
+}
+
+type cloudGuardCondition struct {
+	JsonData []byte
+	Kind     string `json:"kind"`
+}
+
+func UnmarshalPolymorphicConditionJSON(kind string, data string) (oci_cloud_guard.Condition, error) {
+	var err error
+	switch kind {
+	case "SIMPLE":
+		mm := oci_cloud_guard.SimpleCondition{}
+		err = json.Unmarshal([]byte(data), &mm)
+		return mm, err
+	case "COMPOSITE":
+		mm := oci_cloud_guard.CompositeCondition{}
+		err = json.Unmarshal([]byte(data), &mm)
+		return mm, err
+	default:
+		return nil, errors.New(fmt.Sprintf("Recieved unsupported enum value for Condition : %s.", kind))
+	}
+}
+
 func (s *CloudGuardDetectorRecipeResourceCrud) updateCompartment(compartment interface{}) error {
 	changeCompartmentRequest := oci_cloud_guard.ChangeDetectorRecipeCompartmentRequest{}
 
