Merge pull request #100 from jfrog/GH-95-report-filters

GH-95 fix nil error for xray_violations_report

CHANGELOG.md

@@ -1,3 +1,11 @@
+## 1.9.8 (January 19, 2023). Tested on Artifactory 7.49.5 and Xray 3.65.2
+
+BUG FIXES:
+
+* resource/xray_violations_report: fixed an issue, when the provider crashed if the `security_filters` attribute wasn't set.
+  Issue [#95](https://github.com/jfrog/terraform-provider-xray/issues/95)
+  PR [#100](https://github.com/jfrog/terraform-provider-xray/pull/100)
+
 ## 1.9.7 (January 18, 2023). Tested on Artifactory 7.49.5 and Xray 3.65.2
 
 BUG FIXES:

docs/resources/licenses_report.md

@@ -1,7 +1,7 @@
 ---
 # generated by https://github.com/hashicorp/terraform-plugin-docs
 page_title: "xray_licenses_report Resource - terraform-provider-xray"
-subcategory: ""
+subcategory: "Reports"
 description: |-
   Creates Xray License Due Diligence report. The License Due Diligence report provides you with a list of components and artifacts and their relevant licenses. This enables you to review and verify that the components and artifacts comply with the license requirements. This report provides due diligence license related information on each component for a selected scope. Due diligence license information includes information such as unknown licenses and unrecognized licenses found in your components.
 ---

docs/resources/operational_risk_policy.md

@@ -1,7 +1,7 @@
 ---
 # generated by https://github.com/hashicorp/terraform-plugin-docs
 page_title: "xray_operational_risk_policy Resource - terraform-provider-xray"
-subcategory: ""
+subcategory: "Policies"
 description: |-
   Creates an Xray policy using V2 of the underlying APIs. Please note: It's only compatible with Bearer token auth method (Identity and Access => Access Tokens)
 ---

docs/resources/operational_risks_report.md

@@ -1,7 +1,7 @@
 ---
 # generated by https://github.com/hashicorp/terraform-plugin-docs
 page_title: "xray_operational_risks_report Resource - terraform-provider-xray"
-subcategory: ""
+subcategory: "Reports"
 description: |-
   Creates Xray Operational Risks report. The Operational Risk report provides you with additional data on OSS components that will help you gain insights into the risk level of the components in use, such as; EOL, Version Age, Number of New Versions, and so on.  For more information, see Components Operational Risk https://www.jfrog.com/confluence/display/JFROG/Components+Operational+Risk
 ---

docs/resources/violations_report.md

@@ -1,7 +1,7 @@
 ---
 # generated by https://github.com/hashicorp/terraform-plugin-docs
 page_title: "xray_violations_report Resource - terraform-provider-xray"
-subcategory: ""
+subcategory: "Reports"
 description: |-
   Creates Xray Violations report. The Violations report provides you with information on security and license violations for each component in the selected scope. Violations information includes information such as type of violation, impacted artifacts, and severity.
 ---

docs/resources/vulnerabilities_report.md

@@ -1,7 +1,7 @@
 ---
 # generated by https://github.com/hashicorp/terraform-plugin-docs
 page_title: "xray_vulnerabilities_report Resource - terraform-provider-xray"
-subcategory: ""
+subcategory: "Reports"
 description: |-
   Creates Xray Vulnerabilities report. The Vulnerabilities report provides information about vulnerabilities in your artifacts, builds, and release bundles. In addition to the information provided in the JFrog Platform on each of these entities, the report gives you a wider range of information such as vulnerabilities in multiple repositories, builds and release bundles. Criteria such as vulnerable component, CVE, cvss score, and severity are available in the report.
 ---

pkg/xray/reports.go

@@ -525,15 +525,15 @@ func unpackViolationsFilters(filter *schema.Set) *Filters {
 		filters.PolicyNames = util.CastToStringArr(m["policy_names"].(*schema.Set).List())
 		filters.Severities = util.CastToStringArr(m["severities"].(*schema.Set).List())
 
-		if m["updated"] != nil {
+		if m["updated"].(*schema.Set).Len() > 0 {
 			filters.Updated = unpackStartAndEndDate(m["updated"].(*schema.Set))
 		}
 
-		if m["security_filters"] != nil {
+		if m["security_filters"].(*schema.Set).Len() > 0 {
 			filters.SecurityFilters = unpackViolationsSecurityFilters(m["security_filters"].(*schema.Set))
 		}
 
-		if m["license_filters"] != nil {
+		if m["license_filters"].(*schema.Set).Len() > 0 {
 			filters.LicenseFilters = unpackViolationsLicensesFilters(m["license_filters"].(*schema.Set))
 		}
 

pkg/xray/resource_xray_report_test.go

@@ -41,33 +41,106 @@ var opRisksFilterFields = map[string]interface{}{
 	},
 }
 
-var violationsFilterFields = map[string]interface{}{
-	"filters": map[string]interface{}{
-		"type":         "security",
-		"watch_names":  []interface{}{"NameOfWatch1", "NameOfWatch2"}, // Conflicts with 'watch_patterns'
-		"component":    "*vulnerable:component*",
-		"artifact":     "some://impacted*artifact",
-		"policy_names": []interface{}{"policy1", "policy2"},
-		"severities":   []interface{}{"High", "Medium"},
-		"updated": map[string]interface{}{
-			"start": "2020-06-29T12:22:16Z",
-			"end":   "2020-07-29T12:22:16Z",
+var violationsFilterFields = []map[string]interface{}{
+	{
+		"filters": map[string]interface{}{
+			"type":         "security",
+			"watch_names":  []interface{}{"NameOfWatch1", "NameOfWatch2"}, // Conflicts with 'watch_patterns'
+			"component":    "*vulnerable:component*",
+			"artifact":     "some://impacted*artifact",
+			"policy_names": []interface{}{"policy1", "policy2"},
+			"severities":   []interface{}{"High", "Medium"},
+			"updated": map[string]interface{}{
+				"start": "2020-06-29T12:22:16Z",
+				"end":   "2020-07-29T12:22:16Z",
+			},
+			"security_filters": map[string]interface{}{
+				"issue_id": "XRAY-87343",
+				"cvss_score": map[string]interface{}{ // Conflicts with 'cve'
+					"min_score": 6.3,
+					"max_score": 9,
+				},
+				"summary_contains": "kernel",
+				"has_remediation":  true,
+			},
+			"license_filters": map[string]interface{}{
+				"unknown":       false,
+				"unrecognized":  true,
+				"license_names": []interface{}{"Apache", "MIT"}, // conflicts with license_patterns
+			},
 		},
-		"security_filters": map[string]interface{}{
-			//"cve":      "CVE-2020-10693",
-			"issue_id": "XRAY-87343",
-			"cvss_score": map[string]interface{}{ // Conflicts with 'cve'
-				"min_score": 6.3,
-				"max_score": 9,
+	},
+	{
+		"filters": map[string]interface{}{
+			"type":         "security",
+			"watch_names":  []interface{}{"NameOfWatch1", "NameOfWatch2"}, // Conflicts with 'watch_patterns'
+			"component":    "*vulnerable:component*",
+			"artifact":     "some://impacted*artifact",
+			"policy_names": []interface{}{"policy1", "policy2"},
+			"severities":   []interface{}{"High", "Medium"},
+			"security_filters": map[string]interface{}{
+				"cve":              "CVE-2020-10693",
+				"issue_id":         "XRAY-87343",
+				"summary_contains": "kernel",
+				"has_remediation":  true,
+			},
+			"license_filters": map[string]interface{}{
+				"unknown":          false,
+				"unrecognized":     true,
+				"license_patterns": []interface{}{"*Apache*", "The Apache*"},
+			},
+		},
+	},
+	{
+		"filters": map[string]interface{}{
+			"type":         "security",
+			"watch_names":  []interface{}{"NameOfWatch1", "NameOfWatch2"}, // Conflicts with 'watch_patterns'
+			"component":    "*vulnerable:component*",
+			"artifact":     "some://impacted*artifact",
+			"policy_names": []interface{}{"policy1", "policy2"},
+			"severities":   []interface{}{"High", "Medium"},
+			"updated": map[string]interface{}{
+				"start": "2020-06-29T12:22:16Z",
+				"end":   "2020-07-29T12:22:16Z",
+			},
+			"license_filters": map[string]interface{}{
+				"unknown":       false,
+				"unrecognized":  true,
+				"license_names": []interface{}{"Apache", "MIT"}, // conflicts with license_patterns
 			},
-			"summary_contains": "kernel",
-			"has_remediation":  true,
 		},
-		"license_filters": map[string]interface{}{
-			"unknown":       false,
-			"unrecognized":  true,
-			"license_names": []interface{}{"Apache", "MIT"}, // conflicts with license_patterns
-			//"license_patterns": []interface{}{"*Apache*", "The Apache*"},
+	},
+	{
+		"filters": map[string]interface{}{
+			"type":         "security",
+			"watch_names":  []interface{}{"NameOfWatch1", "NameOfWatch2"}, // Conflicts with 'watch_patterns'
+			"component":    "*vulnerable:component*",
+			"artifact":     "some://impacted*artifact",
+			"policy_names": []interface{}{"policy1", "policy2"},
+			"severities":   []interface{}{"High", "Medium"},
+			"updated": map[string]interface{}{
+				"start": "2020-06-29T12:22:16Z",
+				"end":   "2020-07-29T12:22:16Z",
+			},
+			"security_filters": map[string]interface{}{
+				"issue_id": "XRAY-87343",
+				"cvss_score": map[string]interface{}{ // Conflicts with 'cve'
+					"min_score": 6.3,
+					"max_score": 9,
+				},
+				"summary_contains": "kernel",
+				"has_remediation":  true,
+			},
+		},
+	},
+	{
+		"filters": map[string]interface{}{
+			"type":         "security",
+			"watch_names":  []interface{}{"NameOfWatch1", "NameOfWatch2"}, // Conflicts with 'watch_patterns'
+			"component":    "*vulnerable:component*",
+			"artifact":     "some://impacted*artifact",
+			"policy_names": []interface{}{"policy1", "policy2"},
+			"severities":   []interface{}{"High", "Medium"},
 		},
 	},
 }
@@ -233,7 +306,20 @@ func TestAccViolationsReport(t *testing.T) {
 		resourceNameInReport := reportResource["name"].(string)
 		title := cases.Title(language.AmericanEnglish).String(strings.ToLower(resourceNameInReport))
 		t.Run(title, func(t *testing.T) {
-			resource.Test(mkFilterTestCase(t, reportResource, violationsFilterFields, terraformReportName,
+			resource.Test(mkFilterTestCase(t, reportResource, violationsFilterFields[0], terraformReportName,
+				terraformResourceName))
+		})
+	}
+}
+
+func TestAccViolationsReportFilters(t *testing.T) {
+	terraformReportName := "terraform-violations-report"
+	terraformResourceName := "xray_violations_report"
+
+	for _, violationsFilter := range violationsFilterFields {
+		title := cases.Title(language.AmericanEnglish).String(strings.ToLower("various_violations_filters"))
+		t.Run(title, func(t *testing.T) {
+			resource.Test(mkFilterTestCase(t, resourcesList[0], violationsFilter, terraformReportName,
 				terraformResourceName))
 		})
 	}