Fix cloud configuration policy tests (#1643)

api-clients-generation-pipeline[bot] · ci.datadog-api-spec · web-flow · commit 392de360e7de · 2023-09-01T14:42:04.000Z
Co-authored-by: ci.datadog-api-spec &lt;packages@datadoghq.com&gt;
diff --git a/.apigentools-info b/.apigentools-info
@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.5",
-            "regenerated": "2023-08-31 17:22:19.431247",
-            "spec_repo_commit": "87d036cf"
+            "regenerated": "2023-09-01 14:18:43.853436",
+            "spec_repo_commit": "fd65b2e4"
         },
         "v2": {
             "apigentools_version": "1.6.5",
-            "regenerated": "2023-08-31 17:22:19.446692",
-            "spec_repo_commit": "87d036cf"
+            "regenerated": "2023-09-01 14:18:43.873695",
+            "spec_repo_commit": "fd65b2e4"
         }
     }
 }
diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1092490364.py b/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1092490364.py
@@ -36,7 +36,7 @@
             resource_type="gcp_compute_disk",
             complex_rule=False,
             rego_rule=CloudConfigurationRegoRule(
-                policy="package datadog\n",
+                policy='package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = "skip" if {\n\tiam_service_account_key.disabled\n} else = "pass" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = "fail"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n',
                 resource_types=[
                     "gcp_compute_disk",
                 ],
diff --git a/examples/v2/security-monitoring/UpdateSecurityMonitoringRule_428087276.py b/examples/v2/security-monitoring/UpdateSecurityMonitoringRule_428087276.py
@@ -33,7 +33,7 @@
         compliance_rule_options=CloudConfigurationComplianceRuleOptions(
             resource_type="gcp_compute_disk",
             rego_rule=CloudConfigurationRegoRule(
-                policy="package datadog\n",
+                policy='package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = "skip" if {\n\tiam_service_account_key.disabled\n} else = "pass" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = "fail"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n',
                 resource_types=[
                     "gcp_compute_disk",
                 ],
diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_cloud_configuration_rule_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_cloud_configuration_rule_returns_ok_response.frozen
@@ -1 +1 @@
-2023-07-20T12:27:33.661Z
+2023-08-31T11:51:28.995Z
diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_cloud_configuration_rule_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_cloud_configuration_rule_returns_ok_response.yaml
@@ -1,7 +1,14 @@
 interactions:
 - request:
-    body: '{"cases":[{"notifications":["channel"],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"filters":[{"action":"require","query":"resource_id:helo*"},{"action":"suppress","query":"control:helo*"}],"isEnabled":false,"message":"ddd","name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1689856053_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package
-      datadog\n","resourceTypes":["gcp_compute_disk"]},"resourceType":"gcp_compute_disk"}},"tags":["my:tag"],"type":"cloud_configuration"}'
+    body: '{"cases":[{"notifications":["channel"],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"filters":[{"action":"require","query":"resource_id:helo*"},{"action":"suppress","query":"control:helo*"}],"isEnabled":false,"message":"ddd","name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1693482688_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package
+      datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport
+      future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000
+      * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n}
+      else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day)
+      - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n}
+      else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains
+      result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult
+      := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk"]},"resourceType":"gcp_compute_disk"}},"tags":["my:tag"],"type":"cloud_configuration"}'
     headers:
       accept:
       - application/json
@@ -11,9 +18,16 @@ interactions:
     uri: https://api.datadoghq.com/api/v2/security_monitoring/rules
   response:
     body:
-      string: '{"id":"rmr-xkf-scr","version":1,"name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1689856053_cloud","createdAt":1689856054469,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package
-        datadog\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@account_id"]},"cases":[{"condition":"a
-        > 0","name":"","status":"info","notifications":["channel"]}],"message":"ddd","tags":["my:tag"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"require","query":"resource_id:helo*"},{"action":"suppress","query":"control:helo*"}]}
+      string: '{"id":"m0o-cza-uq9","version":1,"name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1693482688_cloud","createdAt":1693482689435,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package
+        datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport
+        future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day :=
+        ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n}
+        else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day)
+        - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n}
+        else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains
+        result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult
+        := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@account_id"]},"cases":[{"name":"","status":"info","notifications":["channel"],"condition":"a
+        > 0"}],"message":"ddd","tags":["my:tag"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"require","query":"resource_id:helo*"},{"action":"suppress","query":"control:helo*"}]}
 
         '
     headers:
@@ -28,7 +42,7 @@ interactions:
       accept:
       - '*/*'
     method: DELETE
-    uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/rmr-xkf-scr
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/m0o-cza-uq9
   response:
     body:
       string: ''
diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_cloud_configuration_rules_details_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_a_cloud_configuration_rules_details_returns_ok_response.frozen
@@ -1 +1 @@
-2022-12-16T18:53:54.585Z
+2023-08-31T11:58:27.575Z
diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_cloud_configuration_rules_details_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_a_cloud_configuration_rules_details_returns_ok_response.yaml
@@ -1,8 +1,15 @@
 interactions:
 - request:
     body: '{"cases":[{"notifications":["channel"],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"isEnabled":false,"message":"Cloud
-      configuration rule","name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1671216834_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package
-      datadog\n","resourceTypes":["gcp_compute_disk"]},"resourceType":"gcp_compute_disk"}},"tags":["a:tag"],"type":"cloud_configuration"}'
+      configuration rule","name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1693483107_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package
+      datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport
+      future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000
+      * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n}
+      else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day)
+      - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n}
+      else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains
+      result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult
+      := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk"]},"resourceType":"gcp_compute_disk"}},"tags":["a:tag"],"type":"cloud_configuration"}'
     headers:
       accept:
       - application/json
@@ -12,10 +19,16 @@ interactions:
     uri: https://api.datadoghq.com/api/v2/security_monitoring/rules
   response:
     body:
-      string: '{"creationAuthorId":1445416,"tags":["a:tag"],"type":"cloud_configuration","isEnabled":false,"hasExtendedTitle":true,"message":"Cloud
-        configuration rule","options":{"detectionMethod":"threshold","evaluationWindow":7200,"maxSignalDuration":86400,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package
-        datadog\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false},"keepAlive":21600},"version":1,"createdAt":1671216834810,"filters":[],"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"aggregation":"count","name":"a","distinctFields":[]}],"isDeleted":false,"complianceSignalOptions":{"defaultActivationStatus":null,"userActivationStatus":true,"defaultGroupByFields":null,"userGroupByFields":["@account_id"]},"cases":[{"status":"info","notifications":["channel"],"name":"","condition":"a
-        > 0"}],"id":"bwb-onz-qhs","isDefault":false,"name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1671216834_cloud"}
+      string: '{"id":"ijx-ftp-oew","version":1,"name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1693483107_cloud","createdAt":1693483108023,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package
+        datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport
+        future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day :=
+        ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n}
+        else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day)
+        - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n}
+        else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains
+        result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult
+        := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@account_id"]},"cases":[{"name":"","status":"info","notifications":["channel"],"condition":"a
+        > 0"}],"message":"Cloud configuration rule","tags":["a:tag"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]}
 
         '
     headers:
@@ -30,13 +43,19 @@ interactions:
       accept:
       - application/json
     method: GET
-    uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/bwb-onz-qhs
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/ijx-ftp-oew
   response:
     body:
-      string: '{"creationAuthorId":1445416,"tags":["a:tag"],"type":"cloud_configuration","isEnabled":false,"hasExtendedTitle":true,"message":"Cloud
-        configuration rule","options":{"detectionMethod":"threshold","evaluationWindow":7200,"maxSignalDuration":86400,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package
-        datadog\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false},"keepAlive":21600},"version":1,"createdAt":1671216834810,"filters":[],"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"aggregation":"count","name":"a","distinctFields":[]}],"isDeleted":false,"complianceSignalOptions":{"defaultActivationStatus":null,"userActivationStatus":true,"defaultGroupByFields":null,"userGroupByFields":["@account_id"]},"cases":[{"status":"info","notifications":["channel"],"name":"","condition":"a
-        > 0"}],"id":"bwb-onz-qhs","isDefault":false,"name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1671216834_cloud"}
+      string: '{"id":"ijx-ftp-oew","version":1,"name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1693483107_cloud","createdAt":1693483108023,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package
+        datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport
+        future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day :=
+        ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n}
+        else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day)
+        - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n}
+        else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains
+        result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult
+        := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@account_id"]},"cases":[{"name":"","status":"info","notifications":["channel"],"condition":"a
+        > 0"}],"message":"Cloud configuration rule","tags":["a:tag"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]}
 
         '
     headers:
@@ -51,7 +70,7 @@ interactions:
       accept:
       - '*/*'
     method: DELETE
-    uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/bwb-onz-qhs
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/ijx-ftp-oew
   response:
     body:
       string: ''
diff --git a/tests/v2/cassettes/test_scenarios/test_update_a_cloud_configuration_rules_details_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_update_a_cloud_configuration_rules_details_returns_ok_response.frozen
@@ -1 +1 @@
-2022-12-16T18:53:55.424Z
+2023-08-31T11:58:05.605Z
diff --git a/tests/v2/cassettes/test_scenarios/test_update_a_cloud_configuration_rules_details_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_update_a_cloud_configuration_rules_details_returns_ok_response.yaml
diff --git a/tests/v2/features/given.json b/tests/v2/features/given.json
diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature

Original file line number	Diff line number	Diff line change
`@@ -4,13 +4,13 @@`
`4`	`4`	`"spec_versions": {`
`5`	`5`	`"v1": {`
`6`	`6`	`"apigentools_version": "1.6.5",`
`7`		`- "regenerated": "2023-08-31 17:22:19.431247",`
`8`		`- "spec_repo_commit": "87d036cf"`
	`7`	`+ "regenerated": "2023-09-01 14:18:43.853436",`
	`8`	`+ "spec_repo_commit": "fd65b2e4"`
`9`	`9`	`},`
`10`	`10`	`"v2": {`
`11`	`11`	`"apigentools_version": "1.6.5",`
`12`		`- "regenerated": "2023-08-31 17:22:19.446692",`
`13`		`- "spec_repo_commit": "87d036cf"`
	`12`	`+ "regenerated": "2023-09-01 14:18:43.873695",`
	`13`	`+ "spec_repo_commit": "fd65b2e4"`
`14`	`14`	`}`
`15`	`15`	`}`
`16`	`16`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-2023-07-20T12:27:33.661Z`
	`1`	`+2023-08-31T11:51:28.995Z`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-2022-12-16T18:53:54.585Z`
	`1`	`+2023-08-31T11:58:27.575Z`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-2022-12-16T18:53:55.424Z`
	`1`	`+2023-08-31T11:58:05.605Z`