feat(secure-rule, secure-policy) use status code to determine if resource needs to be recreated (#409)

kmvachhani · web-flow · commit 000b507e3699 · 2023-09-08T11:58:32.000-07:00
* use status code to determine if resource needs to be recreated

* refactor response to match other resources

* set id to "" for policy 404's too
diff --git a/sysdig/internal/client/v2/rules.go b/sysdig/internal/client/v2/rules.go
@@ -18,7 +18,7 @@ const (
 type RuleInterface interface {
 	Base
 	CreateRule(ctx context.Context, rule Rule) (Rule, error)
-	GetRuleByID(ctx context.Context, ruleID int) (Rule, error)
+	GetRuleByID(ctx context.Context, ruleID int) (Rule, int, error)
 	UpdateRule(ctx context.Context, rule Rule) (Rule, error)
 	DeleteRule(ctx context.Context, ruleID int) error
 	GetRuleGroup(ctx context.Context, ruleName string, ruleType string) ([]Rule, error)
@@ -43,18 +43,19 @@ func (client *Client) CreateRule(ctx context.Context, rule Rule) (Rule, error) {
 	return Unmarshal[Rule](response.Body)
 }
 
-func (client *Client) GetRuleByID(ctx context.Context, ruleID int) (Rule, error) {
+func (client *Client) GetRuleByID(ctx context.Context, ruleID int) (Rule, int, error) {
 	response, err := client.requester.Request(ctx, http.MethodGet, client.GetRuleByIDURL(ruleID), nil)
 	if err != nil {
-		return Rule{}, err
+		return Rule{}, 0, err
 	}
 	defer response.Body.Close()
 
 	if response.StatusCode != http.StatusOK {
-		return Rule{}, client.ErrorFromResponse(response)
+		return Rule{}, response.StatusCode, client.ErrorFromResponse(response)
 	}
 
-	return Unmarshal[Rule](response.Body)
+	rule, err := Unmarshal[Rule](response.Body)
+	return rule, 0, err
 }
 
 func (client *Client) UpdateRule(ctx context.Context, rule Rule) (Rule, error) {
diff --git a/sysdig/resource_sysdig_secure_custom_policy.go b/sysdig/resource_sysdig_secure_custom_policy.go
@@ -141,8 +141,9 @@ func resourceSysdigCustomPolicyRead(ctx context.Context, d *schema.ResourceData,
 	policy, statusCode, err := client.GetPolicyByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
 		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
 			return diag.FromErr(err)
 		}
 	}
diff --git a/sysdig/resource_sysdig_secure_managed_policy.go b/sysdig/resource_sysdig_secure_managed_policy.go
@@ -112,8 +112,9 @@ func resourceSysdigManagedPolicyRead(ctx context.Context, d *schema.ResourceData
 	policy, statusCode, err := client.GetPolicyByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
 		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
 			return diag.FromErr(err)
 		}
 	}
@@ -134,8 +135,9 @@ func resourceSysdigManagedPolicyDelete(ctx context.Context, d *schema.ResourceDa
 	// Reset everything back to default values for managed policy
 	policy, statusCode, err := client.GetPolicyByID(ctx, id)
 	if err != nil {
-		d.SetId("")
 		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
 			return diag.FromErr(err)
 		}
 	}
@@ -169,8 +171,9 @@ func resourceSysdigManagedPolicyUpdate(ctx context.Context, d *schema.ResourceDa
 	policy, statusCode, err := client.GetPolicyByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
 		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
 			return diag.FromErr(err)
 		}
 	}
diff --git a/sysdig/resource_sysdig_secure_managed_ruleset.go b/sysdig/resource_sysdig_secure_managed_ruleset.go
@@ -149,8 +149,9 @@ func resourceSysdigManagedRulesetRead(ctx context.Context, d *schema.ResourceDat
 	policy, statusCode, err := client.GetPolicyByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
 		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
 			return diag.FromErr(err)
 		}
 	}
@@ -187,8 +188,9 @@ func resourceSysdigManagedRulesetUpdate(ctx context.Context, d *schema.ResourceD
 	policy, statusCode, err := client.GetPolicyByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
 		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
 			return diag.FromErr(err)
 		}
 	}
diff --git a/sysdig/resource_sysdig_secure_policy.go b/sysdig/resource_sysdig_secure_policy.go
@@ -291,8 +291,9 @@ func resourceSysdigPolicyRead(ctx context.Context, d *schema.ResourceData, meta
 	policy, statusCode, err := client.GetPolicyByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
 		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
 			return diag.FromErr(err)
 		}
 	}
diff --git a/sysdig/resource_sysdig_secure_rule_container.go b/sysdig/resource_sysdig_secure_rule_container.go
@@ -2,6 +2,7 @@ package sysdig
 
 import (
 	"context"
+	"net/http"
 	"strconv"
 	"time"
 
@@ -79,10 +80,14 @@ func resourceSysdigRuleContainerRead(ctx context.Context, d *schema.ResourceData
 		return diag.FromErr(err)
 	}
 
-	rule, err := client.GetRuleByID(ctx, id)
+	rule, statusCode, err := client.GetRuleByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
+		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
+			return diag.FromErr(err)
+		}
 	}
 
 	if rule.Details.Containers == nil {
diff --git a/sysdig/resource_sysdig_secure_rule_falco.go b/sysdig/resource_sysdig_secure_rule_falco.go
@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"net/http"
 	"strconv"
 	"strings"
 	"time"
@@ -133,9 +134,13 @@ func resourceSysdigRuleFalcoRead(ctx context.Context, d *schema.ResourceData, me
 		return diag.FromErr(err)
 	}
 
-	rule, err := client.GetRuleByID(ctx, id)
+	rule, statusCode, err := client.GetRuleByID(ctx, id)
 	if err != nil {
-		d.SetId("")
+		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
+			return diag.FromErr(err)
+		}
 	}
 
 	if rule.Details.Append != nil && !(*(rule.Details.Append)) {
diff --git a/sysdig/resource_sysdig_secure_rule_filesystem.go b/sysdig/resource_sysdig_secure_rule_filesystem.go
@@ -2,6 +2,7 @@ package sysdig
 
 import (
 	"context"
+	"net/http"
 	"strconv"
 	"time"
 
@@ -110,9 +111,13 @@ func resourceSysdigRuleFilesystemRead(ctx context.Context, d *schema.ResourceDat
 		return diag.FromErr(err)
 	}
 
-	rule, err := client.GetRuleByID(ctx, id)
+	rule, statusCode, err := client.GetRuleByID(ctx, id)
 	if err != nil {
-		d.SetId("")
+		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
+			return diag.FromErr(err)
+		}
 	}
 
 	updateResourceDataForRule(d, rule)
diff --git a/sysdig/resource_sysdig_secure_rule_network.go b/sysdig/resource_sysdig_secure_rule_network.go
@@ -2,6 +2,7 @@ package sysdig
 
 import (
 	"context"
+	"net/http"
 	"strconv"
 	"time"
 
@@ -118,10 +119,14 @@ func resourceSysdigRuleNetworkRead(ctx context.Context, d *schema.ResourceData,
 		return diag.FromErr(err)
 	}
 
-	rule, err := client.GetRuleByID(ctx, id)
+	rule, statusCode, err := client.GetRuleByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
+		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
+			return diag.FromErr(err)
+		}
 	}
 	updateResourceDataForRule(d, rule)
 
diff --git a/sysdig/resource_sysdig_secure_rule_process.go b/sysdig/resource_sysdig_secure_rule_process.go
@@ -2,6 +2,7 @@ package sysdig
 
 import (
 	"context"
+	"net/http"
 	"strconv"
 	"time"
 
@@ -79,10 +80,14 @@ func resourceSysdigRuleProcessRead(ctx context.Context, d *schema.ResourceData,
 		return diag.FromErr(err)
 	}
 
-	rule, err := client.GetRuleByID(ctx, id)
+	rule, statusCode, err := client.GetRuleByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
+		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
+			return diag.FromErr(err)
+		}
 	}
 
 	if rule.Details.Processes == nil {
diff --git a/sysdig/resource_sysdig_secure_rule_syscall.go b/sysdig/resource_sysdig_secure_rule_syscall.go
@@ -2,6 +2,7 @@ package sysdig
 
 import (
 	"context"
+	"net/http"
 	"strconv"
 	"time"
 
@@ -78,10 +79,14 @@ func resourceSysdigRuleSyscallRead(ctx context.Context, d *schema.ResourceData,
 		return diag.FromErr(err)
 	}
 
-	rule, err := client.GetRuleByID(ctx, id)
+	rule, statusCode, err := client.GetRuleByID(ctx, id)
 
 	if err != nil {
-		d.SetId("")
+		if statusCode == http.StatusNotFound {
+			d.SetId("")
+		} else {
+			return diag.FromErr(err)
+		}
 	}
 
 	if rule.Details.Syscalls == nil {

Original file line number	Diff line number	Diff line change
`@@ -141,8 +141,9 @@ func resourceSysdigCustomPolicyRead(ctx context.Context, d *schema.ResourceData,`
`141`	`141`	`policy, statusCode, err := client.GetPolicyByID(ctx, id)`
`142`	`142`
`143`	`143`	`if err != nil {`
`144`		`- d.SetId("")`
`145`	`144`	`if statusCode == http.StatusNotFound {`
	`145`	`+ d.SetId("")`
	`146`	`+ } else {`
`146`	`147`	`return diag.FromErr(err)`
`147`	`148`	`}`
`148`	`149`	`}`
Original file line number	Diff line number	Diff line change
`@@ -112,8 +112,9 @@ func resourceSysdigManagedPolicyRead(ctx context.Context, d *schema.ResourceData`
`112`	`112`	`policy, statusCode, err := client.GetPolicyByID(ctx, id)`
`113`	`113`
`114`	`114`	`if err != nil {`
`115`		`- d.SetId("")`
`116`	`115`	`if statusCode == http.StatusNotFound {`
	`116`	`+ d.SetId("")`
	`117`	`+ } else {`
`117`	`118`	`return diag.FromErr(err)`
`118`	`119`	`}`
`119`	`120`	`}`
`@@ -134,8 +135,9 @@ func resourceSysdigManagedPolicyDelete(ctx context.Context, d *schema.ResourceDa`
`134`	`135`	`// Reset everything back to default values for managed policy`
`135`	`136`	`policy, statusCode, err := client.GetPolicyByID(ctx, id)`
`136`	`137`	`if err != nil {`
`137`		`- d.SetId("")`
`138`	`138`	`if statusCode == http.StatusNotFound {`
	`139`	`+ d.SetId("")`
	`140`	`+ } else {`
`139`	`141`	`return diag.FromErr(err)`
`140`	`142`	`}`
`141`	`143`	`}`
`@@ -169,8 +171,9 @@ func resourceSysdigManagedPolicyUpdate(ctx context.Context, d *schema.ResourceDa`
`169`	`171`	`policy, statusCode, err := client.GetPolicyByID(ctx, id)`
`170`	`172`
`171`	`173`	`if err != nil {`
`172`		`- d.SetId("")`
`173`	`174`	`if statusCode == http.StatusNotFound {`
	`175`	`+ d.SetId("")`
	`176`	`+ } else {`
`174`	`177`	`return diag.FromErr(err)`
`175`	`178`	`}`
`176`	`179`	`}`
Original file line number	Diff line number	Diff line change
`@@ -149,8 +149,9 @@ func resourceSysdigManagedRulesetRead(ctx context.Context, d *schema.ResourceDat`
`149`	`149`	`policy, statusCode, err := client.GetPolicyByID(ctx, id)`
`150`	`150`
`151`	`151`	`if err != nil {`
`152`		`- d.SetId("")`
`153`	`152`	`if statusCode == http.StatusNotFound {`
	`153`	`+ d.SetId("")`
	`154`	`+ } else {`
`154`	`155`	`return diag.FromErr(err)`
`155`	`156`	`}`
`156`	`157`	`}`
`@@ -187,8 +188,9 @@ func resourceSysdigManagedRulesetUpdate(ctx context.Context, d *schema.ResourceD`
`187`	`188`	`policy, statusCode, err := client.GetPolicyByID(ctx, id)`
`188`	`189`
`189`	`190`	`if err != nil {`
`190`		`- d.SetId("")`
`191`	`191`	`if statusCode == http.StatusNotFound {`
	`192`	`+ d.SetId("")`
	`193`	`+ } else {`
`192`	`194`	`return diag.FromErr(err)`
`193`	`195`	`}`
`194`	`196`	`}`
Original file line number	Diff line number	Diff line change
`@@ -291,8 +291,9 @@ func resourceSysdigPolicyRead(ctx context.Context, d *schema.ResourceData, meta`
`291`	`291`	`policy, statusCode, err := client.GetPolicyByID(ctx, id)`
`292`	`292`
`293`	`293`	`if err != nil {`
`294`		`- d.SetId("")`
`295`	`294`	`if statusCode == http.StatusNotFound {`
	`295`	`+ d.SetId("")`
	`296`	`+ } else {`
`296`	`297`	`return diag.FromErr(err)`
`297`	`298`	`}`
`298`	`299`	`}`