add support for stateful rule count

Author: kmvachhani

sysdig/data_source_sysdig_secure_rule_stateful.go

@@ -4,10 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"errors"
-	"strconv"
 	"time"
 
-	v2 "github.com/draios/terraform-provider-sysdig/sysdig/internal/client/v2"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
@@ -37,8 +35,9 @@ func dataSourceSysdigSecureRuleStateful() *schema.Resource {
 				Computed: true,
 			},
 			"source": {
-				Type:     schema.TypeString,
-				Computed: true,
+				Type:             schema.TypeString,
+				Required:         true,
+				ValidateDiagFunc: validateDiagFunc(validateStatefulRuleSource),
 			},
 			"ruletype": {
 				Type:     schema.TypeString,
@@ -74,11 +73,6 @@ func dataSourceSysdigRuleStatefulRead(ctx context.Context, d *schema.ResourceDat
 		return diag.FromErr(err)
 	}
 
-	id, err := strconv.Atoi(d.Id())
-	if err != nil {
-		return diag.FromErr(err)
-	}
-
 	nameObj, ok := d.GetOk("name")
 	if !ok {
 		return diag.FromErr(errors.New("name is required"))
@@ -98,17 +92,16 @@ func dataSourceSysdigRuleStatefulRead(ctx context.Context, d *schema.ResourceDat
 		return diag.FromErr(err)
 	}
 
-	if len(rules) == 0 {
-		d.SetId("")
+	ruleIndexObj, ok := d.GetOk("index")
+	ruleIndex := 0
+	if ok {
+		ruleIndex = ruleIndexObj.(int)
 	}
 
-	var rule v2.Rule
+	rule := rules[ruleIndex]
 
-	for _, r := range rules {
-		if r.ID == id {
-			rule = r
-			break
-		}
+	if len(rules) == 0 {
+		d.SetId("")
 	}
 
 	exceptions := make([]any, 0, len(rule.Details.Exceptions))

sysdig/data_source_sysdig_secure_rule_stateful_count.go

@@ -0,0 +1,58 @@
+package sysdig
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func dataSourceSysdigSecureRuleStatefulCount() *schema.Resource {
+	timeout := 1 * time.Minute
+
+	return &schema.Resource{
+		ReadContext: dataSourceSysdigRuleStatefulCountRead,
+
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(timeout),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"source": {
+				Type:             schema.TypeString,
+				Required:         true,
+				ValidateDiagFunc: validateDiagFunc(validateStatefulRuleSource),
+			},
+			"rule_count": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceSysdigRuleStatefulCountRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client, err := getSecureRuleClient(meta.(SysdigClients))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	ruleName := d.Get("name").(string)
+	ruleType := d.Get("source").(string)
+	rules, err := client.GetStatefulRuleGroup(ctx, ruleName, ruleType)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	d.SetId(fmt.Sprintf("count_%s", ruleName))
+	_ = d.Set("name", ruleName)
+	_ = d.Set("rule_count", len(rules))
+
+	return nil
+}

sysdig/data_source_sysdig_secure_rule_stateful_count_test.go

@@ -0,0 +1,55 @@
+//go:build tf_acc_sysdig || tf_acc_sysdig_secure || tf_acc_policies || tf_acc_onprem_secure
+
+package sysdig_test
+
+import (
+	"fmt"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	"github.com/draios/terraform-provider-sysdig/sysdig"
+)
+
+func TestAccRuleStatefulCountDataSource(t *testing.T) {
+
+	if strings.HasSuffix(os.Getenv("SYSDIG_SECURE_URL"), "ibm.com") {
+		t.Skip("Skipping stateful tests for IBM Cloud")
+		return
+	}
+
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			if v := os.Getenv("SYSDIG_SECURE_API_TOKEN"); v == "" {
+				t.Fatal("SYSDIG_SECURE_API_TOKEN must be set for acceptance tests")
+			}
+		},
+		ProviderFactories: map[string]func() (*schema.Provider, error){
+			"sysdig": func() (*schema.Provider, error) {
+				return sysdig.Provider(), nil
+			},
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: ruleStatefulCountDataSource(),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.sysdig_secure_rule_stateful_count.data_stateful_rule_append", "rule_count", "1"),
+				),
+			},
+		},
+	})
+}
+
+func ruleStatefulCountDataSource() string {
+	return fmt.Sprintf(`
+%s
+
+data "sysdig_secure_rule_stateful" "data_stateful_rule_append" {
+  name = "API Gateway Enumeration Detected"
+  depends_on = [ sysdig_secure_rule_stateful.stateful_rule_append ]
+}
+`, ruleStatefulAppend())
+}

sysdig/data_source_sysdig_secure_rule_stateful_test.go

@@ -33,9 +33,6 @@ func TestAccRuleStatefulDataSource(t *testing.T) {
 			},
 		},
 		Steps: []resource.TestStep{
-			{
-				Config: ruleStatefulAppend(),
-			},
 			{
 				Config: ruleStatefulDataSource(),
 			},
@@ -44,11 +41,12 @@ func TestAccRuleStatefulDataSource(t *testing.T) {
 }
 
 func ruleStatefulDataSource() string {
-	return fmt.Sprint(`
+	return fmt.Sprintf(`
+%s
 
 data "sysdig_secure_rule_stateful" "data_stateful_rule_append" {
   name = "API Gateway Enumeration Detected"
   depends_on = [ sysdig_secure_rule_stateful.stateful_rule_append ]
 }
-`)
+`, ruleStatefulAppend())
 }

sysdig/provider.go

@@ -235,6 +235,7 @@ func (p *SysdigProvider) Provider() *schema.Provider {
 			"sysdig_secure_posture_policies":                              dataSourceSysdigSecurePosturePolicies(),
 			"sysdig_secure_custom_role_permissions":                       dataSourceSysdigSecureCustomRolePermissions(),
 			"sysdig_secure_rule_stateful":                                 dataSourceSysdigSecureRuleStateful(),
+			"sysdig_secure_rule_stateful_count":                           dataSourceSysdigSecureRuleStatefulCount(),
 
 			"sysdig_current_user":                                          dataSourceSysdigCurrentUser(),
 			"sysdig_user":                                                  dataSourceSysdigUser(),

website/docs/d/secure_rule_stateful_count.md

@@ -0,0 +1,33 @@
+---
+subcategory: "Sysdig Secure"
+layout: "sysdig"
+page_title: "Sysdig: sysdig_secure_rule_stateful_count"
+description: |-
+  Retrieves the count of rules (including appends) for a named stateful rule.
+---
+
+# Data Source: sysdig_secure_rule_stateful_count
+
+Retrieves the count of rules (including appends) for a named stateful rule.
+
+-> **Note:** Sysdig Terraform Provider is under rapid development at this point. If you experience any issue or discrepancy while using it, please make sure you have the latest version. If the issue persists, or you have a Feature Request to support an additional set of resources, please open a [new issue](https://github.com/sysdiglabs/terraform-provider-sysdig/issues/new) in the GitHub repository.
+
+## Example Usage
+
+```terraform
+data "sysdig_secure_rule_stateful_count" "example" {
+    name = "API Gateway Enumeration Detected"
+    source = "awscloudtrail_stateful"
+}
+```
+
+## Argument Reference
+
+* `name` - (Required) The name of the Secure stateful rule to retrieve.
+* `source` - (Required) The source of the Secure stateful rule to retrieve.
+
+## Attributes Reference
+
+In addition to the argument above, the following attributes are exported:
+
+* `rule_count` - The number of rules (including appends).