Data source for sysdig secure rule file system (#345)

* Data source for sysdig secure rule file system

* Data source for sysdig secure rule file system

* Data source for sysdig secure rule file system

* Data source for sysdig secure rule file system

* Fix test

* Fix test

* Fix test

* Fix test

* Docs

* PR Comments

Author: jacklongsd

sysdig/data_source_sysdig_secure_rule_file_system.go

@@ -0,0 +1,106 @@
+package sysdig
+
+import (
+	"context"
+	"time"
+
+	v2 "github.com/draios/terraform-provider-sysdig/sysdig/internal/client/v2"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func dataSourceSysdigSecureRuleFileSystem() *schema.Resource {
+	timeout := 5 * time.Minute
+
+	return &schema.Resource{
+		ReadContext: dataSourceSysdigRuleFileSystemRead,
+
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(timeout),
+		},
+
+		Schema: createRuleDataSourceSchema(map[string]*schema.Schema{
+			"read_only": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"matching": {
+							Type:     schema.TypeBool,
+							Computed: true,
+						},
+						"paths": {
+							Type:     schema.TypeList,
+							Computed: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
+					},
+				},
+			},
+			"read_write": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"matching": {
+							Type:     schema.TypeBool,
+							Computed: true,
+						},
+						"paths": {
+							Type:     schema.TypeList,
+							Computed: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
+					},
+				},
+			},
+		}),
+	}
+}
+
+func dataSourceSysdigRuleFileSystemRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client, err := getSecureRuleClient(meta.(SysdigClients))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	ruleName := d.Get("name").(string)
+	ruleType := v2.RuleTypeFileSystem
+
+	rules, err := client.GetRuleGroup(ctx, ruleName, ruleType)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	if len(rules) == 0 {
+		return diag.Errorf("unable to find rule")
+	}
+
+	if len(rules) > 1 {
+		return diag.Errorf("more than one rule with that name was found")
+	}
+
+	rule := rules[0]
+
+	ruleDataSourceToResourceData(rule, d)
+	if len(rule.Details.ReadPaths.Items) > 0 {
+		_ = d.Set("read_only", []map[string]interface{}{{
+			"matching": rule.Details.ReadPaths.MatchItems,
+			"paths":    rule.Details.ReadPaths.Items,
+		}})
+
+	}
+	if len(rule.Details.ReadWritePaths.Items) > 0 {
+		_ = d.Set("read_write", []map[string]interface{}{{
+			"matching": rule.Details.ReadWritePaths.MatchItems,
+			"paths":    rule.Details.ReadWritePaths.Items,
+		}})
+
+	}
+
+	return nil
+}

sysdig/data_source_sysdig_secure_rules_file_system_test.go

@@ -0,0 +1,48 @@
+//go:build tf_acc_sysdig || tf_acc_sysdig_secure || tf_acc_policies
+
+package sysdig_test
+
+import (
+	"fmt"
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	"github.com/draios/terraform-provider-sysdig/sysdig"
+)
+
+func TestAccRuleFileSystemDataSource(t *testing.T) {
+	rText := func() string { return acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) }
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			if v := os.Getenv("SYSDIG_SECURE_API_TOKEN"); v == "" {
+				t.Fatal("SYSDIG_SECURE_API_TOKEN must be set for acceptance tests")
+			}
+		},
+		ProviderFactories: map[string]func() (*schema.Provider, error){
+			"sysdig": func() (*schema.Provider, error) {
+				return sysdig.Provider(), nil
+			},
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: ruleFileSystemDataSource(rText()),
+			},
+		},
+	})
+}
+
+func ruleFileSystemDataSource(name string) string {
+	return fmt.Sprintf(`
+%s
+
+data "sysdig_secure_rule_file_system" "data_sample" {
+	name = "TERRAFORM TEST %s"
+	depends_on = [ sysdig_secure_rule_filesystem.foo ]
+}
+`, ruleFilesystemWithName(name), name)
+}

sysdig/internal/client/v2/model.go

@@ -259,7 +259,8 @@ type Rule struct {
 }
 
 const (
-	RuleTypeContainer = "CONTAINER"
+	RuleTypeContainer  = "CONTAINER"
+	RuleTypeFileSystem = "FILESYSTEM"
 )
 
 type Details struct {

sysdig/provider.go

@@ -131,6 +131,7 @@ func Provider() *schema.Provider {
 			"sysdig_secure_managed_policy":         dataSourceSysdigSecureManagedPolicy(),
 			"sysdig_secure_managed_ruleset":        dataSourceSysdigSecureManagedRuleset(),
 			"sysdig_secure_rule_container":         dataSourceSysdigSecureRuleContainer(),
+			"sysdig_secure_rule_file_system":       dataSourceSysdigSecureRuleFileSystem(),
 
 			"sysdig_current_user":      dataSourceSysdigCurrentUser(),
 			"sysdig_user":              dataSourceSysdigUser(),

sysdig/resource_sysdig_secure_rule_filesystem.go

@@ -185,7 +185,7 @@ func resourceSysdigRuleFilesystemDelete(ctx context.Context, d *schema.ResourceD
 
 func resourceSysdigRuleFilesystemFromResourceData(d *schema.ResourceData) (rule v2.Rule, err error) {
 	rule = ruleFromResourceData(d)
-	rule.Details.RuleType = "FILESYSTEM"
+	rule.Details.RuleType = v2.RuleTypeFileSystem
 
 	rule.Details.ReadPaths = &v2.ReadPaths{
 		MatchItems: true,

website/docs/d/secure_rule_file_system.md

@@ -0,0 +1,42 @@
+---
+subcategory: "Sysdig Secure"
+layout: "sysdig"
+page_title: "Sysdig: sysdig_secure_rule_file_system"
+description: |-
+  Retrieves a Sysdig Secure File System Rule.
+---
+
+# Data Source: sysdig_secure_rule_file_system
+
+Retrieves the information of an existing Sysdig Secure File System Rule.
+
+-> **Note:** Sysdig Terraform Provider is under rapid development at this point. If you experience any issue or discrepancy while using it, please make sure you have the latest version. If the issue persists, or you have a Feature Request to support an additional set of resources, please open a [new issue](https://github.com/sysdiglabs/terraform-provider-sysdig/issues/new) in the GitHub repository.
+
+## Example Usage
+
+```terraform
+data "sysdig_secure_rule_file_system" "example" {
+    name = "Write below etc"
+}
+```
+
+## Argument Reference
+
+* `name` - (Required) The name of the Secure rule to retrieve.
+
+## Attributes Reference
+
+In addition to the argument above, the following attributes are exported:
+
+* `description` - The description of Secure rule.
+* `tags` - A list of tags for this rule.
+* `read_only` - Block that defines read only paths to match or not match.
+* `read_write` - Block that defines read and write paths to match or not match.
+* `version` - Current version of the resource in Sysdig Secure.
+
+## read_write and read_only blocks
+
+Description of the attributes within the read_only and read_write blocks.
+
+* `matching` - Boolean value that defines if the path matches or not with the provided list.
+* `paths` - List of paths to match.