fix(policy): fix actions to not apply different schema on actions in state (#281)

filiptubic · web-flow · commit 8d92c94c97c4 · 2023-03-24T12:30:46.000+01:00
diff --git a/sysdig/resource_sysdig_secure_policy.go b/sysdig/resource_sysdig_secure_policy.go
@@ -161,24 +161,22 @@ func policyToResourceData(policy *secure.Policy, d *schema.ResourceData) {
 		_ = d.Set("type", "falco")
 
 	}
-	_ = d.Set("actions", policy.Actions)
 
 	actions := []map[string]interface{}{{}}
 	for _, action := range policy.Actions {
 		if action.Type != "POLICY_ACTION_CAPTURE" {
 			action := strings.Replace(action.Type, "POLICY_ACTION_", "", 1)
 			actions[0]["container"] = strings.ToLower(action)
-			_ = d.Set("actions", actions)
 			//d.Set("actions.0.container", strings.ToLower(action))
 		} else {
 			actions[0]["capture"] = []map[string]interface{}{{
 				"seconds_after_event":  action.AfterEventNs / 1000000000,
 				"seconds_before_event": action.BeforeEventNs / 1000000000,
 				"name":                 action.Name,
 			}}
-			_ = d.Set("actions", actions)
 		}
 	}
+	_ = d.Set("actions", actions)
 
 	_ = d.Set("notification_channels", policy.NotificationChannelIds)
 
diff --git a/sysdig/resource_sysdig_secure_policy_test.go b/sysdig/resource_sysdig_secure_policy_test.go
@@ -103,6 +103,8 @@ resource "sysdig_secure_policy" "sample2" {
   rule_names = [sysdig_secure_rule_falco.terminal_shell.name]
 
   notification_channels = [sysdig_secure_notification_channel_email.sample_email.id]
+
+  actions {}
 }
 `, secureNotificationChannelEmailWithName(name), ruleFalcoTerminalShell(name), name, name)
 }
@@ -116,6 +118,7 @@ resource "sysdig_secure_policy" "sample3" {
   severity = 4
   scope = "container.id != \"\""
   rule_names = ["Terminal shell in container"]
+  actions {}
 }
 `, name, name)
 }
@@ -125,6 +128,7 @@ func policyWithMinimumConfiguration(name string) string {
 resource "sysdig_secure_policy" "sample4" {
   name = "TERRAFORM TEST 4 %s"
   description = "TERRAFORM TEST %s"
+  actions {}
 }
 `, name, name)
 }
@@ -178,6 +182,7 @@ resource "sysdig_secure_policy" "sample4" {
   name = "TERRAFORM TEST 4 %s"
   description = "TERRAFORM TEST %s"
   type = "aws_cloudtrail"
+  actions {}
 }
 `, name, name)
 }
@@ -188,6 +193,7 @@ resource "sysdig_secure_policy" "sample5" {
   name = "TERRAFORM TEST %s"
   description = "TERRAFORM TEST %s"
   type = "gcp_auditlog"
+  actions {}
 }
 `, name, name)
 }
@@ -198,6 +204,7 @@ resource "sysdig_secure_policy" "sample6" {
   name = "TERRAFORM TEST %s"
   description = "TERRAFORM TEST %s"
   type = "azure_platformlogs"
+  actions {}
 }
 `, name, name)
 }

Original file line number	Diff line number	Diff line change
`@@ -103,6 +103,8 @@ resource "sysdig_secure_policy" "sample2" {`
`103`	`103`	`rule_names = [sysdig_secure_rule_falco.terminal_shell.name]`
`104`	`104`
`105`	`105`	`notification_channels = [sysdig_secure_notification_channel_email.sample_email.id]`
	`106`	`+`
	`107`	`+ actions {}`
`106`	`108`	`}`
`107`	`109`	`, secureNotificationChannelEmailWithName(name), ruleFalcoTerminalShell(name), name, name)
`108`	`110`	`}`
`@@ -116,6 +118,7 @@ resource "sysdig_secure_policy" "sample3" {`
`116`	`118`	`severity = 4`
`117`	`119`	`scope = "container.id != \"\""`
`118`	`120`	`rule_names = ["Terminal shell in container"]`
	`121`	`+ actions {}`
`119`	`122`	`}`
`120`	`123`	`, name, name)
`121`	`124`	`}`
`@@ -125,6 +128,7 @@ func policyWithMinimumConfiguration(name string) string {`
`125`	`128`	`resource "sysdig_secure_policy" "sample4" {`
`126`	`129`	`name = "TERRAFORM TEST 4 %s"`
`127`	`130`	`description = "TERRAFORM TEST %s"`
	`131`	`+ actions {}`
`128`	`132`	`}`
`129`	`133`	`, name, name)
`130`	`134`	`}`
`@@ -178,6 +182,7 @@ resource "sysdig_secure_policy" "sample4" {`
`178`	`182`	`name = "TERRAFORM TEST 4 %s"`
`179`	`183`	`description = "TERRAFORM TEST %s"`
`180`	`184`	`type = "aws_cloudtrail"`
	`185`	`+ actions {}`
`181`	`186`	`}`
`182`	`187`	`, name, name)
`183`	`188`	`}`
`@@ -188,6 +193,7 @@ resource "sysdig_secure_policy" "sample5" {`
`188`	`193`	`name = "TERRAFORM TEST %s"`
`189`	`194`	`description = "TERRAFORM TEST %s"`
`190`	`195`	`type = "gcp_auditlog"`
	`196`	`+ actions {}`
`191`	`197`	`}`
`192`	`198`	`, name, name)
`193`	`199`	`}`
`@@ -198,6 +204,7 @@ resource "sysdig_secure_policy" "sample6" {`
`198`	`204`	`name = "TERRAFORM TEST %s"`
`199`	`205`	`description = "TERRAFORM TEST %s"`
`200`	`206`	`type = "azure_platformlogs"`
	`207`	`+ actions {}`
`201`	`208`	`}`
`202`	`209`	`, name, name)
`203`	`210`	`}`