feat(policies): Data source for sysdig_secure_rule_process (#350)

* add data source for sysdig_secure_rule_process

* add tests for data source sysdig_secure_rule_process

* add documentation for data source sysdig_secure_rule_process

Author: Ben Lucas

sysdig/data_source_sysdig_secure_rule_process.go

@@ -0,0 +1,50 @@
+package sysdig
+
+import (
+	"context"
+	"time"
+
+	v2 "github.com/draios/terraform-provider-sysdig/sysdig/internal/client/v2"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func dataSourceSysdigSecureRuleProcess() *schema.Resource {
+	timeout := 5 * time.Minute
+
+	return &schema.Resource{
+		ReadContext: dataSourceSysdigRuleProcessRead,
+
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(timeout),
+		},
+
+		Schema: createRuleDataSourceSchema(map[string]*schema.Schema{
+			"matching": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+			"processes": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+		}),
+	}
+}
+
+func dataSourceSysdigRuleProcessRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	return commonDataSourceSysdigRuleRead(ctx, d, meta, v2.RuleTypeProcess, processRuleDataSourceToResourceData)
+}
+
+func processRuleDataSourceToResourceData(rule v2.Rule, d *schema.ResourceData) diag.Diagnostics {
+	if rule.Details.Processes == nil {
+		return diag.Errorf("no process data for a process rule")
+	}
+	_ = d.Set("matching", rule.Details.Processes.MatchItems)
+	_ = d.Set("processes", rule.Details.Processes.Items)
+
+	return nil
+}

sysdig/data_source_sysdig_secure_rule_process_test.go

@@ -0,0 +1,48 @@
+//go:build tf_acc_sysdig || tf_acc_sysdig_secure || tf_acc_policies
+
+package sysdig_test
+
+import (
+	"fmt"
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	"github.com/draios/terraform-provider-sysdig/sysdig"
+)
+
+func TestAccRuleProcessDataSource(t *testing.T) {
+	rText := func() string { return acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) }
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			if v := os.Getenv("SYSDIG_SECURE_API_TOKEN"); v == "" {
+				t.Fatal("SYSDIG_SECURE_API_TOKEN must be set for acceptance tests")
+			}
+		},
+		ProviderFactories: map[string]func() (*schema.Provider, error){
+			"sysdig": func() (*schema.Provider, error) {
+				return sysdig.Provider(), nil
+			},
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: ruleProcessDataSource(rText()),
+			},
+		},
+	})
+}
+
+func ruleProcessDataSource(name string) string {
+	return fmt.Sprintf(`
+%s
+
+data "sysdig_secure_rule_process" "data_sample" {
+	name = "TERRAFORM TEST %s"
+	depends_on = [ sysdig_secure_rule_process.foo ]
+}
+`, ruleProcessWithName(name), name)
+}

sysdig/internal/client/v2/model.go

@@ -263,6 +263,7 @@ const (
 	RuleTypeFalco      = "FALCO"
 	RuleTypeFilesystem = "FILESYSTEM"
 	RuleTypeNetwork    = "NETWORK"
+	RuleTypeProcess    = "PROCESS"
 )
 
 type Details struct {

sysdig/provider.go

@@ -135,6 +135,7 @@ func Provider() *schema.Provider {
 			"sysdig_secure_rule_falco_count":       dataSourceSysdigSecureRuleFalcoCount(),
 			"sysdig_secure_rule_filesystem":        dataSourceSysdigSecureRuleFilesystem(),
 			"sysdig_secure_rule_network":           dataSourceSysdigSecureRuleNetwork(),
+			"sysdig_secure_rule_process":           dataSourceSysdigSecureRuleProcess(),
 
 			"sysdig_current_user":      dataSourceSysdigCurrentUser(),
 			"sysdig_user":              dataSourceSysdigUser(),

sysdig/resource_sysdig_secure_rule_process.go

@@ -2,10 +2,11 @@ package sysdig
 
 import (
 	"context"
-	v2 "github.com/draios/terraform-provider-sysdig/sysdig/internal/client/v2"
 	"strconv"
 	"time"
 
+	v2 "github.com/draios/terraform-provider-sysdig/sysdig/internal/client/v2"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
@@ -134,7 +135,7 @@ func resourceSysdigRuleProcessDelete(ctx context.Context, d *schema.ResourceData
 
 func resourceSysdigRuleProcessFromResourceData(d *schema.ResourceData) v2.Rule {
 	rule := ruleFromResourceData(d)
-	rule.Details.RuleType = "PROCESS"
+	rule.Details.RuleType = v2.RuleTypeProcess
 
 	rule.Details.Processes = &v2.Processes{}
 	rule.Details.Processes.MatchItems = d.Get("matching").(bool)

website/docs/d/secure_rule_process.md

@@ -0,0 +1,35 @@
+---
+subcategory: "Sysdig Secure"
+layout: "sysdig"
+page_title: "Sysdig: sysdig_secure_rule_process"
+description: |-
+  Retrieves a Sysdig Secure Process Rule.
+---
+
+# Data Source: sysdig_secure_rule_process
+
+Retrieves the information of an existing Sysdig Secure Process Rule.
+
+-> **Note:** Sysdig Terraform Provider is under rapid development at this point. If you experience any issue or discrepancy while using it, please make sure you have the latest version. If the issue persists, or you have a Feature Request to support an additional set of resources, please open a [new issue](https://github.com/sysdiglabs/terraform-provider-sysdig/issues/new) in the GitHub repository.
+
+## Example Usage
+
+```terraform
+data "sysdig_secure_rule_process" "example" {
+    name = "Launch Suspicious Network Tool in Container"
+}
+```
+
+## Argument Reference
+
+* `name` - (Required) The name of the Secure rule to retrieve.
+
+## Attributes Reference
+
+In addition to the argument above, the following attributes are exported:
+
+* `description` - The description of Secure rule.
+* `tags` - A list of tags for this rule.
+* `matching` - Defines if the process name matches or not with the provided list.
+* `processes` - List of processes to match.
+* `version` - Current version of the resource in Sysdig Secure.