open the option to put expires_at

Author: hila-krut-sysdig

sysdig/internal/client/v2/model_posture_control.go

@@ -31,7 +31,7 @@ type AccepetPostureRiskRequest struct {
 	Description  string `json:"description"`
 	Filter       string `json:"filter"`
 	Reason       string `json:"reason"`
-	ExpiresAt    int64  `json:"expiresAt"`
+	ExpiresAt    string `json:"expiresAt"`
 }
 
 type UpdateAccepetPostureRiskRequest struct {

sysdig/resource_sysdig_secure_accept_posture_risk.go

@@ -2,7 +2,6 @@ package sysdig
 
 import (
 	"context"
-	"fmt"
 	"strconv"
 	"time"
 
@@ -60,8 +59,8 @@ func resourceSysdigSecureAcceptPostureRisk() *schema.Resource {
 				ValidateFunc: validation.StringInSlice([]string{"7 Days", "30 Days", "60 Days", "90 Days", "Custom", "Never"}, false),
 			},
 			SchemaExpiresAtKey: {
-				Type:     schema.TypeInt,
-				Computed: true,
+				Type:     schema.TypeString,
+				Optional: true,
 			},
 			SchemaIsExpiredKey: {
 				Type:     schema.TypeBool,
@@ -106,22 +105,23 @@ func resourceSysdigSecureAcceptPostureControlCreate(ctx context.Context, d *sche
 		Filter:       d.Get(SchemaFilterKey).(string),
 		Reason:       d.Get(SchemaReasonKey).(string),
 	}
-
+	var expiresAt int64
 	expiresIn := d.Get(SchemaExpiresInKey).(string)
 	if expiresIn == "7 Days" {
-		req.ExpiresAt = time.Now().AddDate(0, 0, 7).UTC().UnixMilli()
+		expiresAt = time.Now().AddDate(0, 0, 7).UTC().UnixMilli()
 	} else if expiresIn == "30 Days" {
-		req.ExpiresAt = time.Now().AddDate(0, 0, 30).UTC().UnixMilli()
+		expiresAt = time.Now().AddDate(0, 0, 30).UTC().UnixMilli()
 	} else if expiresIn == "60 Days" {
-		req.ExpiresAt = time.Now().AddDate(0, 0, 60).UTC().UnixMilli()
+		expiresAt = time.Now().AddDate(0, 0, 60).UTC().UnixMilli()
 	} else if expiresIn == "90 Days" {
-		req.ExpiresAt = time.Now().AddDate(0, 0, 90).UTC().UnixMilli()
+		expiresAt = time.Now().AddDate(0, 0, 90).UTC().UnixMilli()
 	} else if expiresIn == "Never" {
-		req.ExpiresAt = 0
+		expiresAt = 0
 	} else {
-		req.ExpiresAt = d.Get(SchemaExpiresAtKey).(int64)
+		t := d.Get(SchemaExpiresAtKey).(string)
+		expiresAt, _ = strconv.ParseInt(t, 10, 64)
 	}
-
+	req.ExpiresAt = strconv.FormatInt(expiresAt, 10)
 	acceptance, errStatus, err := client.SaveAcceptPostureRisk(ctx, req)
 	if err != nil {
 		return diag.Errorf("Error creating accept risk. error status: %s err: %s", errStatus, err)
@@ -161,9 +161,13 @@ func resourceSysdigSecureAcceptPostureControlUpdate(ctx context.Context, d *sche
 		millis = 0
 	} else {
 		req.Acceptance.AcceptPeriod = "Custom"
-		req.Acceptance.ExpiresAt = d.Get(SchemaExpiresAtKey).(string)
+		t := d.Get(SchemaExpiresAtKey).(string)
+		millis, err = strconv.ParseInt(t, 10, 64)
+		if err != nil {
+			millis = time.Now().AddDate(0, 0, 30).UTC().UnixMilli()
+		}
 	}
-	req.Acceptance.ExpiresAt = fmt.Sprintf("%d", millis)
+	req.Acceptance.ExpiresAt = strconv.FormatInt(millis, 10)
 	req.Acceptance.Description = d.Get(SchemaDescriptionKey).(string)
 	req.Acceptance.Reason = d.Get(SchemaReasonKey).(string)
 
@@ -224,11 +228,8 @@ func resourceSysdigSecureAcceptPostureControlRead(ctx context.Context, d *schema
 	if err != nil {
 		return diag.FromErr(err)
 	}
-	expiresAt, err := strconv.ParseInt(acceptance.Data.ExpiresAt, 10, 64)
-	if err != nil {
-		return diag.FromErr(err)
-	}
-	err = d.Set(SchemaExpiresAtKey, expiresAt)
+
+	err = d.Set(SchemaExpiresAtKey, acceptance.Data.ExpiresAt)
 	if err != nil {
 		return diag.FromErr(err)
 	}

website/docs/r/secure_posture_accept_risk.md

@@ -30,6 +30,16 @@ resource "sysdig_secure_posture_accept_risk" "accept_risk_resource" {
     expires_in   = "30 Days"
     filter       = "name in ('system:controller:daemon-set-s') and kind in ('ClusterRole')"
 }
+
+
+resource "sysdig_secure_posture_accept_risk" "scheduler_set_to_loopback_bind_address" {
+    description = "This is custom risk acceptance for scheduler_set_to_loopback_bind_address"
+    control_name = "Scheduler - Set to Loopback bind-address"
+    reason = "Custom"
+    expires_in = "Custom"
+    expires_at = "1730293523000"
+    zone_name = "Entire Infrastructure"
+}
 ```
 
 ## Argument Reference
@@ -53,7 +63,7 @@ resource "sysdig_secure_posture_accept_risk" "accept_risk_resource" {
   - `90 Days`
   - `Custom`
   - `Never`
-- `expires_at` - (Computed) The timestamp indicating when the acceptance expires, in UTC time format (milliseconds since epoch).
+- `expires_at` - (Optional) This timestamp indicates when the acceptance expires, formatted in UTC time (milliseconds since epoch). If you choose expires_in=Custom, you must provide expires_at, which specifies the expiration date in milliseconds.
 - `is_expired` - (Computed) Indicates whether the acceptance is expired.
 - `acceptance_date` - (Computed) The date when the risk was accepted.
 - `username` - (Computed) The username of the user who accepted the risk.