fix(rules): Fix incorrect endpoint for rule update

Signed-off-by: Federico Barcelona <[email protected]>

Author: tembleking

go.mod

@@ -2,4 +2,4 @@ module github.com/draios/terraform-provider-sysdig
 
 go 1.12
 
-require github.com/hashicorp/terraform-plugin-sdk v1.10.0
+require github.com/hashicorp/terraform-plugin-sdk v1.12.0

go.sum

@@ -112,8 +112,8 @@ github.com/hashicorp/terraform-config-inspect v0.0.0-20191115094559-17f92b0546e8
 github.com/hashicorp/terraform-config-inspect v0.0.0-20191115094559-17f92b0546e8/go.mod h1:p+ivJws3dpqbp1iP84+npOyAmTTOLMgCzrXd3GSdn/A=
 github.com/hashicorp/terraform-json v0.4.0 h1:KNh29iNxozP5adfUFBJ4/fWd0Cu3taGgjHB38JYqOF4=
 github.com/hashicorp/terraform-json v0.4.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU=
-github.com/hashicorp/terraform-plugin-sdk v1.10.0 h1:JLV3dUnsAF8TKGUdEPkvl9H0Xb2LdcHxLJyDPZ1A5/U=
-github.com/hashicorp/terraform-plugin-sdk v1.10.0/go.mod h1:HiWIPD/T9HixIhQUwaSoDQxo4BLFdmiBi/Qz5gjB8Q0=
+github.com/hashicorp/terraform-plugin-sdk v1.12.0 h1:HPp65ShSsKUMPf6jD50UQn/xAjyrGVO4FxI63bvu+pc=
+github.com/hashicorp/terraform-plugin-sdk v1.12.0/go.mod h1:HiWIPD/T9HixIhQUwaSoDQxo4BLFdmiBi/Qz5gjB8Q0=
 github.com/hashicorp/terraform-plugin-test v1.3.0 h1:hU5LoxrOn9qvOo+LTKN6mSav2J+dAMprbdxJPEQvp4U=
 github.com/hashicorp/terraform-plugin-test v1.3.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs=
 github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596 h1:hjyO2JsNZUKT1ym+FAdlBEkGPevazYsmVgIMw7dVELg=

sysdig/monitor/alerts.go

@@ -8,13 +8,6 @@ import (
 )
 
 func (c *sysdigMonitorClient) CreateAlert(alert Alert) (createdAlert Alert, err error) {
-	//data, err := ioutil.ReadAll(alert.ToJSON())
-	//if err != nil {
-	//	return
-	//}
-	//err = errors.New(string(data))
-	//return
-
 	response, err := c.doSysdigMonitorRequest(http.MethodPost, c.alertsURL(), alert.ToJSON())
 	if err != nil {
 		return

sysdig/resource_sysdig_secure_rule_falco.go

@@ -26,7 +26,6 @@ func resourceSysdigSecureRuleFalco() *schema.Resource {
 		},
 
 		Schema: createRuleSchema(map[string]*schema.Schema{
-
 			"condition": {
 				Type:     schema.TypeString,
 				Required: true,

sysdig/resource_sysdig_secure_rule_falco_test.go

@@ -13,6 +13,8 @@ import (
 func TestAccRuleFalco(t *testing.T) {
 	rText := func() string { return acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) }
 
+	ruleRandomImmutableText := rText()
+
 	resource.Test(t, resource.TestCase{
 		PreCheck: func() {
 			if v := os.Getenv("SYSDIG_SECURE_API_TOKEN"); v == "" {
@@ -24,7 +26,10 @@ func TestAccRuleFalco(t *testing.T) {
 		},
 		Steps: []resource.TestStep{
 			{
-				Config: ruleFalcoTerminalShell(rText()),
+				Config: ruleFalcoTerminalShell(ruleRandomImmutableText),
+			},
+			{
+				Config: ruleFalcoUpdatedTerminalShell(ruleRandomImmutableText),
 			},
 			{
 				Config: ruleFalcoKubeAudit(rText()),
@@ -47,6 +52,20 @@ resource "sysdig_secure_rule_falco" "terminal_shell" {
 }`, name, name)
 }
 
+func ruleFalcoUpdatedTerminalShell(name string) string {
+	return fmt.Sprintf(`
+resource "sysdig_secure_rule_falco" "terminal_shell" {
+  name = "TERRAFORM TEST %s - Terminal Shell"
+  description = "TERRAFORM TEST %s"
+  tags = ["shell", "mitre_execution"]
+
+  condition = "spawned_process and shell_procs and proc.tty != 0 and container_entrypoint"
+  output = "A shell was spawned in a container with an attached terminal (user=%%user.name %%container.info shell=%%proc.name parent=%%proc.pname cmdline=%%proc.cmdline terminal=%%proc.tty container_id=%%container.id image=%%container.image.repository)"
+  priority = "notice"
+  source = "syscall" // syscall or k8s_audit
+}`, name, name)
+}
+
 func ruleFalcoKubeAudit(name string) string {
 	return fmt.Sprintf(`
 resource "sysdig_secure_rule_falco" "kube_audit" {

sysdig/secure/client.go

@@ -2,7 +2,9 @@ package secure
 
 import (
 	"io"
+	"log"
 	"net/http"
+	"net/http/httputil"
 )
 
 type SysdigSecureClient interface {
@@ -51,5 +53,11 @@ func (client *sysdigSecureClient) doSysdigSecureRequest(method string, url strin
 	request.Header.Set("Authorization", "Bearer "+client.SysdigSecureAPIToken)
 	request.Header.Set("Content-Type", "application/json")
 
-	return client.httpClient.Do(request)
+	out, _ := httputil.DumpRequestOut(request, true)
+	log.Printf("[DEBUG] %s", string(out))
+	response, error := client.httpClient.Do(request)
+
+	out, _ = httputil.DumpResponse(response, true)
+	log.Printf("[DEBUG] %s", string(out))
+	return response, error
 }

sysdig/secure/rules.go

@@ -50,7 +50,7 @@ func (client *sysdigSecureClient) GetRuleByID(ruleID int) (result Rule, err erro
 }
 
 func (client *sysdigSecureClient) UpdateRule(rule Rule) (result Rule, err error) {
-	response, _ := client.doSysdigSecureRequest(http.MethodPut, client.policyURL(rule.ID), rule.ToJSON())
+	response, _ := client.doSysdigSecureRequest(http.MethodPut, client.ruleURL(rule.ID), rule.ToJSON())
 	body, _ := ioutil.ReadAll(response.Body)
 
 	if response.StatusCode != http.StatusOK {