Amtux/actions custom response code (#63)

* wip

* wip

* fix issue with defaut value of action.response_code not being set

* two flatten rules - one for corp, one for site

* fix tests

* remove serial tests

* combine flattenRuleActions back

* add comment

* add comment

.gitignore

@@ -48,3 +48,5 @@ override.tf.json
 
 .idea/
 terraform-provider-sigsci
+
+dist/

Makefile

@@ -16,4 +16,4 @@ testacc: ## Run acceptance tests
 
 sweep:
 	@echo "WARNING: This will destroy infrastructure. Use only in development accounts."
-	go test ./provider -v -sweep=test $(SWEEPARGS) -timeout 2m
+	go test ./provider -v -sweep=test $(SWEEPARGS) -timeout 2m

README.md

@@ -3,7 +3,7 @@
 
 ## Requirements
 * [Terraform](https://www.terraform.io/downloads.html) > 0.12.x
-* [Go](https://golang.org/doc/install) 1.14
+* [Go](https://golang.org/doc/install) 1.17
 
 Check out the [Terraform Documentation](https://www.terraform.io/docs/configuration/index.html) and their [Introduction](https://www.terraform.io/intro/index.html) for more information on terraform
 

go.mod

@@ -5,7 +5,7 @@ go 1.17
 require (
 	github.com/davecgh/go-spew v1.1.1
 	github.com/hashicorp/terraform-plugin-sdk v1.14.0
-	github.com/signalsciences/go-sigsci v0.1.3
+	github.com/signalsciences/go-sigsci v0.1.4
 )
 
 require (

go.sum

@@ -168,17 +168,16 @@ github.com/posener/complete v1.2.1/go.mod h1:6gapUrK/U1TAN7ciCoNRIdVC5sbdBTUh1DK
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
-github.com/signalsciences/go-sigsci v0.1.3 h1:sshrvQ/w23mmlMP3pYWNfIfkQYP4hCDavPbUQ2TQlw0=
-github.com/signalsciences/go-sigsci v0.1.3/go.mod h1:QzNMfETjwm4NFuFS4K1UoLO4wWdopUv3AFyvO092Fak=
+github.com/signalsciences/go-sigsci v0.1.4 h1:E++5y5kQVOG2I2kakpCeCNmqcgvvQwsNWR66sOrZKHY=
+github.com/signalsciences/go-sigsci v0.1.4/go.mod h1:9eUL/FIXlslxnqtsf0yk67CSBiYdL4ToYjYybzWQ77A=
 github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
 github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
-github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/ulikunitz/xz v0.5.5 h1:pFrO0lVpTBXLpYw+pnLj6TbvHuyjXMfjGeCwSqCVwok=
 github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8=
 github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk=
@@ -289,12 +288,9 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac
 google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
 google.golang.org/grpc v1.27.1 h1:zvIju4sqAGvwKspUQOhwnpcqSbzi7/H6QomNNjTL4sk=
 google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
-gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=

provider/lib.go

@@ -1,12 +1,15 @@
 package provider
 
 import (
+	"errors"
 	"fmt"
-	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
-	"github.com/signalsciences/go-sigsci"
+	"net/http"
 	"sort"
 	"strconv"
 	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/signalsciences/go-sigsci"
 )
 
 type providerMetadata struct {
@@ -308,7 +311,7 @@ func detectionFieldsEqual(old, new []sigsci.ConfiguredDetectionField) bool {
 	sort.Slice(new, func(i, j int) bool {
 		return new[i].Name < new[j].Name
 	})
-	for i, _ := range old {
+	for i := range old {
 		if old[i].Name != new[i].Name {
 			return false
 		}
@@ -392,10 +395,15 @@ func expandRuleActions(actionsResource *schema.Set) []sigsci.Action {
 		if castElement["signal"] != nil {
 			signal = castElement["signal"].(string)
 		}
+		var responseCode int
+		if castElement["response_code"] != nil {
+			responseCode = castElement["response_code"].(int)
+		}
 
 		a := sigsci.Action{
-			Type:   castElement["type"].(string),
-			Signal: signal,
+			Type:         castElement["type"].(string),
+			Signal:       signal,
+			ResponseCode: responseCode,
 		}
 		actions = append(actions, a)
 	}
@@ -444,13 +452,26 @@ func flattenRuleRateLimit(rateLimit *sigsci.RateLimit) map[string]string {
 	}
 }
 
-func flattenRuleActions(actions []sigsci.Action) []interface{} {
+func flattenRuleActions(actions []sigsci.Action, customResponseCode bool) []interface{} {
 	var actionsMap = make([]interface{}, len(actions), len(actions))
 	for i, action := range actions {
+
 		actionMap := map[string]interface{}{
 			"type":   action.Type,
 			"signal": action.Signal,
 		}
+		// customResponseCode is enabled for site rules but disabled for corp rules
+		// this boolean flag reflects the differences and flattens objects accordingly
+		if customResponseCode {
+			// response code is set to 0 by sigsci api when action.type != "block"
+			// for types such as "allow" or "logRequest", response code is irrelevant and hence not provided in API response
+			// TF assigns default value of 0 which creates an issues when checking TF plan because we set default value of 406 (http.StatusNotAcceptable)
+			// This noop piece of code ensures tests pass as expected
+			if action.ResponseCode == 0 {
+				action.ResponseCode = http.StatusNotAcceptable
+			}
+			actionMap["response_code"] = action.ResponseCode
+		}
 		actionsMap[i] = actionMap
 	}
 
@@ -481,8 +502,18 @@ var siteImporter = schema.ResourceImporter{
 }
 
 func validateConditionField(val interface{}, key string) ([]string, []error) {
-	if existsInString(val.(string), "scheme","method","path","useragent","domain","ip","responseCode","agentname","paramname","paramvalue","country","name","valueString","valueIp","signalType","signal", "requestHeader", "postParameter") {
+	if existsInString(val.(string), "scheme", "method", "path", "useragent", "domain", "ip", "responseCode", "agentname", "paramname", "paramvalue", "country", "name", "valueString", "valueIp", "signalType", "signal", "requestHeader", "postParameter") {
 		return nil, nil
 	}
 	return []string{fmt.Sprintf("received '%s' for conditions.field. This is not necessairly an error, but we only know about the following values. If this is a new value, please open a PR to get it added.\n(scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal, requestHeader, postParameter)", val.(string))}, nil
-}
+}
+
+func validateActionResponseCode(val interface{}, key string) ([]string, []error) {
+	// response code needs to be within 400-499
+	code := val.(int)
+	if 400 <= code && code < 500 {
+		return nil, nil
+	}
+	rangeError := errors.New(fmt.Sprintf("received action responseCode '%d'. should be in 400-499 range.", code))
+	return nil, []error{rangeError}
+}

provider/resource_corp_rule.go

@@ -2,6 +2,7 @@ package provider
 
 import (
 	"fmt"
+
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/signalsciences/go-sigsci"
 )
@@ -52,7 +53,7 @@ func resourceCorpRule() *schema.Resource {
 				Type:        schema.TypeSet,
 				Description: "Actions",
 				Required:    true,
-				MaxItems: 2,
+				MaxItems:    2,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"type": {
@@ -72,7 +73,7 @@ func resourceCorpRule() *schema.Resource {
 				Type:        schema.TypeSet,
 				Description: "Conditions",
 				Required:    true,
-				MaxItems: 10,
+				MaxItems:    10,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"type": {
@@ -81,9 +82,9 @@ func resourceCorpRule() *schema.Resource {
 							Required:    true,
 						},
 						"field": {
-							Type:        schema.TypeString,
-							Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)",
-							Optional:    true,
+							Type:         schema.TypeString,
+							Description:  "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)",
+							Optional:     true,
 							ValidateFunc: validateConditionField,
 						},
 						"operator": {
@@ -106,7 +107,7 @@ func resourceCorpRule() *schema.Resource {
 							Type:        schema.TypeSet,
 							Description: "Conditions",
 							Optional:    true,
-							MaxItems: 10,
+							MaxItems:    10,
 							Elem: &schema.Resource{
 								Schema: map[string]*schema.Schema{
 									"type": {
@@ -115,9 +116,9 @@ func resourceCorpRule() *schema.Resource {
 										Required:    true,
 									},
 									"field": {
-										Type:        schema.TypeString,
-										Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)",
-										Optional:    true,
+										Type:         schema.TypeString,
+										Description:  "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)",
+										Optional:     true,
 										ValidateFunc: validateConditionField,
 									},
 									"operator": {
@@ -139,7 +140,7 @@ func resourceCorpRule() *schema.Resource {
 										Type:        schema.TypeSet,
 										Description: "Conditions",
 										Optional:    true,
-										MaxItems: 10,
+										MaxItems:    10,
 										Elem: &schema.Resource{
 											Schema: map[string]*schema.Schema{
 												"type": {
@@ -148,9 +149,9 @@ func resourceCorpRule() *schema.Resource {
 													Required:    true,
 												},
 												"field": {
-													Type:        schema.TypeString,
-													Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)",
-													Optional:    true,
+													Type:         schema.TypeString,
+													Description:  "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)",
+													Optional:     true,
 													ValidateFunc: validateConditionField,
 												},
 												"operator": {
@@ -289,7 +290,7 @@ func resourceCorpRuleRead(d *schema.ResourceData, m interface{}) error {
 	if err != nil {
 		return err
 	}
-	err = d.Set("actions", flattenRuleActions(rule.Actions))
+	err = d.Set("actions", flattenRuleActions(rule.Actions, false))
 	if err != nil {
 		return err
 	}

provider/resource_corp_rule_test.go

@@ -2,9 +2,10 @@ package provider
 
 import (
 	"fmt"
+	"testing"
+
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/terraform"
-	"testing"
 )
 
 func TestResourceCorpRule_basic(t *testing.T) {
@@ -159,7 +160,6 @@ func TestResourceCorpRule_SortedSiteNames(t *testing.T) {
 					}
 			}`, testSite),
 				Check: resource.ComposeAggregateTestCheckFunc(
-					testInspect(),
 					resource.TestCheckResourceAttr(resourceName, "site_short_names.#", "3"),
 				),
 			},
@@ -197,7 +197,6 @@ func TestResourceCorpRule_SortedSiteNames(t *testing.T) {
 					}
 			}`, testSite),
 				Check: resource.ComposeAggregateTestCheckFunc(
-					testInspect(),
 					resource.TestCheckResourceAttr(resourceName, "site_short_names.#", "3"),
 					//resource.TestCheckResourceAttr(resourceName, "site_short_names.1785148924", testSite),
 				),

provider/resource_site_rule.go

@@ -2,6 +2,8 @@ package provider
 
 import (
 	"fmt"
+	"net/http"
+
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/signalsciences/go-sigsci"
 )
@@ -49,7 +51,7 @@ func resourceSiteRule() *schema.Resource {
 				Type:        schema.TypeSet,
 				Description: "Actions",
 				Optional:    true,
-				MaxItems: 2,
+				MaxItems:    2,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"type": {
@@ -63,14 +65,21 @@ func resourceSiteRule() *schema.Resource {
 							Description: "signal id to tag",
 							Optional:    true,
 						},
+						"response_code": {
+							Type:         schema.TypeInt,
+							Description:  "HTTP code agent for agent to respond with. range: 400-499, defaults to '406' if not provided",
+							Optional:     true,
+							ValidateFunc: validateActionResponseCode,
+							Default:      http.StatusNotAcceptable,
+						},
 					},
 				},
 			},
 			"conditions": {
 				Type:        schema.TypeSet,
 				Description: "Conditions",
 				Required:    true,
-				MaxItems: 10,
+				MaxItems:    10,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"type": {
@@ -79,9 +88,9 @@ func resourceSiteRule() *schema.Resource {
 							Required:    true,
 						},
 						"field": {
-							Type:        schema.TypeString,
-							Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)",
-							Optional:    true,
+							Type:         schema.TypeString,
+							Description:  "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)",
+							Optional:     true,
 							ValidateFunc: validateConditionField,
 						},
 						"operator": {
@@ -103,7 +112,7 @@ func resourceSiteRule() *schema.Resource {
 							Type:        schema.TypeSet,
 							Description: "Conditions",
 							Optional:    true,
-							MaxItems: 10,
+							MaxItems:    10,
 							Elem: &schema.Resource{
 								Schema: map[string]*schema.Schema{
 									"type": {
@@ -112,9 +121,9 @@ func resourceSiteRule() *schema.Resource {
 										Required:    true,
 									},
 									"field": {
-										Type:        schema.TypeString,
-										Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)",
-										Optional:    true,
+										Type:         schema.TypeString,
+										Description:  "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)",
+										Optional:     true,
 										ValidateFunc: validateConditionField,
 									},
 									"operator": {
@@ -136,7 +145,7 @@ func resourceSiteRule() *schema.Resource {
 										Type:        schema.TypeSet,
 										Description: "Conditions",
 										Optional:    true,
-										MaxItems: 10,
+										MaxItems:    10,
 										Elem: &schema.Resource{
 											Schema: map[string]*schema.Schema{
 												"type": {
@@ -145,9 +154,9 @@ func resourceSiteRule() *schema.Resource {
 													Required:    true,
 												},
 												"field": {
-													Type:        schema.TypeString,
-													Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)",
-													Optional:    true,
+													Type:         schema.TypeString,
+													Description:  "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)",
+													Optional:     true,
 													ValidateFunc: validateConditionField,
 												},
 												"operator": {
@@ -281,7 +290,7 @@ func resourceSiteRuleRead(d *schema.ResourceData, m interface{}) error {
 	if err != nil {
 		return err
 	}
-	err = d.Set("actions", flattenRuleActions(rule.Actions))
+	err = d.Set("actions", flattenRuleActions(rule.Actions, true))
 	if err != nil {
 		return err
 	}
@@ -340,4 +349,3 @@ func resourceSiteRuleDelete(d *schema.ResourceData, m interface{}) error {
 
 	return fmt.Errorf("Could not delete rule with ID %s in corp %s site %s. Please re-run", d.Id(), corp, site)
 }
-