From d270ca7efdfa3796639b9d43f453247cdf6f2323 Mon Sep 17 00:00:00 2001 From: Amandeep Singh Date: Wed, 27 Apr 2022 20:24:15 -0400 Subject: [PATCH] Amtux/actions custom response code (#63) * wip * wip * fix issue with defaut value of action.response_code not being set * two flatten rules - one for corp, one for site * fix tests * remove serial tests * combine flattenRuleActions back * add comment * add comment --- .gitignore | 2 + Makefile | 2 +- README.md | 2 +- go.mod | 2 +- go.sum | 10 +- provider/lib.go | 47 +- provider/resource_corp_rule.go | 29 +- provider/resource_corp_rule_test.go | 5 +- provider/resource_site_rule.go | 38 +- provider/resource_site_rule_test.go | 883 ++++++++++++++-------------- 10 files changed, 541 insertions(+), 479 deletions(-) diff --git a/.gitignore b/.gitignore index b035694..f3afb6d 100644 --- a/.gitignore +++ b/.gitignore @@ -48,3 +48,5 @@ override.tf.json .idea/ terraform-provider-sigsci + +dist/ diff --git a/Makefile b/Makefile index 09e0296..42943d8 100644 --- a/Makefile +++ b/Makefile @@ -16,4 +16,4 @@ testacc: ## Run acceptance tests sweep: @echo "WARNING: This will destroy infrastructure. Use only in development accounts." - go test ./provider -v -sweep=test $(SWEEPARGS) -timeout 2m \ No newline at end of file + go test ./provider -v -sweep=test $(SWEEPARGS) -timeout 2m diff --git a/README.md b/README.md index 02bfbdb..a15db18 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ ## Requirements * [Terraform](https://www.terraform.io/downloads.html) > 0.12.x -* [Go](https://golang.org/doc/install) 1.14 +* [Go](https://golang.org/doc/install) 1.17 Check out the [Terraform Documentation](https://www.terraform.io/docs/configuration/index.html) and their [Introduction](https://www.terraform.io/intro/index.html) for more information on terraform diff --git a/go.mod b/go.mod index 1a32011..87dd0d0 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.17 require ( github.com/davecgh/go-spew v1.1.1 github.com/hashicorp/terraform-plugin-sdk v1.14.0 - github.com/signalsciences/go-sigsci v0.1.3 + github.com/signalsciences/go-sigsci v0.1.4 ) require ( diff --git a/go.sum b/go.sum index 8f1063b..fa7111f 100644 --- a/go.sum +++ b/go.sum @@ -168,17 +168,16 @@ github.com/posener/complete v1.2.1/go.mod h1:6gapUrK/U1TAN7ciCoNRIdVC5sbdBTUh1DK github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/signalsciences/go-sigsci v0.1.3 h1:sshrvQ/w23mmlMP3pYWNfIfkQYP4hCDavPbUQ2TQlw0= -github.com/signalsciences/go-sigsci v0.1.3/go.mod h1:QzNMfETjwm4NFuFS4K1UoLO4wWdopUv3AFyvO092Fak= +github.com/signalsciences/go-sigsci v0.1.4 h1:E++5y5kQVOG2I2kakpCeCNmqcgvvQwsNWR66sOrZKHY= +github.com/signalsciences/go-sigsci v0.1.4/go.mod h1:9eUL/FIXlslxnqtsf0yk67CSBiYdL4ToYjYybzWQ77A= github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/ulikunitz/xz v0.5.5 h1:pFrO0lVpTBXLpYw+pnLj6TbvHuyjXMfjGeCwSqCVwok= github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= @@ -289,12 +288,9 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.1 h1:zvIju4sqAGvwKspUQOhwnpcqSbzi7/H6QomNNjTL4sk= google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/provider/lib.go b/provider/lib.go index 9101768..0763aa6 100644 --- a/provider/lib.go +++ b/provider/lib.go @@ -1,12 +1,15 @@ package provider import ( + "errors" "fmt" - "github.com/hashicorp/terraform-plugin-sdk/helper/schema" - "github.com/signalsciences/go-sigsci" + "net/http" "sort" "strconv" "strings" + + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/signalsciences/go-sigsci" ) type providerMetadata struct { @@ -308,7 +311,7 @@ func detectionFieldsEqual(old, new []sigsci.ConfiguredDetectionField) bool { sort.Slice(new, func(i, j int) bool { return new[i].Name < new[j].Name }) - for i, _ := range old { + for i := range old { if old[i].Name != new[i].Name { return false } @@ -392,10 +395,15 @@ func expandRuleActions(actionsResource *schema.Set) []sigsci.Action { if castElement["signal"] != nil { signal = castElement["signal"].(string) } + var responseCode int + if castElement["response_code"] != nil { + responseCode = castElement["response_code"].(int) + } a := sigsci.Action{ - Type: castElement["type"].(string), - Signal: signal, + Type: castElement["type"].(string), + Signal: signal, + ResponseCode: responseCode, } actions = append(actions, a) } @@ -444,13 +452,26 @@ func flattenRuleRateLimit(rateLimit *sigsci.RateLimit) map[string]string { } } -func flattenRuleActions(actions []sigsci.Action) []interface{} { +func flattenRuleActions(actions []sigsci.Action, customResponseCode bool) []interface{} { var actionsMap = make([]interface{}, len(actions), len(actions)) for i, action := range actions { + actionMap := map[string]interface{}{ "type": action.Type, "signal": action.Signal, } + // customResponseCode is enabled for site rules but disabled for corp rules + // this boolean flag reflects the differences and flattens objects accordingly + if customResponseCode { + // response code is set to 0 by sigsci api when action.type != "block" + // for types such as "allow" or "logRequest", response code is irrelevant and hence not provided in API response + // TF assigns default value of 0 which creates an issues when checking TF plan because we set default value of 406 (http.StatusNotAcceptable) + // This noop piece of code ensures tests pass as expected + if action.ResponseCode == 0 { + action.ResponseCode = http.StatusNotAcceptable + } + actionMap["response_code"] = action.ResponseCode + } actionsMap[i] = actionMap } @@ -481,8 +502,18 @@ var siteImporter = schema.ResourceImporter{ } func validateConditionField(val interface{}, key string) ([]string, []error) { - if existsInString(val.(string), "scheme","method","path","useragent","domain","ip","responseCode","agentname","paramname","paramvalue","country","name","valueString","valueIp","signalType","signal", "requestHeader", "postParameter") { + if existsInString(val.(string), "scheme", "method", "path", "useragent", "domain", "ip", "responseCode", "agentname", "paramname", "paramvalue", "country", "name", "valueString", "valueIp", "signalType", "signal", "requestHeader", "postParameter") { return nil, nil } return []string{fmt.Sprintf("received '%s' for conditions.field. This is not necessairly an error, but we only know about the following values. If this is a new value, please open a PR to get it added.\n(scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal, requestHeader, postParameter)", val.(string))}, nil -} \ No newline at end of file +} + +func validateActionResponseCode(val interface{}, key string) ([]string, []error) { + // response code needs to be within 400-499 + code := val.(int) + if 400 <= code && code < 500 { + return nil, nil + } + rangeError := errors.New(fmt.Sprintf("received action responseCode '%d'. should be in 400-499 range.", code)) + return nil, []error{rangeError} +} diff --git a/provider/resource_corp_rule.go b/provider/resource_corp_rule.go index c873d6e..2edc324 100644 --- a/provider/resource_corp_rule.go +++ b/provider/resource_corp_rule.go @@ -2,6 +2,7 @@ package provider import ( "fmt" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/signalsciences/go-sigsci" ) @@ -52,7 +53,7 @@ func resourceCorpRule() *schema.Resource { Type: schema.TypeSet, Description: "Actions", Required: true, - MaxItems: 2, + MaxItems: 2, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { @@ -72,7 +73,7 @@ func resourceCorpRule() *schema.Resource { Type: schema.TypeSet, Description: "Conditions", Required: true, - MaxItems: 10, + MaxItems: 10, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { @@ -81,9 +82,9 @@ func resourceCorpRule() *schema.Resource { Required: true, }, "field": { - Type: schema.TypeString, - Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)", - Optional: true, + Type: schema.TypeString, + Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)", + Optional: true, ValidateFunc: validateConditionField, }, "operator": { @@ -106,7 +107,7 @@ func resourceCorpRule() *schema.Resource { Type: schema.TypeSet, Description: "Conditions", Optional: true, - MaxItems: 10, + MaxItems: 10, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { @@ -115,9 +116,9 @@ func resourceCorpRule() *schema.Resource { Required: true, }, "field": { - Type: schema.TypeString, - Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)", - Optional: true, + Type: schema.TypeString, + Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)", + Optional: true, ValidateFunc: validateConditionField, }, "operator": { @@ -139,7 +140,7 @@ func resourceCorpRule() *schema.Resource { Type: schema.TypeSet, Description: "Conditions", Optional: true, - MaxItems: 10, + MaxItems: 10, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { @@ -148,9 +149,9 @@ func resourceCorpRule() *schema.Resource { Required: true, }, "field": { - Type: schema.TypeString, - Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)", - Optional: true, + Type: schema.TypeString, + Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType)", + Optional: true, ValidateFunc: validateConditionField, }, "operator": { @@ -289,7 +290,7 @@ func resourceCorpRuleRead(d *schema.ResourceData, m interface{}) error { if err != nil { return err } - err = d.Set("actions", flattenRuleActions(rule.Actions)) + err = d.Set("actions", flattenRuleActions(rule.Actions, false)) if err != nil { return err } diff --git a/provider/resource_corp_rule_test.go b/provider/resource_corp_rule_test.go index eb1c672..c3e8e6f 100644 --- a/provider/resource_corp_rule_test.go +++ b/provider/resource_corp_rule_test.go @@ -2,9 +2,10 @@ package provider import ( "fmt" + "testing" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" - "testing" ) func TestResourceCorpRule_basic(t *testing.T) { @@ -159,7 +160,6 @@ func TestResourceCorpRule_SortedSiteNames(t *testing.T) { } }`, testSite), Check: resource.ComposeAggregateTestCheckFunc( - testInspect(), resource.TestCheckResourceAttr(resourceName, "site_short_names.#", "3"), ), }, @@ -197,7 +197,6 @@ func TestResourceCorpRule_SortedSiteNames(t *testing.T) { } }`, testSite), Check: resource.ComposeAggregateTestCheckFunc( - testInspect(), resource.TestCheckResourceAttr(resourceName, "site_short_names.#", "3"), //resource.TestCheckResourceAttr(resourceName, "site_short_names.1785148924", testSite), ), diff --git a/provider/resource_site_rule.go b/provider/resource_site_rule.go index 32d245a..7d5dab2 100644 --- a/provider/resource_site_rule.go +++ b/provider/resource_site_rule.go @@ -2,6 +2,8 @@ package provider import ( "fmt" + "net/http" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/signalsciences/go-sigsci" ) @@ -49,7 +51,7 @@ func resourceSiteRule() *schema.Resource { Type: schema.TypeSet, Description: "Actions", Optional: true, - MaxItems: 2, + MaxItems: 2, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { @@ -63,6 +65,13 @@ func resourceSiteRule() *schema.Resource { Description: "signal id to tag", Optional: true, }, + "response_code": { + Type: schema.TypeInt, + Description: "HTTP code agent for agent to respond with. range: 400-499, defaults to '406' if not provided", + Optional: true, + ValidateFunc: validateActionResponseCode, + Default: http.StatusNotAcceptable, + }, }, }, }, @@ -70,7 +79,7 @@ func resourceSiteRule() *schema.Resource { Type: schema.TypeSet, Description: "Conditions", Required: true, - MaxItems: 10, + MaxItems: 10, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { @@ -79,9 +88,9 @@ func resourceSiteRule() *schema.Resource { Required: true, }, "field": { - Type: schema.TypeString, - Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)", - Optional: true, + Type: schema.TypeString, + Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)", + Optional: true, ValidateFunc: validateConditionField, }, "operator": { @@ -103,7 +112,7 @@ func resourceSiteRule() *schema.Resource { Type: schema.TypeSet, Description: "Conditions", Optional: true, - MaxItems: 10, + MaxItems: 10, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { @@ -112,9 +121,9 @@ func resourceSiteRule() *schema.Resource { Required: true, }, "field": { - Type: schema.TypeString, - Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)", - Optional: true, + Type: schema.TypeString, + Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)", + Optional: true, ValidateFunc: validateConditionField, }, "operator": { @@ -136,7 +145,7 @@ func resourceSiteRule() *schema.Resource { Type: schema.TypeSet, Description: "Conditions", Optional: true, - MaxItems: 10, + MaxItems: 10, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { @@ -145,9 +154,9 @@ func resourceSiteRule() *schema.Resource { Required: true, }, "field": { - Type: schema.TypeString, - Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)", - Optional: true, + Type: schema.TypeString, + Description: "type: single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueIp, signalType, signal)", + Optional: true, ValidateFunc: validateConditionField, }, "operator": { @@ -281,7 +290,7 @@ func resourceSiteRuleRead(d *schema.ResourceData, m interface{}) error { if err != nil { return err } - err = d.Set("actions", flattenRuleActions(rule.Actions)) + err = d.Set("actions", flattenRuleActions(rule.Actions, true)) if err != nil { return err } @@ -340,4 +349,3 @@ func resourceSiteRuleDelete(d *schema.ResourceData, m interface{}) error { return fmt.Errorf("Could not delete rule with ID %s in corp %s site %s. Please re-run", d.Id(), corp, site) } - diff --git a/provider/resource_site_rule_test.go b/provider/resource_site_rule_test.go index 334e1c6..6c2548e 100644 --- a/provider/resource_site_rule_test.go +++ b/provider/resource_site_rule_test.go @@ -1,26 +1,27 @@ package provider import ( - "fmt" - "github.com/davecgh/go-spew/spew" - "github.com/hashicorp/terraform-plugin-sdk/helper/resource" - "github.com/hashicorp/terraform-plugin-sdk/terraform" - "github.com/signalsciences/go-sigsci" - "reflect" - "regexp" - "testing" + "fmt" + "reflect" + "regexp" + "testing" + + "github.com/davecgh/go-spew/spew" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" + "github.com/signalsciences/go-sigsci" ) func TestACCResourceSiteRule_basic(t *testing.T) { - t.Parallel() - resourceName := "sigsci_site_rule.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testACCCheckSiteRuleDestroy, - Steps: []resource.TestStep{ - { - Config: fmt.Sprintf(` + t.Parallel() + resourceName := "sigsci_site_rule.test" + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testACCCheckSiteRuleDestroy, + Steps: []resource.TestStep{ + { + Config: fmt.Sprintf(` resource "sigsci_site_rule" "test"{ site_short_name="%s" type= "signal" @@ -45,31 +46,31 @@ func TestACCResourceSiteRule_basic(t *testing.T) { type="excludeSignal" } }`, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - testCheckSiteRuleExists(resourceName), - testCheckSiteRulesAreEqual(resourceName), - resource.TestCheckResourceAttr(resourceName, "type", "signal"), - resource.TestCheckResourceAttr(resourceName, "site_short_name", testSite), - resource.TestCheckResourceAttr(resourceName, "reason", "Example site rule update"), - resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "actions.895671942.type", "excludeSignal"), - resource.TestCheckResourceAttr(resourceName, "conditions.#", "2"), - resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.field", "ip"), - resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.group_operator", ""), - resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.operator", "equals"), - resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.type", "single"), - resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.value", "1.2.3.4"), - resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.conditions.#", "0"), - resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.field", "ip"), - resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.group_operator", ""), - resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.operator", "equals"), - resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.type", "single"), - resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.value", "1.2.3.5"), - resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.conditions.#", "0"), - ), - }, - { - Config: fmt.Sprintf(` + Check: resource.ComposeAggregateTestCheckFunc( + testCheckSiteRuleExists(resourceName), + testCheckSiteRulesAreEqual(resourceName), + resource.TestCheckResourceAttr(resourceName, "type", "signal"), + resource.TestCheckResourceAttr(resourceName, "site_short_name", testSite), + resource.TestCheckResourceAttr(resourceName, "reason", "Example site rule update"), + resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "actions.2526394097.type", "excludeSignal"), + resource.TestCheckResourceAttr(resourceName, "conditions.#", "2"), + resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.field", "ip"), + resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.group_operator", ""), + resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.operator", "equals"), + resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.type", "single"), + resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.value", "1.2.3.4"), + resource.TestCheckResourceAttr(resourceName, "conditions.2534374319.conditions.#", "0"), + resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.field", "ip"), + resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.group_operator", ""), + resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.operator", "equals"), + resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.type", "single"), + resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.value", "1.2.3.5"), + resource.TestCheckResourceAttr(resourceName, "conditions.2383694574.conditions.#", "0"), + ), + }, + { + Config: fmt.Sprintf(` resource "sigsci_site_rule" "test"{ site_short_name="%s" type= "signal" @@ -89,41 +90,41 @@ func TestACCResourceSiteRule_basic(t *testing.T) { } }`, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "type", "signal"), - resource.TestCheckResourceAttr(resourceName, "site_short_name", testSite), - resource.TestCheckResourceAttr(resourceName, "reason", "Example site rule update 2"), - resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "actions.895671942.type", "excludeSignal"), - resource.TestCheckResourceAttr(resourceName, "conditions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "conditions.580978146.conditions.#", "0"), - resource.TestCheckResourceAttr(resourceName, "conditions.580978146.field", "ip"), - resource.TestCheckResourceAttr(resourceName, "conditions.580978146.group_operator", ""), - resource.TestCheckResourceAttr(resourceName, "conditions.580978146.operator", "equals"), - resource.TestCheckResourceAttr(resourceName, "conditions.580978146.type", "single"), - resource.TestCheckResourceAttr(resourceName, "conditions.580978146.value", "1.2.3.9"), - ), - }, - { - ResourceName: resourceName, - ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), - ImportState: true, - ImportStateVerify: true, - ImportStateCheck: testAccImportStateCheckFunction(1), - }, - }, - }) + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "type", "signal"), + resource.TestCheckResourceAttr(resourceName, "site_short_name", testSite), + resource.TestCheckResourceAttr(resourceName, "reason", "Example site rule update 2"), + resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "actions.2526394097.type", "excludeSignal"), + resource.TestCheckResourceAttr(resourceName, "conditions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "conditions.580978146.conditions.#", "0"), + resource.TestCheckResourceAttr(resourceName, "conditions.580978146.field", "ip"), + resource.TestCheckResourceAttr(resourceName, "conditions.580978146.group_operator", ""), + resource.TestCheckResourceAttr(resourceName, "conditions.580978146.operator", "equals"), + resource.TestCheckResourceAttr(resourceName, "conditions.580978146.type", "single"), + resource.TestCheckResourceAttr(resourceName, "conditions.580978146.value", "1.2.3.9"), + ), + }, + { + ResourceName: resourceName, + ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), + ImportState: true, + ImportStateVerify: true, + ImportStateCheck: testAccImportStateCheckFunction(1), + }, + }, + }) } func TestACCResourceSiteRuleRateLimit_basic(t *testing.T) { - resourceName := "sigsci_site_rule.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testACCCheckSiteRuleDestroy, - Steps: []resource.TestStep{ - { - Config: fmt.Sprintf(` + resourceName := "sigsci_site_rule.test" + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testACCCheckSiteRuleDestroy, + Steps: []resource.TestStep{ + { + Config: fmt.Sprintf(` resource "sigsci_site_signal_tag" "test_tag" { site_short_name = "%s" name = "My new tag" @@ -153,42 +154,42 @@ func TestACCResourceSiteRuleRateLimit_basic(t *testing.T) { duration=600 } }`, testSite, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - //testCheckSiteRuleExists(resourceName), - //testCheckSiteRulesAreEqual(resourceName), - resource.TestCheckResourceAttr(resourceName, "type", "rateLimit"), - resource.TestCheckResourceAttr(resourceName, "site_short_name", testSite), - resource.TestCheckResourceAttr(resourceName, "reason", "Example site rule update"), - resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "actions.2266040667.type", "logRequest"), - resource.TestCheckResourceAttr(resourceName, "actions.2266040667.signal", "site.my-new-tag"), - resource.TestCheckResourceAttr(resourceName, "conditions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "rate_limit.threshold", "10"), - resource.TestCheckResourceAttr(resourceName, "rate_limit.interval", "10"), - resource.TestCheckResourceAttr(resourceName, "rate_limit.duration", "600"), - ), - }, - { - ResourceName: resourceName, - ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), - ImportState: true, - ImportStateVerify: true, - ImportStateCheck: testAccImportStateCheckFunction(1), - }, - }, - }) + Check: resource.ComposeAggregateTestCheckFunc( + //testCheckSiteRuleExists(resourceName), + //testCheckSiteRulesAreEqual(resourceName), + resource.TestCheckResourceAttr(resourceName, "type", "rateLimit"), + resource.TestCheckResourceAttr(resourceName, "site_short_name", testSite), + resource.TestCheckResourceAttr(resourceName, "reason", "Example site rule update"), + resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "actions.309149588.type", "logRequest"), + resource.TestCheckResourceAttr(resourceName, "actions.309149588.signal", "site.my-new-tag"), + resource.TestCheckResourceAttr(resourceName, "conditions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "rate_limit.threshold", "10"), + resource.TestCheckResourceAttr(resourceName, "rate_limit.interval", "10"), + resource.TestCheckResourceAttr(resourceName, "rate_limit.duration", "600"), + ), + }, + { + ResourceName: resourceName, + ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), + ImportState: true, + ImportStateVerify: true, + ImportStateCheck: testAccImportStateCheckFunction(1), + }, + }, + }) } func TestACCResourceSiteRuleConditionSignal(t *testing.T) { - resourceName := "sigsci_site_rule.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testACCCheckSiteRuleDestroy, - Steps: []resource.TestStep{ - { - Config: fmt.Sprintf(` + resourceName := "sigsci_site_rule.test" + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testACCCheckSiteRuleDestroy, + Steps: []resource.TestStep{ + { + Config: fmt.Sprintf(` resource "sigsci_site_rule" "test" { site_short_name = "%s" type = "request" @@ -263,34 +264,34 @@ func TestACCResourceSiteRuleConditionSignal(t *testing.T) { type = "block" } }`, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "conditions.#", "2"), - resource.TestCheckResourceAttr(resourceName, "conditions.2455721190.conditions.3887678098.conditions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "conditions.1840769124.conditions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "conditions.2455721190.conditions.2522856064.conditions.#", "3"), - ), - }, - { - ResourceName: resourceName, - ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), - ImportState: true, - ImportStateVerify: true, - ImportStateCheck: testAccImportStateCheckFunction(1), - }, - }, - }) + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "conditions.#", "2"), + resource.TestCheckResourceAttr(resourceName, "conditions.2455721190.conditions.3887678098.conditions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "conditions.1840769124.conditions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "conditions.2455721190.conditions.2522856064.conditions.#", "3"), + ), + }, + { + ResourceName: resourceName, + ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), + ImportState: true, + ImportStateVerify: true, + ImportStateCheck: testAccImportStateCheckFunction(1), + }, + }, + }) } func TestACCResourceSiteRuleTagSignal(t *testing.T) { - t.Parallel() - resourceName := "sigsci_site_rule.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testACCCheckSiteRuleDestroy, - Steps: []resource.TestStep{ - { - Config: fmt.Sprintf(` + t.Parallel() + resourceName := "sigsci_site_rule.test" + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testACCCheckSiteRuleDestroy, + Steps: []resource.TestStep{ + { + Config: fmt.Sprintf(` resource "sigsci_site_signal_tag" "test_tag" { site_short_name = "%s" name = "newtag" @@ -317,133 +318,157 @@ func TestACCResourceSiteRuleTagSignal(t *testing.T) { signal=sigsci_site_signal_tag.test_tag.id } }`, testSite, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "actions.#", "2"), - resource.TestCheckResourceAttr(resourceName, "actions.1990726244.type", "block"), - resource.TestCheckResourceAttr(resourceName, "actions.3968222288.signal", "site.newtag"), - resource.TestCheckResourceAttr(resourceName, "actions.3968222288.type", "addSignal"), - ), - }, - { - ResourceName: resourceName, - ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), - ImportState: true, - ImportStateVerify: true, - ImportStateCheck: testAccImportStateCheckFunction(1), - }, - }, - }) + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "actions.#", "2"), + resource.TestCheckResourceAttr(resourceName, "actions.2481804494.type", "block"), + resource.TestCheckResourceAttr(resourceName, "actions.2216959332.signal", "site.newtag"), + resource.TestCheckResourceAttr(resourceName, "actions.2216959332.type", "addSignal"), + ), + }, + { + ResourceName: resourceName, + ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), + ImportState: true, + ImportStateVerify: true, + ImportStateCheck: testAccImportStateCheckFunction(1), + }, + }, + }) } func TestACCResourceSiteRuleActions(t *testing.T) { - t.Parallel() - resourceName := "sigsci_site_rule.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testACCCheckSiteRuleDestroy, - Steps: []resource.TestStep{ - { - Config: fmt.Sprintf(` - resource "sigsci_site_rule" "test"{ - site_short_name="%s" - type= "request" - group_operator="all" - enabled=true - reason= "Example site rule update" - expiration="" - conditions { - type="single" - field="path" - operator="contains" - value="/login" - } - actions { - type = "allow" - } - - }`, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - // No need to check, we're really testing the next step - resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "actions.233073437.type", "allow"), - ), - }, - { - Config: fmt.Sprintf(` - resource "sigsci_site_rule" "test"{ - site_short_name="%s" - type="request" - group_operator="all" - enabled=true - reason="Example site rule update" - expiration="" - conditions { - type="single" - field="path" - operator="contains" - value="/login" - } - actions { - type = "block" - } - - }`, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - testInspect(), - resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "actions.1990726244.type", "block"), - ), - }, - { - ResourceName: resourceName, - ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), - ImportState: true, - ImportStateVerify: true, - ImportStateCheck: testAccImportStateCheckFunction(1), - }, - }, - }) + t.Parallel() + resourceName := "sigsci_site_rule.test" + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testACCCheckSiteRuleDestroy, + Steps: []resource.TestStep{ + { + Config: fmt.Sprintf(` + resource "sigsci_site_rule" "test"{ + site_short_name="%s" + type= "request" + group_operator="all" + enabled=true + reason= "Example site rule update" + expiration="" + conditions { + type="single" + field="path" + operator="contains" + value="/login" + } + actions { + type = "allow" + } + }`, testSite), + Check: resource.ComposeAggregateTestCheckFunc( + // No need to check, we're really testing the next step + resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "actions.3902877111.type", "allow"), + ), + }, + { + Config: fmt.Sprintf(` + resource "sigsci_site_rule" "test"{ + site_short_name="%s" + type="request" + group_operator="all" + enabled=true + reason="Example site rule update" + expiration="" + conditions { + type="single" + field="path" + operator="contains" + value="/login" + } + actions { + type = "block" + } + }`, testSite), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "actions.2481804494.type", "block"), + ), + }, + { + Config: fmt.Sprintf(` + resource "sigsci_site_rule" "test"{ + site_short_name="%s" + type="request" + group_operator="all" + enabled=true + reason="Example site rule update" + expiration="" + conditions { + type="single" + field="path" + operator="contains" + value="/login" + } + actions { + type = "block" + response_code = 499 + } + + }`, testSite), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "actions.1905498400.type", "block"), + resource.TestCheckResourceAttr(resourceName, "actions.1905498400.response_code", "499"), + ), + }, + { + ResourceName: resourceName, + ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), + ImportState: true, + ImportStateVerify: true, + ImportStateCheck: testAccImportStateCheckFunction(1), + }, + }, + }) } func TestACCResourceSiteRuleActionsTypeSwitch(t *testing.T) { - t.Parallel() - resourceName := "sigsci_site_rule.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testACCCheckSiteRuleDestroy, - Steps: []resource.TestStep{ - { - Config: fmt.Sprintf(` - resource "sigsci_site_rule" "test"{ - site_short_name="%s" - type= "signal" - group_operator="all" - enabled=true - reason= "Example site rule update" - expiration="" - signal="CMDEXE" - conditions { - type="single" - field="path" - operator="contains" - value="/login" - } - actions { - type = "excludeSignal" - signal = "CMDEXE" - } + t.Parallel() + resourceName := "sigsci_site_rule.test" + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testACCCheckSiteRuleDestroy, + Steps: []resource.TestStep{ + { + Config: fmt.Sprintf(` + resource "sigsci_site_rule" "test"{ + site_short_name="%s" + type= "signal" + group_operator="all" + enabled=true + reason= "Example site rule update" + expiration="" + signal="CMDEXE" + conditions { + type="single" + field="path" + operator="contains" + value="/login" + } + actions { + type = "excludeSignal" + signal = "CMDEXE" + } - }`, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "actions.3950535159.type", "excludeSignal"), - resource.TestCheckResourceAttr(resourceName, "actions.3950535159.signal", "CMDEXE"), - ), - }, - { - Config: fmt.Sprintf(` + }`, testSite), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "actions.2492640549.type", "excludeSignal"), + resource.TestCheckResourceAttr(resourceName, "actions.2492640549.signal", "CMDEXE"), + ), + }, + { + Config: fmt.Sprintf(` resource "sigsci_site_rule" "test"{ site_short_name="%s" type="request" @@ -462,32 +487,32 @@ func TestACCResourceSiteRuleActionsTypeSwitch(t *testing.T) { } }`, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "actions.233073437.type", "allow"), - ), - }, - { - ResourceName: resourceName, - ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), - ImportState: true, - ImportStateVerify: true, - ImportStateCheck: testAccImportStateCheckFunction(1), - }, - }, - }) + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "actions.#", "1"), + resource.TestCheckResourceAttr(resourceName, "actions.3902877111.type", "allow"), + ), + }, + { + ResourceName: resourceName, + ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), + ImportState: true, + ImportStateVerify: true, + ImportStateCheck: testAccImportStateCheckFunction(1), + }, + }, + }) } func TestACCResourceSiteRuleInvalidUpdateMaxConditions(t *testing.T) { - t.Parallel() - resourceName := "sigsci_site_rule.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testACCCheckSiteRuleDestroy, - Steps: []resource.TestStep{ - { - Config: fmt.Sprintf(` + t.Parallel() + resourceName := "sigsci_site_rule.test" + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testACCCheckSiteRuleDestroy, + Steps: []resource.TestStep{ + { + Config: fmt.Sprintf(` resource "sigsci_site_rule" "test"{ site_short_name="%s" type= "request" @@ -555,12 +580,12 @@ func TestACCResourceSiteRuleInvalidUpdateMaxConditions(t *testing.T) { } }`, testSite), - Check: resource.ComposeAggregateTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "conditions.#", "9"), - ), - }, - { - Config: fmt.Sprintf(` + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "conditions.#", "9"), + ), + }, + { + Config: fmt.Sprintf(` resource "sigsci_site_rule" "test"{ site_short_name="%s" type="request" @@ -640,172 +665,172 @@ func TestACCResourceSiteRuleInvalidUpdateMaxConditions(t *testing.T) { } }`, testSite), - ExpectError: regexp.MustCompile("10 item maximum"), - }, - { - ResourceName: resourceName, - ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), - ImportState: true, - ImportStateVerify: true, - ImportStateCheck: testAccImportStateCheckFunction(1), - }, - }, - }) + ExpectError: regexp.MustCompile("10 item maximum"), + }, + { + ResourceName: resourceName, + ImportStateIdPrefix: fmt.Sprintf("%s:", testSite), + ImportState: true, + ImportStateVerify: true, + ImportStateCheck: testAccImportStateCheckFunction(1), + }, + }, + }) } func testCheckSiteRuleExists(name string) resource.TestCheckFunc { - var testFunc resource.TestCheckFunc = func(s *terraform.State) error { - rsrc, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("[ERROR] the module %s does not have a resource called %s", s.RootModule().Path, name) - } + var testFunc resource.TestCheckFunc = func(s *terraform.State) error { + rsrc, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("[ERROR] the module %s does not have a resource called %s", s.RootModule().Path, name) + } - is := rsrc.Primary - if is == nil { - return fmt.Errorf("[ERROR] No primary instance: %s in %s", name, s.RootModule().Path) - } - pm := testAccProvider.Meta().(providerMetadata) - sc := pm.Client - rule, err := sc.GetSiteRuleByID(pm.Corp, is.Attributes["site_short_name"], is.Attributes["id"]) - if err != nil { - return err - } - if rule.ID != is.Attributes["id"] { - return fmt.Errorf("[ERROR] the rule ids did not match expected :%s\t actual: %s", is.Attributes["id"], rule.ID) - } - return nil - } - return testFunc + is := rsrc.Primary + if is == nil { + return fmt.Errorf("[ERROR] No primary instance: %s in %s", name, s.RootModule().Path) + } + pm := testAccProvider.Meta().(providerMetadata) + sc := pm.Client + rule, err := sc.GetSiteRuleByID(pm.Corp, is.Attributes["site_short_name"], is.Attributes["id"]) + if err != nil { + return err + } + if rule.ID != is.Attributes["id"] { + return fmt.Errorf("[ERROR] the rule ids did not match expected :%s\t actual: %s", is.Attributes["id"], rule.ID) + } + return nil + } + return testFunc } func testCheckSiteRulesAreEqual(name string) resource.TestCheckFunc { - return func(s *terraform.State) error { - pm := testAccProvider.Meta().(providerMetadata) - sc := pm.Client - rsrc, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("[ERROR] the module %s does not have a resource called %s", s.RootModule().Path, name) - } + return func(s *terraform.State) error { + pm := testAccProvider.Meta().(providerMetadata) + sc := pm.Client + rsrc, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("[ERROR] the module %s does not have a resource called %s", s.RootModule().Path, name) + } - is := rsrc.Primary - if is == nil { - return fmt.Errorf("[ERROR] No primary instance: %s in %s", name, s.RootModule().Path) - } + is := rsrc.Primary + if is == nil { + return fmt.Errorf("[ERROR] No primary instance: %s in %s", name, s.RootModule().Path) + } - actual, err := sc.GetSiteRuleByID(pm.Corp, is.Attributes["site_short_name"], is.Attributes["id"]) + actual, err := sc.GetSiteRuleByID(pm.Corp, is.Attributes["site_short_name"], is.Attributes["id"]) - if err != nil { - return err - } - expected := sigsci.CreateSiteRuleBody{ - Type: "signal", - GroupOperator: "any", - Enabled: true, - Reason: "Example site rule update", - Signal: "SQLI", - Expiration: "", - Conditions: []sigsci.Condition{ - sigsci.Condition{ - Type: "single", - Field: "ip", - Operator: "equals", - Value: "1.2.3.5", - }, - sigsci.Condition{ - Type: "single", - Field: "ip", - Operator: "equals", - Value: "1.2.3.4", - }, - }, - Actions: []sigsci.Action{ - sigsci.Action{ - Type: "excludeSignal", - }, - }, - } - if !reflect.DeepEqual(expected, actual.CreateSiteRuleBody) { - spewConf := spew.NewDefaultConfig() - spewConf.SortKeys = true - return fmt.Errorf("not equal: \nexpected\n%s\nactual\n%s", spewConf.Sdump(expected), spewConf.Sdump(actual.CreateSiteRuleBody)) - } - return nil - } + if err != nil { + return err + } + expected := sigsci.CreateSiteRuleBody{ + Type: "signal", + GroupOperator: "any", + Enabled: true, + Reason: "Example site rule update", + Signal: "SQLI", + Expiration: "", + Conditions: []sigsci.Condition{ + sigsci.Condition{ + Type: "single", + Field: "ip", + Operator: "equals", + Value: "1.2.3.5", + }, + sigsci.Condition{ + Type: "single", + Field: "ip", + Operator: "equals", + Value: "1.2.3.4", + }, + }, + Actions: []sigsci.Action{ + sigsci.Action{ + Type: "excludeSignal", + }, + }, + } + if !reflect.DeepEqual(expected, actual.CreateSiteRuleBody) { + spewConf := spew.NewDefaultConfig() + spewConf.SortKeys = true + return fmt.Errorf("not equal: \nexpected\n%s\nactual\n%s", spewConf.Sdump(expected), spewConf.Sdump(actual.CreateSiteRuleBody)) + } + return nil + } } func testCheckSiteGroupRulesAreEqual(name string) resource.TestCheckFunc { - return func(s *terraform.State) error { - pm := testAccProvider.Meta().(providerMetadata) - sc := pm.Client - rsrc, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("[ERROR] the module %s does not have a resource called %s", s.RootModule().Path, name) - } + return func(s *terraform.State) error { + pm := testAccProvider.Meta().(providerMetadata) + sc := pm.Client + rsrc, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("[ERROR] the module %s does not have a resource called %s", s.RootModule().Path, name) + } - is := rsrc.Primary - if is == nil { - return fmt.Errorf("[ERROR] No primary instance: %s in %s", name, s.RootModule().Path) - } + is := rsrc.Primary + if is == nil { + return fmt.Errorf("[ERROR] No primary instance: %s in %s", name, s.RootModule().Path) + } - actual, err := sc.GetSiteRuleByID(pm.Corp, is.Attributes["site_short_name"], is.Attributes["id"]) + actual, err := sc.GetSiteRuleByID(pm.Corp, is.Attributes["site_short_name"], is.Attributes["id"]) - if err != nil { - return err - } - expected := sigsci.CreateSiteRuleBody{ - Type: "signal", - GroupOperator: "all", - Enabled: true, - Reason: "Example site rule group", - Signal: "SQLI", - Expiration: "", - Conditions: []sigsci.Condition{ - { - Type: "group", - GroupOperator: "any", - Conditions: []sigsci.Condition{ - { - Type: "single", - Field: "ip", - Operator: "equals", - Value: "9.10.11.12", - }, - }, - }, - }, - Actions: []sigsci.Action{ - { - Type: "excludeSignal", - }, - }, - } - if !reflect.DeepEqual(expected, actual.CreateSiteRuleBody) { - spewConf := spew.NewDefaultConfig() - spewConf.SortKeys = true - return fmt.Errorf("not equal: \nexpected\n%s\nactual\n%s", spewConf.Sdump(expected), spewConf.Sdump(actual.CreateSiteRuleBody)) - } - return nil - } + if err != nil { + return err + } + expected := sigsci.CreateSiteRuleBody{ + Type: "signal", + GroupOperator: "all", + Enabled: true, + Reason: "Example site rule group", + Signal: "SQLI", + Expiration: "", + Conditions: []sigsci.Condition{ + { + Type: "group", + GroupOperator: "any", + Conditions: []sigsci.Condition{ + { + Type: "single", + Field: "ip", + Operator: "equals", + Value: "9.10.11.12", + }, + }, + }, + }, + Actions: []sigsci.Action{ + { + Type: "excludeSignal", + }, + }, + } + if !reflect.DeepEqual(expected, actual.CreateSiteRuleBody) { + spewConf := spew.NewDefaultConfig() + spewConf.SortKeys = true + return fmt.Errorf("not equal: \nexpected\n%s\nactual\n%s", spewConf.Sdump(expected), spewConf.Sdump(actual.CreateSiteRuleBody)) + } + return nil + } } func testAccImportStateCheckFunction(expectedStates int) resource.ImportStateCheckFunc { - return func(s []*terraform.InstanceState) error { - if len(s) != expectedStates { - return fmt.Errorf("expected %d states, got %d: %#v", expectedStates, len(s), s) - } - return nil - } + return func(s []*terraform.InstanceState) error { + if len(s) != expectedStates { + return fmt.Errorf("expected %d states, got %d: %#v", expectedStates, len(s), s) + } + return nil + } } func testACCCheckSiteRuleDestroy(s *terraform.State) error { - pm := testAccProvider.Meta().(providerMetadata) - sc := pm.Client - resourceType := "sigsci_site_rule" - for _, resource := range s.RootModule().Resources { - if resource.Type != resourceType { - continue - } - readresp, err := sc.GetSiteRuleByID(pm.Corp, resource.Primary.Attributes["site_short_name"], resource.Primary.Attributes["id"]) - if err == nil { - return fmt.Errorf("%s %#v still exists", resourceType, readresp) - } - } - return nil + pm := testAccProvider.Meta().(providerMetadata) + sc := pm.Client + resourceType := "sigsci_site_rule" + for _, resource := range s.RootModule().Resources { + if resource.Type != resourceType { + continue + } + readresp, err := sc.GetSiteRuleByID(pm.Corp, resource.Primary.Attributes["site_short_name"], resource.Primary.Attributes["id"]) + if err == nil { + return fmt.Errorf("%s %#v still exists", resourceType, readresp) + } + } + return nil }