Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Suppression Rules Support #272

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Add Suppression Rules Support #272

wants to merge 6 commits into from

Conversation

t1edtke
Copy link

@t1edtke t1edtke commented Sep 16, 2024

This pull request introduces support for managing and interacting with suppression rules and closes #260.

Features:

  1. Plugin Framework provider
    Introduced a new provider based on the Terraform Plugin Framework. The existing SDKv2 provider was muxed with the new provider to ensure backward compatibility.
  2. Suppression Rule Data Source
    Added a new read-only data source suppression_rules, allowing users to fetch and interact with existing suppression rules.
  3. Suppression Rule Resource
    Introduced a suppression_rule resource that allows users to manage newly created or existing suppression rules.
  4. API client extension with suppression rule calls
    Implemented the following methods in the AquaSec client:
    • GetSuppressionRules(): Retrieve all suppression rules.
    • GetSuppressionRule(id): Fetch a specific suppression rule by ID.
    • CreateSuppressionRule(data): Create a new suppression rule.
    • UpdateSuppressionRule(id, data): Update an existing suppression rule.
    • DeleteSuppressionRule(id): Delete a suppression rule.
    • ActivateSuppressionRule(id): Activate a suppression rule.
    • DisableSuppressionRule(id): Disable a suppression rule.

Examples:

# Example of using suppression_rule resource
resource "aquasec_suppression_rule" "example" {
  name = "example-suppression-rule"
  application_scopes = ["Global"]
  scope = {
    expression = "v1"
    variables = [
      {
        attribute = "aqua.registry"
        value = "\"Docker Hub\""
      }
    ]
  }
  score = []
  severity = ""
  fix_available = "false"
  vulnerabilities = "CVE-2016-1000027,CVE-2014-9515,CVE-2021-41411"
  expiry = 370
  comment = "Check Risk 123"
  status = true
}

# Example of using suppresion_rule data source
data "aquasec_suppression_rules" "all" {}

output "suppression_rules" {
  value = { for rule in data.aquasec_suppression_rules.all.suppression_rules : rule.id => rule.name }
}

Commits:

  • fix(client): Clone gorequest in GetCspAuthToken
  • feat(suppression_rules): Add CRUD methods to client
  • feat(suppression_rules): Add and mux additional plugin-framework provider
  • feat(suppression_rules): Add suppression_rule data source
  • feat(suppression_rules): Add suppression_rule resource
  • doc(suppression_rules): Add documentation and examples

@t1edtke
fix(client): Clone gorequest in GetCspAuthToken
eccaddd 
If not cloned id and password will be added to json body for all requests

Changelog: Fixed
@t1edtke
feat(suppression_rules): Add CRUD methods to client
bb26c55 
Add GetSuppressionRules, GetSuppressionRule, CreateSuppressionRule, UpdateSuppressionRule, DeleteSuppressionRule, ActivateSuppressionRule and DisableSuppressionRule

Changelog: Added
@CLAassistant
Copy link

CLAassistant commented Sep 16, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

@t1edtke t1edtke force-pushed the feature/suppression-rules branch 2 times, most recently from 64b3570 to be3b92a Compare September 16, 2024 16:41
@t1edtke
feat(suppression_rules): Add and mux additional plugin-framework prov…
0c7f9a0 
…ider

Add provider based on new plugin-framework. Mux it with the SDKv2 provider to keep it backwards compatible.

Changelog: Added
@t1edtke
feat(suppression_rules): Add suppression_rule data source
64a674f 
Add read-only data source to fetch all existing suppression rules

Changelog: Added
@t1edtke
feat(suppression_rules): Add suppression_rule resource
7337890 
Add resource to manage suppression rules

Changelog: Added
@t1edtke
doc(suppression_rules): Add documentation and examples
a85c425 
Add suppression rule docs and examples

Changelog: Added
@t1edtke t1edtke force-pushed the feature/suppression-rules branch from be3b92a to a85c425 Compare September 17, 2024 08:45
@t1edtke t1edtke marked this pull request as ready for review September 17, 2024 08:46
@semyonmor
Copy link
Collaborator

@t1edtke
Is there any reason why you decided to put your changes under an internal provider?
FYI @KoppulaRajender

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add a resource for managing suppression rules
3 participants
@t1edtke @CLAassistant @semyonmor