Merge pull request #337 from aquasecurity/branch_336

bug: Added repository_name in the acknowledge resource

Author: sarvodayaKumar

aquasec/data_acknowledge.go

@@ -1,17 +1,20 @@
 package aquasec
 
 import (
+	"context"
 	"fmt"
-	"github.com/aquasecurity/terraform-provider-aquasec/client"
-	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"log"
 	"math/rand"
+
+	"github.com/aquasecurity/terraform-provider-aquasec/client"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
 func dataSourceAcknowledges() *schema.Resource {
 	return &schema.Resource{
 		Description: "The data source `aquasec_acknowledges` provides a method to query all acknowledges within the Aqua ",
-		Read:        dataAcknowledgesRead,
+		ReadContext: dataAcknowledgesRead,
 		Schema: map[string]*schema.Schema{
 			"acknowledges": {
 				Type:        schema.TypeList,
@@ -129,14 +132,19 @@ func dataSourceAcknowledges() *schema.Resource {
 							Description: "",
 							Computed:    true,
 						},
+						"repository_name": {
+							Type:        schema.TypeString,
+							Description: "The name of the repository in whose context the issue was acknowledged (if not for all images)",
+							Computed:    true,
+						},
 					},
 				},
 			},
 		},
 	}
 }
 
-func dataAcknowledgesRead(d *schema.ResourceData, m interface{}) error {
+func dataAcknowledgesRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
 	log.Println("[DEBUG]  inside dataAcknowledges")
 	c := m.(*client.Client)
 	result, err := c.AcknowledgeRead()
@@ -147,10 +155,10 @@ func dataAcknowledgesRead(d *schema.ResourceData, m interface{}) error {
 		}
 		d.SetId(id)
 		if err := d.Set("acknowledges", acknowledges); err != nil {
-			return err
+			return diag.FromErr(err)
 		}
 	} else {
-		return err
+		return diag.FromErr(err)
 	}
 
 	return nil
@@ -188,6 +196,7 @@ func flattenAcknowledgesData(acknowledgesList *client.AcknowledgeList) ([]interf
 			a["os"] = acknowledge.Os
 			a["os_version"] = acknowledge.OsVersion
 			a["docker_id"] = acknowledge.DockerId
+			a["repository_name"] = acknowledge.RepositoryName
 			acks[i] = a
 		}
 

aquasec/data_function_runtime_policy.go

@@ -29,7 +29,7 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 				Description: "Version of the function runtime policy",
 				Computed:    true,
 			},
-			
+
 			// Policy control fields
 			"enabled": {
 				Type:        schema.TypeBool,
@@ -46,7 +46,7 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 				Description: "Indicates the number of days after which the runtime policy will be changed to enforce mode.",
 				Computed:    true,
 			},
-			
+
 			// Application scope fields
 			"application_scopes": {
 				Type:        schema.TypeList,
@@ -94,7 +94,7 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 				},
 				Computed: true,
 			},
-			
+
 			// Function security controls
 			"drift_prevention": {
 				Type:        schema.TypeList,
@@ -200,7 +200,7 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 				Description: "Block deployment from disallowed images.",
 				Computed:    true,
 			},
-			
+
 			// File monitoring and integrity
 			"file_integrity_monitoring": {
 				Type:        schema.TypeList,
@@ -289,7 +289,7 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 					},
 				},
 			},
-			
+
 			// Malware protection
 			"malware_scan_options": {
 				Type:        schema.TypeList,
@@ -331,10 +331,15 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 							},
 							Computed: true,
 						},
+						"file_forensic_collection": {
+							Type:        schema.TypeBool,
+							Description: "Whether to enable file forensic collection.",
+							Computed:    true,
+						},
 					},
 				},
 			},
-			
+
 			// Honeypot/tripwire - renamed for consistency with resource
 			"tripwire": {
 				Type:        schema.TypeList,
@@ -374,14 +379,14 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 					},
 				},
 			},
-			
+
 			// Network security
 			"enable_crypto_mining_dns": {
 				Type:        schema.TypeBool,
 				Description: "Enable detection of crypto mining via DNS monitoring",
 				Computed:    true,
 			},
-			
+
 			// Required internal fields
 			"runtime_type": {
 				Type:        schema.TypeString,
@@ -393,7 +398,7 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 				Description: "Policy type identifier",
 				Computed:    true,
 			},
-			
+
 			// Administrative fields
 			"author": {
 				Type:        schema.TypeString,
@@ -415,7 +420,7 @@ func dataFunctionRuntimePolicy() *schema.Resource {
 				Description: "Indicates if audit check is enabled",
 				Computed:    true,
 			},
-			
+
 			// Internal tracking fields
 			"created": {
 				Type:        schema.TypeString,
@@ -449,71 +454,71 @@ func dataFunctionRuntimePolicyRead(ctx context.Context, d *schema.ResourceData,
 	d.Set("name", crp.Name)
 	d.Set("description", crp.Description)
 	d.Set("version", crp.Version)
-	
+
 	// Policy control fields
 	d.Set("enabled", crp.Enabled)
 	d.Set("enforce", crp.Enforce)
 	d.Set("enforce_after_days", crp.EnforceAfterDays)
-	
+
 	// Application scope fields
 	d.Set("application_scopes", crp.ApplicationScopes)
 	d.Set("exclude_application_scopes", crp.ExcludeApplicationScopes)
 	d.Set("scope_expression", crp.Scope.Expression)
 	d.Set("scope_variables", flattenScopeVariables(crp.Scope.Variables))
-	
+
 	// Function security controls
 	d.Set("drift_prevention", flattenDriftPrevention(crp.DriftPrevention))
 	d.Set("executable_blacklist", flattenExecutableBlacklist(crp.ExecutableBlacklist))
 	d.Set("allowed_executables", flattenAllowedExecutables(crp.AllowedExecutables))
 	d.Set("block_fileless_exec", crp.BlockFilelessExec)
 	d.Set("block_non_compliant_workloads", crp.BlockNonCompliantWorkloads)
 	d.Set("block_disallowed_images", crp.BlockDisallowedImages)
-	
+
 	// File integrity monitoring
 	// Since we can't compare with an empty struct due to slice fields,
 	// check a key field to determine if we should set it
 	if len(crp.FileIntegrityMonitoring.MonitoredFiles) > 0 || crp.FileIntegrityMonitoring.Enabled {
 		d.Set("file_integrity_monitoring", flattenFileIntegrityMonitoring(crp.FileIntegrityMonitoring))
 	}
-	
+
 	// Malware scan options
 	// Since we can't compare with an empty struct due to slice fields,
 	// check a key field to determine if we should set it
-	if len(crp.MalwareScanOptions.ExcludeDirectories) > 0 || 
-	   len(crp.MalwareScanOptions.IncludeDirectories) > 0 || 
-	   crp.MalwareScanOptions.Enabled {
+	if len(crp.MalwareScanOptions.ExcludeDirectories) > 0 ||
+		len(crp.MalwareScanOptions.IncludeDirectories) > 0 ||
+		crp.MalwareScanOptions.Enabled {
 		d.Set("malware_scan_options", flattenMalwareScanOptions(crp.MalwareScanOptions))
 	}
-	
+
 	// Honeypot/tripwire
 	d.Set("tripwire", flattenTripwire(crp.Tripwire))
-	
+
 	// Network security
 	d.Set("enable_crypto_mining_dns", crp.EnableCryptoMiningDns)
-	
+
 	// Required internal fields
 	d.Set("runtime_type", crp.RuntimeType)
 	d.Set("type", crp.Type)
-	
+
 	// Administrative fields
 	d.Set("author", crp.Author)
 	d.Set("is_auto_generated", crp.IsAutoGenerated)
 	d.Set("is_ootb_policy", crp.IsOOTBPolicy)
 	d.Set("is_audit_checked", crp.IsAuditChecked)
-	
+
 	// Internal tracking fields - with special handling for time.Time
 	d.Set("created", crp.Created)
-	
+
 	// Fix for time.Time field
 	if !crp.Updated.IsZero() {
 		d.Set("updated", crp.Updated.Format(time.RFC3339))
 	} else {
 		d.Set("updated", "")
 	}
-	
+
 	d.Set("lastupdate", crp.Lastupdate)
 
 	d.SetId(name)
-	
+
 	return nil
-}
+}

aquasec/data_host_runtime_policy.go

@@ -471,7 +471,6 @@ func dataHostRuntimePolicy() *schema.Resource {
 			},
 			"malware_scan_options": {
 				Type:        schema.TypeList,
-				MaxItems:    1,
 				Description: "Configuration for Real-Time Malware Protection.",
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
@@ -481,39 +480,39 @@ func dataHostRuntimePolicy() *schema.Resource {
 							Elem: &schema.Schema{
 								Type: schema.TypeString,
 							},
-							Optional: true,
+							Computed: true,
 						},
 						"action": {
 							Type:        schema.TypeString,
 							Description: "Set Action, Defaults to 'Alert' when empty",
 							Elem: &schema.Schema{
 								Type: schema.TypeString,
 							},
-							Optional: true,
+							Computed: true,
 						},
 						"include_directories": {
 							Type:        schema.TypeList,
 							Description: "List of registry paths to be excluded from being protected.",
 							Elem: &schema.Schema{
 								Type: schema.TypeString,
 							},
-							Optional: true,
+							Computed: true,
 						},
 						"exclude_directories": {
 							Type:        schema.TypeList,
 							Description: "List of registry paths to be excluded from being protected.",
 							Elem: &schema.Schema{
 								Type: schema.TypeString,
 							},
-							Optional: true,
+							Computed: true,
 						},
 						"exclude_processes": {
 							Type:        schema.TypeList,
 							Description: "List of registry processes to be excluded from being protected.",
 							Elem: &schema.Schema{
 								Type: schema.TypeString,
 							},
-							Optional: true,
+							Computed: true,
 						},
 						"file_forensic_collection": {
 							Type:        schema.TypeBool,
@@ -522,7 +521,7 @@ func dataHostRuntimePolicy() *schema.Resource {
 						},
 					},
 				},
-				Optional: true,
+				Computed: true,
 			},
 			"auditing": {
 				Type:        schema.TypeList,