Merge pull request #164 from jfrog/GH-161-add-published-dates-to-reports

Add 'published' attribute to 'security_filters' for violation report
jfrog · Feb 14, 2024 · 492c072 · 492c072
2 parents 2d1cd54 + 3b3af64
commit 492c072
Show file tree

Hide file tree

Showing 5 changed files with 65 additions and 18 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 2.3.0 (Feburary 15, 2024). Tested on Artifactory 7.77.5 and Xray 3.88.12
+
+IMPROVEMENTS:
+
+* resource/xray_violations_report: add `published` attribute for `security_filters` to support `start` and `end` dates. PR: [#164](https://github.com/jfrog/terraform-provider-xray/pull/164) Issue: [#161](https://github.com/jfrog/terraform-provider-xray/issues/161)
+
 ## 2.2.0 (Feburary 2, 2024). Tested on Artifactory 7.77.3 and Xray 3.88.10
 
 IMPROVEMENTS:

diff --git a/docs/resources/violations_report.md b/docs/resources/violations_report.md
@@ -116,6 +116,7 @@ Optional:
 - `cvss_score` (Block Set, Max: 1) CVSS score. (see [below for nested schema](#nestedblock--filters--security_filters--cvss_score))
 - `has_remediation` (Boolean) Whether the issue has a fix or not.
 - `issue_id` (String) Issue ID.
+- `published` (Block Set, Max: 1) (see [below for nested schema](#nestedblock--filters--security_filters--published))
 - `summary_contains` (String) Vulnerability Summary.
 
 <a id="nestedblock--filters--security_filters--cvss_score"></a>
@@ -127,6 +128,15 @@ Optional:
 - `min_score` (Number) Minimum CVSS score.
 
 
+<a id="nestedblock--filters--security_filters--published"></a>
+### Nested Schema for `filters.security_filters.published`
+
+Optional:
+
+- `end` (String) Published to date.
+- `start` (String) Published from date.
+
+
 
 <a id="nestedblock--filters--updated"></a>
 ### Nested Schema for `filters.updated`

diff --git a/pkg/xray/reports.go b/pkg/xray/reports.go
@@ -269,11 +269,12 @@ type StartAndEndDate struct {
 }
 
 type SecurityFilter struct {
-	Cve             string     `json:"cve,omitempty"`
-	IssueId         string     `json:"issue_id,omitempty"`
-	CvssScore       *CvssScore `json:"cvss_score,omitempty"`
-	SummaryContains string     `json:"summary_contains"`
-	HasRemediation  bool       `json:"has_remediation,omitempty"`
+	Cve             string           `json:"cve,omitempty"`
+	IssueId         string           `json:"issue_id,omitempty"`
+	CvssScore       *CvssScore       `json:"cvss_score,omitempty"`
+	SummaryContains string           `json:"summary_contains"`
+	HasRemediation  bool             `json:"has_remediation,omitempty"`
+	Published       *StartAndEndDate `json:"published,omitempty"`
 }
 
 type LicenseFilter struct {
@@ -488,6 +489,10 @@ func unpackViolationsSecurityFilters(filter *schema.Set) *SecurityFilter {
 
 	securityFilter.HasRemediation = m["has_remediation"].(bool)
 
+	if m["updated"] != nil {
+		securityFilter.Published = unpackStartAndEndDate(m["published"].(*schema.Set))
+	}
+
 	return &securityFilter
 }
 
@@ -659,9 +664,11 @@ func createReport(reportType string, d *schema.ResourceData, m interface{}) diag
 		return diag.FromErr(err)
 	}
 
-	_, err = req.SetBody(report).SetResult(&report).
-		Post("xray/api/v1/reports/" + reportType)
-
+	_, err = req.
+		SetBody(report).
+		SetResult(&report).
+		SetPathParam("reportType", reportType).
+		Post("xray/api/v1/reports/{reportType}")
 	if err != nil {
 		return diag.FromErr(err)
 	}

diff --git a/pkg/xray/resource_xray_report_test.go b/pkg/xray/resource_xray_report_test.go
@@ -127,6 +127,10 @@ var violationsFilterFields = []map[string]interface{}{
 				},
 				"summary_contains": "kernel",
 				"has_remediation":  true,
+				"published": map[string]interface{}{
+					"start": "2023-02-01T08:00:00Z",
+					"end":   "2023-02-14T08:00:00Z",
+				},
 			},
 		},
 	},
@@ -458,16 +462,15 @@ func mkFilterTestCase(t *testing.T, resourceFields map[string]interface{}, filte
 
 	allFields := sdk.MergeMaps(filterFields, resourceFields)
 	allFieldsHcl := sdk.FmtMapToHcl(allFields)
-	const remoteRepoFull = `
-		resource "%s" "%s" {
+	const resourceTempl = `
+resource "%s" "%s" {
 %s
-		}
-	`
+}`
 	extraChecks := testutil.MapToTestChecks(fqrn, resourceFields)
 	defaultChecks := testutil.MapToTestChecks(fqrn, allFields)
 
 	checks := append(defaultChecks, extraChecks...)
-	config := fmt.Sprintf(remoteRepoFull, resourceName, name, allFieldsHcl)
+	config := fmt.Sprintf(resourceTempl, resourceName, name, allFieldsHcl)
 
 	return t, resource.TestCase{
 		PreCheck:          func() { testAccPreCheck(t) },
@@ -488,13 +491,12 @@ func mkFilterNegativeTestCase(t *testing.T, resourceFields map[string]interface{
 
 	allFields := sdk.MergeMaps(filterFields, resourceFields)
 	allFieldsHcl := sdk.FmtMapToHcl(allFields)
-	const remoteRepoFull = `
-		resource "%s" "%s" {
+	const resourceTempl = `
+resource "%s" "%s" {
 %s
-		}
-	`
+}`
 
-	config := fmt.Sprintf(remoteRepoFull, resourceName, name, allFieldsHcl)
+	config := fmt.Sprintf(resourceTempl, resourceName, name, allFieldsHcl)
 
 	return t, resource.TestCase{
 		PreCheck:          func() { testAccPreCheck(t) },

diff --git a/pkg/xray/resource_xray_violations_report.go b/pkg/xray/resource_xray_violations_report.go
@@ -128,6 +128,28 @@ func resourceXrayViolationsReport() *schema.Resource {
 						Optional:    true,
 						Description: "Whether the issue has a fix or not.",
 					},
+					"published": {
+						Type:        schema.TypeSet,
+						Optional:    true,
+						MaxItems:    1,
+						Description: "",
+						Elem: &schema.Resource{
+							Schema: map[string]*schema.Schema{
+								"start": {
+									Type:             schema.TypeString,
+									Optional:         true,
+									ValidateDiagFunc: validation.ToDiagFunc(validation.IsRFC3339Time),
+									Description:      "Published from date.",
+								},
+								"end": {
+									Type:             schema.TypeString,
+									Optional:         true,
+									ValidateDiagFunc: validation.ToDiagFunc(validation.IsRFC3339Time),
+									Description:      "Published to date.",
+								},
+							},
+						},
+					},
 				},
 			},
 		},