fix registry_integration and docs

DEVELOPMENT.md

@@ -55,7 +55,7 @@ In order to test the provider installed locally, the provider block will have to
 terraform {
   required_providers {
     aquasec = {
-      version = "0.8.20"
+      version = "0.8.26"
       source  = "terraform-provider-aquasec/aquasec/aquasec"
     }
   }

GNUmakefile

@@ -6,7 +6,7 @@ HOSTNAME	 := github.com
 NAMESPACE	 := aquasec
 NAME 		 := aquasec
 BINARY		 := terraform-provider-${NAME}
-VERSION      := 0.8.25
+VERSION      := 0.8.26
 OS_ARCH      := $(shell go env GOOS)_$(shell go env GOARCH)
 
 default: build

README.md

@@ -21,9 +21,12 @@ The provider lets you declaratively define the configuration for your Aqua Enter
 
 ## Contents
 
-* [Requirements](#requirements)
-* [Using the Aquasec provider](#Using_the_Aquasec_provider)
-* [Contributing](#contributing)
+- [Aquasec Provider for Terraform](#aquasec-provider-for-terraform)
+  - [Contents](#contents)
+  - [Requirements](#requirements)
+  - [Using the Aquasec provider](#using-the-aquasec-provider)
+  - [Using the Aquasec provider SaaS solution](#using-the-aquasec-provider-saas-solution)
+  - [Contributing](#contributing)
 
 
 ## Requirements
@@ -40,7 +43,7 @@ To quickly get started using the Aquasec provider for Terraform, configure the p
 terraform {
   required_providers {
     aquasec = {
-      version = "0.8.20"
+      version = "0.8.26"
       source  = "aquasecurity/aquasec"
     }
   }

aquasec/data_registry.go

@@ -89,6 +89,82 @@ func dataSourceRegistry() *schema.Resource {
 				Optional:    true,
 				Computed:    true,
 			},
+			"lastupdate": {
+				Type:        schema.TypeInt,
+				Description: "The last time the registry was modified in UNIX time",
+				Optional:    true,
+				Computed:    true,
+			},
+			"advanced_settings_cleanup": {
+				Type:        schema.TypeBool,
+				Description: "Automatically clean up that don't match the pull criteria",
+				Optional:    true,
+			},
+			"always_pull_patterns": {
+				Type:        schema.TypeList,
+				Description: "List of image patterns to pull always",
+				Optional:    true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"pull_image_tag_pattern": {
+				Type:        schema.TypeList,
+				Description: "List of image tags patterns to pull",
+				Optional:    true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"pull_repo_patterns_excluded": {
+				Type:        schema.TypeList,
+				Description: "List of image patterns to exclude",
+				Optional:    true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"webhook": {
+				Type:        schema.TypeSet,
+				Optional:    true,
+				Description: "When enabled, registry events are sent to the given Aqua webhook url",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"enabled": {
+							Type:     schema.TypeBool,
+							Optional: true,
+						},
+						"url": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"auth_token": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"un_quarantine": {
+							Type:     schema.TypeBool,
+							Optional: true,
+						},
+					},
+				},
+			},
+			"options": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"option": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"value": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+					},
+				},
+			},
 			"scanner_type": {
 				Type:        schema.TypeString,
 				Description: "Scanner type",
@@ -136,7 +212,14 @@ func dataRegistryRead(d *schema.ResourceData, m interface{}) error {
 		d.Set("auto_pull_time", reg.AutoPullTime)
 		d.Set("auto_pull_interval", reg.AutoPullInterval)
 		d.Set("auto_cleanup", reg.AutoCleanUp)
+		d.Set("lastupdate", reg.Lastupdate)
 		d.Set("scanner_type", reg.ScannerType)
+		d.Set("advanced_settings_cleanup", reg.AdvancedSettingsCleanup)
+		d.Set("always_pull_patterns", reg.AlwaysPullPatterns)
+		d.Set("pull_image_tag_pattern", reg.PullImageTagPattern)
+		d.Set("pull_repo_patterns_excluded", reg.PullRepoPatternsExcluded)
+		d.Set("options", flattenoptions(reg.Options))
+		d.Set("webhook", flattenwebhook(reg.Webhook))
 		d.Set("prefixes", convertStringArr(prefixes))
 		scannerType := d.Get("scanner_type").(string)
 		if scannerType == "specific" {

aquasec/resource_registry.go

@@ -20,8 +20,8 @@ func resourceRegistry() *schema.Resource {
 			StateContext: schema.ImportStatePassthroughContext,
 		},
 		Schema: map[string]*schema.Schema{
-			"last_updated": {
-				Type:        schema.TypeString,
+			"lastupdate": {
+				Type:        schema.TypeInt,
 				Description: "The last time the registry was modified in UNIX time",
 				Optional:    true,
 				Computed:    true,
@@ -94,6 +94,11 @@ func resourceRegistry() *schema.Resource {
 				Description: "Automatically clean up images and repositories which are no longer present in the registry from Aqua console",
 				Optional:    true,
 			},
+			"advanced_settings_cleanup": {
+				Type:        schema.TypeBool,
+				Description: "Automatically clean up that don't match the pull criteria",
+				Optional:    true,
+			},
 			"image_creation_date_condition": {
 				Type:        schema.TypeString,
 				Description: "Additional condition for pulling and rescanning images, Defaults to 'none'",
@@ -151,6 +156,58 @@ func resourceRegistry() *schema.Resource {
 					Type: schema.TypeString,
 				},
 			},
+			"always_pull_patterns": {
+				Type:        schema.TypeList,
+				Description: "List of image patterns to pull always",
+				Optional:    true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"pull_image_tag_pattern": {
+				Type:        schema.TypeList,
+				Description: "List of image tags patterns to pull",
+				Optional:    true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"pull_repo_patterns_excluded": {
+				Type:        schema.TypeList,
+				Description: "List of image patterns to exclude",
+				Optional:    true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"webhook": {
+				Type:        schema.TypeSet,
+				Description: "When enabled, registry events are sent to the given Aqua webhook url",
+				Optional:    true,
+				Computed:    true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"enabled": {
+							Type:     schema.TypeBool,
+							Optional: true,
+							Computed: true,
+						},
+						"url": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"auth_token": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"un_quarantine": {
+							Type:     schema.TypeBool,
+							Optional: true,
+							Computed: true,
+						},
+					},
+				},
+			},
 		},
 	}
 }
@@ -171,6 +228,9 @@ func resourceRegistryCreate(d *schema.ResourceData, m interface{}) error {
 
 	// Get and Convert Roles
 	prefixes := d.Get("prefixes").([]interface{})
+	always_pull_patterns := d.Get("always_pull_patterns").([]interface{})
+	pull_repo_patterns_excluded := d.Get("pull_repo_patterns_excluded").([]interface{})
+	pull_image_tag_pattern := d.Get("pull_image_tag_pattern").([]interface{})
 	scanner_name := d.Get("scanner_name").([]interface{})
 
 	old, new := d.GetChange("scanner_name")
@@ -191,6 +251,7 @@ func resourceRegistryCreate(d *schema.ResourceData, m interface{}) error {
 		AutoPullMax:                d.Get("auto_pull_max").(int),
 		AutoPullTime:               d.Get("auto_pull_time").(string),
 		AutoCleanUp:                d.Get("auto_cleanup").(bool),
+		AdvancedSettingsCleanup:    d.Get("advanced_settings_cleanup").(bool),
 		ImageCreationDateCondition: d.Get("image_creation_date_condition").(string),
 		PullImageAge:               d.Get("pull_image_age").(string),
 		PullImageCount:             d.Get("pull_image_count").(int),
@@ -201,6 +262,9 @@ func resourceRegistryCreate(d *schema.ResourceData, m interface{}) error {
 		ScannerNameRemoved:         convertStringArr(scanner_name_removed),
 		ExistingScanners:           convertStringArr(existsing_scanners),
 		Prefixes:                   convertStringArr(prefixes),
+		AlwaysPullPatterns:         convertStringArr(always_pull_patterns),
+		PullRepoPatternsExcluded:   convertStringArr(pull_repo_patterns_excluded),
+		PullImageTagPattern:        convertStringArr(pull_image_tag_pattern),
 	}
 	options, ok := d.GetOk("options")
 	if ok {
@@ -216,6 +280,22 @@ func resourceRegistryCreate(d *schema.ResourceData, m interface{}) error {
 		}
 		registry.Options = optionsarray
 	}
+	webhook, ok := d.GetOk("webhook")
+	if ok {
+		for _, webhookMap := range webhook.(*schema.Set).List() {
+			webhookentries, ok := webhookMap.(map[string]interface{})
+			if !ok {
+				continue
+			}
+			Webhook := client.Webhook{
+				Enabled:      webhookentries["enabled"].(bool),
+				URL:          webhookentries["url"].(string),
+				AuthToken:    webhookentries["auth_token"].(string),
+				UnQuarantine: webhookentries["un_quarantine"].(bool),
+			}
+			registry.Webhook = Webhook
+		}
+	}
 
 	err := ac.CreateRegistry(registry)
 	if err != nil {
@@ -287,9 +367,24 @@ func resourceRegistryRead(d *schema.ResourceData, m interface{}) error {
 	if err = d.Set("prefixes", r.Prefixes); err != nil {
 		return err
 	}
+	if err = d.Set("advanced_settings_cleanup", r.AdvancedSettingsCleanup); err != nil {
+		return err
+	}
+	if err = d.Set("always_pull_patterns", r.AlwaysPullPatterns); err != nil {
+		return err
+	}
+	if err = d.Set("pull_repo_patterns_excluded", r.PullRepoPatternsExcluded); err != nil {
+		return err
+	}
+	if err = d.Set("pull_image_tag_pattern", r.PullImageTagPattern); err != nil {
+		return err
+	}
 	if err = d.Set("options", flattenoptions(r.Options)); err != nil {
 		return err
 	}
+	if err = d.Set("webhook", flattenwebhook(r.Webhook)); err != nil {
+		return err
+	}
 	scannerType := d.Get("scanner_type").(string)
 	if scannerType == "specific" {
 		if err = d.Set("scanner_name", r.ScannerName); err != nil {
@@ -312,9 +407,12 @@ func resourceRegistryUpdate(d *schema.ResourceData, m interface{}) error {
 		autoPullInterval = 1
 	}
 
-	if d.HasChanges("name", "username", "password", "url", "type", "auto_pull", "auto_pull_rescan", "auto_pull_max", "auto_pull_time", "auto_pull_interval", "auto_cleanup", "image_creation_date_condition", "scanner_name", "prefixes", "pull_image_count", "pull_image_age", "options") {
+	if d.HasChanges("name", "username", "description", "pull_image_tag_pattern", "password", "url", "type", "auto_pull", "auto_pull_rescan", "auto_pull_max", "advanced_settings_cleanup", "auto_pull_time", "auto_pull_interval", "auto_cleanup", "image_creation_date_condition", "scanner_name", "prefixes", "pull_image_count", "pull_image_age", "options", "webhook", "always_pull_patterns", "pull_repo_patterns_excluded") {
 
 		prefixes := d.Get("prefixes").([]interface{})
+		always_pull_patterns := d.Get("always_pull_patterns").([]interface{})
+		pull_repo_patterns_excluded := d.Get("pull_repo_patterns_excluded").([]interface{})
+		pull_image_tag_pattern := d.Get("pull_image_tag_pattern").([]interface{})
 		scanner_name := d.Get("scanner_name").([]interface{})
 
 		old, new := d.GetChange("scanner_name")
@@ -326,6 +424,7 @@ func resourceRegistryUpdate(d *schema.ResourceData, m interface{}) error {
 		registry := client.Registry{
 			Name:                       d.Get("name").(string),
 			Type:                       d.Get("type").(string),
+			Description:                d.Get("description").(string),
 			Username:                   d.Get("username").(string),
 			Password:                   d.Get("password").(string),
 			URL:                        d.Get("url").(string),
@@ -335,6 +434,7 @@ func resourceRegistryUpdate(d *schema.ResourceData, m interface{}) error {
 			AutoPullTime:               d.Get("auto_pull_time").(string),
 			AutoCleanUp:                d.Get("auto_cleanup").(bool),
 			AutoPullInterval:           autoPullInterval,
+			AdvancedSettingsCleanup:    d.Get("advanced_settings_cleanup").(bool),
 			ImageCreationDateCondition: d.Get("image_creation_date_condition").(string),
 			PullImageAge:               d.Get("pull_image_age").(string),
 			PullImageCount:             d.Get("pull_image_count").(int),
@@ -344,6 +444,9 @@ func resourceRegistryUpdate(d *schema.ResourceData, m interface{}) error {
 			ScannerNameRemoved:         convertStringArr(scanner_name_removed),
 			ExistingScanners:           convertStringArr(existsing_scanners),
 			Prefixes:                   convertStringArr(prefixes),
+			AlwaysPullPatterns:         convertStringArr(always_pull_patterns),
+			PullRepoPatternsExcluded:   convertStringArr(pull_repo_patterns_excluded),
+			PullImageTagPattern:        convertStringArr(pull_image_tag_pattern),
 		}
 
 		options, ok := d.GetOk("options")
@@ -360,6 +463,22 @@ func resourceRegistryUpdate(d *schema.ResourceData, m interface{}) error {
 			}
 			registry.Options = optionsarray
 		}
+		webhook, ok := d.GetOk("webhook")
+		if ok {
+			for _, webhookMap := range webhook.(*schema.Set).List() {
+				webhookentries, ok := webhookMap.(map[string]interface{})
+				if !ok {
+					continue
+				}
+				Webhook := client.Webhook{
+					Enabled:      webhookentries["enabled"].(bool),
+					URL:          webhookentries["url"].(string),
+					AuthToken:    webhookentries["auth_token"].(string),
+					UnQuarantine: webhookentries["un_quarantine"].(bool),
+				}
+				registry.Webhook = Webhook
+			}
+		}
 
 		err := c.UpdateRegistry(registry)
 		if err == nil {
@@ -428,3 +547,14 @@ func flattenoptions(options []client.Options) []map[string]interface{} {
 	}
 	return option
 }
+
+func flattenwebhook(webhook1 client.Webhook) []map[string]interface{} {
+	return []map[string]interface{}{
+		{
+			"enabled":       webhook1.Enabled,
+			"url":           webhook1.URL,
+			"auth_token":    webhook1.AuthToken,
+			"un_quarantine": webhook1.UnQuarantine,
+		},
+	}
+}