Skip to content

Commit

Permalink
refactor: remove deprecated fields (#395)
Browse files Browse the repository at this point in the history
* refactor: remove deprecated fields
  • Loading branch information
dmurray-lacework authored and afiune committed Nov 8, 2022
1 parent b88acee commit 65931a3
Show file tree
Hide file tree
Showing 10 changed files with 6 additions and 127 deletions.
31 changes: 0 additions & 31 deletions examples/resource_lacework_vulnerability_exception_host/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,37 +7,6 @@ terraform {
}

resource "lacework_vulnerability_exception_host" "example" {
name = var.name
description = var.description
enabled = true
expiry = var.expiry
reason = "Accepted Risk"
vulnerability_criteria {
severities = ["Critical"]
cves = var.cves
package {
name = var.package_name
version = var.package_version
}
package {
name = "myPackage"
version = "2.0.0"
}
package {
name = "myOtherPackage"
version = "1.0.0"
}
fixable = true
}
resource_scope {
hostnames = ["host1", "host2"]
cluster_names = ["clust-abc", "clust-xyz"]
external_ips = ["210.12.100.5"]
namespaces = ["namespace1", "namespace2"]
}
}

resource "lacework_vulnerability_exception_host" "no_expiry" {
name = var.name
description = var.description
enabled = true
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,6 @@ func TestVulnerabilityExceptionHostCreate(t *testing.T) {
assert.Equal(t, "[CVE-2016-9840 CVE-2018-14599 CVE-2018-6942]", actualCves)
assert.Equal(t, "[map[name:myOtherPackage version:1.0.0] map[name:myPackage version:1.0.0] map[name:myPackage version:2.0.0]]", actualPackages)

noexpiry := GetSpecificIDFromTerraResults(2, create)
assert.NotEmpty(t, noexpiry)

// Update Vulnerability Exception
terraformOptions.Vars = map[string]interface{}{
"name": "Terraform Vulnerability Exception Host Test",
Expand Down
36 changes: 4 additions & 32 deletions lacework/resource_lacework_alert_rule.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import (

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/lacework/go-sdk/api"
"github.com/pkg/errors"
"golang.org/x/text/cases"
"golang.org/x/text/language"
)
Expand Down Expand Up @@ -40,24 +39,10 @@ func resourceLaceworkAlertRule() *schema.Resource {
Default: true,
Description: "The state of the alert rule",
},
"channels": {
Type: schema.TypeSet,
Optional: true,
Description: "List of channels for the alert rule",
Deprecated: "This attribute deprecated and has been replaced by `alert_channels`",
ConflictsWith: []string{"alert_channels"},
Elem: &schema.Schema{
Type: schema.TypeString,
StateFunc: func(val interface{}) string {
return strings.TrimSpace(val.(string))
},
},
},
"alert_channels": {
Type: schema.TypeSet,
Optional: true,
Description: "List of alert channels for the alert rule",
ConflictsWith: []string{"channels"},
Type: schema.TypeSet,
Optional: true,
Description: "List of alert channels for the alert rule",
Elem: &schema.Schema{
Type: schema.TypeString,
StateFunc: func(val interface{}) string {
Expand Down Expand Up @@ -149,10 +134,6 @@ func resourceLaceworkAlertRuleCreate(d *schema.ResourceData, meta interface{}) e
var alertChannels []interface{}
if _, ok := d.GetOk("alert_channels"); ok {
alertChannels = d.Get("alert_channels").(*schema.Set).List()
} else if _, ok := d.GetOk("channels"); ok {
alertChannels = d.Get("channels").(*schema.Set).List()
} else {
return errors.New("alert_channels attribute must be set")
}

var (
Expand Down Expand Up @@ -215,12 +196,7 @@ func resourceLaceworkAlertRuleRead(d *schema.ResourceData, meta interface{}) err
d.Set("severities", api.NewAlertRuleSeveritiesFromIntSlice(response.Data.Filter.Severity).ToStringSlice())
d.Set("resource_groups", response.Data.Filter.ResourceGroups)
d.Set("event_categories", response.Data.Filter.EventCategories)

if _, ok := d.GetOk("channels"); ok {
d.Set("channels", response.Data.Channels)
} else {
d.Set("alert_channels", response.Data.Channels)
}
d.Set("alert_channels", response.Data.Channels)

log.Printf("[INFO] Read alert rule with guid %s\n", response.Data.Guid)
return nil
Expand All @@ -230,10 +206,6 @@ func resourceLaceworkAlertRuleUpdate(d *schema.ResourceData, meta interface{}) e
var alertChannels []interface{}
if _, ok := d.GetOk("alert_channels"); ok {
alertChannels = d.Get("alert_channels").(*schema.Set).List()
} else if _, ok := d.GetOk("channels"); ok {
alertChannels = d.Get("channels").(*schema.Set).List()
} else {
return errors.New("alert_channels attribute must be set")
}

var (
Expand Down
26 changes: 1 addition & 25 deletions lacework/resource_lacework_vulnerability_exception_container.go
Original file line number Diff line number Diff line change
Expand Up @@ -130,13 +130,6 @@ func resourceLaceworkVulnerabilityExceptionContainer() *schema.Resource {
Description: "Whether to filter on fixable",
ValidateFunc: validation.StringInSlice([]string{"true", "false"}, true),
},
"fixable": {
Type: schema.TypeBool,
Optional: true,
Description: "Whether to filter on fixable",
Deprecated: "This attribute is deprecated and has been replaced by `fixable_vuln`",
ConflictsWith: []string{"vulnerability_criteria.0.fixable_vuln"},
},
},
},
},
Expand Down Expand Up @@ -241,12 +234,6 @@ func resourceLaceworkVulnerabilityExceptionContainerCreate(d *schema.ResourceDat
fixable *bool
)

// leave deprecated field 'fixable' behaviour
if _, ok := d.GetOk("vulnerability_criteria.0.fixable"); ok {
fixablePtr := d.Get("vulnerability_criteria.0.fixable").(bool)
fixable = &fixablePtr
}

if _, ok := d.GetOk("vulnerability_criteria.0.fixable_vuln"); ok {
// ignore error as terraform schema restricts field value to 'true' or 'false'
fixablePtr, _ := strconv.ParseBool(d.Get("vulnerability_criteria.0.fixable_vuln").(string))
Expand Down Expand Up @@ -347,12 +334,7 @@ func resourceLaceworkVulnerabilityExceptionContainerRead(d *schema.ResourceData,
vulnCriteria["package"] = vulnerabilityExceptionFlattenPackages(response.Data.VulnerabilityCriteria.Package)

if response.Data.VulnerabilityCriteria.FixableEnabled() != nil {
if _, ok := d.GetOk("vulnerability_criteria.0.fixable"); ok {
vulnCriteria["fixable"] = response.Data.VulnerabilityCriteria.FixableEnabled()
} else {
vulnCriteria["fixable_vuln"] = response.Data.VulnerabilityCriteria.FixableEnabled()
}

vulnCriteria["fixable_vuln"] = response.Data.VulnerabilityCriteria.FixableEnabled()
}
d.Set("vulnerability_criteria", []map[string]interface{}{vulnCriteria})
d.Set("reason", response.Data.ExceptionReason)
Expand All @@ -368,12 +350,6 @@ func resourceLaceworkVulnerabilityExceptionContainerUpdate(d *schema.ResourceDat
fixable *bool
)

// leave deprecated field 'fixable' behaviour
if _, ok := d.GetOk("vulnerability_criteria.0.fixable"); ok {
fixablePtr := d.Get("vulnerability_criteria.0.fixable").(bool)
fixable = &fixablePtr
}

if _, ok := d.GetOk("vulnerability_criteria.0.fixable_vuln"); ok {
fixablePtr, _ := strconv.ParseBool(d.Get("vulnerability_criteria.0.fixable_vuln").(string))
fixable = &fixablePtr
Expand Down
25 changes: 1 addition & 24 deletions lacework/resource_lacework_vulnerability_exception_host.go
Original file line number Diff line number Diff line change
Expand Up @@ -131,13 +131,6 @@ func resourceLaceworkVulnerabilityExceptionHost() *schema.Resource {
Description: "Whether to filter on fixable",
ValidateFunc: validation.StringInSlice([]string{"true", "false"}, true),
},
"fixable": {
Type: schema.TypeBool,
Optional: true,
Description: "Whether to filter on fixable",
Deprecated: "This attribute is deprecated and has been replaced by `fixable_vuln`",
ConflictsWith: []string{"vulnerability_criteria.0.fixable_vuln"},
},
},
},
},
Expand Down Expand Up @@ -231,12 +224,6 @@ func resourceLaceworkVulnerabilityExceptionHostCreate(d *schema.ResourceData, me
packages = castAttributeToArrayOfCustomKeyValueMap(d, "vulnerability_criteria.0.package", "name", "version")
)

// leave deprecated field 'fixable' behaviour
if _, ok := d.GetOk("vulnerability_criteria.0.fixable"); ok {
fixablePtr := d.Get("vulnerability_criteria.0.fixable").(bool)
fixable = &fixablePtr
}

if _, ok := d.GetOk("vulnerability_criteria.0.fixable_vuln"); ok {
// ignore error as terraform schema restricts field value to 'true' or 'false'
fixablePtr, _ := strconv.ParseBool(d.Get("vulnerability_criteria.0.fixable_vuln").(string))
Expand Down Expand Up @@ -334,11 +321,7 @@ func resourceLaceworkVulnerabilityExceptionHostRead(d *schema.ResourceData, meta
vulnCriteria["package"] = vulnerabilityExceptionFlattenPackages(response.Data.VulnerabilityCriteria.Package)

if response.Data.VulnerabilityCriteria.FixableEnabled() != nil {
if _, ok := d.GetOk("vulnerability_criteria.0.fixable"); ok {
vulnCriteria["fixable"] = response.Data.VulnerabilityCriteria.FixableEnabled()
} else {
vulnCriteria["fixable_vuln"] = response.Data.VulnerabilityCriteria.FixableEnabled()
}
vulnCriteria["fixable_vuln"] = response.Data.VulnerabilityCriteria.FixableEnabled()
}

d.Set("vulnerability_criteria", []map[string]interface{}{vulnCriteria})
Expand All @@ -356,12 +339,6 @@ func resourceLaceworkVulnerabilityExceptionHostUpdate(d *schema.ResourceData, me
packages = castAttributeToArrayOfCustomKeyValueMap(d, "vulnerability_criteria.0.package", "name", "version")
)

// leave deprecated field 'fixable' behaviour
if _, ok := d.GetOk("vulnerability_criteria.0.fixable"); ok {
fixablePtr := d.Get("vulnerability_criteria.0.fixable").(bool)
fixable = &fixablePtr
}

if _, ok := d.GetOk("vulnerability_criteria.0.fixable_vuln"); ok {
fixablePtr, _ := strconv.ParseBool(d.Get("vulnerability_criteria.0.fixable_vuln").(string))
fixable = &fixablePtr
Expand Down
3 changes: 0 additions & 3 deletions website/docs/r/integration_docker_hub.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,6 @@ The following arguments are supported:
* `name` - (Required) The Container Registry integration name.
* `username` - (Required) The Docker user that has at least read-only permissions to the Docker Hub container repositories.
* `password` - (Required) The password for the specified Docker Hub user.
* `limit_by_tag` - (Optional, **Deprecated**) An image tag to limit the assessment of images with matching tag. If you specify `limit_by_tag` and `limit_by_label` limits, they function as an `AND`. Supported field input are `mytext*mytext`, `mytext`, `mytext*`, or `mytext`. Only one `*` wildcard is supported. Defaults to `*`. This attribute will be replaced by a new attribute `limit_by_tags` in version 1.0 of the Lacework provider.
* `limit_by_label` - (Optional, **Deprecated**) An image label to limit the assessment of images with matching label. If you specify `limit_by_tag` and `limit_by_label` limits, they function as an `AND`. Supported field input are `mytext*mytext`, `mytext`, `mytext*`, or `mytext`. Only one `*` wildcard is supported. Defaults to `*`. This attribute will be replaced by a new attribute `limit_by_labels` in version 1.0 of the Lacework provider.
* `limit_by_repos` - (Optional, **Deprecated**) A comma-separated list of repositories to assess. (without spaces recommended) This attribute will be replaced by a new attribute `limit_by_repositories` in version 1.0 of the Lacework provider.
* `limit_num_imgs` - (Optional) The maximum number of newest container images to assess per repository. Must be one of `5`, `10`, or `15`. Defaults to `5`.
* `enabled` - (Optional) The state of the external integration. Defaults to `true`.
* `limit_by_tags` - (Optional) A list of image tags to limit the assessment of images with matching tags. If you specify `limit_by_tags` and `limit_by_labels` limits, they function as an `AND`.
Expand Down
2 changes: 0 additions & 2 deletions website/docs/r/integration_docker_v2.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,6 @@ The following arguments are supported:
* `password` - (Required) The password for the specified user.
* `ssl` - (Optional) Enable or disable SSL communication. Defaults to `false`.
* `notifications` - (Optional) Subscribe to registry notifications. Defaults to `false`.
* `limit_by_tag` - (Optional, **Deprecated**) An image tag to limit the assessment of images with matching tag. If you specify `limit_by_tag` and `limit_by_label` limits, they function as an `AND`. Supported field input are `mytext*mytext`, `mytext`, `mytext*`, or `mytext`. Only one `*` wildcard is supported. Defaults to `*`. This attribute will be replaced by a new attribute `limit_by_tags` in version 1.0 of the Lacework provider.
* `limit_by_label` - (Optional, **Deprecated**) An image label to limit the assessment of images with matching label. If you specify `limit_by_tag` and `limit_by_label` limits, they function as an `AND`. Supported field input are `mytext*mytext`, `mytext`, `mytext*`, or `mytext`. Only one `*` wildcard is supported. Defaults to `*`. This attribute will be replaced by a new attribute `limit_by_labels` in version 1.0 of the Lacework provider.
* `enabled` - (Optional) The state of the external integration. Defaults to `true`.
* `limit_by_tags` - (Optional) A list of image tags to limit the assessment of images with matching tags. If you specify `limit_by_tags` and `limit_by_labels` limits, they function as an `AND`.
* `limit_by_labels` - (Optional) A key based map of labels to limit the assessment of images with matching `key:value` labels. If you specify `limit_by_tags` and `limit_by_labels` limits, they function as an `AND`.
Expand Down
3 changes: 0 additions & 3 deletions website/docs/r/integration_gcr.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -74,9 +74,6 @@ The following arguments are supported:
* `name` - (Required) The GCR integration name.
* `registry_domain` - (Required) The GCR domain, which specifies the location where you store the images. Supported domains are `gcr.io`, `us.gcr.io`, `eu.gcr.io`, or `asia.gcr.io`.
* `credentials` - (Required) The credentials needed by the integration. See [Credentials](#credentials) below for details.
* `limit_by_tag` - (Optional, **Deprecated**) An image tag to limit the assessment of images with matching tag. If you specify `limit_by_tag` and `limit_by_label` limits, they function as an `AND`. Supported field input are `mytext*mytext`, `mytext`, `mytext*`, or `mytext`. Only one `*` wildcard is supported. Defaults to `*`. This attribute will be replaced by a new attribute `limit_by_tags` in version 1.0 of the Lacework provider.
* `limit_by_label` - (Optional, **Deprecated**) An image label to limit the assessment of images with matching label. If you specify `limit_by_tag` and `limit_by_label` limits, they function as an `AND`. Supported field input are `mytext*mytext`, `mytext`, `mytext*`, or `mytext`. Only one `*` wildcard is supported. Defaults to `*`. This attribute will be replaced by a new attribute `limit_by_labels` in version 1.0 of the Lacework provider.
* `limit_by_repos` - (Optional, **Deprecated**) A comma-separated list of repositories to assess. (without spaces recommended) This attribute will be replaced by a new attribute `limit_by_repositories` in version 1.0 of the Lacework provider.
* `limit_num_imgs` - (Optional) The maximum number of newest container images to assess per repository. Must be one of `5`, `10`, or `15`. Defaults to `5`.
* `enabled` - (Optional) The state of the external integration. Defaults to `true`.
* `limit_by_tags` - (Optional) A list of image tags to limit the assessment of images with matching tags. If you specify `limit_by_tags` and `limit_by_labels` limits, they function as an `AND`.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -71,8 +71,6 @@ The following arguments are supported:
* `package` - (Optional) The list of package names (for example, an operating system or language package) to constraint.
* `fixable_vuln` - (Optional) Whether to filter on fixable or non-fixable vulnerability. This argument is of type
`string`. Valid values are: `"true"`, `"false"`.
* `fixable` - (Optional, **Deprecated**) Whether to filter on fixable. This attribute has been replaced by a new
attribute `fixable_vuln` and will be removed in version 1.0 of the Lacework provider.

### Resource Scope

Expand Down
2 changes: 0 additions & 2 deletions website/docs/r/vulnerability_exception_host.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -69,8 +69,6 @@ The following arguments are supported:
* `package` - (Optional) The list of package names (for example, an operating system or language package) to constraint.
* `fixable_vuln` - (Optional) Whether to filter on fixable or non-fixable vulnerability. This argument is of type
`string`. Valid values are: `"true"`, `"false"`.
* `fixable` - (Optional, **Deprecated**) Whether to filter on fixable. This attribute has been replaced by a new
attribute `fixable_vuln` and will be removed in version 1.0 of the Lacework provider.

### Resource Scope

Expand Down

0 comments on commit 65931a3

Please sign in to comment.