From 8c691efe52d3d0f4e7ada25ce8c14ad2428bb911 Mon Sep 17 00:00:00 2001
From: Darren <75614232+dmurray-lacework@users.noreply.github.com>
Date: Thu, 23 Jun 2022 13:47:20 +0100
Subject: [PATCH] fix: time parse error for expiry field (#332)

* fix: time pasre error for expiry field

Signed-off-by: Darren Murray <darren.murray@lacework.net>

* test: no expiry test

Signed-off-by: Darren Murray <darren.murray@lacework.net>
---
 .../main.tf                                   | 37 ++++++++++++++++++-
 ...ework_vulnerability_exception_host_test.go |  3 ++
 ...ework_vulnerability_exception_container.go |  4 +-
 ...e_lacework_vulnerability_exception_host.go |  4 +-
 4 files changed, 43 insertions(+), 5 deletions(-)

diff --git a/examples/resource_lacework_vulnerability_exception_host/main.tf b/examples/resource_lacework_vulnerability_exception_host/main.tf
index 68b80843..6a282aa5 100644
--- a/examples/resource_lacework_vulnerability_exception_host/main.tf
+++ b/examples/resource_lacework_vulnerability_exception_host/main.tf
@@ -10,7 +10,7 @@ resource "lacework_vulnerability_exception_host" "example" {
   name        = var.name
   description = var.description
   enabled     = true
-  expiry      = "2023-06-06T15:55:15Z"
+  expiry      = var.expiry
   reason      = "Accepted Risk"
   vulnerability_criteria {
     severities = ["Critical"]
@@ -37,6 +37,41 @@ resource "lacework_vulnerability_exception_host" "example" {
   }
 }
 
+resource "lacework_vulnerability_exception_host" "no_expiry" {
+  name        = var.name
+  description = var.description
+  enabled     = true
+  reason      = "Accepted Risk"
+  vulnerability_criteria {
+    severities = ["Critical"]
+    cves       = var.cves
+    package {
+      name    = var.package_name
+      version = var.package_version
+    }
+    package {
+      name    = "myPackage"
+      version = "2.0.0"
+    }
+    package {
+      name    = "myOtherPackage"
+      version = "1.0.0"
+    }
+    fixable = true
+  }
+  resource_scope {
+    hostnames     = ["host1", "host2"]
+    cluster_names = ["clust-abc", "clust-xyz"]
+    external_ips  = ["210.12.100.5"]
+    namespaces    = ["namespace1", "namespace2"]
+  }
+}
+
+variable "expiry" {
+  type    = string
+  default = "2023-06-06T15:55:15Z"
+}
+
 variable "name" {
   type    = string
   default = "Terraform Host Vulnerability Exception"
diff --git a/integration/resource_lacework_vulnerability_exception_host_test.go b/integration/resource_lacework_vulnerability_exception_host_test.go
index 0f3e2f31..a131c318 100644
--- a/integration/resource_lacework_vulnerability_exception_host_test.go
+++ b/integration/resource_lacework_vulnerability_exception_host_test.go
@@ -41,6 +41,9 @@ func TestVulnerabilityExceptionHostCreate(t *testing.T) {
 	assert.Equal(t, "[CVE-2016-9840 CVE-2018-14599 CVE-2018-6942]", actualCves)
 	assert.Equal(t, "[map[name:myOtherPackage version:1.0.0] map[name:myPackage version:1.0.0] map[name:myPackage version:2.0.0]]", actualPackages)
 
+	noexpiry := GetSpecificIDFromTerraResults(2, create)
+	assert.NotEmpty(t, noexpiry)
+
 	// Update Vulnerability Exception
 	terraformOptions.Vars = map[string]interface{}{
 		"name":            "Terraform Vulnerability Exception Host Test",
diff --git a/lacework/resource_lacework_vulnerability_exception_container.go b/lacework/resource_lacework_vulnerability_exception_container.go
index 8602e6a8..646909be 100644
--- a/lacework/resource_lacework_vulnerability_exception_container.go
+++ b/lacework/resource_lacework_vulnerability_exception_container.go
@@ -240,7 +240,7 @@ func resourceLaceworkVulnerabilityExceptionContainerCreate(d *schema.ResourceDat
 		}
 	)
 
-	if d.Get("expiry") != nil {
+	if d.Get("expiry") != nil && d.Get("expiry") != "" {
 		expiryTime, err := time.Parse(time.RFC3339, d.Get("expiry").(string))
 		if err != nil {
 			return errors.Wrap(err, fmt.Sprintf("unable to parse expiry time %s", d.Get("expiry").(string)))
@@ -345,7 +345,7 @@ func resourceLaceworkVulnerabilityExceptionContainerUpdate(d *schema.ResourceDat
 		}
 	)
 
-	if d.Get("expiry") != nil {
+	if d.Get("expiry") != nil && d.Get("expiry") != "" {
 		expiryTime, err := time.Parse(time.RFC3339, d.Get("expiry").(string))
 		if err != nil {
 			return errors.Wrap(err, fmt.Sprintf("unable to parse expiry time %s", d.Get("expiry").(string)))
diff --git a/lacework/resource_lacework_vulnerability_exception_host.go b/lacework/resource_lacework_vulnerability_exception_host.go
index f7a87d49..564cc555 100644
--- a/lacework/resource_lacework_vulnerability_exception_host.go
+++ b/lacework/resource_lacework_vulnerability_exception_host.go
@@ -229,7 +229,7 @@ func resourceLaceworkVulnerabilityExceptionHostCreate(d *schema.ResourceData, me
 			Fixable:         d.Get("vulnerability_criteria.0.fixable").(bool),
 		}
 	)
-	if d.Get("expiry") != nil {
+	if d.Get("expiry") != nil && d.Get("expiry") != "" {
 		expiryTime, err := time.Parse(time.RFC3339, d.Get("expiry").(string))
 		if err != nil {
 			return errors.Wrap(err, fmt.Sprintf("unable to parse expiry time %s", d.Get("expiry").(string)))
@@ -332,7 +332,7 @@ func resourceLaceworkVulnerabilityExceptionHostUpdate(d *schema.ResourceData, me
 		}
 	)
 
-	if d.Get("expiry") != nil {
+	if d.Get("expiry") != nil && d.Get("expiry") != "" {
 		expiryTime, err := time.Parse(time.RFC3339, d.Get("expiry").(string))
 		if err != nil {
 			return errors.Wrap(err, fmt.Sprintf("unable to parse expiry time %s", d.Get("expiry").(string)))