search

jfrog / terraform-provider-xray

Terraform provider to manage JFrog Xray
https://jfrog.com/xray/
Apache License 2.0
151 stars 12 forks source link

Provider crashes #120

Closed timdittler closed 1 year ago

timdittler commented 1 year ago

Describe the bug I want to update a policy which I created manually. The plan looks fine, but in apply phase the plugin crashes.

resource "xray_security_policy" "all-critical" {
  name        = "all_critical_vulnerabilities"
  type        = "security"

  rule {
    name     = "all_critical_vulnerabilities"
    priority = 1

    criteria {
      min_severity = "Critical"
    }
  }

  rule {
    name     = "cvss9+"
    priority = 2

    criteria {

      cvss_range {
        from = 9.0
        to   = 10.0
      }
    }
  }
}

Expected behavior Output of tf plan:

  # xray_security_policy.all-critical will be updated in-place
  ~ resource "xray_security_policy" "all-critical" {
        id          = "all_critical_vulnerabilities"
        name        = "all_critical_vulnerabilities"
        # (4 unchanged attributes hidden)

      ~ rule {
            name     = "all_critical_vulnerabilities"
            # (1 unchanged attribute hidden)

          - actions {
              - block_release_bundle_distribution  = false -> null
              - build_failure_grace_period_in_days = 0 -> null
              - create_ticket_enabled              = false -> null
              - fail_build                         = false -> null
              - mails                              = [] -> null
              - notify_deployer                    = false -> null
              - notify_watch_recipients            = false -> null
              - webhooks                           = [] -> null

              - block_download {
                  - active    = false -> null
                  - unscanned = false -> null
                }
            }

          - criteria {
              - fix_version_dependant = true -> null
              - malicious_package     = false -> null
              - min_severity          = "Critical" -> null
              - vulnerability_ids     = [] -> null
            }
          + criteria {
              + fix_version_dependant = false
              + malicious_package     = false
              + min_severity          = "Critical"
              + vulnerability_ids     = []
            }
        }
      ~ rule {
            name     = "cvss9+"
            # (1 unchanged attribute hidden)

          - actions {
              - block_release_bundle_distribution  = false -> null
              - build_failure_grace_period_in_days = 0 -> null
              - create_ticket_enabled              = false -> null
              - fail_build                         = false -> null
              - mails                              = [] -> null
              - notify_deployer                    = false -> null
              - notify_watch_recipients            = false -> null
              - webhooks                           = [] -> null

              - block_download {
                  - active    = false -> null
                  - unscanned = false -> null
                }
            }

            # (1 unchanged block hidden)
        }
    }

Additional context

Stack trace from the terraform-provider-xray_v1.13.0 plugin:

panic: runtime error: index out of range [0] with length 0

goroutine 68 [running]:
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackActions(0x0?)
github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:460 +0x836
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackRules({0xc00068bde0?, 0x2, 0x48cb8a?}, {0xc00028fda0, 0x8})
github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:296 +0x28e
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackPolicy(0x203000?)
github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:278 +0x225
github.com/jfrog/terraform-provider-xray/pkg/xray.resourceXrayPolicyUpdate({0xd7c320, 0xc00068d740}, 0xc0000c9600, {0xb9e820?, 0xc0002923f0?})
github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:754 +0x65
github.com/jfrog/terraform-provider-shared/util.applyTelemetry.func1({0xd7c320?, 0xc00068d740}, 0xb65d60?, {0xb9e820?, 0xc0002923f0})
github.com/jfrog/terraform-provider-shared@v1.14.0/util/util.go:233 +0x223
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).update(0xc00012ec40, {0xd7c358, 0xc00019a4e0}, 0xd?, {0xb9e820, 0xc0002923f0})
github.com/hashicorp/terraform-plugin-sdk/v2@v2.14.0/helper/schema/resource.go:741 +0x12e
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).Apply(0xc00012ec40, {0xd7c358, 0xc00019a4e0}, 0xc000438c30, 0xc0000c8000, {0xb9e820, 0xc0002923f0})
github.com/hashicorp/terraform-plugin-sdk/v2@v2.14.0/helper/schema/resource.go:847 +0x82c
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ApplyResourceChange(0xc0001279b0, {0xd7c2b0?, 0xc000285740?}, 0xc0003d0b90)
github.com/hashicorp/terraform-plugin-sdk/v2@v2.14.0/helper/schema/grpc_provider.go:1021 +0xe3c
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ApplyResourceChange(0xc000337900, {0xd7c358?, 0xc000423a70?}, 0xc000271f10)
github.com/hashicorp/terraform-plugin-go@v0.9.0/tfprotov5/tf5server/server.go:812 +0x515
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0xc0f6a0?, 0xc000337900}, {0xd7c358, 0xc000423a70}, 0xc00028be00, 0x0)
github.com/hashicorp/terraform-plugin-go@v0.9.0/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:385 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0xc000140700, {0xd7ed30, 0xc00029c9c0}, 0xc0004caa20, 0xc000422900, 0x1206ce0, 0x0)
google.golang.org/grpc@v1.45.0/server.go:1282 +0xccf
google.golang.org/grpc.(*Server).handleStream(0xc000140700, {0xd7ed30, 0xc00029c9c0}, 0xc0004caa20, 0x0)
google.golang.org/grpc@v1.45.0/server.go:1619 +0xa1b
google.golang.org/grpc.(*Server).serveStreams.func1.2()
google.golang.org/grpc@v1.45.0/server.go:921 +0x98
created by google.golang.org/grpc.(*Server).serveStreams.func1
google.golang.org/grpc@v1.45.0/server.go:919 +0x28a

Error: The terraform-provider-xray_v1.13.0 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.
danielmkn commented 1 year ago

Hi, @timdittler! When the user creates a policy without an actions block with the API, this block exists by default anyway. Example: 

        "actions": {
            "block_download": {
                "unscanned": false,
                "active": false
            }
        },

This object in the API response will create a state drift if the actions is absent in the HCL.
We incline to make this block required to avoid confusion.

danielmkn commented 1 year ago

The fix is released in v1.14.0, actions is a required block now, because it exists in the response body.

timdittler commented 1 year ago

Thank you. Works for me.