search

jfrog / terraform-provider-xray

Terraform provider to manage JFrog Xray
https://jfrog.com/xray/
Apache License 2.0
149 stars 12 forks source link

XRay security_policy & license_policy modules Plugin Crashing #158

Closed chandama closed 8 months ago

chandama commented 8 months ago

Describe the bug We are trying to use the terraform-provider-xray to deploy License and CVSS policies using terraform modules. When running terraform apply, the following error is encountered:

╷
│ Error: Plugin did not respond
│ 
│   with module.AGPL_license.xray_license_policy.banned_licenses,
│   on ../modules/xray_license_policy/main.tf line 9, in resource "xray_license_policy" "banned_licenses":
│    9: resource "xray_license_policy" "banned_licenses" {
│ 
│ The plugin encountered an error, and failed to respond to the
│ plugin.(*GRPCProvider).ApplyResourceChange call. The plugin logs may
│ contain more details.
╵

The stack trace for the error:

Stack trace from the terraform-provider-xray_v2.1.0 plugin:

panic: interface conversion: interface {} is nil, not []interface {}

goroutine 40 [running]:
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackSecurityCriteria(0xc0006f4fa0?)
    github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:322 +0x674
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackCriteria(0xbc1b80?, {0xc00062d8e0, 0x8})
    github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:409 +0x9a
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackRules(0x4764b8?, {0xc00062d8e0, 0x8})
    github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:296 +0x206
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackPolicy(0x410225?)
    github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:281 +0x249
github.com/jfrog/terraform-provider-xray/pkg/xray.resourceXrayPolicyCreate({0xdf0df0, 0xc0005d0f50}, 0xc000620e18?, {0xc47900?, 0xc00060e240?})
    github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:712 +0x51
github.com/jfrog/terraform-provider-shared/util/sdk.AddTelemetry.applyTelemetry.func1({0xdf0df0?, 0xc0005d0f50}, 0x0?, {0xc47900?, 0xc00060e240})
    github.com/jfrog/terraform-provider-shared@v1.21.1/util/sdk/sdk.go:188 +0x267
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).create(0xc000118fc0, {0xdf0d48, 0xc0006da3f0}, 0xd?, {0xc47900, 0xc00060e240})
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/resource.go:778 +0x11b
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).Apply(0xc000118fc0, {0xdf0d48, 0xc0006da3f0}, 0xc0006bf930, 0xc00047e000, {0xc47900, 0xc00060e240})
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/resource.go:909 +0xa7e
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ApplyResourceChange(0xc000361cc8, {0xdf0d48?, 0xc0006da300?}, 0xc0006c89b0)
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/grpc_provider.go:1060 +0xdbc
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ApplyResourceChange(0xc00042a1e0, {0xdf0d48?, 0xc0006b5ad0?}, 0xc000640fc0)
    github.com/hashicorp/terraform-plugin-go@v0.19.0/tfprotov5/tf5server/server.go:859 +0x56a
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0xc83820?, 0xc00042a1e0}, {0xdf0d48, 0xc0006b5ad0}, 0xc000640f50, 0x0)
    github.com/hashicorp/terraform-plugin-go@v0.19.0/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:467 +0x169
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0001e01e0, {0xdf4e78, 0xc00037f380}, 0xc0006b90e0, 0xc000412c00, 0x1306538, 0x0)
    google.golang.org/grpc@v1.57.1/server.go:1358 +0xe15
google.golang.org/grpc.(*Server).handleStream(0xc0001e01e0, {0xdf4e78, 0xc00037f380}, 0xc0006b90e0, 0x0)
    google.golang.org/grpc@v1.57.1/server.go:1735 +0x9e7
google.golang.org/grpc.(*Server).serveStreams.func1.1()
    google.golang.org/grpc@v1.57.1/server.go:970 +0xbb
created by google.golang.org/grpc.(*Server).serveStreams.func1 in goroutine 27
    google.golang.org/grpc@v1.57.1/server.go:981 +0x145

Error: The terraform-provider-xray_v2.1.0 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.

Requirements for and issue

main.tf

resource "xray_license_policy" "banned_licenses" {
  name        = var.policyname
  description = var.description
  type        = var.type
  project_key = var.projectkey

  rule {
    name     = var.rulename
    priority = 1

    criteria {
      banned_licenses          = var.licenselist
      allow_unknown            = false
      multi_license_permissive = false
    }

    actions {
      webhooks                           = []
      mails                              = []
      block_release_bundle_distribution  = false
      fail_build                         = var.fail_build
      notify_watch_recipients            = true
      notify_deployer                    = true
      create_ticket_enabled              = false // set to true only if Jira integration is enabled
      custom_severity                    = var.custom_severity
      build_failure_grace_period_in_days = var.grace_period // use only if fail_build is enabled

      block_download {
        unscanned = true
        active    = true
      }
    }
  }
}

license_policy.tf

module "AGPL_license" {
  source = "../modules/xray_license_policy"
  policyname = "banned_licenses"
  description = "License policy to prohibit the use of AGPL and SSPL license types"
  type = "security"
  rulename = "AGPL_license_rule"
  projectkey = "testproj"
  licenselist = ["AGPL-1.0", "AGPL-3.0", "AGPL-3.0-only", "AGPL-3.0-or-later"]
  custom_severity = "Critical"
  fail_build = true
  grace_period = 7
}

variables.tf

variable policyname {
    type = string
    description = "Security policy name"
}
variable description {
    type = string
    description = "Description of the security policy"
}
variable rulename{
    type = string
    description = "Security rule name"
}

variable "type" {
    type = string
    description = "Type of security policy need to be created Values are 'cvss_score', 'min_severity', 'malicious_package' " 

}

variable "projectkey" {
    type = string
    description = "Name of the project to which the policy should apply"
    default = "all"
}

variable "licenselist" {
    type = list(string)
    description = "List of licenses to ban"
    default = []
}

variable "fail_build" {
  type = bool
  description = "fail build"
  default = true
}
variable "custom_severity" {
  type = string
  description = "fail build"
  default = "Medium"
}
variable "grace_period" {
  type = number
  description = "fail build"
  default = 7
}

TF Version: 1.7.0 Artifactory Version: 7.78.1 XRay Version: 3.87.9

Expected behavior TF Apply should create a new xray_license_policy.

alexhung commented 8 months ago

@chandama Thanks for the report. I'll add this to our plan to investigate. Note that I'll be on vacation next week so I won't get to this until Feb.

chandama commented 8 months ago

@alexhung Thanks. I'll add that we also are facing the same error using the xray_security_policy.

alexhung commented 8 months ago

@chandama I think I spot the mistake in your configuration. You have type = "security" in "license_policy.tf". It should be type = "license". This will fix the issue for you.

chandama commented 8 months ago

Thanks. That did indeed fix the issue. I'll close this issue.