search

jfrog / terraform-provider-xray

Terraform provider to manage JFrog Xray
https://jfrog.com/xray/
Apache License 2.0
151 stars 12 forks source link

Documentation at https://registry.terraform.io/providers/jfrog/xray/latest/docs/resources/ignore_rule#nested-schema-for-release_bundle has incorrect API example #285

Open brianwjfrog opened 2 days ago

brianwjfrog commented 2 days ago

Describe the bug https://registry.terraform.io/providers/jfrog/xray/latest/docs/resources/ignore_rule#nested-schema-for-release_bundle has incorrect example api call for ignore rule.

resource "xray_ignore_rule" "ignore-rule-5649816" {
  notes           = "notes"
  cves            = ["fake-cves", "cves-1"]
  expiration_date = "2023-10-25"
}

resource "xray_ignore_rule" "ignore-rule-2195938" {
  notes           = "notes"
  expiration_date = "2023-10-19"
  vulnerabilities = ["any"]

  build {
    name    = "name"
    version = "version"
  }
}

resource "xray_ignore_rule" "ignore-rule-2590577" {
  notes           = "notes"
  expiration_date = "2023-10-19"
  vulnerabilities = ["any"]

  component {
    name    = "name"
    version = "version"
  }
}

resource "xray_ignore_rule" "ignore-111" {
  notes            = "fake notes"
  expiration_date  = "2024-01-02"
  vulnerabilities  = ["any"]

  artifact {
    name    = "fake-name"
    version = "fake-version"
    path    = "invalid-path/"
  }
}

should be replaces with api call example from https://jfrog.com/help/r/xray-rest-apis/create-ignore-rule

Requirements for and issue This is a documentation issue as api call in https://registry.terraform.io/providers/jfrog/xray/latest/docs/resources/ignore_rule#nested-schema-for-release_bundle has incorrect sytnax. Need to be update with https://jfrog.com/help/r/xray-rest-apis/create-ignore-rule

Expected behavior Documentation at https://registry.terraform.io/providers/jfrog/xray/latest/docs/resources/ignore_rule#nested-schema-for-release_bundle need to be updated with correct example api.

Additional context Add any other context about the problem here.

alexhung commented 1 day ago

@brianwjfrog Thanks for the report.

I'm curious as to which part of the release_bundle attribute is incorrect?

Example for ignore rule with release_bundle:

resource "xray_ignore_rule" "ignore-release-bundle" {
  notes            = "fake notes"
  expiration_date  = "2024-01-02"
  vulnerabilities  = ["any"]

  release_bundle {
    name    = "fake-name"
    version = "fake-version"
  }
}

This matches the API documentation:

Image

If you are referring to the difference in singular for TF attribute and plural for API field, this is because Terraform convention suggests singular form for attribute block. When you need to specify multiple blocks, the configuration looks like this:

resource "xray_ignore_rule" "ignore-release-bundle" {
  notes            = "fake notes"
  expiration_date  = "2024-01-02"
  vulnerabilities  = ["any"]

  release_bundle {
    name    = "fake-name-1"
    version = "fake-version"
  }

  release_bundle {
    name    = "fake-name-2"
    version = "fake-version"
  }
}

Plural form is only used for attribute in list form. Here's a hypothetical example:

resource "xray_ignore_rule" "ignore-release-bundle" {
  notes            = "fake notes"
  expiration_date  = "2024-01-02"
  vulnerabilities  = ["any"]

  release_bundles = [
    {
      name    = "fake-name-1"
      version = "fake-version"
    },
    {
      name    = "fake-name-2"
      version = "fake-version"
    }
  ]
}

This form is not currently supported.

brianwjfrog commented 1 day ago

Sorry want to clarify. The customer is now stating the following on the issue.

It isn't linked to an attribute but to the complete request sent.

The API of Artifactory expects a request with data content:

{
    "notes": "ignore any violation for 'tstRB' release-bundle",
    "ignore_filters": {
        "vulnerabilities":[
            "any"
        ],
        "licenses":[
            "any"
        ],
        "release-bundles":[
            {
                "name":"tstRB"
            }
        ]
    }
}

But Terraform will send something like:

{
    "notes": "ignore any violation for 'tstRB' release-bundle",
    "ignore_filters": {
        "vulnerabilities":[
            "any"
        ],
        "licenses":[
            "any"
        ],
        "release_bundles":[
            {
                "name":"tstRB"
            }
        ]
    }
}

The issue is the _ on the request and not - on release_bundles (This means that ignore rules for release bundle didn't have be testing on a jfrog)

alexhung commented 1 day ago

@brianwjfrog Ah I see. Thanks for pointing that out!