Update terraform provider

CHANGELOG.md

@@ -1,5 +1,13 @@
 # Changelog
 
+## [0.6.2] - 2024-06-24
+
+### Fixed
+
+- Handle list ordering
+- Ip list state
+- Ignore items when not set
+
 ## [0.6.1] - 2024-06-11
 
 ### Fixed

VERSION

@@ -1 +1 @@
-0.6.1
+0.6.2

docs/index.md

@@ -47,6 +47,26 @@ resource "impart_spec" "example" {
   # }
 }
 
+# Create a new list
+resource "impart_list" "example" {
+  name = "list_example"
+  kind = "string"
+}
+
+# Create a new rule script
+resource "impart_rule_script" "example" {
+  name        = "example"
+  disabled    = false
+  description = "Rule description"
+  content     = <<EOF
+import { List } from "asruleslib";
+
+// Reference the list
+let list = new List("${resource.impart_list.example.id}");
+...
+  EOF
+}
+
 # Create a new notification template
 resource "impart_notification_template" "test" {
   name         = "terraform_notification_template"

docs/resources/list.md

@@ -10,7 +10,23 @@ description: |-
 
 Manage a list.
 
-
+## Example Usage
+
+```terraform
+# Create a new list
+resource "impart_list" "example" {
+  name = "list_example"
+  kind = "string"
+  items = [
+    {
+      value = "item1",
+    },
+    {
+      value = "item2",
+    }
+  ]
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

docs/resources/monitor.md

@@ -17,7 +17,7 @@ Manage a monitor.
 resource "impart_monitor" "test_event" {
   name                      = "terraform_event_monitor"
   description               = "test event monitor"
-  notification_template_ids = [resource.impart_notification_template.test.id]
+  notification_template_ids = ["<notification_template_id>"]
   conditions = [
     {
       threshold   = 1,
@@ -38,7 +38,7 @@ resource "impart_monitor" "test_event" {
 resource "impart_monitor" "test_metric" {
   name                      = "terraform_event_monitor"
   description               = "test event monitor"
-  notification_template_ids = [resource.impart_notification_template.test.id]
+  notification_template_ids = ["<notification_template_id>"]
   conditions = [
     {
       threshold   = 1,

docs/resources/notification_template.md

@@ -16,7 +16,7 @@ Manage an notification template.
 # Create a new notification template
 resource "impart_notification_template" "example" {
   name         = "notification_template_example"
-  connector_id = resource.impart_connector.example_connector.id
+  connector_id = "<example_connector.id>"
   payload      = "This is a test message payload"
   subject      = "Test subject"
   destination  = ["test-destination-id"]

docs/resources/rule_script_dependencies.md

@@ -16,8 +16,8 @@ Manage rule script dependencies. There should only ever be one instance of this
 resource "impart_rule_script_dependencies" "example" {
   dependencies = [
     {
-      "rule_script_id" : resource.impart_rule_script.example_1.id,
-      "depends_on_rule_script_ids" : [resource.impart_rule_script.example_2.id]
+      "rule_script_id" : "<example_1.id>",
+      "depends_on_rule_script_ids" : ["<example_2.id>"]
     }
   ]
 }

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/hashicorp/terraform-plugin-go v0.23.0
 	github.com/hashicorp/terraform-plugin-log v0.9.0
 	github.com/hashicorp/terraform-plugin-testing v1.8.0
-	golang.org/x/oauth2 v0.20.0
+	golang.org/x/oauth2 v0.21.0
 )
 
 require (
@@ -23,7 +23,7 @@ require (
 	github.com/armon/go-radix v1.0.0 // indirect
 	github.com/bgentry/speakeasy v0.1.0 // indirect
 	github.com/bmatcuk/doublestar/v4 v4.6.1 // indirect
-	github.com/cloudflare/circl v1.3.8 // indirect
+	github.com/cloudflare/circl v1.3.9 // indirect
 	github.com/fatih/color v1.17.0 // indirect
 	github.com/go-test/deep v1.0.4 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
@@ -40,7 +40,7 @@ require (
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/hashicorp/go-version v1.7.0 // indirect
 	github.com/hashicorp/hc-install v0.7.0 // indirect
-	github.com/hashicorp/hcl/v2 v2.20.1 // indirect
+	github.com/hashicorp/hcl/v2 v2.21.0 // indirect
 	github.com/hashicorp/logutils v1.0.0 // indirect
 	github.com/hashicorp/terraform-exec v0.21.0 // indirect
 	github.com/hashicorp/terraform-json v0.22.1 // indirect
@@ -79,9 +79,9 @@ require (
 	golang.org/x/text v0.16.0 // indirect
 	golang.org/x/tools v0.22.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240509183442-62759503f434 // indirect
-	google.golang.org/grpc v1.63.2 // indirect
-	google.golang.org/protobuf v1.34.1 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240617180043-68d350f18fd4 // indirect
+	google.golang.org/grpc v1.64.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -28,8 +28,8 @@ github.com/bmatcuk/doublestar/v4 v4.6.1 h1:FH9SifrbvJhnlQpztAx++wlkk70QBf0iBWDwN
 github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
 github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA=
 github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8=
-github.com/cloudflare/circl v1.3.8 h1:j+V8jJt09PoeMFIu2uh5JUyEaIHTXVOHslFoLNAKqwI=
-github.com/cloudflare/circl v1.3.8/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU=
+github.com/cloudflare/circl v1.3.9 h1:QFrlgFYf2Qpi8bSpVPK1HBvWpx16v/1TZivyo7pGuBE=
+github.com/cloudflare/circl v1.3.9/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU=
 github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
 github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -90,8 +90,8 @@ github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKe
 github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
 github.com/hashicorp/hc-install v0.7.0 h1:Uu9edVqjKQxxuD28mR5TikkKDd/p55S8vzPC1659aBk=
 github.com/hashicorp/hc-install v0.7.0/go.mod h1:ELmmzZlGnEcqoUMKUuykHaPCIR1sYLYX+KSggWSKZuA=
-github.com/hashicorp/hcl/v2 v2.20.1 h1:M6hgdyz7HYt1UN9e61j+qKJBqR3orTWbI1HKBJEdxtc=
-github.com/hashicorp/hcl/v2 v2.20.1/go.mod h1:TZDqQ4kNKCbh1iJp99FdPiUaVDDUPivbqxZulxDYqL4=
+github.com/hashicorp/hcl/v2 v2.21.0 h1:lve4q/o/2rqwYOgUg3y3V2YPyD1/zkCLGjIV74Jit14=
+github.com/hashicorp/hcl/v2 v2.21.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA=
 github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y=
 github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=
 github.com/hashicorp/terraform-exec v0.21.0 h1:uNkLAe95ey5Uux6KJdua6+cv8asgILFVWkd/RG0D2XQ=
@@ -204,8 +204,8 @@ github.com/yuin/goldmark-meta v1.1.0 h1:pWw+JLHGZe8Rk0EGsMVssiNb/AaPMHfSRszZeUei
 github.com/yuin/goldmark-meta v1.1.0/go.mod h1:U4spWENafuA7Zyg+Lj5RqK/MF+ovMYtBvXi1lBb2VP0=
 github.com/zclconf/go-cty v1.14.4 h1:uXXczd9QDGsgu0i/QFR/hzI5NYCHLf6NQw/atrbnhq8=
 github.com/zclconf/go-cty v1.14.4/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE=
-github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b h1:FosyBZYxY34Wul7O/MSKey3txpPYyCqVO5ZyceuQJEI=
-github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8=
+github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo=
+github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM=
 go.abhg.dev/goldmark/frontmatter v0.2.0 h1:P8kPG0YkL12+aYk2yU3xHv4tcXzeVnN+gU0tJ5JnxRw=
 go.abhg.dev/goldmark/frontmatter v0.2.0/go.mod h1:XqrEkZuM57djk7zrlRUB02x8I5J0px76YjkOzhB4YlU=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -225,8 +225,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
 golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
 golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
-golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo=
-golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs=
+golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -268,14 +268,14 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
 google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240509183442-62759503f434 h1:umK/Ey0QEzurTNlsV3R+MfxHAb78HCEX/IkuR+zH4WQ=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240509183442-62759503f434/go.mod h1:I7Y+G38R2bu5j1aLzfFmQfTcU/WnFuqDwLZAbvKTKpM=
-google.golang.org/grpc v1.63.2 h1:MUeiw1B2maTVZthpU5xvASfTh3LDbxHd6IJ6QQVU+xM=
-google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240617180043-68d350f18fd4 h1:Di6ANFilr+S60a4S61ZM00vLdw0IrQOSMS2/6mrnOU0=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240617180043-68d350f18fd4/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY=
+google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY=
+google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
-google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
+google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

internal/provider/list_resource.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"net/http"
+	"net/netip"
 	"strings"
 	"time"
 
@@ -16,6 +17,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-framework/types/basetypes"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"go4.org/netipx"
 
 	openapiclient "github.com/impart-security/terraform-provider-impart/internal/client"
 )
@@ -121,6 +123,9 @@ func (r *ListResource) Schema(_ context.Context, _ resource.SchemaRequest, resp
 				Validators: []validator.List{
 					uniqueValue(),
 				},
+				PlanModifiers: []planmodifier.List{
+					ReplaceWhenStartTrackingItems(),
+				},
 			},
 		},
 	}
@@ -209,17 +214,9 @@ func (r *ListResource) Create(ctx context.Context, req resource.CreateRequest, r
 	if listResponse.Subkind != nil {
 		plan.Subkind = types.StringValue(string(*listResponse.Subkind))
 	}
-	if len(listResponse.Items) > 0 {
-		valueElements := make([]listItemModel, len(listResponse.Items))
-		for i, v := range listResponse.Items {
-			valueElements[i] = listItemModel{
-				Value: types.StringValue(v.Value),
-			}
-			if !v.GetExpiration().IsZero() {
-				valueElements[i].Expiration = types.StringValue(v.GetExpiration().Format(time.RFC3339))
-			}
-		}
-		plan.Items = valueElements
+
+	if plan.Items != nil && len(listResponse.Items) > 0 {
+		applyResponseToState(listResponse, &plan)
 	}
 
 	// Set state to fully populated data
@@ -270,17 +267,10 @@ func (r *ListResource) Read(ctx context.Context, req resource.ReadRequest, resp
 		state.Subkind = types.StringValue(string(*listResponse.Subkind))
 	}
 
-	if len(listResponse.Items) > 0 {
-		valueElements := make([]listItemModel, len(listResponse.Items))
-		for i, v := range listResponse.Items {
-			valueElements[i] = listItemModel{
-				Value: types.StringValue(v.Value),
-			}
-			if !v.GetExpiration().IsZero() {
-				valueElements[i].Expiration = types.StringValue(v.GetExpiration().Format(time.RFC3339))
-			}
-		}
-		state.Items = valueElements
+	// Because we cannot pull config to check here
+	// ReplaceWhenStartTrackingItems plan modifier is used to relacea list resource when items goes from null to set
+	if state.Items != nil {
+		applyResponseToState(listResponse, &state)
 	}
 
 	// Set refreshed state
@@ -344,27 +334,18 @@ func (r *ListResource) Update(ctx context.Context, req resource.UpdateRequest, r
 
 	// Overwrite the list with refreshed state
 	newState := listResourceModel{
-		ID:   types.StringValue(listResponse.Id),
-		Name: types.StringValue(listResponse.Name),
-		Kind: types.StringValue(string(listResponse.Kind)),
+		ID:    types.StringValue(listResponse.Id),
+		Name:  types.StringValue(listResponse.Name),
+		Kind:  types.StringValue(string(listResponse.Kind)),
+		Items: plan.Items,
 	}
 
 	if listResponse.Subkind != nil {
 		newState.Subkind = types.StringValue(string(*listResponse.Subkind))
 	}
 
-	if len(listResponse.Items) > 0 {
-		valueElements := make([]listItemModel, len(listResponse.Items))
-		for i, v := range listResponse.Items {
-			valueElements[i] = listItemModel{
-				Value: types.StringValue(v.Value),
-			}
-
-			if !v.GetExpiration().IsZero() {
-				valueElements[i].Expiration = types.StringValue(v.GetExpiration().Format(time.RFC3339))
-			}
-		}
-		newState.Items = valueElements
+	if plan.Items != nil {
+		applyResponseToState(listResponse, &newState)
 	}
 
 	// Set the refreshed state
@@ -499,3 +480,77 @@ func compareStringValues(a, b types.String) bool {
 	// Compare actual values
 	return a.ValueString() == b.ValueString()
 }
+
+func applyResponseToState(listResponse *openapiclient.List, state *listResourceModel) {
+	responseItemsMap := make(map[string]openapiclient.ListItemsInner)
+	for _, item := range listResponse.Items {
+		responseItemsMap[item.Value] = item
+	}
+
+	valueElements := make([]listItemModel, len(listResponse.Items))
+	pos := 0
+	for _, item := range state.Items {
+		normalized := getListItemRepresentation(state.Kind.ValueString(), item.Value.ValueString())
+		val, ok := responseItemsMap[normalized]
+
+		if ok {
+			valueElements[pos] = item
+			delete(responseItemsMap, val.Value)
+			if !val.GetExpiration().IsZero() {
+				valueElements[pos].Expiration = types.StringValue(val.GetExpiration().Format(time.RFC3339))
+			}
+			pos++
+		}
+	}
+
+	// Append new items
+	for _, v := range responseItemsMap {
+		valueElements[pos] = listItemModel{
+			Value: types.StringValue(v.Value),
+		}
+		if !v.GetExpiration().IsZero() {
+			valueElements[pos].Expiration = types.StringValue(v.GetExpiration().Format(time.RFC3339))
+		}
+		pos++
+	}
+
+	state.Items = valueElements
+}
+
+func getListItemRepresentation(kind string, item string) string {
+	if kind == "ip" {
+		ipRange, ok := parsePrefixRangeOrAddr(item)
+		if ok {
+			return ipRange.String()
+		}
+	}
+
+	return item
+}
+
+func parsePrefixRangeOrAddr(s string) (ipRange netipx.IPRange, ok bool) {
+	switch {
+	case strings.IndexByte(s, '-') > 0:
+		var err error
+		ipRange, err = netipx.ParseIPRange(s)
+		if err != nil || !ipRange.IsValid() {
+			return ipRange, false
+		}
+
+		return ipRange, true
+	case strings.LastIndexByte(s, '/') > 0:
+		prefix, err := netip.ParsePrefix(s)
+		if err != nil || !prefix.IsValid() {
+			return ipRange, false
+		}
+
+		return netipx.RangeOfPrefix(prefix), true
+	default:
+		addr, err := netip.ParseAddr(s)
+		if err != nil || !addr.IsValid() {
+			return ipRange, false
+		}
+
+		return netipx.IPRangeFrom(addr, addr), true
+	}
+}