Add extra condition when setting value to null (#77)

* Add extra condition when setting value to null * update code comments to assist future improvements * refactor custom rule documentation with null example * add in Terraform documentation tip * update README.md title * update all value notes in the docs
trendmicro · Feb 11, 2024 · bca02ac · bca02ac
1 parent d1e5985
commit bca02ac
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -1,3 +1,5 @@
+# Conformity Terraform Provider
+
 ## How to set up local machine:
 
 #### 1. Navigate to project directory:
@@ -46,6 +48,9 @@ Ensure `terraform.tfvars` is included in `.gitignore` so these secrets are not a
 
 Terraform provides a way of reading variables from the environment: https://www.terraform.io/docs/cli/config/environment-variables.html#tf_var_name
 
+## Updating documentation
+Use the [Doc Preview Tool](https://registry.terraform.io/tools/doc-preview) to understand how the markdown will look once released. The [Provider Documentation](https://developer.hashicorp.com/terraform/registry/providers/docs) can also provide further guidance.
+
 ## How to release
 ### Steps
 #### 1. Go to terraform provider GitHub: https://github.com/trendmicro/terraform-provider-conformity/releases

diff --git a/conformity/resource_conformity_custom_rule.go b/conformity/resource_conformity_custom_rule.go
@@ -360,7 +360,7 @@ func processInputCustomRuleConditions(conditionsIn []interface{}) []cloudconform
 		obj.Path = m["path"].(string)
 		/*
 			Custom Rule Conditions has an attribute of `value` that can accept a
-			string, boolean, integer, or an object. Anything other than string needs
+			string, null, boolean, integer, or an object. Anything other than string needs
 			to be encoded using the built-in Terraform function `jsonencode()`.
 			Below we are assigning objValue with an instance of the ObjectValue struct
 			that defines the variables that the Custom Rules API will accept.
@@ -370,6 +370,9 @@ func processInputCustomRuleConditions(conditionsIn []interface{}) []cloudconform
 			obj.Value, _ = strconv.ParseBool(m["value"].(string))
 		} else if numValue, err := strconv.Atoi(m["value"].(string)); err == nil {
 			obj.Value = numValue
+		} else if m["value"].(string) == "null" {
+			// `nil` will be marshalled to `null` before sent to custom rules API
+			obj.Value = nil
 		} else if err := json.Unmarshal([]byte(m["value"].(string)), &objValue); err == nil {
 			obj.Value = objValue
 		} else {

diff --git a/docs/resources/conformity_custom_rule.md b/docs/resources/conformity_custom_rule.md
@@ -97,12 +97,9 @@ A `condition` block supports the following
 * `fact` (Required) The input value from the corresponding attribute name.
 * `operator` (Required) A string value of the operator used to evaluate the input value.
 * `path` (Optional) Secondary JSONPath query to apply to further evaluate nested data.
-* `value` (Required) The expected value from the JSONPath query. This can be a string, number, boolean, or object.
+* `value` (Required) The expected value from the JSONPath query. This can be a string, number, boolean, null, or object.
 
-    ~> **NOTE:** If the `value` is either a number, boolean, or object. It **must** be encoded using the built-in `jsonencode` function. e.g. 
-    * Number: `value = jsonencode(86400)`
-    * Boolean: `value = jsonencode(true)`
-    * Object: `value=jsonencode({"days"=20,"operator"="within"})`
+~> **NOTE:** If the `value` is either a number, boolean, null, or object. It **must** be encoded using the built-in `jsonencode` function. e.g. **Number**: `value = jsonencode(86400)`, **Boolean**: `value = jsonencode(true)`, **Null**: `value = jsonencode(null)`, **Object**: `value = jsonencode({"days"=20,"operator"="within"})`
 
 A `value` block can be defined using the built-in Terraform `jsonencode()` function but must follow the structure below
 * `days` (Required) The number of days to compare against.