feat: Add policy types support (#93)

* refactor: Move data marshalling to it's own method

* chore: Increase the Secure policy timeout to 5 minutes

* chore: Increase all timeouts to 5 minutes

* feat: Add policy types support

sysdig/data_source_sysdig_current_user.go

@@ -10,7 +10,7 @@ import (
 )
 
 func dataSourceSysdigCurrentUser() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		ReadContext: dataSourceSysdigCurrentUserRead,

sysdig/data_source_sysdig_secure_notification_channel.go

@@ -22,7 +22,7 @@ const (
 )
 
 func dataSourceSysdigSecureNotificationChannel() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		ReadContext: dataSourceSysdigNotificationChannelRead,

sysdig/data_source_sysdig_user.go

@@ -10,7 +10,7 @@ import (
 )
 
 func dataSourceSysdigUser() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		ReadContext: dataSourceSysdigUserRead,

sysdig/internal/client/secure/models.go

@@ -19,6 +19,7 @@ type Policy struct {
 	Scope                  string   `json:"scope,omitempty"`
 	Version                int      `json:"version,omitempty"`
 	NotificationChannelIds []int    `json:"notificationChannelIds"`
+	Type                   string   `json:"type"`
 }
 
 type Action struct {

sysdig/resource_sysdig_monitor_alert_anomaly.go

@@ -12,7 +12,7 @@ import (
 )
 
 func resourceSysdigMonitorAlertAnomaly() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigAlertAnomalyCreate,

sysdig/resource_sysdig_monitor_alert_downtime.go

@@ -14,7 +14,7 @@ import (
 )
 
 func resourceSysdigMonitorAlertDowntime() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigAlertDowntimeCreate,

sysdig/resource_sysdig_monitor_alert_event.go

@@ -14,7 +14,7 @@ import (
 )
 
 func resourceSysdigMonitorAlertEvent() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigAlertEventCreate,

sysdig/resource_sysdig_monitor_alert_group_outlier.go

@@ -12,7 +12,7 @@ import (
 )
 
 func resourceSysdigMonitorAlertGroupOutlier() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigAlertGroupOutlierCreate,

sysdig/resource_sysdig_monitor_alert_metric.go

@@ -12,7 +12,7 @@ import (
 )
 
 func resourceSysdigMonitorAlertMetric() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigAlertMetricCreate,

sysdig/resource_sysdig_monitor_dashboard.go

@@ -16,7 +16,7 @@ import (
 )
 
 func resourceSysdigMonitorDashboard() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigDashboardCreate,

sysdig/resource_sysdig_monitor_notification_channel_email.go

@@ -14,7 +14,7 @@ import (
 )
 
 func resourceSysdigMonitorNotificationChannelEmail() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigMonitorNotificationChannelEmailCreate,

sysdig/resource_sysdig_monitor_notification_channel_opsgenie.go

@@ -15,7 +15,7 @@ import (
 )
 
 func resourceSysdigMonitorNotificationChannelOpsGenie() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigMonitorNotificationChannelOpsGenieCreate,

sysdig/resource_sysdig_monitor_notification_channel_pagerduty.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigMonitorNotificationChannelPagerduty() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigMonitorNotificationChannelPagerdutyCreate,

sysdig/resource_sysdig_monitor_notification_channel_slack.go

@@ -12,7 +12,7 @@ import (
 )
 
 func resourceSysdigMonitorNotificationChannelSlack() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigMonitorNotificationChannelSlackCreate,

sysdig/resource_sysdig_monitor_notification_channel_sns.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigMonitorNotificationChannelSNS() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigMonitorNotificationChannelSNSCreate,

sysdig/resource_sysdig_monitor_notification_channel_victorops.go

@@ -12,7 +12,7 @@ import (
 )
 
 func resourceSysdigMonitorNotificationChannelVictorOps() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigMonitorNotificationChannelVictorOpsCreate,

sysdig/resource_sysdig_monitor_notification_channel_webhook.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigMonitorNotificationChannelWebhook() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigMonitorNotificationChannelWebhookCreate,

sysdig/resource_sysdig_monitor_team.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigMonitorTeam() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigMonitorTeamCreate,

sysdig/resource_sysdig_secure_notification_channel_email.go

@@ -14,7 +14,7 @@ import (
 )
 
 func resourceSysdigSecureNotificationChannelEmail() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigSecureNotificationChannelEmailCreate,

sysdig/resource_sysdig_secure_notification_channel_opsgenie.go

@@ -15,7 +15,7 @@ import (
 )
 
 func resourceSysdigSecureNotificationChannelOpsGenie() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigSecureNotificationChannelOpsGenieCreate,

sysdig/resource_sysdig_secure_notification_channel_pagerduty.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigSecureNotificationChannelPagerduty() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigSecureNotificationChannelPagerdutyCreate,

sysdig/resource_sysdig_secure_notification_channel_slack.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigSecureNotificationChannelSlack() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigSecureNotificationChannelSlackCreate,

sysdig/resource_sysdig_secure_notification_channel_sns.go

@@ -14,7 +14,7 @@ import (
 )
 
 func resourceSysdigSecureNotificationChannelSNS() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigSecureNotificationChannelSNSCreate,

sysdig/resource_sysdig_secure_notification_channel_victorops.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigSecureNotificationChannelVictorOps() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigSecureNotificationChannelVictorOpsCreate,

sysdig/resource_sysdig_secure_notification_channel_webhook.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigSecureNotificationChannelWebhook() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigSecureNotificationChannelWebhookCreate,

sysdig/resource_sysdig_secure_policy.go

@@ -27,7 +27,7 @@ var matchActions = map[string]string{
 }
 
 func resourceSysdigSecurePolicy() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigPolicyCreate,
@@ -54,6 +54,12 @@ func resourceSysdigSecurePolicy() *schema.Resource {
 				Type:     schema.TypeString,
 				Required: true,
 			},
+			"type": {
+				Type:             schema.TypeString,
+				Optional:         true,
+				Default:          "falco",
+				ValidateDiagFunc: validateDiagFunc(validation.StringInSlice([]string{"falco", "list_matching", "k8s_audit"}, false)),
+			},
 			"severity": {
 				Type:             schema.TypeInt,
 				Default:          4,
@@ -135,18 +141,56 @@ func resourceSysdigPolicyCreate(ctx context.Context, d *schema.ResourceData, met
 		return diag.FromErr(err)
 	}
 
-	d.SetId(strconv.Itoa(policy.ID))
-	d.Set("version", policy.Version)
+	policyToResourceData(&policy, d)
 
 	return nil
 }
 
+func policyToResourceData(policy *secure.Policy, d *schema.ResourceData) {
+	if policy.ID != 0 {
+		d.SetId(strconv.Itoa(policy.ID))
+	}
+
+	d.Set("name", policy.Name)
+	d.Set("description", policy.Description)
+	d.Set("scope", policy.Scope)
+	d.Set("enabled", policy.Enabled)
+	d.Set("version", policy.Version)
+	d.Set("severity", policy.Severity)
+
+	if policy.Type != "" {
+		d.Set("type", policy.Type)
+	} else {
+		d.Set("type", "falco")
+	}
+
+	actions := []map[string]interface{}{{}}
+	for _, action := range policy.Actions {
+		if action.Type != "POLICY_ACTION_CAPTURE" {
+			action := strings.Replace(action.Type, "POLICY_ACTION_", "", 1)
+			actions[0]["container"] = strings.ToLower(action)
+			d.Set("actions", actions)
+			//d.Set("actions.0.container", strings.ToLower(action))
+		} else {
+			actions[0]["capture"] = []map[string]interface{}{{
+				"seconds_after_event":  action.AfterEventNs / 1000000000,
+				"seconds_before_event": action.BeforeEventNs / 1000000000,
+			}}
+			d.Set("actions", actions)
+		}
+	}
+
+	d.Set("notification_channels", policy.NotificationChannelIds)
+	d.Set("rule_names", policy.RuleNames)
+}
+
 func policyFromResourceData(d *schema.ResourceData) secure.Policy {
 	policy := secure.Policy{
 		Name:        d.Get("name").(string),
 		Description: d.Get("description").(string),
 		Severity:    d.Get("severity").(int),
 		Enabled:     d.Get("enabled").(bool),
+		Type:        d.Get("type").(string),
 	}
 
 	scope := d.Get("scope").(string)
@@ -211,33 +255,10 @@ func resourceSysdigPolicyRead(ctx context.Context, d *schema.ResourceData, meta
 
 	if err != nil {
 		d.SetId("")
+		return diag.FromErr(err)
 	}
 
-	d.Set("name", policy.Name)
-	d.Set("description", policy.Description)
-	d.Set("scope", policy.Scope)
-	d.Set("enabled", policy.Enabled)
-	d.Set("version", policy.Version)
-	d.Set("severity", policy.Severity)
-
-	actions := []map[string]interface{}{{}}
-	for _, action := range policy.Actions {
-		if action.Type != "POLICY_ACTION_CAPTURE" {
-			action := strings.Replace(action.Type, "POLICY_ACTION_", "", 1)
-			actions[0]["container"] = strings.ToLower(action)
-			d.Set("actions", actions)
-			//d.Set("actions.0.container", strings.ToLower(action))
-		} else {
-			actions[0]["capture"] = []map[string]interface{}{{
-				"seconds_after_event":  action.AfterEventNs / 1000000000,
-				"seconds_before_event": action.BeforeEventNs / 1000000000,
-			}}
-			d.Set("actions", actions)
-		}
-	}
-
-	d.Set("notification_channels", policy.NotificationChannelIds)
-	d.Set("rule_names", policy.RuleNames)
+	policyToResourceData(&policy, d)
 
 	return nil
 }
@@ -254,6 +275,7 @@ func resourceSysdigPolicyDelete(ctx context.Context, d *schema.ResourceData, met
 	if err != nil {
 		return diag.FromErr(err)
 	}
+
 	return nil
 }
 

sysdig/resource_sysdig_secure_rule_filesystem.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigSecureRuleFilesystem() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigRuleFilesystemCreate,

sysdig/resource_sysdig_secure_rule_network.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigSecureRuleNetwork() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigRuleNetworkCreate,

sysdig/resource_sysdig_secure_team.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigSecureTeam() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigSecureTeamCreate,

sysdig/resource_sysdig_secure_vulnerability_exception.go

@@ -13,7 +13,7 @@ import (
 )
 
 func resourceSysdigSecureVulnerabilityException() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigVulnerabilityExceptionCreate,

sysdig/resource_sysdig_secure_vulnerability_exception_list.go

@@ -11,7 +11,7 @@ import (
 )
 
 func resourceSysdigSecureVulnerabilityExceptionList() *schema.Resource {
-	timeout := 30 * time.Second
+	timeout := 5 * time.Minute
 
 	return &schema.Resource{
 		CreateContext: resourceSysdigVulnerabilityExceptionListCreate,