terraform-provider-xray: XRAY - CVSS range doesn't support decimals
Description Hello Artifactory devs, I am trying to create new policy set for Xray. I found small problem in policy definition. I am using CVSS3 scoring system and it works with decimals.
Example:
resource "artifactory_xray_policy" "my_severity_policy" {
name = "my-severity"
description = "Managed by Terraform"
type = "security"
rules {
name = "high-severity-rule"
priority = 1
criteria {
cvss_range {
from = 7
to = 10
}
}
actions {
fail_build = false
mails = []
webhooks = []
block_download {
active = false
unscanned = false
}
}
}
}
Requirements for and issue
- I need to be able to work with decimals in code block like this:
cvss_range {
from = 7.1
to = 9.4
}
}
- My version of Artifactory is 7.15.4 rev
- My version of Terraform (Terraform v1.0.4)
Expected behavior I want to be able to work with more granular ranges then whole numbers. Its possible via console but not via Terraform.
Additional context This issue affects all the companies working with proper CVSS scoring and especially with https://www.first.org/cvss/calculator/3.0 . Working with granular policies allows to setup proper blocking, notification and watcher setup for X-Ray.
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Reactions: 1
- Comments: 15 (8 by maintainers)
Commits related to this issue
- GH-116 - switching branches — committed to jfrog/terraform-provider-artifactory by deleted user 3 years ago
- Merge branch 'master' into GH-116-xray-to-use-floats-for-cvss — committed to jfrog/terraform-provider-artifactory by deleted user 3 years ago
- GH-116 - change ints to floats for CVSS scoring. Untested — committed to jfrog/terraform-provider-artifactory by deleted user 3 years ago
- GH-1,GH-2 Xray policies v2. Decimals in CVSS range Support "multi_license_permissive" attribute for xray license policies — committed to jfrog/terraform-provider-xray by danielmkn 3 years ago
- Watch v2 (#9) - Xray API v2 support for watches and policies - Use of singular key names instead of plural - Use TypeSet instead of TypeList to prevent sorting problems in TF state with multiple el... — committed to jfrog/terraform-provider-xray by danielmkn 3 years ago
No, they have to be integration tests - Some of the tests passed and others had me scratching my head. It doesn’t help that resetting state can require me to create a whole new stack. I’ll get back to you
The documentation is is mud on this subject. However, I tried it with decimal scores and it was accepted via API. So, I will change the types and do some more testing.