add opslevel_check_code_issue (#523)

* add opslevel_check_code_issue

* update opslevel_modules submodule hash

* WIP: update tests and CodeIssue update logic

* better tests, updated per downstream updates

* PR feedback

* add example for opslevel_check_code_issue

.changes/unreleased/Feature-20241022-161548.yaml

@@ -0,0 +1,3 @@
+kind: Feature
+body: Add new resource to manage Code Issue Checks - 'opslevel_check_code_issue'
+time: 2024-10-22T16:15:48.980301-05:00

examples/resources/opslevel_check_code_issue/import.sh

@@ -0,0 +1 @@
+terraform import opslevel_check_code_issue.example Z2lkOi8vb3BzbGV2ZWwvU2VydmljZS82MDI0

examples/resources/opslevel_check_code_issue/resource.tf

@@ -0,0 +1,59 @@
+data "opslevel_rubric_category" "security" {
+  filter {
+    field = "name"
+    value = "Security"
+  }
+}
+
+data "opslevel_rubric_level" "bronze" {
+  filter {
+    field = "name"
+    value = "Bronze"
+  }
+}
+
+data "opslevel_team" "devs" {
+  alias = "developers"
+}
+
+data "opslevel_filter" "tier1" {
+  filter {
+    field = "name"
+    value = "Tier 1"
+  }
+}
+
+resource "opslevel_check_code_issue" "example" {
+  name         = "foo"
+  pass_pending = true
+  enabled      = true
+  # To set a future enable date remove field 'enabled' and use 'enable_on'
+  # enable_on = "2022-05-23T14:14:18.782000Z"
+  category = data.opslevel_rubric_category.security.id
+  level    = data.opslevel_rubric_level.bronze.id
+  owner    = data.opslevel_team.devs.id
+  filter   = data.opslevel_filter.tier1.id
+  notes    = "Optional additional info on why this check is run or how to fix it"
+
+  constraint = "any"
+  issue_name = "CVE-2024-0001"
+  issue_type = [
+    "snyk:code",
+    "snyk:cloud",
+    "snyk:config",
+    "snyk:custom",
+    "snyk:license",
+    "snyk:package_vulnerability",
+  ]
+  max_allowed = 5
+  resolution_time = {
+    unit  = "day"
+    value = 3
+  }
+  severity = [
+    "snyk:critical",
+    "snyk:low",
+    "snyk:medium",
+    "snyk:high",
+  ]
+}

opslevel/provider.go

@@ -171,6 +171,7 @@ func (p *OpslevelProvider) Resources(context.Context) []func() resource.Resource
 	return []func() resource.Resource{
 		NewAliasResource,
 		NewCheckAlertSourceUsageResource,
+		NewCheckCodeIssueResource,
 		NewCheckCustomEventResource,
 		NewCheckGitBranchProtectionResource,
 		NewCheckHasDocumentationResource,

opslevel/resource_opslevel_check_base.go

@@ -30,6 +30,32 @@ type CheckCodeBaseResourceModel struct {
 	Owner       types.String `tfsdk:"owner"`
 }
 
+func NewCheckCodeBaseResourceModel(check opslevel.Check, givenModel CheckCodeBaseResourceModel) CheckCodeBaseResourceModel {
+	var stateModel CheckCodeBaseResourceModel
+
+	stateModel.Category = RequiredStringValue(string(check.Category.Id))
+	stateModel.Description = ComputedStringValue(check.Description)
+	if givenModel.Enabled.IsNull() {
+		stateModel.Enabled = types.BoolValue(false)
+	} else {
+		stateModel.Enabled = OptionalBoolValue(&check.Enabled)
+	}
+	if givenModel.EnableOn.IsNull() {
+		stateModel.EnableOn = types.StringNull()
+	} else {
+		// We pass through the plan value because of time formatting issue to ensure the state gets the exact value the customer specified
+		stateModel.EnableOn = givenModel.EnableOn
+	}
+	stateModel.Filter = OptionalStringValue(string(check.Filter.Id))
+	stateModel.Id = ComputedStringValue(string(check.Id))
+	stateModel.Level = RequiredStringValue(string(check.Level.Id))
+	stateModel.Name = RequiredStringValue(check.Name)
+	stateModel.Notes = OptionalStringValue(check.Notes)
+	stateModel.Owner = OptionalStringValue(string(check.Owner.Team.Id))
+
+	return stateModel
+}
+
 var checkBaseAttributes = map[string]schema.Attribute{
 	"category": schema.StringAttribute{
 		Description: "The id of the category the check belongs to.",