terraform-provider-xray icon indicating copy to clipboard operation
terraform-provider-xray copied to clipboard

Published 20 hours ago verified publisher icon jfrog

Ignore rule expiration date doesn't work

Open luis-garza opened this issue 4 months ago • 4 comments

Describe the bug

The Ignore rule expiration date field doesn't work as expected. The ignore rule is created but with one day less in the expiration date from the date defined. So, any further plan or apply will end up with an inconsistency error:

Below is the snippet:

resource "xray_ignore_rule" "vulnerabilities" {
    cves            = [
        "CVE-2024-47554",
        "CVE-2024-7254",
    ]
    expiration_date = "2024-10-25"
    notes           = "CVE-7254-47554"
    project_key     = "foo"
    watches         = [
        "bar"
    ]
    component {
        name = "gav://com.google.protobuf:protobuf-java"
    }
    component {
        name = "gav://commons-io:commons-io"
    }
}

Below is the behavior:

xray_ignore_rule.vulnerabilities[CVE-7254-47554"]: Refreshing state... [id=d06ddbd2-fb64-4af7-4389-93ed974e39b5]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # xray_ignore_rule.vulnerabilities["CVE-7254-47554"] is tainted, so must be replaced
-/+ resource "xray_ignore_rule" "vulnerabilities" {
      ~ author          = "rxpinte0" -> (known after apply)
      ~ created         = "2024-10-18T08:47:52Z" -> (known after apply)
      ~ expiration_date = "2024-10-24" -> "2024-10-25"
      ~ id              = "d06ddbd2-fb64-4af7-4389-93ed974e39b5" -> (known after apply)
      ~ is_expired      = false -> (known after apply)
        # (4 unchanged attributes hidden)

        # (3 unchanged blocks hidden)
    }

Plan: 1 to add, 0 to change, 1 to destroy.
xray_ignore_rule.vulnerabilities["CVE-7254-47554"]: Destroying... [id=d06ddbd2-fb64-4af7-4389-93ed974e39b5]
xray_ignore_rule.vulnerabilities["CVE-7254-47554"]: Destruction complete after 0s
xray_ignore_rule.vulnerabilities["CVE-7254-47554"]: Creating...
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to
│ xray_ignore_rule.vulnerabilities["CVE-7254-47554"],
│ provider "provider[\"registry.terraform.io/jfrog/xray\"]" produced an
│ unexpected new value: .expiration_date: was cty.StringVal("2024-10-25"),
│ but now cty.StringVal("2024-10-24").
│ 
│ This is a bug in the provider, which should be reported in the provider's
│ own issue tracker.
╵

luis-garza avatar Oct 18 '24 09:10 luis-garza