fix(cli): making evaluatorId optional

Make evaluatorId optional for policies Move testing to policies ALLY-717
lacework · Nov 3, 2021 · a7da3c0 · a7da3c0
1 parent 7be96a7
commit a7da3c0
Show file tree

Hide file tree

Showing 6 changed files with 46 additions and 6 deletions.
diff --git a/api/lql.go b/api/lql.go
@@ -28,7 +28,7 @@ import (
 type NewQuery struct {
 	QueryID     string `json:"queryId" yaml:"queryId"`
 	QueryText   string `json:"queryText" yaml:"queryText"`
-	EvaluatorID string `json:"evaluatorId" yaml:"evaluatorId"`
+	EvaluatorID string `json:"evaluatorId,omitempty" yaml:"evaluatorId"`
 }
 
 type UpdateQuery struct {

diff --git a/api/lql_execute.go b/api/lql_execute.go
@@ -29,7 +29,7 @@ import (
 
 type ExecuteQuery struct {
 	QueryText   string `json:"queryText"`
-	EvaluatorID string `json:"evaluatorId"`
+	EvaluatorID string `json:"evaluatorId,omitempty"`
 }
 
 type ExecuteQueryArgument struct {

diff --git a/api/lql_validate.go b/api/lql_validate.go
@@ -20,7 +20,7 @@ package api
 
 type ValidateQuery struct {
 	QueryText   string `json:"queryText"`
-	EvaluatorID string `json:"evaluatorId"`
+	EvaluatorID string `json:"evaluatorId,omitempty"`
 }
 
 func (svc *QueryService) Validate(vq ValidateQuery) (

diff --git a/api/policy.go b/api/policy.go
@@ -35,7 +35,7 @@ type PolicyService struct {
 var ValidPolicySeverities = []string{"critical", "high", "medium", "low", "info"}
 
 type NewPolicy struct {
-	EvaluatorID   string `json:"evaluatorId" yaml:"evaluatorId"`
+	EvaluatorID   string `json:"evaluatorId,omitempty" yaml:"evaluatorId"`
 	PolicyID      string `json:"policyId" yaml:"policyId" `
 	PolicyType    string `json:"policyType" yaml:"policyType"`
 	QueryID       string `json:"queryId" yaml:"queryId"`

diff --git a/integration/lql_constants.go b/integration/lql_constants.go
@@ -22,12 +22,14 @@ package integration
 const (
 	evaluatorID       string = "Cloudtrail"
 	queryID           string = "LW_CLI_AWS_CTA_IntegrationTest"
+	queryHostID       string = "LW_CLI_Host_Files_IntegrationTest"
 	queryText         string = "LW_CLI_AWS_CTA_IntegrationTest { source { CloudTrailRawEvents } return { INSERT_ID } }"
 	queryUpdateText   string = "LW_CLI_AWS_CTA_IntegrationTest { source { CloudTrailRawEvents } return { INSERT_ID, INSERT_TIME } }"
 	queryJSONTemplate string = `{
 	"evaluatorID": "%s",
 	"queryID": "%s",
 	"queryText": "%s"
 }`
-	queryURL string = "https://raw.githubusercontent.com/lacework/go-sdk/main/integration/test_resources/lql/LW_CLI_AWS_CTA_IntegrationTest.yaml"
+	queryURL     string = "https://raw.githubusercontent.com/lacework/go-sdk/main/integration/test_resources/lql/LW_CLI_AWS_CTA_IntegrationTest.yaml"
+	queryHostURL string = "https://raw.githubusercontent.com/lacework/go-sdk/main/integration/test_resources/lql/LW_CLI_Host_Files_IntegrationTest.yaml"
 )
diff --git a/integration/policy_test.go b/integration/policy_test.go
@@ -43,6 +43,19 @@ remediation: Check yourself...
 severity: high
 alertEnabled: false
 alertProfile: LW_CloudTrail_Alerts
+`
+	newHostPolicyYAML string = `---
+evaluatorId:
+policyId: clihosttest-1
+policyType: Violation
+queryId: LW_CLI_Host_Files_IntegrationTest
+title: My Policy Title
+enabled: false
+description: My Policy Description
+remediation: Check yourself...
+severity: high
+alertEnabled: false
+alertProfile: LW_HE_Files.HE_File_NewViolation
 `
 	// nested
 	updatePolicyYAML string = `---
@@ -53,7 +66,7 @@ policies:
 )
 
 var (
-	policyIDRE *regexp.Regexp = regexp.MustCompile(`([\w-]+-clitest-1)`)
+	policyIDRE *regexp.Regexp = regexp.MustCompile(`([\w-]+-cli.*?test-1)`)
 )
 
 func getPolicyIdFromStdout(s string) (string, error) {
@@ -237,6 +250,31 @@ func TestPolicyCreateStdin(t *testing.T) {
 	assert.Equal(t, 0, exitcode, "EXITCODE is not the expected one")
 }
 
+func TestPolicyCreateHost(t *testing.T) {
+	// setup
+	LaceworkCLIWithTOMLConfig("query", "create", "-u", queryHostURL)
+	// teardown
+	defer LaceworkCLIWithTOMLConfig("query", "delete", queryHostID)
+
+	// get temp file
+	file, err := createTemporaryFile("TestPolicyCreateHost", newHostPolicyYAML)
+	if err != nil {
+		t.FailNow()
+	}
+	defer os.Remove(file.Name())
+
+	// create (output json)
+	out, stderr, exitcode := LaceworkCLIWithTOMLConfig("policy", "create", "-f", file.Name(), "--json")
+
+	policyID, err := getPolicyIdFromStdout(out.String())
+	assert.Nil(t, err)
+	defer LaceworkCLIWithTOMLConfig("policy", "delete", policyID)
+
+	assert.Contains(t, out.String(), `"policyId"`)
+	assert.Empty(t, stderr.String(), "STDERR should be empty")
+	assert.Equal(t, 0, exitcode, "EXITCODE is not the expected one")
+}
+
 func TestPolicyListHelp(t *testing.T) {
 	out, err, exitcode := LaceworkCLI("help", "policy", "list")
 	assert.Contains(t, out.String(), "lacework policy list [flags]")