(Fix) DLP Engine Web Rule Panic (zscaler#231)

* (Fix) DLP Engine Web Rule Panic
* fix panics in dlp_engine attribute expand function

CHANGELOG.md

@@ -1,5 +1,16 @@
 # Changelog
 
+## 2.5.3 (May, 13 2023)
+
+### Notes
+
+- Release date: **(May, 13 2023)**
+- Supported Terraform version: **v1.x**
+
+### Fixes
+
+- [PR #231](https://github.com/zscaler/terraform-provider-zia/pull/219) ``zia_dlp_web_rules``: Fixed panic with ``zia_web_dlp_rules`` due to ``dlp_engines`` attribute expand function
+
 ## 2.5.2 (May, 1 2023)
 
 ### Notes

GNUmakefile

@@ -16,15 +16,15 @@ build: fmtcheck
 build13: GOOS=$(shell go env GOOS)
 build13: GOARCH=$(shell go env GOARCH)
 ifeq ($(OS),Windows_NT)  # is Windows_NT on XP, 2000, 7, Vista, 10...
-build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.5.2/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.5.3/$(GOOS)_$(GOARCH)
 else
-build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.5.2/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.5.3/$(GOOS)_$(GOARCH)
 endif
 build13: fmtcheck
 	go mod tidy && go mod vendor
 	@echo "==> Installing plugin to $(DESTINATION)"
 	@mkdir -p $(DESTINATION)
-	go build -o $(DESTINATION)/terraform-provider-zia_v2.5.2
+	go build -o $(DESTINATION)/terraform-provider-zia_v2.5.3
 
 test: fmtcheck
 	go test $(TEST) || exit 1

docs/guides/release-notes.md

@@ -12,10 +12,21 @@ description: |-
 Track all ZIA Terraform provider's releases. New resources, features, and bug fixes will be tracked here.
 
 ---
-``Last updated: v2.5.2``
+``Last updated: v2.5.3``
 
 ---
 
+## 2.5.3 (May, 13 2023)
+
+### Notes
+
+- Release date: **(May, 13 2023)**
+- Supported Terraform version: **v1.x**
+
+### Fixes
+
+- [PR #231](https://github.com/zscaler/terraform-provider-zia/pull/219) ``zia_dlp_web_rules``: Fixed panic with ``zia_web_dlp_rules`` due to ``dlp_engines`` attribute expand function
+
 ## 2.5.2 (May, 1 2023)
 
 ### Notes

docs/resources/zia_dlp_web_rules.md

@@ -75,7 +75,7 @@ The following arguments are supported:
   * `id` - (Optional) Identifier that uniquely identifies an entity
 
 * `dlp_engines` - (Optional) The list of DLP engines to which the DLP policy rule must be applied.
-  * `id` - (Optional) Identifier that uniquely identifies an entity
+  * `id` - (Optional) Identifier that uniquely identifies an entity. Maximum of up to `4` dlp engines. When not used it implies `Any` to apply the rule to all locations.
 
 * `locations` - (Optional) The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to `8` locations. When not used it implies `Any` to apply the rule to all locations.
   * `id` - (Optional) Identifier that uniquely identifies an entity

zia/common.go

@@ -85,8 +85,9 @@ func expandIDNameExtensionsMap(m map[string]interface{}, key string) []common.ID
 	}
 	return []common.IDNameExtensions{}
 }
-func expandIDNameExtensionsSetSingle(d *schema.ResourceData, key string) *common.IDNameExtensions {
-	l := expandIDNameExtensionsSet(d, key)
+
+func expandIDNameExtensionsListSingle(d *schema.ResourceData, key string) *common.IDNameExtensions {
+	l := expandIDNameExtensionsList(d, key)
 	if len(l) > 0 {
 		r := l[0]
 		return &r
@@ -117,15 +118,37 @@ func expandSetIDsSchemaTypeCustom(d *schema.ResourceData, key string) []common.I
 	return []common.IDNameExtensions{}
 }
 
+func expandIDNameExtensionsList(d *schema.ResourceData, key string) []common.IDNameExtensions {
+	setInterface, ok := d.GetOk(key)
+	if ok {
+		set := setInterface.(*schema.Set)
+		var result []common.IDNameExtensions
+		for _, item := range set.List() {
+			itemMap, _ := item.(map[string]interface{})
+			if itemMap != nil && itemMap["id"] != nil {
+				set := itemMap["id"].([]interface{})
+				for _, id := range set {
+					result = append(result, common.IDNameExtensions{
+						ID: id.(int),
+					})
+				}
+			}
+		}
+		return result
+	}
+	return []common.IDNameExtensions{}
+}
+
 func expandIDNameExtensionsSet(d *schema.ResourceData, key string) []common.IDNameExtensions {
 	setInterface, ok := d.GetOk(key)
 	if ok {
 		set := setInterface.(*schema.Set)
 		var result []common.IDNameExtensions
 		for _, item := range set.List() {
 			itemMap, _ := item.(map[string]interface{})
-			if itemMap != nil {
-				for _, id := range itemMap["id"].([]interface{}) {
+			if itemMap != nil && itemMap["id"] != nil {
+				set := itemMap["id"].(*schema.Set)
+				for _, id := range set.List() {
 					result = append(result, common.IDNameExtensions{
 						ID: id.(int),
 					})

zia/resource_zia_dlp_web_rules.go

@@ -172,8 +172,6 @@ func resourceDlpWebRules() *schema.Resource {
 				Computed:    true,
 				Description: "Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.",
 			},
-			// We need to ensure that no drifts are ocurring when the following attributes are set.
-			// Currently if items in a list i.e dlp_engines or url_categories are unordered a drift is caused as Terraform tries to re-arrange the objects at every run
 			"file_types":            getDLPRuleFileTypes("The list of file types to which the DLP policy rule must be applied."),
 			"locations":             listIDsSchemaTypeCustom(8, "The Name-ID pairs of locations to which the DLP policy rule must be applied."),
 			"location_groups":       listIDsSchemaTypeCustom(32, "The Name-ID pairs of locations groups to which the DLP policy rule must be applied."),
@@ -463,21 +461,21 @@ func expandDlpWebRules(d *schema.ResourceData) dlp_web_rules.WebDLPRules {
 		Protocols:                SetToStringList(d, "protocols"),
 		FileTypes:                SetToStringList(d, "file_types"),
 		CloudApplications:        SetToStringList(d, "cloud_applications"),
-		Auditor:                  expandIDNameExtensionsSetSingle(d, "auditor"),
-		NotificationTemplate:     expandIDNameExtensionsSetSingle(d, "notification_template"),
-		IcapServer:               expandIDNameExtensionsSetSingle(d, "icap_server"),
-		Locations:                expandIDNameExtensionsSet(d, "locations"),
-		LocationGroups:           expandIDNameExtensionsSet(d, "location_groups"),
-		Groups:                   expandIDNameExtensionsSet(d, "groups"),
-		Departments:              expandIDNameExtensionsSet(d, "departments"),
-		Users:                    expandIDNameExtensionsSet(d, "users"),
+		Auditor:                  expandIDNameExtensionsListSingle(d, "auditor"),
+		NotificationTemplate:     expandIDNameExtensionsListSingle(d, "notification_template"),
+		IcapServer:               expandIDNameExtensionsListSingle(d, "icap_server"),
+		Locations:                expandIDNameExtensionsList(d, "locations"),
+		LocationGroups:           expandIDNameExtensionsList(d, "location_groups"),
+		Groups:                   expandIDNameExtensionsList(d, "groups"),
+		Departments:              expandIDNameExtensionsList(d, "departments"),
+		Users:                    expandIDNameExtensionsList(d, "users"),
 		URLCategories:            expandSetIDsSchemaTypeCustom(d, "url_categories"),
 		DLPEngines:               expandIDNameExtensionsSet(d, "dlp_engines"),
-		TimeWindows:              expandIDNameExtensionsSet(d, "time_windows"),
-		Labels:                   expandIDNameExtensionsSet(d, "labels"),
-		ExcludedUsers:            expandIDNameExtensionsSet(d, "excluded_groups"),
-		ExcludedGroups:           expandIDNameExtensionsSet(d, "excluded_departments"),
-		ExcludedDepartments:      expandIDNameExtensionsSet(d, "excluded_users"),
+		TimeWindows:              expandIDNameExtensionsList(d, "time_windows"),
+		Labels:                   expandIDNameExtensionsList(d, "labels"),
+		ExcludedUsers:            expandIDNameExtensionsList(d, "excluded_groups"),
+		ExcludedGroups:           expandIDNameExtensionsList(d, "excluded_departments"),
+		ExcludedDepartments:      expandIDNameExtensionsList(d, "excluded_users"),
 	}
 	return result
 }