XRay security_policy & license_policy modules Plugin Crashing

[chandama]

Describe the bug
We are trying to use the terraform-provider-xray to deploy License and CVSS policies using terraform modules. When running terraform apply, the following error is encountered:

╷
│ Error: Plugin did not respond
│ 
│   with module.AGPL_license.xray_license_policy.banned_licenses,
│   on ../modules/xray_license_policy/main.tf line 9, in resource "xray_license_policy" "banned_licenses":
│    9: resource "xray_license_policy" "banned_licenses" {
│ 
│ The plugin encountered an error, and failed to respond to the
│ plugin.(*GRPCProvider).ApplyResourceChange call. The plugin logs may
│ contain more details.
╵

The stack trace for the error:

Stack trace from the terraform-provider-xray_v2.1.0 plugin:

panic: interface conversion: interface {} is nil, not []interface {}

goroutine 40 [running]:
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackSecurityCriteria(0xc0006f4fa0?)
	github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:322 +0x674
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackCriteria(0xbc1b80?, {0xc00062d8e0, 0x8})
	github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:409 +0x9a
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackRules(0x4764b8?, {0xc00062d8e0, 0x8})
	github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:296 +0x206
github.com/jfrog/terraform-provider-xray/pkg/xray.unpackPolicy(0x410225?)
	github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:281 +0x249
github.com/jfrog/terraform-provider-xray/pkg/xray.resourceXrayPolicyCreate({0xdf0df0, 0xc0005d0f50}, 0xc000620e18?, {0xc47900?, 0xc00060e240?})
	github.com/jfrog/terraform-provider-xray/pkg/xray/policies.go:712 +0x51
github.com/jfrog/terraform-provider-shared/util/sdk.AddTelemetry.applyTelemetry.func1({0xdf0df0?, 0xc0005d0f50}, 0x0?, {0xc47900?, 0xc00060e240})
	github.com/jfrog/[email protected]/util/sdk/sdk.go:188 +0x267
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).create(0xc000118fc0, {0xdf0d48, 0xc0006da3f0}, 0xd?, {0xc47900, 0xc00060e240})
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:778 +0x11b
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).Apply(0xc000118fc0, {0xdf0d48, 0xc0006da3f0}, 0xc0006bf930, 0xc00047e000, {0xc47900, 0xc00060e240})
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:909 +0xa7e
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ApplyResourceChange(0xc000361cc8, {0xdf0d48?, 0xc0006da300?}, 0xc0006c89b0)
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/grpc_provider.go:1060 +0xdbc
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ApplyResourceChange(0xc00042a1e0, {0xdf0d48?, 0xc0006b5ad0?}, 0xc000640fc0)
	github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:859 +0x56a
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0xc83820?, 0xc00042a1e0}, {0xdf0d48, 0xc0006b5ad0}, 0xc000640f50, 0x0)
	github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:467 +0x169
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0001e01e0, {0xdf4e78, 0xc00037f380}, 0xc0006b90e0, 0xc000412c00, 0x1306538, 0x0)
	google.golang.org/[email protected]/server.go:1358 +0xe15
google.golang.org/grpc.(*Server).handleStream(0xc0001e01e0, {0xdf4e78, 0xc00037f380}, 0xc0006b90e0, 0x0)
	google.golang.org/[email protected]/server.go:1735 +0x9e7
google.golang.org/grpc.(*Server).serveStreams.func1.1()
	google.golang.org/[email protected]/server.go:970 +0xbb
created by google.golang.org/grpc.(*Server).serveStreams.func1 in goroutine 27
	google.golang.org/[email protected]/server.go:981 +0x145

Error: The terraform-provider-xray_v2.1.0 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.

Requirements for and issue

main.tf

resource "xray_license_policy" "banned_licenses" {
  name        = var.policyname
  description = var.description
  type        = var.type
  project_key = var.projectkey

  rule {
    name     = var.rulename
    priority = 1

    criteria {
      banned_licenses          = var.licenselist
      allow_unknown            = false
      multi_license_permissive = false
    }

    actions {
      webhooks                           = []
      mails                              = []
      block_release_bundle_distribution  = false
      fail_build                         = var.fail_build
      notify_watch_recipients            = true
      notify_deployer                    = true
      create_ticket_enabled              = false // set to true only if Jira integration is enabled
      custom_severity                    = var.custom_severity
      build_failure_grace_period_in_days = var.grace_period // use only if fail_build is enabled

      block_download {
        unscanned = true
        active    = true
      }
    }
  }
}

license_policy.tf

module "AGPL_license" {
  source = "../modules/xray_license_policy"
  policyname = "banned_licenses"
  description = "License policy to prohibit the use of AGPL and SSPL license types"
  type = "security"
  rulename = "AGPL_license_rule"
  projectkey = "testproj"
  licenselist = ["AGPL-1.0", "AGPL-3.0", "AGPL-3.0-only", "AGPL-3.0-or-later"]
  custom_severity = "Critical"
  fail_build = true
  grace_period = 7
}

variables.tf

variable policyname {
    type = string
    description = "Security policy name"
}
variable description {
    type = string
    description = "Description of the security policy"
}
variable rulename{
    type = string
    description = "Security rule name"
}

variable "type" {
    type = string
    description = "Type of security policy need to be created Values are 'cvss_score', 'min_severity', 'malicious_package' " 
  
}

variable "projectkey" {
    type = string
    description = "Name of the project to which the policy should apply"
    default = "all"
}

variable "licenselist" {
    type = list(string)
    description = "List of licenses to ban"
    default = []
}

variable "fail_build" {
  type = bool
  description = "fail build"
  default = true
}
variable "custom_severity" {
  type = string
  description = "fail build"
  default = "Medium"
}
variable "grace_period" {
  type = number
  description = "fail build"
  default = 7
}

TF Version: 1.7.0
Artifactory Version: 7.78.1
XRay Version: 3.87.9

Expected behavior
TF Apply should create a new xray_license_policy.

[alexhung]

@chandama Thanks for the report. I'll add this to our plan to investigate. Note that I'll be on vacation next week so I won't get to this until Feb.

[chandama]

@alexhung Thanks. I'll add that we also are facing the same error using the xray_security_policy.

[alexhung]

@chandama I think I spot the mistake in your configuration. You have type = "security" in "license_policy.tf". It should be type = "license". This will fix the issue for you.

[chandama]

Thanks. That did indeed fix the issue. I'll close this issue.