fix: populate admin_features_package and product_types in ec_security_project Read()

norrietaylor · norrietaylor · commit c656c5b3e00b · 2025-11-05T21:52:20.000-08:00
The Read() function in ec_security_project was not populating the admin_features_package and product_types fields from the API response, causing them to remain in an 'unknown' state after resource creation. This resulted in Terraform errors: 'Provider returned invalid result object after apply'. This fix adds the missing field population logic in the Read() function: - admin_features_package uses NewStringPointerValue() pattern (matching observability_project pattern for optional pointer fields) - product_types is converted from API response format to Terraform list Updated tests to verify the fields are correctly populated. Fixes #938 Assisted by Cursor AI.
diff --git a/ec/ecresource/projectresource/security.go b/ec/ecresource/projectresource/security.go
@@ -288,6 +288,43 @@ func (sec securityApi) Read(ctx context.Context, id string, model resource_secur
 	model.RegionId = basetypes.NewStringValue(resp.JSON200.RegionId)
 	model.Type = basetypes.NewStringValue(string(resp.JSON200.Type))
 
+	// Populate admin_features_package from API response (matching pattern used for suspended_reason)
+	var adminFeaturesPkg *string
+	if resp.JSON200.AdminFeaturesPackage != nil {
+		pkgStr := string(*resp.JSON200.AdminFeaturesPackage)
+		adminFeaturesPkg = &pkgStr
+	}
+	model.AdminFeaturesPackage = basetypes.NewStringPointerValue(adminFeaturesPkg)
+
+	// Populate product_types from API response
+	if resp.JSON200.ProductTypes != nil {
+		productTypeValues := []attr.Value{}
+		for _, pt := range *resp.JSON200.ProductTypes {
+			productTypeValue, diags := resource_security_project.NewProductTypesValue(
+				resource_security_project.ProductTypesValue{}.AttributeTypes(ctx),
+				map[string]attr.Value{
+					"product_line": basetypes.NewStringValue(string(pt.ProductLine)),
+					"product_tier": basetypes.NewStringValue(string(pt.ProductTier)),
+				},
+			)
+			if diags.HasError() {
+				return false, model, diags
+			}
+			productTypeValues = append(productTypeValues, productTypeValue)
+		}
+
+		productTypesList, diags := types.ListValue(
+			resource_security_project.ProductTypesValue{}.Type(ctx),
+			productTypeValues,
+		)
+		if diags.HasError() {
+			return false, model, diags
+		}
+		model.ProductTypes = productTypesList
+	} else {
+		model.ProductTypes = types.ListNull(resource_security_project.ProductTypesValue{}.Type(ctx))
+	}
+
 	return true, model, nil
 }
 
diff --git a/ec/ecresource/projectresource/security_test.go b/ec/ecresource/projectresource/security_test.go
@@ -904,9 +904,11 @@ func TestSecurityApi_Read(t *testing.T) {
 							"suspended_reason": basetypes.NewStringNull(),
 						},
 					),
-					Name:     types.StringValue(readModel.Name),
-					RegionId: types.StringValue(readModel.RegionId),
-					Type:     types.StringValue(string(readModel.Type)),
+					Name:                 types.StringValue(readModel.Name),
+					RegionId:             types.StringValue(readModel.RegionId),
+					Type:                 types.StringValue(string(readModel.Type)),
+					AdminFeaturesPackage: basetypes.NewStringNull(),
+					ProductTypes:         types.ListNull(resource_security_project.ProductTypesValue{}.Type(ctx)),
 				}
 
 				mockApiClient := mocks.NewMockClientWithResponsesInterface(ctrl)
@@ -977,9 +979,114 @@ func TestSecurityApi_Read(t *testing.T) {
 							"suspended_reason": basetypes.NewStringValue(*readModel.Metadata.SuspendedReason),
 						},
 					),
-					Name:     types.StringValue(readModel.Name),
-					RegionId: types.StringValue(readModel.RegionId),
-					Type:     types.StringValue(string(readModel.Type)),
+					Name:                 types.StringValue(readModel.Name),
+					RegionId:             types.StringValue(readModel.RegionId),
+					Type:                 types.StringValue(string(readModel.Type)),
+					AdminFeaturesPackage: basetypes.NewStringNull(),
+					ProductTypes:         types.ListNull(resource_security_project.ProductTypesValue{}.Type(ctx)),
+				}
+
+				mockApiClient := mocks.NewMockClientWithResponsesInterface(ctrl)
+				mockApiClient.EXPECT().
+					GetSecurityProjectWithResponse(ctx, id).
+					Return(&serverless.GetSecurityProjectResponse{
+						JSON200: readModel,
+					}, nil)
+
+				return testData{
+					client:        mockApiClient,
+					id:            id,
+					initialModel:  initialModel,
+					expectedModel: expectedModel,
+					expectedFound: true,
+				}
+			},
+		},
+		{
+			name: "should populate admin_features_package and product_types when provided in response",
+			testData: func(ctx context.Context) testData {
+				id := "project id"
+				initialModel := resource_security_project.SecurityProjectModel{
+					Id: types.StringValue(id),
+				}
+
+				adminFeaturesPackage := serverless.SecurityAdminFeaturesPackage("enterprise")
+				productTypes := []serverless.SecurityProductType{
+					{
+						ProductLine: "security",
+						ProductTier: "complete",
+					},
+					{
+						ProductLine: "cloud",
+						ProductTier: "complete",
+					},
+				}
+
+				readModel := &serverless.SecurityProject{
+					Id:      id,
+					Alias:   "expected-alias-" + id[0:6],
+					CloudId: "cloud-id",
+					Endpoints: serverless.SecurityProjectEndpoints{
+						Elasticsearch: "es-endpoint",
+						Kibana:        "kib-endpoint",
+						Ingest:        "ingest-endpoint",
+					},
+					Metadata: serverless.ProjectMetadata{
+						CreatedAt:      time.Now(),
+						CreatedBy:      "me",
+						OrganizationId: "1",
+					},
+					Name:                 "project-name",
+					RegionId:             "nether",
+					Type:                 "security",
+					AdminFeaturesPackage: &adminFeaturesPackage,
+					ProductTypes:         &productTypes,
+				}
+
+				expectedProductTypes := []attr.Value{
+					resource_security_project.NewProductTypesValueMust(
+						resource_security_project.ProductTypesValue{}.AttributeTypes(ctx),
+						map[string]attr.Value{
+							"product_line": basetypes.NewStringValue("security"),
+							"product_tier": basetypes.NewStringValue("complete"),
+						},
+					),
+					resource_security_project.NewProductTypesValueMust(
+						resource_security_project.ProductTypesValue{}.AttributeTypes(ctx),
+						map[string]attr.Value{
+							"product_line": basetypes.NewStringValue("cloud"),
+							"product_tier": basetypes.NewStringValue("complete"),
+						},
+					),
+				}
+
+				expectedModel := resource_security_project.SecurityProjectModel{
+					Id:      types.StringValue(id),
+					Alias:   types.StringValue("expected-alias"),
+					CloudId: types.StringValue(readModel.CloudId),
+					Endpoints: resource_security_project.NewEndpointsValueMust(
+						initialModel.Endpoints.AttributeTypes(ctx),
+						map[string]attr.Value{
+							"elasticsearch": basetypes.NewStringValue(readModel.Endpoints.Elasticsearch),
+							"kibana":        basetypes.NewStringValue(readModel.Endpoints.Kibana),
+							"ingest":        basetypes.NewStringValue(readModel.Endpoints.Ingest),
+						},
+					),
+					Metadata: resource_security_project.NewMetadataValueMust(
+						initialModel.Metadata.AttributeTypes(ctx),
+						map[string]attr.Value{
+							"created_at":       basetypes.NewStringValue(readModel.Metadata.CreatedAt.String()),
+							"created_by":       basetypes.NewStringValue(readModel.Metadata.CreatedBy),
+							"organization_id":  basetypes.NewStringValue(readModel.Metadata.OrganizationId),
+							"suspended_at":     basetypes.NewStringNull(),
+							"suspended_reason": basetypes.NewStringNull(),
+						},
+					),
+					Name:                 types.StringValue(readModel.Name),
+					RegionId:             types.StringValue(readModel.RegionId),
+					Type:                 types.StringValue(string(readModel.Type)),
+					AdminFeaturesPackage: basetypes.NewStringValue("enterprise"),
+					ProductTypes:         types.ListValueMust(resource_security_project.ProductTypesValue{}.Type(ctx), expectedProductTypes),
 				}
 
 				mockApiClient := mocks.NewMockClientWithResponsesInterface(ctrl)
