Add some missing Workload Protection agent rule fields (#943)

Co-authored-by: ci.datadog-api-spec <packages@datadoghq.com>

Author: api-clients-generation-pipeline[bot]

.generator/schemas/v2/openapi.yaml

@@ -9472,6 +9472,10 @@ components:
           description: The name of the policy
           example: my_agent_policy
           type: string
+        pinned:
+          description: Whether the policy is pinned
+          example: false
+          type: boolean
         policyVersion:
           description: The version of the policy
           example: '1'
@@ -9499,6 +9503,8 @@ components:
           type: integer
         updater:
           $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyUpdaterAttributes'
+        versions:
+          $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyVersions'
       type: object
     CloudWorkloadSecurityAgentPolicyCreateAttributes:
       description: Create a new Cloud Workload Security Agent policy
@@ -9645,6 +9651,23 @@ components:
           nullable: true
           type: string
       type: object
+    CloudWorkloadSecurityAgentPolicyVersion:
+      description: The versions of the policy
+      properties:
+        Date:
+          description: The date and time the version was created
+          nullable: true
+          type: string
+        Name:
+          description: The version of the policy
+          example: 1.47.0-rc2
+          type: string
+      type: object
+    CloudWorkloadSecurityAgentPolicyVersions:
+      description: The versions of the policy
+      items:
+        $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyVersion'
+      type: array
     CloudWorkloadSecurityAgentRuleAction:
       description: The action the rule can perform if triggered
       properties:
@@ -9682,23 +9705,32 @@ components:
       description: The set action applied on the scope matching the rule
       properties:
         append:
-          description: Whether the value should be appended to the field
+          description: Whether the value should be appended to the field.
           type: boolean
+        default_value:
+          description: The default value of the set action
+          type: string
+        expression:
+          description: The expression of the set action.
+          type: string
         field:
           description: The field of the set action
           type: string
+        inherited:
+          description: Whether the value should be inherited.
+          type: boolean
         name:
           description: The name of the set action
           type: string
         scope:
-          description: The scope of the set action
+          description: The scope of the set action.
           type: string
         size:
-          description: The size of the set action
+          description: The size of the set action.
           format: int64
           type: integer
         ttl:
-          description: The time to live of the set action
+          description: The time to live of the set action.
           format: int64
           type: integer
         value:
@@ -9779,6 +9811,10 @@ components:
           items:
             type: string
           type: array
+        silent:
+          description: Whether the rule is silent.
+          example: false
+          type: boolean
         updateAuthorUuId:
           description: The ID of the user who updated the rule
           example: e51c9744-d158-11ec-ad23-da7ad0900002
@@ -9806,8 +9842,11 @@ components:
       properties:
         actions:
           $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions'
+        agent_version:
+          description: Constrain the rule to specific versions of the Datadog Agent.
+          type: string
         blocking:
-          description: The blocking policies that the rule belongs to
+          description: The blocking policies that the rule belongs to.
           items:
             type: string
           type: array
@@ -9816,25 +9855,25 @@ components:
           example: My Agent rule
           type: string
         disabled:
-          description: The disabled policies that the rule belongs to
+          description: The disabled policies that the rule belongs to.
           items:
             type: string
           type: array
         enabled:
-          description: Whether the Agent rule is enabled
+          description: Whether the Agent rule is enabled.
           example: true
           type: boolean
         expression:
           description: The SECL expression of the Agent rule.
           example: exec.file.name == "sh"
           type: string
         filters:
-          description: The platforms the Agent rule is supported on
+          description: The platforms the Agent rule is supported on.
           items:
             type: string
           type: array
         monitoring:
-          description: The monitoring policies that the rule belongs to
+          description: The monitoring policies that the rule belongs to.
           items:
             type: string
           type: array
@@ -9843,14 +9882,18 @@ components:
           example: my_agent_rule
           type: string
         policy_id:
-          description: The ID of the policy where the Agent rule is saved
+          description: The ID of the policy where the Agent rule is saved.
           example: a8c8e364-6556-434d-b798-a4c23de29c0b
           type: string
         product_tags:
-          description: The list of product tags associated with the rule
+          description: The list of product tags associated with the rule.
           items:
             type: string
           type: array
+        silent:
+          description: Whether the rule is silent.
+          example: false
+          type: boolean
       required:
       - name
       - expression
@@ -9930,6 +9973,9 @@ components:
       properties:
         actions:
           $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions'
+        agent_version:
+          description: Constrain the rule to specific versions of the Datadog Agent
+          type: string
         blocking:
           description: The blocking policies that the rule belongs to
           items:
@@ -9966,6 +10012,10 @@ components:
           items:
             type: string
           type: array
+        silent:
+          description: Whether the rule is silent.
+          example: false
+          type: boolean
       type: object
     CloudWorkloadSecurityAgentRuleUpdateData:
       description: Object for a single Agent rule

LICENSE-3rdparty.csv

@@ -187,14 +187,23 @@ windows-strings,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The wi
 windows-sys,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
 windows-sys,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows-sys Authors
 windows-targets,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows-targets,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows-targets Authors
 windows_aarch64_gnullvm,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows_aarch64_gnullvm,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows_aarch64_gnullvm Authors
 windows_aarch64_msvc,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows_aarch64_msvc,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows_aarch64_msvc Authors
 windows_i686_gnu,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows_i686_gnu,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows_i686_gnu Authors
 windows_i686_gnullvm,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows_i686_gnullvm,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows_i686_gnullvm Authors
 windows_i686_msvc,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows_i686_msvc,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows_i686_msvc Authors
 windows_x86_64_gnu,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows_x86_64_gnu,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows_x86_64_gnu Authors
 windows_x86_64_gnullvm,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows_x86_64_gnullvm,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows_x86_64_gnullvm Authors
 windows_x86_64_msvc,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,Microsoft
+windows_x86_64_msvc,https://github.com/microsoft/windows-rs,MIT OR Apache-2.0,The windows_x86_64_msvc Authors
 winreg,https://github.com/gentoo90/winreg-rs,MIT,Igor Shaula <gentoo90@gmail.com>
 wit-bindgen,https://github.com/bytecodealliance/wit-bindgen,Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT,Alex Crichton <alex@alexcrichton.com>
 writeable,https://github.com/unicode-org/icu4x,Unicode-3.0,The ICU4X Project Developers

examples/v2_csm-threats_CreateCSMThreatsAgentPolicy.rs

@@ -10,7 +10,7 @@ use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentPolicyType;
 async fn main() {
     let body = CloudWorkloadSecurityAgentPolicyCreateRequest::new(
         CloudWorkloadSecurityAgentPolicyCreateData::new(
-            CloudWorkloadSecurityAgentPolicyCreateAttributes::new("my_agent_policy".to_string())
+            CloudWorkloadSecurityAgentPolicyCreateAttributes::new("my_agent_policy_2".to_string())
                 .description("My agent policy".to_string())
                 .enabled(true)
                 .host_tags_lists(vec![vec!["env:test".to_string()]]),

examples/v2_csm-threats_CreateCSMThreatsAgentRule.rs

@@ -16,6 +16,7 @@ async fn main() {
                 r#"exec.file.name == "sh""#.to_string(),
                 "examplecsmthreat".to_string(),
             )
+            .agent_version("> 7.60".to_string())
             .description("My Agent rule".to_string())
             .enabled(true)
             .filters(vec![])

examples/v2_csm-threats_CreateCSMThreatsAgentRule_1295653933.rs

@@ -22,6 +22,7 @@ async fn main() {
             .actions(Some(vec![
                 CloudWorkloadSecurityAgentRuleAction::new().set(
                     CloudWorkloadSecurityAgentRuleActionSet::new()
+                        .inherited(true)
                         .name("test_set".to_string())
                         .scope("process".to_string())
                         .value("test_value".to_string()),

examples/v2_csm-threats_CreateCSMThreatsAgentRule_1363354233.rs

@@ -0,0 +1,45 @@
+// Create a Workload Protection agent rule with set action with expression returns
+// "OK" response
+use datadog_api_client::datadog;
+use datadog_api_client::datadogV2::api_csm_threats::CSMThreatsAPI;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleAction;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleActionSet;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleCreateAttributes;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleCreateData;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleCreateRequest;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleType;
+
+#[tokio::main]
+async fn main() {
+    // there is a valid "policy_rc" in the system
+    let policy_data_id = std::env::var("POLICY_DATA_ID").unwrap();
+    let body = CloudWorkloadSecurityAgentRuleCreateRequest::new(
+        CloudWorkloadSecurityAgentRuleCreateData::new(
+            CloudWorkloadSecurityAgentRuleCreateAttributes::new(
+                r#"exec.file.name == "sh""#.to_string(),
+                "examplecsmthreat".to_string(),
+            )
+            .actions(Some(vec![CloudWorkloadSecurityAgentRuleAction::new().set(
+                CloudWorkloadSecurityAgentRuleActionSet::new()
+                    .default_value("/dev/null".to_string())
+                    .expression("open.file.path".to_string())
+                    .name("test_set".to_string())
+                    .scope("process".to_string()),
+            )]))
+            .description("My Agent rule with set action with expression".to_string())
+            .enabled(true)
+            .filters(vec![])
+            .policy_id(policy_data_id.clone())
+            .product_tags(vec![]),
+            CloudWorkloadSecurityAgentRuleType::AGENT_RULE,
+        ),
+    );
+    let configuration = datadog::Configuration::new();
+    let api = CSMThreatsAPI::with_config(configuration);
+    let resp = api.create_csm_threats_agent_rule(body).await;
+    if let Ok(value) = resp {
+        println!("{:#?}", value);
+    } else {
+        println!("{:#?}", resp.unwrap_err());
+    }
+}

src/datadogV2/model/mod.rs

@@ -4364,6 +4364,8 @@ pub mod model_cloud_workload_security_agent_policy_attributes;
 pub use self::model_cloud_workload_security_agent_policy_attributes::CloudWorkloadSecurityAgentPolicyAttributes;
 pub mod model_cloud_workload_security_agent_policy_updater_attributes;
 pub use self::model_cloud_workload_security_agent_policy_updater_attributes::CloudWorkloadSecurityAgentPolicyUpdaterAttributes;
+pub mod model_cloud_workload_security_agent_policy_version;
+pub use self::model_cloud_workload_security_agent_policy_version::CloudWorkloadSecurityAgentPolicyVersion;
 pub mod model_cloud_workload_security_agent_policy_type;
 pub use self::model_cloud_workload_security_agent_policy_type::CloudWorkloadSecurityAgentPolicyType;
 pub mod model_cloud_workload_security_agent_policy_create_request;