Add exists, !exists, equals, and !equals operators to WAF custom rules (DataDog#3930)

Co-authored-by: ci.datadog-api-spec <packages@datadoghq.com>

Author: api-clients-generation-pipeline[bot]

.generator/schemas/v2/openapi.yaml

@@ -4527,6 +4527,10 @@ components:
         - ip_match
         - "!ip_match"
         - capture_data
+        - exists
+        - "!exists"
+        - equals
+        - "!equals"
       example: "match_regex"
       type: string
       x-enum-varnames:
@@ -4541,6 +4545,10 @@ components:
         - IP_MATCH
         - NOT_IP_MATCH
         - CAPTURE_DATA
+        - EXISTS
+        - NOT_EXISTS
+        - EQUALS
+        - NOT_EQUALS
     ApplicationSecurityWafCustomRuleConditionOptions:
       description: Options for the operator of this condition.
       properties:
@@ -4581,6 +4589,8 @@ components:
           description: "Regex to use with the condition. Only used with match_regex and !match_regex operator."
           example: "path.*"
           type: string
+        type:
+          $ref: "#/components/schemas/ApplicationSecurityWafCustomRuleConditionParametersType"
         value:
           description: |-
             Store the captured value in the specified tag name. Only used with the capture_data operator.
@@ -4589,6 +4599,22 @@ components:
       required:
         - inputs
       type: object
+    ApplicationSecurityWafCustomRuleConditionParametersType:
+      description: The type of the value to compare against. Only used with the equals and !equals operator.
+      enum:
+        - boolean
+        - signed
+        - unsigned
+        - float
+        - string
+      example: "string"
+      type: string
+      x-enum-varnames:
+        - BOOLEAN
+        - SIGNED
+        - UNSIGNED
+        - FLOAT
+        - STRING
     ApplicationSecurityWafCustomRuleCreateAttributes:
       description: "Create a new WAF custom rule."
       properties:

api/datadogV2/model_application_security_waf_custom_rule_condition_operator.go

@@ -26,6 +26,10 @@ const (
 	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_IP_MATCH         ApplicationSecurityWafCustomRuleConditionOperator = "ip_match"
 	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_NOT_IP_MATCH     ApplicationSecurityWafCustomRuleConditionOperator = "!ip_match"
 	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_CAPTURE_DATA     ApplicationSecurityWafCustomRuleConditionOperator = "capture_data"
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_EXISTS           ApplicationSecurityWafCustomRuleConditionOperator = "exists"
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_NOT_EXISTS       ApplicationSecurityWafCustomRuleConditionOperator = "!exists"
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_EQUALS           ApplicationSecurityWafCustomRuleConditionOperator = "equals"
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_NOT_EQUALS       ApplicationSecurityWafCustomRuleConditionOperator = "!equals"
 )
 
 var allowedApplicationSecurityWafCustomRuleConditionOperatorEnumValues = []ApplicationSecurityWafCustomRuleConditionOperator{
@@ -40,6 +44,10 @@ var allowedApplicationSecurityWafCustomRuleConditionOperatorEnumValues = []Appli
 	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_IP_MATCH,
 	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_NOT_IP_MATCH,
 	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_CAPTURE_DATA,
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_EXISTS,
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_NOT_EXISTS,
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_EQUALS,
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_NOT_EQUALS,
 }
 
 // GetAllowedValues reeturns the list of possible values.

api/datadogV2/model_application_security_waf_custom_rule_condition_parameters.go

@@ -23,6 +23,8 @@ type ApplicationSecurityWafCustomRuleConditionParameters struct {
 	Options *ApplicationSecurityWafCustomRuleConditionOptions `json:"options,omitempty"`
 	// Regex to use with the condition. Only used with match_regex and !match_regex operator.
 	Regex *string `json:"regex,omitempty"`
+	// The type of the value to compare against. Only used with the equals and !equals operator.
+	Type *ApplicationSecurityWafCustomRuleConditionParametersType `json:"type,omitempty"`
 	// Store the captured value in the specified tag name. Only used with the capture_data operator.
 	Value *string `json:"value,omitempty"`
 	// UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct
@@ -183,6 +185,34 @@ func (o *ApplicationSecurityWafCustomRuleConditionParameters) SetRegex(v string)
 	o.Regex = &v
 }
 
+// GetType returns the Type field value if set, zero value otherwise.
+func (o *ApplicationSecurityWafCustomRuleConditionParameters) GetType() ApplicationSecurityWafCustomRuleConditionParametersType {
+	if o == nil || o.Type == nil {
+		var ret ApplicationSecurityWafCustomRuleConditionParametersType
+		return ret
+	}
+	return *o.Type
+}
+
+// GetTypeOk returns a tuple with the Type field value if set, nil otherwise
+// and a boolean to check if the value has been set.
+func (o *ApplicationSecurityWafCustomRuleConditionParameters) GetTypeOk() (*ApplicationSecurityWafCustomRuleConditionParametersType, bool) {
+	if o == nil || o.Type == nil {
+		return nil, false
+	}
+	return o.Type, true
+}
+
+// HasType returns a boolean if a field has been set.
+func (o *ApplicationSecurityWafCustomRuleConditionParameters) HasType() bool {
+	return o != nil && o.Type != nil
+}
+
+// SetType gets a reference to the given ApplicationSecurityWafCustomRuleConditionParametersType and assigns it to the Type field.
+func (o *ApplicationSecurityWafCustomRuleConditionParameters) SetType(v ApplicationSecurityWafCustomRuleConditionParametersType) {
+	o.Type = &v
+}
+
 // GetValue returns the Value field value if set, zero value otherwise.
 func (o *ApplicationSecurityWafCustomRuleConditionParameters) GetValue() string {
 	if o == nil || o.Value == nil {
@@ -230,6 +260,9 @@ func (o ApplicationSecurityWafCustomRuleConditionParameters) MarshalJSON() ([]by
 	if o.Regex != nil {
 		toSerialize["regex"] = o.Regex
 	}
+	if o.Type != nil {
+		toSerialize["type"] = o.Type
+	}
 	if o.Value != nil {
 		toSerialize["value"] = o.Value
 	}
@@ -243,12 +276,13 @@ func (o ApplicationSecurityWafCustomRuleConditionParameters) MarshalJSON() ([]by
 // UnmarshalJSON deserializes the given payload.
 func (o *ApplicationSecurityWafCustomRuleConditionParameters) UnmarshalJSON(bytes []byte) (err error) {
 	all := struct {
-		Data    *string                                           `json:"data,omitempty"`
-		Inputs  *[]ApplicationSecurityWafCustomRuleConditionInput `json:"inputs"`
-		List    []string                                          `json:"list,omitempty"`
-		Options *ApplicationSecurityWafCustomRuleConditionOptions `json:"options,omitempty"`
-		Regex   *string                                           `json:"regex,omitempty"`
-		Value   *string                                           `json:"value,omitempty"`
+		Data    *string                                                  `json:"data,omitempty"`
+		Inputs  *[]ApplicationSecurityWafCustomRuleConditionInput        `json:"inputs"`
+		List    []string                                                 `json:"list,omitempty"`
+		Options *ApplicationSecurityWafCustomRuleConditionOptions        `json:"options,omitempty"`
+		Regex   *string                                                  `json:"regex,omitempty"`
+		Type    *ApplicationSecurityWafCustomRuleConditionParametersType `json:"type,omitempty"`
+		Value   *string                                                  `json:"value,omitempty"`
 	}{}
 	if err = datadog.Unmarshal(bytes, &all); err != nil {
 		return datadog.Unmarshal(bytes, &o.UnparsedObject)
@@ -258,7 +292,7 @@ func (o *ApplicationSecurityWafCustomRuleConditionParameters) UnmarshalJSON(byte
 	}
 	additionalProperties := make(map[string]interface{})
 	if err = datadog.Unmarshal(bytes, &additionalProperties); err == nil {
-		datadog.DeleteKeys(additionalProperties, &[]string{"data", "inputs", "list", "options", "regex", "value"})
+		datadog.DeleteKeys(additionalProperties, &[]string{"data", "inputs", "list", "options", "regex", "type", "value"})
 	} else {
 		return err
 	}
@@ -272,6 +306,11 @@ func (o *ApplicationSecurityWafCustomRuleConditionParameters) UnmarshalJSON(byte
 	}
 	o.Options = all.Options
 	o.Regex = all.Regex
+	if all.Type != nil && !all.Type.IsValid() {
+		hasInvalidField = true
+	} else {
+		o.Type = all.Type
+	}
 	o.Value = all.Value
 
 	if len(additionalProperties) > 0 {

api/datadogV2/model_application_security_waf_custom_rule_condition_parameters_type.go

@@ -0,0 +1,72 @@
+// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+// This product includes software developed at Datadog (https://www.datadoghq.com/).
+// Copyright 2019-Present Datadog, Inc.
+
+package datadogV2
+
+import (
+	"fmt"
+
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
+)
+
+// ApplicationSecurityWafCustomRuleConditionParametersType The type of the value to compare against. Only used with the equals and !equals operator.
+type ApplicationSecurityWafCustomRuleConditionParametersType string
+
+// List of ApplicationSecurityWafCustomRuleConditionParametersType.
+const (
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_BOOLEAN  ApplicationSecurityWafCustomRuleConditionParametersType = "boolean"
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_SIGNED   ApplicationSecurityWafCustomRuleConditionParametersType = "signed"
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_UNSIGNED ApplicationSecurityWafCustomRuleConditionParametersType = "unsigned"
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_FLOAT    ApplicationSecurityWafCustomRuleConditionParametersType = "float"
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_STRING   ApplicationSecurityWafCustomRuleConditionParametersType = "string"
+)
+
+var allowedApplicationSecurityWafCustomRuleConditionParametersTypeEnumValues = []ApplicationSecurityWafCustomRuleConditionParametersType{
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_BOOLEAN,
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_SIGNED,
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_UNSIGNED,
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_FLOAT,
+	APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_STRING,
+}
+
+// GetAllowedValues reeturns the list of possible values.
+func (v *ApplicationSecurityWafCustomRuleConditionParametersType) GetAllowedValues() []ApplicationSecurityWafCustomRuleConditionParametersType {
+	return allowedApplicationSecurityWafCustomRuleConditionParametersTypeEnumValues
+}
+
+// UnmarshalJSON deserializes the given payload.
+func (v *ApplicationSecurityWafCustomRuleConditionParametersType) UnmarshalJSON(src []byte) error {
+	var value string
+	err := datadog.Unmarshal(src, &value)
+	if err != nil {
+		return err
+	}
+	*v = ApplicationSecurityWafCustomRuleConditionParametersType(value)
+	return nil
+}
+
+// NewApplicationSecurityWafCustomRuleConditionParametersTypeFromValue returns a pointer to a valid ApplicationSecurityWafCustomRuleConditionParametersType
+// for the value passed as argument, or an error if the value passed is not allowed by the enum.
+func NewApplicationSecurityWafCustomRuleConditionParametersTypeFromValue(v string) (*ApplicationSecurityWafCustomRuleConditionParametersType, error) {
+	ev := ApplicationSecurityWafCustomRuleConditionParametersType(v)
+	if ev.IsValid() {
+		return &ev, nil
+	}
+	return nil, fmt.Errorf("invalid value '%v' for ApplicationSecurityWafCustomRuleConditionParametersType: valid values are %v", v, allowedApplicationSecurityWafCustomRuleConditionParametersTypeEnumValues)
+}
+
+// IsValid return true if the value is valid for the enum, false otherwise.
+func (v ApplicationSecurityWafCustomRuleConditionParametersType) IsValid() bool {
+	for _, existing := range allowedApplicationSecurityWafCustomRuleConditionParametersTypeEnumValues {
+		if existing == v {
+			return true
+		}
+	}
+	return false
+}
+
+// Ptr returns reference to ApplicationSecurityWafCustomRuleConditionParametersType value.
+func (v ApplicationSecurityWafCustomRuleConditionParametersType) Ptr() *ApplicationSecurityWafCustomRuleConditionParametersType {
+	return &v
+}

examples/v2/application-security/CreateApplicationSecurityWafCustomRule.go

@@ -41,6 +41,7 @@ func main() {
 								MinLength:     datadog.PtrInt64(0),
 							},
 							Regex: datadog.PtrString("path.*"),
+							Type:  datadogV2.APPLICATIONSECURITYWAFCUSTOMRULECONDITIONPARAMETERSTYPE_STRING.Ptr(),
 							Value: datadog.PtrString("custom_tag"),
 						},
 					},