rest remediator: body should be optional

internal/engine/remediate/rest/rest.go

@@ -74,9 +74,12 @@ func NewRestRemediate(
 		return nil, fmt.Errorf("cannot parse endpoint template: %w", err)
 	}
 
-	bodyTmpl, err := util.ParseNewTemplate(restCfg.Body, "body")
-	if err != nil {
-		return nil, fmt.Errorf("cannot parse body template: %w", err)
+	var bodyTmpl *template.Template
+	if restCfg.Body != nil {
+		bodyTmpl, err = util.ParseNewTemplate(restCfg.Body, "body")
+		if err != nil {
+			return nil, fmt.Errorf("cannot parse body template: %w", err)
+		}
 	}
 
 	method := util.HttpMethodFromString(restCfg.Method, http.MethodPatch)
@@ -124,8 +127,10 @@ func (r *Remediator) Remediate(
 	}
 
 	body := new(bytes.Buffer)
-	if err := r.bodyTemplate.Execute(body, retp); err != nil {
-		return fmt.Errorf("cannot execute endpoint template: %w", err)
+	if r.bodyTemplate != nil {
+		if err := r.bodyTemplate.Execute(body, retp); err != nil {
+			return fmt.Errorf("cannot execute endpoint template: %w", err)
+		}
 	}
 
 	zerolog.Ctx(ctx).Debug().
@@ -134,7 +139,7 @@ func (r *Remediator) Remediate(
 	var err error
 	switch remAction {
 	case interfaces.ActionOptOn:
-		err = r.run(ctx, endpoint.String(), body.String())
+		err = r.run(ctx, endpoint.String(), body.Bytes())
 	case interfaces.ActionOptDryRun:
 		err = r.dryRun(endpoint.String(), body.String())
 	case interfaces.ActionOptOff, interfaces.ActionOptUnknown:
@@ -143,14 +148,18 @@ func (r *Remediator) Remediate(
 	return err
 }
 
-func (r *Remediator) run(ctx context.Context, endpoint string, body string) error {
-	var result map[string]interface{}
-	err := json.Unmarshal([]byte(body), &result)
-	if err != nil {
-		return fmt.Errorf("cannot unmarshal body: %w", err)
+func (r *Remediator) run(ctx context.Context, endpoint string, body []byte) error {
+	// create an empty map, not a nil map to avoid passing nil to NewRequest
+	bodyJson := make(map[string]any)
+
+	if len(body) > 0 {
+		err := json.Unmarshal(body, &bodyJson)
+		if err != nil {
+			return fmt.Errorf("cannot unmarshal body: %w", err)
+		}
 	}
 
-	req, err := r.cli.NewRequest(r.method, endpoint, result)
+	req, err := r.cli.NewRequest(r.method, endpoint, bodyJson)
 	if err != nil {
 		return fmt.Errorf("cannot create request: %w", err)
 	}

internal/engine/remediate/rest/rest_test.go

@@ -152,17 +152,6 @@ func TestNewRestRemediate(t *testing.T) {
 			},
 			wantErr: true,
 		},
-		{
-			name: "nil body template",
-			args: args{
-				restCfg: &pb.RestType{
-					Endpoint: "/repos/Foo/Bar",
-					Body:     nil,
-				},
-				pbuild: validProviderBuilder,
-			},
-			wantErr: true,
-		},
 		{
 			name: "invalid provider builder",
 			args: args{
@@ -256,6 +245,39 @@ func TestRestRemediate(t *testing.T) {
 			},
 			wantErr: false,
 		},
+		{
+			name: "valid remediate with PUT and no body",
+			newRemArgs: newRestRemediateArgs{
+				restCfg: &pb.RestType{
+					Endpoint: `/repos/{{.Entity.Owner}}/{{.Entity.Name}}/branches/{{ index .Params "branch" }}/protection/required_signatures`,
+					Method:   http.MethodPut,
+				},
+			},
+			remArgs: remediateArgs{
+				remAction: interfaces.ActionOptOn,
+				ent: &pb.Repository{
+					Owner:  "OwnerVar",
+					Name:   "NameVar",
+					RepoId: 456,
+				},
+				params: map[string]any{
+					"branch": "main",
+				},
+			},
+			testHandler: func(writer http.ResponseWriter, request *http.Request) {
+				defer request.Body.Close()
+
+				assert.Equal(t, "/repos/OwnerVar/NameVar/branches/main/protection/required_signatures", request.URL.Path, "unexpected path")
+				assert.Equal(t, http.MethodPut, request.Method, "unexpected method")
+
+				var requestBody struct{}
+				err := json.NewDecoder(request.Body).Decode(&requestBody)
+				assert.NoError(t, err, "unexpected error reading body")
+
+				writer.WriteHeader(http.StatusOK)
+			},
+			wantErr: false,
+		},
 		{
 			name: "valid remediate expanding a branch from parameters",
 			newRemArgs: newRestRemediateArgs{