driftctl/pkg/middlewares/google_legacy_bucket_iam_me...

package middlewares

import (
	"strings"

	"github.com/sirupsen/logrus"
	"github.com/snyk/driftctl/enumeration/resource"
	"github.com/snyk/driftctl/enumeration/resource/google"
)

// Creating buckets add legacy role bindings, this middleware will filter them unless they are managed.
type GoogleLegacyBucketIAMMember struct{}

func NewGoogleLegacyBucketIAMMember() *GoogleLegacyBucketIAMMember {
	return &GoogleLegacyBucketIAMMember{}
}

func (m *GoogleLegacyBucketIAMMember) Execute(remoteResources, resourcesFromState *[]*resource.Resource) error {

	newRemoteResources := make([]*resource.Resource, 0)

	for _, remoteResource := range *remoteResources {
		// Ignore all resources other than BucketIamBinding
		if remoteResource.ResourceType() != google.GoogleStorageBucketIamMemberResourceType {
			newRemoteResources = append(newRemoteResources, remoteResource)
			continue
		}

		// Ignore all non-legacy member
		if roleName := remoteResource.Attrs.GetString("role"); roleName != nil && !strings.Contains(*roleName, "legacy") {
			newRemoteResources = append(newRemoteResources, remoteResource)
			continue
		}

		// Check if member is managed by IaC
		existInState := false
		for _, stateResource := range *resourcesFromState {
			if remoteResource.Equal(stateResource) {
				existInState = true
				break
			}
		}

		// Include resource if it's managed in IaC
		if existInState {
			newRemoteResources = append(newRemoteResources, remoteResource)
			continue
		}

		// Else, resource is not added to newRemoteResources slice, so it will be ignored
		logrus.WithFields(logrus.Fields{
			"id":   remoteResource.ResourceId(),
			"type": remoteResource.ResourceType(),
		}).Debug("Ignoring legacy bucket member as it is not managed by IaC")
	}

	*remoteResources = newRemoteResources

	return nil
}
add tests and fixes 2021-09-15 18:36:04 +00:00			`package middlewares`

			`import (`
			`"strings"`

			`"github.com/sirupsen/logrus"`
chore: extract enumeration to it's own submodule 2022-06-28 07:23:29 +00:00			`"github.com/snyk/driftctl/enumeration/resource"`
			`"github.com/snyk/driftctl/enumeration/resource/google"`
add tests and fixes 2021-09-15 18:36:04 +00:00			`)`

			`// Creating buckets add legacy role bindings, this middleware will filter them unless they are managed.`
fix incorrect naming 2021-10-06 15:03:47 +00:00			`type GoogleLegacyBucketIAMMember struct{}`
add tests and fixes 2021-09-15 18:36:04 +00:00
fix incorrect naming 2021-10-06 15:03:47 +00:00			`func NewGoogleLegacyBucketIAMMember() *GoogleLegacyBucketIAMMember {`
			`return &GoogleLegacyBucketIAMMember{}`
add tests and fixes 2021-09-15 18:36:04 +00:00			`}`

fix incorrect naming 2021-10-06 15:03:47 +00:00			`func (m GoogleLegacyBucketIAMMember) Execute(remoteResources, resourcesFromState []*resource.Resource) error {`
add tests and fixes 2021-09-15 18:36:04 +00:00
			`newRemoteResources := make([]*resource.Resource, 0)`

			`for _, remoteResource := range *remoteResources {`
			`// Ignore all resources other than BucketIamBinding`
transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`if remoteResource.ResourceType() != google.GoogleStorageBucketIamMemberResourceType {`
add tests and fixes 2021-09-15 18:36:04 +00:00			`newRemoteResources = append(newRemoteResources, remoteResource)`
			`continue`
			`}`

transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`// Ignore all non-legacy member`
add tests and fixes 2021-09-15 18:36:04 +00:00			`if roleName := remoteResource.Attrs.GetString("role"); roleName != nil && !strings.Contains(*roleName, "legacy") {`
			`newRemoteResources = append(newRemoteResources, remoteResource)`
			`continue`
			`}`

transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`// Check if member is managed by IaC`
add tests and fixes 2021-09-15 18:36:04 +00:00			`existInState := false`
			`for _, stateResource := range *resourcesFromState {`
			`if remoteResource.Equal(stateResource) {`
			`existInState = true`
			`break`
			`}`
			`}`

			`// Include resource if it's managed in IaC`
			`if existInState {`
			`newRemoteResources = append(newRemoteResources, remoteResource)`
			`continue`
			`}`

			`// Else, resource is not added to newRemoteResources slice, so it will be ignored`
			`logrus.WithFields(logrus.Fields{`
			`"id": remoteResource.ResourceId(),`
			`"type": remoteResource.ResourceType(),`
transform every bucket iam into members 2021-10-04 17:03:44 +00:00			`}).Debug("Ignoring legacy bucket member as it is not managed by IaC")`
add tests and fixes 2021-09-15 18:36:04 +00:00			`}`

			`*remoteResources = newRemoteResources`

			`return nil`
			`}`