driftctl/pkg/remote/aws/vpc_security_group_supplier.go

package aws

import (
	"github.com/cloudskiff/driftctl/pkg/remote/aws/repository"
	remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"

	"github.com/cloudskiff/driftctl/pkg/resource"
	resourceaws "github.com/cloudskiff/driftctl/pkg/resource/aws"

	"github.com/cloudskiff/driftctl/pkg/terraform"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/service/ec2"
	"github.com/sirupsen/logrus"
	"github.com/zclconf/go-cty/cty"
)

type VPCSecurityGroupSupplier struct {
	reader                     terraform.ResourceReader
	deserializer               *resource.Deserializer
	repository                 repository.EC2Repository
	defaultSecurityGroupRunner *terraform.ParallelResourceReader
	securityGroupRunner        *terraform.ParallelResourceReader
}

func NewVPCSecurityGroupSupplier(provider *AWSTerraformProvider, deserializer *resource.Deserializer, repository repository.EC2Repository) *VPCSecurityGroupSupplier {
	return &VPCSecurityGroupSupplier{
		provider,
		deserializer,
		repository,
		terraform.NewParallelResourceReader(provider.Runner().SubRunner()),
		terraform.NewParallelResourceReader(provider.Runner().SubRunner()),
	}
}

func (s *VPCSecurityGroupSupplier) Resources() ([]resource.Resource, error) {
	securityGroups, defaultSecurityGroups, err := s.repository.ListAllSecurityGroups()
	if err != nil {
		return nil, remoteerror.NewResourceEnumerationError(err, resourceaws.AwsSecurityGroupResourceType)
	}

	for _, item := range securityGroups {
		res := *item
		s.securityGroupRunner.Run(func() (cty.Value, error) {
			return s.readSecurityGroup(res)
		})
	}
	securityGroupResources, err := s.securityGroupRunner.Wait()
	if err != nil {
		return nil, err
	}

	for _, item := range defaultSecurityGroups {
		res := *item
		s.defaultSecurityGroupRunner.Run(func() (cty.Value, error) {
			return s.readSecurityGroup(res)
		})
	}
	defaultSecurityGroupResources, err := s.defaultSecurityGroupRunner.Wait()
	if err != nil {
		return nil, err
	}

	// Deserialize
	deserializedDefaultSecurityGroups, err := s.deserializer.Deserialize(resourceaws.AwsDefaultSecurityGroupResourceType, defaultSecurityGroupResources)
	if err != nil {
		return nil, err
	}
	deserializedSecurityGroups, err := s.deserializer.Deserialize(resourceaws.AwsSecurityGroupResourceType, securityGroupResources)
	if err != nil {
		return nil, err
	}

	resources := make([]resource.Resource, 0, len(securityGroupResources)+len(defaultSecurityGroupResources))
	resources = append(resources, deserializedDefaultSecurityGroups...)
	resources = append(resources, deserializedSecurityGroups...)

	return resources, nil
}

func (s *VPCSecurityGroupSupplier) readSecurityGroup(securityGroup ec2.SecurityGroup) (cty.Value, error) {
	var Ty resource.ResourceType = resourceaws.AwsSecurityGroupResourceType
	if isDefaultSecurityGroup(securityGroup) {
		Ty = resourceaws.AwsDefaultSecurityGroupResourceType
	}
	val, err := s.reader.ReadResource(terraform.ReadResourceArgs{
		ID: aws.StringValue(securityGroup.GroupId),
		Ty: Ty,
	})
	if err != nil {
		logrus.Error(err)
		return cty.NilVal, err
	}
	return *val, nil
}

// Return true if the security group is considered as a default one
func isDefaultSecurityGroup(securityGroup ec2.SecurityGroup) bool {
	return securityGroup.GroupName != nil && *securityGroup.GroupName == "default"
}
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`package aws`

			`import (`
Issue 165: Add security_group_supplier to ec2_repository 2021-05-20 17:28:56 +00:00			`"github.com/cloudskiff/driftctl/pkg/remote/aws/repository"`
alert and ignore when listing resources is forbidden 2021-01-20 13:01:57 +00:00			`remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"`

🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`"github.com/cloudskiff/driftctl/pkg/resource"`
			`resourceaws "github.com/cloudskiff/driftctl/pkg/resource/aws"`
Finished refacto 2021-05-21 14:09:45 +00:00
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`"github.com/cloudskiff/driftctl/pkg/terraform"`

			`"github.com/aws/aws-sdk-go/aws"`
			`"github.com/aws/aws-sdk-go/service/ec2"`
			`"github.com/sirupsen/logrus"`
			`"github.com/zclconf/go-cty/cty"`
			`)`

			`type VPCSecurityGroupSupplier struct {`
Finished refacto 2021-05-21 14:09:45 +00:00			`reader terraform.ResourceReader`
			`deserializer *resource.Deserializer`
Refacto AWS mocks for repositories and clients 2021-06-28 16:21:12 +00:00			`repository repository.EC2Repository`
Finished refacto 2021-05-21 14:09:45 +00:00			`defaultSecurityGroupRunner *terraform.ParallelResourceReader`
			`securityGroupRunner *terraform.ParallelResourceReader`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`}`

Refacto AWS mocks for repositories and clients 2021-06-28 16:21:12 +00:00			`func NewVPCSecurityGroupSupplier(provider AWSTerraformProvider, deserializer resource.Deserializer, repository repository.EC2Repository) *VPCSecurityGroupSupplier {`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00			`return &VPCSecurityGroupSupplier{`
Remove singleton to fix issues when chain multiples cmd run We have some issue when running acceptance test, more generally when we use to execute scan cmd multiples times. We were using global singletons for provider and resources suppliers managment which lead us to improper state in the second scan run. We should avoid this in the future and make proper initialization of our dependencies maybe using a dependency injection container. 2021-01-22 17:06:17 +00:00			`provider,`
Finished refacto 2021-05-21 14:09:45 +00:00			`deserializer,`
Refacto AWS mocks for repositories and clients 2021-06-28 16:21:12 +00:00			`repository,`
Remove singleton to fix issues when chain multiples cmd run We have some issue when running acceptance test, more generally when we use to execute scan cmd multiples times. We were using global singletons for provider and resources suppliers managment which lead us to improper state in the second scan run. We should avoid this in the future and make proper initialization of our dependencies maybe using a dependency injection container. 2021-01-22 17:06:17 +00:00			`terraform.NewParallelResourceReader(provider.Runner().SubRunner()),`
			`terraform.NewParallelResourceReader(provider.Runner().SubRunner()),`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00			`}`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`}`

Fix race conditions when using multiples runners in a single supplier 2021-03-17 15:54:53 +00:00			`func (s *VPCSecurityGroupSupplier) Resources() ([]resource.Resource, error) {`
Refacto AWS mocks for repositories and clients 2021-06-28 16:21:12 +00:00			`securityGroups, defaultSecurityGroups, err := s.repository.ListAllSecurityGroups()`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`if err != nil {`
alert and ignore when listing resources is forbidden 2021-01-20 13:01:57 +00:00			`return nil, remoteerror.NewResourceEnumerationError(err, resourceaws.AwsSecurityGroupResourceType)`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`}`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00
			`for _, item := range securityGroups {`
			`res := *item`
			`s.securityGroupRunner.Run(func() (cty.Value, error) {`
			`return s.readSecurityGroup(res)`
			`})`
			`}`
			`securityGroupResources, err := s.securityGroupRunner.Wait()`
			`if err != nil {`
			`return nil, err`
			`}`

			`for _, item := range defaultSecurityGroups {`
			`res := *item`
			`s.defaultSecurityGroupRunner.Run(func() (cty.Value, error) {`
			`return s.readSecurityGroup(res)`
			`})`
			`}`
			`defaultSecurityGroupResources, err := s.defaultSecurityGroupRunner.Wait()`
			`if err != nil {`
			`return nil, err`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`}`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00
			`// Deserialize`
Finished refacto 2021-05-21 14:09:45 +00:00			`deserializedDefaultSecurityGroups, err := s.deserializer.Deserialize(resourceaws.AwsDefaultSecurityGroupResourceType, defaultSecurityGroupResources)`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00			`if err != nil {`
			`return nil, err`
			`}`
Finished refacto 2021-05-21 14:09:45 +00:00			`deserializedSecurityGroups, err := s.deserializer.Deserialize(resourceaws.AwsSecurityGroupResourceType, securityGroupResources)`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`resources := make([]resource.Resource, 0, len(securityGroupResources)+len(defaultSecurityGroupResources))`
			`resources = append(resources, deserializedDefaultSecurityGroups...)`
			`resources = append(resources, deserializedSecurityGroups...)`

			`return resources, nil`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`}`

Fix race conditions when using multiples runners in a single supplier 2021-03-17 15:54:53 +00:00			`func (s *VPCSecurityGroupSupplier) readSecurityGroup(securityGroup ec2.SecurityGroup) (cty.Value, error) {`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00			`var Ty resource.ResourceType = resourceaws.AwsSecurityGroupResourceType`
Refactor isDefaultSecurityGroup function 2021-01-15 16:02:44 +00:00			`if isDefaultSecurityGroup(securityGroup) {`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00			`Ty = resourceaws.AwsDefaultSecurityGroupResourceType`
			`}`
			`val, err := s.reader.ReadResource(terraform.ReadResourceArgs{`
			`ID: aws.StringValue(securityGroup.GroupId),`
			`Ty: Ty,`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`})`
			`if err != nil {`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00			`logrus.Error(err)`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`return cty.NilVal, err`
			`}`
Add aws_default_security_group 2021-01-15 13:15:31 +00:00			`return *val, nil`
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`}`

Refactor isDefaultSecurityGroup function 2021-01-15 16:02:44 +00:00			`// Return true if the security group is considered as a default one`
			`func isDefaultSecurityGroup(securityGroup ec2.SecurityGroup) bool {`
			`return securityGroup.GroupName != nil && *securityGroup.GroupName == "default"`
			`}`