Merge pull request #699 from cloudskiff/fix/eip_assoc_unmanaged

add middleware to expand eip association embedded inside eip
main
Elie 2021-07-06 15:19:03 +02:00 committed by GitHub
commit 572a732261
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 1878 additions and 0 deletions

View File

@ -100,6 +100,7 @@ func (d DriftCTL) Run() (*analyser.Analysis, error) {
middlewares.NewAwsSNSTopicPolicyExpander(d.resourceFactory, d.resourceSchemaRepository),
middlewares.NewAwsRoleManagedPolicyExpander(d.resourceFactory),
middlewares.NewTagsAllManager(),
middlewares.NewEipAssociationExpander(d.resourceFactory),
)
if !d.opts.StrictMode {

1695
pkg/driftctl_test.go Normal file

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,70 @@
package middlewares
import (
"github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws"
)
/**
Fetching eip association from remote return every association but some of them are embedded in eip.
This middleware will check for every eip_association that here is no corresponding association_id inside eip.
*/
type EipAssociationExpander struct {
resourceFactory resource.ResourceFactory
}
func NewEipAssociationExpander(resourceFactory resource.ResourceFactory) EipAssociationExpander {
return EipAssociationExpander{resourceFactory}
}
func (m EipAssociationExpander) Execute(_, resourcesFromState *[]resource.Resource) error {
var newResources []resource.Resource
for _, res := range *resourcesFromState {
newResources = append(newResources, res)
if res.TerraformType() != aws.AwsEipResourceType {
continue
}
if m.haveMatchingEipAssociation(res, resourcesFromState) {
continue
}
// This EIP have no association, check if we need to create one
assocID := res.Attributes().GetString("association_id")
if assocID == nil || *assocID == "" {
continue
}
attributes := *res.Attributes()
newAssoc := m.resourceFactory.CreateAbstractResource(
aws.AwsEipAssociationResourceType,
*assocID,
map[string]interface{}{
"allocation_id": res.TerraformId(),
"id": *assocID,
"instance_id": attributes["instance"],
"network_interface_id": attributes["network_interface"],
"private_ip_address": attributes["private_ip"],
"public_ip": attributes["public_ip"],
},
)
newResources = append(newResources, newAssoc)
}
*resourcesFromState = newResources
return nil
}
func (m EipAssociationExpander) haveMatchingEipAssociation(cur resource.Resource, stateRes *[]resource.Resource) bool {
for _, res := range *stateRes {
if res.TerraformType() != aws.AwsEipAssociationResourceType {
continue
}
assocId := cur.Attributes().GetString("association_id")
if assocId != nil && res.TerraformId() == *assocId {
return true
}
}
return false
}

View File

@ -0,0 +1,30 @@
package aws_test
import (
"testing"
"github.com/cloudskiff/driftctl/test"
"github.com/cloudskiff/driftctl/test/acceptance"
)
func TestAcc_Aws_EipAssociation(t *testing.T) {
acceptance.Run(t, acceptance.AccTestCase{
TerraformVersion: "0.14.9",
Paths: []string{"./testdata/acc/aws_eip_association"},
Args: []string{"scan", "--filter", "Type=='aws_eip' || Type=='aws_eip_association'"},
Checks: []acceptance.AccCheck{
{
Env: map[string]string{
"AWS_REGION": "us-east-1",
},
Check: func(result *test.ScanResult, stdout string, err error) {
if err != nil {
t.Fatal(err)
}
result.AssertInfrastructureIsInSync()
result.AssertManagedCount(1)
},
},
},
})
}

View File

@ -0,0 +1,21 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/aws" {
version = "3.44.0"
constraints = "~> 3.44.0"
hashes = [
"h1:hxQ8n9SHHfAIXd/FtfAqxokFYWBedzZf7xqQZWJajUs=",
"zh:0680315b29a140e9b7e4f5aeed3f2445abdfab31fc9237f34dcad06de4f410df",
"zh:13811322a205fb4a0ee617f0ae51ec94176befdf569235d0c7064db911f0acc7",
"zh:25e427a1cfcb1d411bc12040cf0684158d094416ecf18889a41196bacc761729",
"zh:40cd6acd24b060823f8d116355d8f844461a11925796b1757eb2ee18abc0bc7c",
"zh:94e2463eef555c388cd27f6e85ad803692d6d80ffa621bdc382ab119001d4de4",
"zh:aadc3bc216b14839e85b463f07b8507920ace5f202a608e4a835df23711c8a0d",
"zh:ab50dc1242af5a8fcdb18cf89beeaf2b2146b51ecfcecdbea033913a5f4c1c14",
"zh:ad48bbf4af66b5d48ca07c5c558d2f5724311db4dd943c1c98a7f3f107e03311",
"zh:ad76796c2145a7aaec1970a5244f5c0a9d200556121e2c5b382f296597b1a03c",
"zh:cf0a2181356598f8a2abfeaf0cdf385bdeea7f2e52821c850a2a08b60c26b9f6",
"zh:f76801af6bc34fe4a5bf1c63fa0204e24b81691049efecd6baa1526593f03935",
]
}

View File

@ -0,0 +1,61 @@
provider "aws" {
region = "us-east-1"
}
terraform {
required_providers {
aws = {
version = "~> 3.44.0"
}
}
}
data "aws_ami" "ubuntu" {
most_recent = true
filter {
name = "name"
values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
owners = ["099720109477"] # Canonical
}
resource "aws_instance" "web" {
ami = data.aws_ami.ubuntu.id
instance_type = "t3.micro"
subnet_id = aws_subnet.subnet-1.id
tags = {
Name = "HelloWorld"
}
}
resource "aws_eip" "lb" {
instance = aws_instance.web.id
vpc = true
// associate_with_private_ip = "10.0.0.12"
depends_on = [aws_internet_gateway.gw]
}
resource "aws_vpc" "default" {
cidr_block = "10.0.0.0/16"
enable_dns_hostnames = true
}
resource "aws_internet_gateway" "gw" {
vpc_id = aws_vpc.default.id
}
resource "aws_subnet" "subnet-1" {
vpc_id = aws_vpc.default.id
cidr_block = "10.0.0.0/24"
map_public_ip_on_launch = true
depends_on = [aws_internet_gateway.gw]
}