From 7ff1b60fbaf320a72a8446e4a92730f0bb4b5be9 Mon Sep 17 00:00:00 2001 From: sundowndev Date: Mon, 18 Oct 2021 17:33:23 +0200 Subject: [PATCH] feat: azurerm_network_security_group deep mode --- .../state/terraform_state_reader_test.go | 84 +++++++++++++ .../results.golden.json | 48 +++++++ .../terraform.tfstate | 119 ++++++++++++++++++ pkg/remote/azurerm/init.go | 2 + pkg/remote/azurerm_network_scanner_test.go | 75 +++++++---- ...ceptanceTestSecurityGroup1.res.golden.json | 5 + ...ceptanceTestSecurityGroup2.res.golden.json | 5 + .../results.golden.json | 41 ++++++ .../azurerm/azurerm_network_security_group.go | 4 + .../azurerm_network_security_group_test.go | 1 + pkg/resource/resource_types.go | 16 +-- 11 files changed, 366 insertions(+), 34 deletions(-) create mode 100755 pkg/iac/terraform/state/test/azurerm_network_security_group/results.golden.json create mode 100644 pkg/iac/terraform/state/test/azurerm_network_security_group/terraform.tfstate create mode 100755 pkg/remote/test/azurerm_network_security_group_multiple/azurerm_network_security_group-_subscriptions_7bfb2c5c-7308-46ed-8ae4-fffa356eb406_resourceGroups_example-resources_providers_Microsoft.Network_networkSecurityGroups_acceptanceTestSecurityGroup1.res.golden.json create mode 100755 pkg/remote/test/azurerm_network_security_group_multiple/azurerm_network_security_group-_subscriptions_7bfb2c5c-7308-46ed-8ae4-fffa356eb406_resourceGroups_example-resources_providers_Microsoft.Network_networkSecurityGroups_acceptanceTestSecurityGroup2.res.golden.json create mode 100755 pkg/remote/test/azurerm_network_security_group_multiple/results.golden.json diff --git a/pkg/iac/terraform/state/terraform_state_reader_test.go b/pkg/iac/terraform/state/terraform_state_reader_test.go index 03709201..c0a162ec 100644 --- a/pkg/iac/terraform/state/terraform_state_reader_test.go +++ b/pkg/iac/terraform/state/terraform_state_reader_test.go @@ -9,8 +9,10 @@ import ( "github.com/cloudskiff/driftctl/pkg/filter" "github.com/cloudskiff/driftctl/pkg/output" + "github.com/cloudskiff/driftctl/pkg/remote/azurerm" "github.com/cloudskiff/driftctl/pkg/remote/google" resourceaws "github.com/cloudskiff/driftctl/pkg/resource/aws" + resourceazure "github.com/cloudskiff/driftctl/pkg/resource/azurerm" resourcegithub "github.com/cloudskiff/driftctl/pkg/resource/github" resourcegoogle "github.com/cloudskiff/driftctl/pkg/resource/google" testresource "github.com/cloudskiff/driftctl/test/resource" @@ -410,6 +412,88 @@ func TestTerraformStateReader_Google_Resources(t *testing.T) { } } +func TestTerraformStateReader_Azure_Resources(t *testing.T) { + tests := []struct { + name string + dirName string + wantErr bool + }{ + {name: "network security group", dirName: "azurerm_network_security_group", wantErr: false}, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + progress := &output.MockProgress{} + progress.On("Inc").Return().Times(1) + progress.On("Stop").Return().Times(1) + + shouldUpdate := tt.dirName == *goldenfile.Update + + var realProvider *azurerm.AzureTerraformProvider + providerVersion := "2.71.0" + var err error + realProvider, err = azurerm.NewAzureTerraformProvider(providerVersion, progress, "") + if err != nil { + t.Fatal(err) + } + provider := terraform2.NewFakeTerraformProvider(realProvider) + + if shouldUpdate { + err = realProvider.Init() + if err != nil { + t.Fatal(err) + } + provider.ShouldUpdate() + } + + library := terraform.NewProviderLibrary() + library.AddProvider(terraform.AZURE, provider) + + repo := testresource.InitFakeSchemaRepository(terraform.AZURE, providerVersion) + resourceazure.InitResourcesMetadata(repo) + factory := terraform.NewTerraformResourceFactory(repo) + + r := &TerraformStateReader{ + config: config.SupplierConfig{ + Path: path.Join(goldenfile.GoldenFilePath, tt.dirName, "terraform.tfstate"), + }, + library: library, + progress: progress, + deserializer: resource.NewDeserializer(factory), + } + + got, err := r.Resources() + resGoldenName := goldenfile.ResultsFilename + if shouldUpdate { + unm, err := json.Marshal(got) + if err != nil { + panic(err) + } + goldenfile.WriteFile(tt.dirName, unm, resGoldenName) + } + + file := goldenfile.ReadFile(tt.dirName, resGoldenName) + var want []interface{} + if err := json.Unmarshal(file, &want); err != nil { + panic(err) + } + + if (err != nil) != tt.wantErr { + t.Errorf("Resources() error = %v, wantErr %v", err, tt.wantErr) + return + } + changelog, err := diff.Diff(convert(got), want) + if err != nil { + panic(err) + } + if len(changelog) > 0 { + for _, change := range changelog { + t.Errorf("%s got = %v, want %v", strings.Join(change.Path, "."), change.From, change.To) + } + } + }) + } +} + func convert(got []*resource.Resource) []interface{} { unm, err := json.Marshal(got) if err != nil { diff --git a/pkg/iac/terraform/state/test/azurerm_network_security_group/results.golden.json b/pkg/iac/terraform/state/test/azurerm_network_security_group/results.golden.json new file mode 100755 index 00000000..2cea168e --- /dev/null +++ b/pkg/iac/terraform/state/test/azurerm_network_security_group/results.golden.json @@ -0,0 +1,48 @@ +[ + { + "Id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup1", + "Type": "azurerm_network_security_group", + "Attrs": { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup1", + "location": "westeurope", + "name": "acceptanceTestSecurityGroup1", + "resource_group_name": "example-resources", + "security_rule": [ + { + "access": "Allow", + "description": "", + "destination_address_prefix": "*", + "destination_port_range": "*", + "direction": "Inbound", + "name": "test123", + "priority": 100, + "protocol": "Tcp", + "source_address_prefix": "*", + "source_port_range": "*" + } + ], + "tags": { + "environment": "Production" + } + } + }, + { + "Id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup2", + "Type": "azurerm_network_security_group", + "Attrs": { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup2", + "location": "westeurope", + "name": "acceptanceTestSecurityGroup2", + "resource_group_name": "example-resources" + } + }, + { + "Id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources", + "Type": "azurerm_resource_group", + "Attrs": { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources", + "location": "westeurope", + "name": "example-resources" + } + } +] \ No newline at end of file diff --git a/pkg/iac/terraform/state/test/azurerm_network_security_group/terraform.tfstate b/pkg/iac/terraform/state/test/azurerm_network_security_group/terraform.tfstate new file mode 100644 index 00000000..eae32a32 --- /dev/null +++ b/pkg/iac/terraform/state/test/azurerm_network_security_group/terraform.tfstate @@ -0,0 +1,119 @@ +{ + "version": 4, + "terraform_version": "0.15.5", + "serial": 362, + "lineage": "9566e18d-6080-4aa8-e9a6-4c38905cf68f", + "outputs": {}, + "resources": [ + { + "mode": "data", + "type": "azurerm_resource_group", + "name": "raphael-dev", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/raphael-dev", + "location": "eastus", + "name": "raphael-dev", + "tags": {}, + "timeouts": null + }, + "sensitive_attributes": [] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_network_security_group", + "name": "example", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup1", + "location": "westeurope", + "name": "acceptanceTestSecurityGroup1", + "resource_group_name": "example-resources", + "security_rule": [ + { + "access": "Allow", + "description": "", + "destination_address_prefix": "*", + "destination_address_prefixes": [], + "destination_application_security_group_ids": [], + "destination_port_range": "*", + "destination_port_ranges": [], + "direction": "Inbound", + "name": "test123", + "priority": 100, + "protocol": "Tcp", + "source_address_prefix": "*", + "source_address_prefixes": [], + "source_application_security_group_ids": [], + "source_port_range": "*", + "source_port_ranges": [] + } + ], + "tags": { + "environment": "Production" + }, + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.example" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_network_security_group", + "name": "example-1", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup2", + "location": "westeurope", + "name": "acceptanceTestSecurityGroup2", + "resource_group_name": "example-resources", + "security_rule": [], + "tags": null, + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.example" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_resource_group", + "name": "example", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources", + "location": "westeurope", + "name": "example-resources", + "tags": {}, + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwLCJkZWxldGUiOjU0MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjo1NDAwMDAwMDAwMDAwfX0=" + } + ] + } + ] +} diff --git a/pkg/remote/azurerm/init.go b/pkg/remote/azurerm/init.go index 823eb2a9..111a73e6 100644 --- a/pkg/remote/azurerm/init.go +++ b/pkg/remote/azurerm/init.go @@ -48,6 +48,7 @@ func Init( postgresqlRepo := repository.NewPostgresqlRepository(con, providerConfig, c) providerLibrary.AddProvider(terraform.AZURE, provider) + deserializer := resource.NewDeserializer(factory) remoteLibrary.AddEnumerator(NewAzurermStorageAccountEnumerator(storageAccountRepo, factory)) remoteLibrary.AddEnumerator(NewAzurermStorageContainerEnumerator(storageAccountRepo, factory)) @@ -62,6 +63,7 @@ func Init( remoteLibrary.AddEnumerator(NewAzurermPublicIPEnumerator(networkRepo, factory)) remoteLibrary.AddEnumerator(NewAzurermPostgresqlDatabaseEnumerator(postgresqlRepo, factory)) remoteLibrary.AddEnumerator(NewAzurermNetworkSecurityGroupEnumerator(networkRepo, factory)) + remoteLibrary.AddDetailsFetcher(azurerm.AzureNetworkSecurityGroupResourceType, common.NewGenericDetailsFetcher(azurerm.AzureNetworkSecurityGroupResourceType, provider, deserializer)) err = resourceSchemaRepository.Init(terraform.AZURE, provider.Version(), provider.Schema()) if err != nil { diff --git a/pkg/remote/azurerm_network_scanner_test.go b/pkg/remote/azurerm_network_scanner_test.go index 47717601..62dd23b2 100644 --- a/pkg/remote/azurerm_network_scanner_test.go +++ b/pkg/remote/azurerm_network_scanner_test.go @@ -3,18 +3,24 @@ package remote import ( "testing" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/azure-sdk-for-go/sdk/network/armnetwork" "github.com/cloudskiff/driftctl/mocks" "github.com/cloudskiff/driftctl/pkg/filter" "github.com/cloudskiff/driftctl/pkg/remote/azurerm" "github.com/cloudskiff/driftctl/pkg/remote/azurerm/repository" + "github.com/cloudskiff/driftctl/pkg/remote/cache" "github.com/cloudskiff/driftctl/pkg/remote/common" error2 "github.com/cloudskiff/driftctl/pkg/remote/error" "github.com/cloudskiff/driftctl/pkg/resource" resourceazure "github.com/cloudskiff/driftctl/pkg/resource/azurerm" "github.com/cloudskiff/driftctl/pkg/terraform" + "github.com/cloudskiff/driftctl/test" + "github.com/cloudskiff/driftctl/test/goldenfile" testresource "github.com/cloudskiff/driftctl/test/resource" + terraform2 "github.com/cloudskiff/driftctl/test/terraform" "github.com/pkg/errors" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" @@ -679,54 +685,45 @@ func TestAzurermSecurityGroups(t *testing.T) { dummyError := errors.New("this is an error") tests := []struct { - test string - mocks func(*repository.MockNetworkRepository, *mocks.AlerterInterface) - assertExpected func(t *testing.T, got []*resource.Resource) - wantErr error + test string + dirName string + mocks func(*repository.MockNetworkRepository, *mocks.AlerterInterface) + wantErr error }{ { - test: "no security group", + test: "no security group", + dirName: "azurerm_network_security_group_empty", mocks: func(repository *repository.MockNetworkRepository, alerter *mocks.AlerterInterface) { repository.On("ListAllSecurityGroups").Return([]*armnetwork.NetworkSecurityGroup{}, nil) }, - assertExpected: func(t *testing.T, got []*resource.Resource) { - assert.Len(t, got, 0) - }, }, { - test: "error listing security groups", + test: "error listing security groups", + dirName: "azurerm_network_security_group_empty", mocks: func(repository *repository.MockNetworkRepository, alerter *mocks.AlerterInterface) { repository.On("ListAllSecurityGroups").Return(nil, dummyError) }, wantErr: error2.NewResourceListingError(dummyError, resourceazure.AzureNetworkSecurityGroupResourceType), }, { - test: "multiple security groups", + test: "multiple security groups", + dirName: "azurerm_network_security_group_multiple", mocks: func(repository *repository.MockNetworkRepository, alerter *mocks.AlerterInterface) { repository.On("ListAllSecurityGroups").Return([]*armnetwork.NetworkSecurityGroup{ { Resource: armnetwork.Resource{ - ID: to.StringPtr("sec-group1"), // Here we don't care to have a valid ID, it is for testing purpose only - Name: to.StringPtr("sec-group1"), + ID: to.StringPtr("/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup1"), + Name: to.StringPtr("acceptanceTestSecurityGroup1"), }, }, { Resource: armnetwork.Resource{ - ID: to.StringPtr("sec-group2"), - Name: to.StringPtr("sec-group2"), + ID: to.StringPtr("/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup2"), + Name: to.StringPtr("acceptanceTestSecurityGroup2"), }, }, }, nil) }, - assertExpected: func(t *testing.T, got []*resource.Resource) { - assert.Len(t, got, 2) - - assert.Equal(t, got[0].ResourceId(), "sec-group1") - assert.Equal(t, got[0].ResourceType(), resourceazure.AzureNetworkSecurityGroupResourceType) - - assert.Equal(t, got[1].ResourceId(), "sec-group2") - assert.Equal(t, got[1].ResourceType(), resourceazure.AzureNetworkSecurityGroupResourceType) - }, }, } @@ -734,11 +731,14 @@ func TestAzurermSecurityGroups(t *testing.T) { schemaRepository := testresource.InitFakeSchemaRepository("azurerm", providerVersion) resourceazure.InitResourcesMetadata(schemaRepository) factory := terraform.NewTerraformResourceFactory(schemaRepository) + deserializer := resource.NewDeserializer(factory) for _, c := range tests { t.Run(c.test, func(tt *testing.T) { + shouldUpdate := c.dirName == *goldenfile.Update - scanOptions := ScannerOptions{} + scanOptions := ScannerOptions{Deep: true} + providerLibrary := terraform.NewProviderLibrary() remoteLibrary := common.NewRemoteLibrary() // Initialize mocks @@ -747,8 +747,31 @@ func TestAzurermSecurityGroups(t *testing.T) { c.mocks(fakeRepo, alerter) var repo repository.NetworkRepository = fakeRepo + providerVersion := "2.71.0" + realProvider, err := terraform2.InitTestAzureProvider(providerLibrary, providerVersion) + if err != nil { + t.Fatal(err) + } + provider := terraform2.NewFakeTerraformProvider(realProvider) + provider.WithResponse(c.dirName) + + // Replace mock by real resources if we are in update mode + if shouldUpdate { + err := realProvider.Init() + if err != nil { + t.Fatal(err) + } + provider.ShouldUpdate() + cred, err := azidentity.NewDefaultAzureCredential(&azidentity.DefaultAzureCredentialOptions{}) + if err != nil { + t.Fatal(err) + } + con := arm.NewDefaultConnection(cred, nil) + repo = repository.NewNetworkRepository(con, realProvider.GetConfig(), cache.New(0)) + } remoteLibrary.AddEnumerator(azurerm.NewAzurermNetworkSecurityGroupEnumerator(repo, factory)) + remoteLibrary.AddDetailsFetcher(resourceazure.AzureNetworkSecurityGroupResourceType, common.NewGenericDetailsFetcher(resourceazure.AzureNetworkSecurityGroupResourceType, provider, deserializer)) testFilter := &filter.MockFilter{} testFilter.On("IsTypeIgnored", mock.Anything).Return(false) @@ -756,11 +779,11 @@ func TestAzurermSecurityGroups(t *testing.T) { s := NewScanner(remoteLibrary, alerter, scanOptions, testFilter) got, err := s.Resources() assert.Equal(tt, c.wantErr, err) + if err != nil { return } - - c.assertExpected(tt, got) + test.TestAgainstGoldenFile(got, resourceazure.AzureNetworkSecurityGroupResourceType, c.dirName, provider, deserializer, shouldUpdate, tt) alerter.AssertExpectations(tt) fakeRepo.AssertExpectations(tt) }) diff --git a/pkg/remote/test/azurerm_network_security_group_multiple/azurerm_network_security_group-_subscriptions_7bfb2c5c-7308-46ed-8ae4-fffa356eb406_resourceGroups_example-resources_providers_Microsoft.Network_networkSecurityGroups_acceptanceTestSecurityGroup1.res.golden.json b/pkg/remote/test/azurerm_network_security_group_multiple/azurerm_network_security_group-_subscriptions_7bfb2c5c-7308-46ed-8ae4-fffa356eb406_resourceGroups_example-resources_providers_Microsoft.Network_networkSecurityGroups_acceptanceTestSecurityGroup1.res.golden.json new file mode 100755 index 00000000..3c0d32de --- /dev/null +++ b/pkg/remote/test/azurerm_network_security_group_multiple/azurerm_network_security_group-_subscriptions_7bfb2c5c-7308-46ed-8ae4-fffa356eb406_resourceGroups_example-resources_providers_Microsoft.Network_networkSecurityGroups_acceptanceTestSecurityGroup1.res.golden.json @@ -0,0 +1,5 @@ +{ + "Typ": "WyJvYmplY3QiLHsiaWQiOiJzdHJpbmciLCJsb2NhdGlvbiI6InN0cmluZyIsIm5hbWUiOiJzdHJpbmciLCJyZXNvdXJjZV9ncm91cF9uYW1lIjoic3RyaW5nIiwic2VjdXJpdHlfcnVsZSI6WyJzZXQiLFsib2JqZWN0Iix7ImFjY2VzcyI6InN0cmluZyIsImRlc2NyaXB0aW9uIjoic3RyaW5nIiwiZGVzdGluYXRpb25fYWRkcmVzc19wcmVmaXgiOiJzdHJpbmciLCJkZXN0aW5hdGlvbl9hZGRyZXNzX3ByZWZpeGVzIjpbInNldCIsInN0cmluZyJdLCJkZXN0aW5hdGlvbl9hcHBsaWNhdGlvbl9zZWN1cml0eV9ncm91cF9pZHMiOlsic2V0Iiwic3RyaW5nIl0sImRlc3RpbmF0aW9uX3BvcnRfcmFuZ2UiOiJzdHJpbmciLCJkZXN0aW5hdGlvbl9wb3J0X3JhbmdlcyI6WyJzZXQiLCJzdHJpbmciXSwiZGlyZWN0aW9uIjoic3RyaW5nIiwibmFtZSI6InN0cmluZyIsInByaW9yaXR5IjoibnVtYmVyIiwicHJvdG9jb2wiOiJzdHJpbmciLCJzb3VyY2VfYWRkcmVzc19wcmVmaXgiOiJzdHJpbmciLCJzb3VyY2VfYWRkcmVzc19wcmVmaXhlcyI6WyJzZXQiLCJzdHJpbmciXSwic291cmNlX2FwcGxpY2F0aW9uX3NlY3VyaXR5X2dyb3VwX2lkcyI6WyJzZXQiLCJzdHJpbmciXSwic291cmNlX3BvcnRfcmFuZ2UiOiJzdHJpbmciLCJzb3VyY2VfcG9ydF9yYW5nZXMiOlsic2V0Iiwic3RyaW5nIl19XV0sInRhZ3MiOlsibWFwIiwic3RyaW5nIl0sInRpbWVvdXRzIjpbIm9iamVjdCIseyJjcmVhdGUiOiJzdHJpbmciLCJkZWxldGUiOiJzdHJpbmciLCJyZWFkIjoic3RyaW5nIiwidXBkYXRlIjoic3RyaW5nIn1dfV0=", + "Val": "eyJpZCI6Ii9zdWJzY3JpcHRpb25zLzdiZmIyYzVjLTczMDgtNDZlZC04YWU0LWZmZmEzNTZlYjQwNi9yZXNvdXJjZUdyb3Vwcy9leGFtcGxlLXJlc291cmNlcy9wcm92aWRlcnMvTWljcm9zb2Z0Lk5ldHdvcmsvbmV0d29ya1NlY3VyaXR5R3JvdXBzL2FjY2VwdGFuY2VUZXN0U2VjdXJpdHlHcm91cDEiLCJsb2NhdGlvbiI6Indlc3RldXJvcGUiLCJuYW1lIjoiYWNjZXB0YW5jZVRlc3RTZWN1cml0eUdyb3VwMSIsInJlc291cmNlX2dyb3VwX25hbWUiOiJleGFtcGxlLXJlc291cmNlcyIsInNlY3VyaXR5X3J1bGUiOlt7ImFjY2VzcyI6IkFsbG93IiwiZGVzY3JpcHRpb24iOiIiLCJkZXN0aW5hdGlvbl9hZGRyZXNzX3ByZWZpeCI6IioiLCJkZXN0aW5hdGlvbl9hZGRyZXNzX3ByZWZpeGVzIjpbXSwiZGVzdGluYXRpb25fYXBwbGljYXRpb25fc2VjdXJpdHlfZ3JvdXBfaWRzIjpbXSwiZGVzdGluYXRpb25fcG9ydF9yYW5nZSI6IioiLCJkZXN0aW5hdGlvbl9wb3J0X3JhbmdlcyI6W10sImRpcmVjdGlvbiI6IkluYm91bmQiLCJuYW1lIjoidGVzdDEyMyIsInByaW9yaXR5IjoxMDAsInByb3RvY29sIjoiVGNwIiwic291cmNlX2FkZHJlc3NfcHJlZml4IjoiKiIsInNvdXJjZV9hZGRyZXNzX3ByZWZpeGVzIjpbXSwic291cmNlX2FwcGxpY2F0aW9uX3NlY3VyaXR5X2dyb3VwX2lkcyI6W10sInNvdXJjZV9wb3J0X3JhbmdlIjoiKiIsInNvdXJjZV9wb3J0X3JhbmdlcyI6W119XSwidGFncyI6eyJlbnZpcm9ubWVudCI6IlByb2R1Y3Rpb24ifSwidGltZW91dHMiOnsiY3JlYXRlIjpudWxsLCJkZWxldGUiOm51bGwsInJlYWQiOm51bGwsInVwZGF0ZSI6bnVsbH19", + "Err": null +} \ No newline at end of file diff --git a/pkg/remote/test/azurerm_network_security_group_multiple/azurerm_network_security_group-_subscriptions_7bfb2c5c-7308-46ed-8ae4-fffa356eb406_resourceGroups_example-resources_providers_Microsoft.Network_networkSecurityGroups_acceptanceTestSecurityGroup2.res.golden.json b/pkg/remote/test/azurerm_network_security_group_multiple/azurerm_network_security_group-_subscriptions_7bfb2c5c-7308-46ed-8ae4-fffa356eb406_resourceGroups_example-resources_providers_Microsoft.Network_networkSecurityGroups_acceptanceTestSecurityGroup2.res.golden.json new file mode 100755 index 00000000..8e0b2665 --- /dev/null +++ b/pkg/remote/test/azurerm_network_security_group_multiple/azurerm_network_security_group-_subscriptions_7bfb2c5c-7308-46ed-8ae4-fffa356eb406_resourceGroups_example-resources_providers_Microsoft.Network_networkSecurityGroups_acceptanceTestSecurityGroup2.res.golden.json @@ -0,0 +1,5 @@ +{ + "Typ": "WyJvYmplY3QiLHsiaWQiOiJzdHJpbmciLCJsb2NhdGlvbiI6InN0cmluZyIsIm5hbWUiOiJzdHJpbmciLCJyZXNvdXJjZV9ncm91cF9uYW1lIjoic3RyaW5nIiwic2VjdXJpdHlfcnVsZSI6WyJzZXQiLFsib2JqZWN0Iix7ImFjY2VzcyI6InN0cmluZyIsImRlc2NyaXB0aW9uIjoic3RyaW5nIiwiZGVzdGluYXRpb25fYWRkcmVzc19wcmVmaXgiOiJzdHJpbmciLCJkZXN0aW5hdGlvbl9hZGRyZXNzX3ByZWZpeGVzIjpbInNldCIsInN0cmluZyJdLCJkZXN0aW5hdGlvbl9hcHBsaWNhdGlvbl9zZWN1cml0eV9ncm91cF9pZHMiOlsic2V0Iiwic3RyaW5nIl0sImRlc3RpbmF0aW9uX3BvcnRfcmFuZ2UiOiJzdHJpbmciLCJkZXN0aW5hdGlvbl9wb3J0X3JhbmdlcyI6WyJzZXQiLCJzdHJpbmciXSwiZGlyZWN0aW9uIjoic3RyaW5nIiwibmFtZSI6InN0cmluZyIsInByaW9yaXR5IjoibnVtYmVyIiwicHJvdG9jb2wiOiJzdHJpbmciLCJzb3VyY2VfYWRkcmVzc19wcmVmaXgiOiJzdHJpbmciLCJzb3VyY2VfYWRkcmVzc19wcmVmaXhlcyI6WyJzZXQiLCJzdHJpbmciXSwic291cmNlX2FwcGxpY2F0aW9uX3NlY3VyaXR5X2dyb3VwX2lkcyI6WyJzZXQiLCJzdHJpbmciXSwic291cmNlX3BvcnRfcmFuZ2UiOiJzdHJpbmciLCJzb3VyY2VfcG9ydF9yYW5nZXMiOlsic2V0Iiwic3RyaW5nIl19XV0sInRhZ3MiOlsibWFwIiwic3RyaW5nIl0sInRpbWVvdXRzIjpbIm9iamVjdCIseyJjcmVhdGUiOiJzdHJpbmciLCJkZWxldGUiOiJzdHJpbmciLCJyZWFkIjoic3RyaW5nIiwidXBkYXRlIjoic3RyaW5nIn1dfV0=", + "Val": "eyJpZCI6Ii9zdWJzY3JpcHRpb25zLzdiZmIyYzVjLTczMDgtNDZlZC04YWU0LWZmZmEzNTZlYjQwNi9yZXNvdXJjZUdyb3Vwcy9leGFtcGxlLXJlc291cmNlcy9wcm92aWRlcnMvTWljcm9zb2Z0Lk5ldHdvcmsvbmV0d29ya1NlY3VyaXR5R3JvdXBzL2FjY2VwdGFuY2VUZXN0U2VjdXJpdHlHcm91cDIiLCJsb2NhdGlvbiI6Indlc3RldXJvcGUiLCJuYW1lIjoiYWNjZXB0YW5jZVRlc3RTZWN1cml0eUdyb3VwMiIsInJlc291cmNlX2dyb3VwX25hbWUiOiJleGFtcGxlLXJlc291cmNlcyIsInNlY3VyaXR5X3J1bGUiOltdLCJ0YWdzIjp7fSwidGltZW91dHMiOnsiY3JlYXRlIjpudWxsLCJkZWxldGUiOm51bGwsInJlYWQiOm51bGwsInVwZGF0ZSI6bnVsbH19", + "Err": null +} \ No newline at end of file diff --git a/pkg/remote/test/azurerm_network_security_group_multiple/results.golden.json b/pkg/remote/test/azurerm_network_security_group_multiple/results.golden.json new file mode 100755 index 00000000..5a57c3a1 --- /dev/null +++ b/pkg/remote/test/azurerm_network_security_group_multiple/results.golden.json @@ -0,0 +1,41 @@ +[ + { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup2", + "location": "westeurope", + "name": "acceptanceTestSecurityGroup2", + "resource_group_name": "example-resources", + "security_rule": null, + "tags": null, + "timeouts": null + }, + { + "id": "/subscriptions/7bfb2c5c-7308-46ed-8ae4-fffa356eb406/resourceGroups/example-resources/providers/Microsoft.Network/networkSecurityGroups/acceptanceTestSecurityGroup1", + "location": "westeurope", + "name": "acceptanceTestSecurityGroup1", + "resource_group_name": "example-resources", + "security_rule": [ + { + "access": "Allow", + "description": "", + "destination_address_prefix": "*", + "destination_address_prefixes": null, + "destination_application_security_group_ids": null, + "destination_port_range": "*", + "destination_port_ranges": null, + "direction": "Inbound", + "name": "test123", + "priority": 100, + "protocol": "Tcp", + "source_address_prefix": "*", + "source_address_prefixes": null, + "source_application_security_group_ids": null, + "source_port_range": "*", + "source_port_ranges": null + } + ], + "tags": { + "environment": "Production" + }, + "timeouts": null + } +] \ No newline at end of file diff --git a/pkg/resource/azurerm/azurerm_network_security_group.go b/pkg/resource/azurerm/azurerm_network_security_group.go index dd9133f5..79f607e4 100644 --- a/pkg/resource/azurerm/azurerm_network_security_group.go +++ b/pkg/resource/azurerm/azurerm_network_security_group.go @@ -5,6 +5,9 @@ import "github.com/cloudskiff/driftctl/pkg/resource" const AzureNetworkSecurityGroupResourceType = "azurerm_network_security_group" func initAzureNetworkSecurityGroupMetadata(resourceSchemaRepository resource.SchemaRepositoryInterface) { + resourceSchemaRepository.SetNormalizeFunc(AzureNetworkSecurityGroupResourceType, func(res *resource.Resource) { + res.Attributes().SafeDelete([]string{"timeouts"}) + }) resourceSchemaRepository.SetHumanReadableAttributesFunc(AzureNetworkSecurityGroupResourceType, func(res *resource.Resource) map[string]string { val := res.Attrs attrs := make(map[string]string) @@ -13,4 +16,5 @@ func initAzureNetworkSecurityGroupMetadata(resourceSchemaRepository resource.Sch } return attrs }) + resourceSchemaRepository.SetFlags(AzureNetworkSecurityGroupResourceType, resource.FlagDeepMode) } diff --git a/pkg/resource/azurerm/azurerm_network_security_group_test.go b/pkg/resource/azurerm/azurerm_network_security_group_test.go index 812244d5..82eb2c51 100644 --- a/pkg/resource/azurerm/azurerm_network_security_group_test.go +++ b/pkg/resource/azurerm/azurerm_network_security_group_test.go @@ -15,6 +15,7 @@ func TestAcc_Azure_NetworkSecurityGroup(t *testing.T) { "scan", "--to", "azure+tf", "--filter", "contains(Id, 'acceptanceTestSecurityGroup-')", + "--deep", }, Checks: []acceptance.AccCheck{ { diff --git a/pkg/resource/resource_types.go b/pkg/resource/resource_types.go index ac8f8c11..dec066c6 100644 --- a/pkg/resource/resource_types.go +++ b/pkg/resource/resource_types.go @@ -151,14 +151,14 @@ var supportedTypes = map[string]ResourceTypeMeta{ "azurerm_route_table": {children: []ResourceType{ "azurerm_route", }}, - "azurerm_route": {}, - "azurerm_resource_group": {}, - "azurerm_subnet": {}, - "azurerm_container_registry": {}, - "azurerm_firewall": {}, - "azurerm_postgresql_server": {}, - "azurerm_postgresql_database": {}, - "azurerm_public_ip": {}, + "azurerm_route": {}, + "azurerm_resource_group": {}, + "azurerm_subnet": {}, + "azurerm_container_registry": {}, + "azurerm_firewall": {}, + "azurerm_postgresql_server": {}, + "azurerm_postgresql_database": {}, + "azurerm_public_ip": {}, "azurerm_network_security_group": {}, }