Refacto remaining s3 resources

2021-05-04 09:51:03 +02:00 · 2021-05-04 09:51:03 +02:00 · ba3dda704c
parent 63860365cf
commit ba3dda704c
8 changed files with 60376 additions and 11058 deletions
--- a/pkg/driftctl_test.go
+++ b/pkg/driftctl_test.go
@ -529,42 +529,47 @@ func TestDriftctlRun_Middlewares(t *testing.T) {
 				},
 			},
 			remoteResources: []resource.Resource{
-				&aws.AwsS3BucketPolicy{
-					Id:     "foo",
-					Bucket: awssdk.String("foo"),
-					Policy: awssdk.String("{\"Id\":\"bar\"}"),
-					CtyVal: func() *cty.Value {
-						v := cty.ObjectVal(map[string]cty.Value{
-							"id":     cty.StringVal("foo"),
-							"bucket": cty.StringVal("foo"),
-							"policy": cty.StringVal("{\"Id\":\"bar\"}"),
-						})
-						return &v
-					}(),
+				&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
+					Attrs: &resource.Attributes{
+						"id":     "foo",
+						"bucket": "foo",
+						"policy": "{\"Id\":\"bar\"}",
+					},
 				},
 			},
 			mocks: func(factory resource.ResourceFactory) {
-				foo := cty.ObjectVal(map[string]cty.Value{
-					"id":     cty.StringVal("foo"),
-					"bucket": cty.StringVal("foo"),
-					"policy": cty.StringVal("{\"Id\":\"foo\"}"),
+				factory.(*terraform.MockResourceFactory).On(
+					"CreateAbstractResource",
+					aws.AwsS3BucketPolicyResourceType,
+					"foo",
+					map[string]interface{}{
+						"id":     "foo",
+						"bucket": "foo",
+						"policy": "{\"Id\":\"foo\"}",
+					},
+				).Once().Return(&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
+					Attrs: &resource.Attributes{
+						"id":     "foo",
+						"bucket": "foo",
+						"policy": "{\"Id\":\"foo\"}",
+					},
 				})
-				factory.(*terraform.MockResourceFactory).On("CreateResource", map[string]interface{}{
-					"id":     "foo",
-					"bucket": "foo",
-					"policy": "{\"Id\":\"foo\"}",
-				}, "aws_s3_bucket_policy").Times(1).Return(&foo, nil)
 			},
 			assert: func(result *test.ScanResult, err error) {
 				result.AssertManagedCount(1)
 				result.AssertResourceHasDrift("foo", "aws_s3_bucket_policy", analyser.Change{
 					Change: diff.Change{
 						Type: diff.UPDATE,
-						Path: []string{"Policy"},
+						Path: []string{"policy"},
 						From: "{\"Id\":\"foo\"}",
 						To:   "{\"Id\":\"bar\"}",
 					},
-					Computed: false,
+					Computed:   false,
+					JsonString: true,
 				})
 			},
 			options: func(t *testing.T) *pkg.ScanOptions {
--- a/pkg/iac/terraform/state/test/s3_full/result.golden.json
+++ b/pkg/iac/terraform/state/test/s3_full/result.golden.json
--- a/pkg/iac/terraform/state/test/s3_full/schema.golden.json
+++ b/pkg/iac/terraform/state/test/s3_full/schema.golden.json
--- a/pkg/middlewares/aws_bucket_policy_expander.go
+++ b/pkg/middlewares/aws_bucket_policy_expander.go
@ -49,31 +49,16 @@ func (m *AwsBucketPolicyExpander) handlePolicy(bucket *resource.AbstractResource
 	if !exist || policyAttr == nil || policyAttr == "" {
 		return nil
 	}
-	policy := policyAttr.(string)

-	bucketAttr, _ := bucket.Attrs.Get("bucket")
-	bucketName := bucketAttr.(string)
 	data := map[string]interface{}{
 		"id":     bucket.TerraformId(),
 		"bucket": (*bucket.Attrs)["bucket"],
 		"policy": (*bucket.Attrs)["policy"],
 	}
-	ctyVal, err := m.resourceFactory.CreateResource(data, "aws_s3_bucket_policy")
-	if err != nil {
-		return err
-	}

-	newPolicy := &aws.AwsS3BucketPolicy{
-		Id:     bucket.TerraformId(),
-		Bucket: &bucketName,
-		Policy: &policy,
-		CtyVal: ctyVal,
-	}
-	normalizedRes, err := newPolicy.NormalizeForState()
-	if err != nil {
-		return err
-	}
-	*results = append(*results, normalizedRes)
+	newPolicy := m.resourceFactory.CreateAbstractResource(aws.AwsS3BucketPolicyResourceType, bucket.TerraformId(), data)
+
+	*results = append(*results, newPolicy)
 	logrus.WithFields(logrus.Fields{
 		"id": newPolicy.TerraformId(),
 	}).Debug("Created new policy from bucket")
--- a/pkg/middlewares/aws_bucket_policy_expander_test.go
+++ b/pkg/middlewares/aws_bucket_policy_expander_test.go
@ -6,8 +6,6 @@ import (

 	awssdk "github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/awsutil"
-	"github.com/stretchr/testify/mock"
-
 	"github.com/cloudskiff/driftctl/pkg/resource"
 	"github.com/cloudskiff/driftctl/pkg/resource/aws"
 	"github.com/cloudskiff/driftctl/pkg/terraform"
@ -19,11 +17,27 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 	tests := []struct {
 		name               string
 		resourcesFromState []resource.Resource
+		mocks              func(*terraform.MockResourceFactory)
 		expected           []resource.Resource
 	}{
 		{
-			"Inline policy, no aws_s3_bucket_policy attached",
-			[]resource.Resource{
+			name: "Inline policy, no aws_s3_bucket_policy attached",
+			mocks: func(factory *terraform.MockResourceFactory) {
+				factory.On(
+					"CreateAbstractResource",
+					aws.AwsS3BucketPolicyResourceType,
+					"foo",
+					map[string]interface{}{
+						"id":     "foo",
+						"bucket": "foo",
+						"policy": "{\"Id\":\"MYINLINEBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}",
+					},
+				).Once().Return(&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
+				})
+			},
+			resourcesFromState: []resource.Resource{
 				&resource.AbstractResource{
 					Id:   "foo",
 					Type: aws.AwsS3BucketResourceType,
@ -33,7 +47,7 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 					},
 				},
 			},
-			[]resource.Resource{
+			expected: []resource.Resource{
 				&resource.AbstractResource{
 					Id:   "foo",
 					Type: aws.AwsS3BucketResourceType,
@ -41,16 +55,30 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 						"bucket": "foo",
 					},
 				},
-				&aws.AwsS3BucketPolicy{
-					Id:     "foo",
-					Bucket: awssdk.String("foo"),
-					Policy: awssdk.String("{\"Id\":\"MYINLINEBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}"),
+				&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
 				},
 			},
 		},
 		{
-			"No inline policy, aws_s3_bucket_policy attached",
-			[]resource.Resource{
+			name: "No inline policy, aws_s3_bucket_policy attached",
+			mocks: func(factory *terraform.MockResourceFactory) {
+				factory.On(
+					"CreateAbstractResource",
+					aws.AwsS3BucketPolicyResourceType,
+					"foo",
+					map[string]interface{}{
+						"id":     "foo",
+						"bucket": "foo",
+						"policy": "{\"Id\":\"MYBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}",
+					},
+				).Once().Return(&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
+				})
+			},
+			resourcesFromState: []resource.Resource{
 				&resource.AbstractResource{
 					Id:   "foo",
 					Type: aws.AwsS3BucketResourceType,
@ -58,13 +86,12 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 						"bucket": "foo",
 					},
 				},
-				&aws.AwsS3BucketPolicy{
-					Id:     "foo",
-					Bucket: awssdk.String("foo"),
-					Policy: awssdk.String("{\"Id\":\"MYBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}"),
+				&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
 				},
 			},
-			[]resource.Resource{
+			expected: []resource.Resource{
 				&resource.AbstractResource{
 					Id:   "foo",
 					Type: aws.AwsS3BucketResourceType,
@ -72,16 +99,15 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 						"bucket": "foo",
 					},
 				},
-				&aws.AwsS3BucketPolicy{
-					Id:     "foo",
-					Bucket: awssdk.String("foo"),
-					Policy: awssdk.String("{\"Id\":\"MYBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}"),
+				&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
 				},
 			},
 		},
 		{
-			"Inline policy and aws_s3_bucket_policy",
-			[]resource.Resource{
+			name: "Inline policy and aws_s3_bucket_policy",
+			resourcesFromState: []resource.Resource{
 				&resource.AbstractResource{
 					Id:   "foo",
 					Type: aws.AwsS3BucketResourceType,
@ -90,13 +116,16 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 						"policy": awssdk.String("{\"Id\":\"MYINLINEBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}"),
 					},
 				},
-				&aws.AwsS3BucketPolicy{
-					Id:     "foo",
-					Bucket: awssdk.String("foo"),
-					Policy: awssdk.String("{\"Id\":\"MYBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}"),
+				&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
+					Attrs: &resource.Attributes{
+						"bucket": "foo",
+						"policy": "{\"Id\":\"MYBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}",
+					},
 				},
 			},
-			[]resource.Resource{
+			expected: []resource.Resource{
 				&resource.AbstractResource{
 					Id:   "foo",
 					Type: aws.AwsS3BucketResourceType,
@ -104,16 +133,19 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 						"bucket": "foo",
 					},
 				},
-				&aws.AwsS3BucketPolicy{
-					Id:     "foo",
-					Bucket: awssdk.String("foo"),
-					Policy: awssdk.String("{\"Id\":\"MYBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}"),
+				&resource.AbstractResource{
+					Id:   "foo",
+					Type: aws.AwsS3BucketPolicyResourceType,
+					Attrs: &resource.Attributes{
+						"bucket": "foo",
+						"policy": "{\"Id\":\"MYBUCKETPOLICY\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"IpAddress\":{\"aws:SourceIp\":\"8.8.8.8/32\"}},\"Effect\":\"Deny\",\"Principal\":\"*\",\"Resource\":\"arn:aws:s3:::bucket-test-policy-like-sqs/*\",\"Sid\":\"IPAllow\"}],\"Version\":\"2012-10-17\"}",
+					},
 				},
 			},
 		},
 		{
-			"empty policy ",
-			[]resource.Resource{
+			name: "empty policy ",
+			resourcesFromState: []resource.Resource{
 				&resource.AbstractResource{
 					Id:   "foo",
 					Type: aws.AwsS3BucketResourceType,
@ -123,7 +155,7 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 					},
 				},
 			},
-			[]resource.Resource{
+			expected: []resource.Resource{
 				&resource.AbstractResource{
 					Id:   "foo",
 					Type: aws.AwsS3BucketResourceType,
@ -139,7 +171,9 @@ func TestAwsBucketPolicyExpander_Execute(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {

 			factory := &terraform.MockResourceFactory{}
-			factory.On("CreateResource", mock.Anything, "aws_s3_bucket_policy").Once().Return(nil, nil)
+			if tt.mocks != nil {
+				tt.mocks(factory)
+			}

 			m := NewAwsBucketPolicyExpander(factory)
 			err := m.Execute(&[]resource.Resource{}, &tt.resourcesFromState)
--- a/pkg/resource/aws/aws_s3_bucket_policy.go
+++ b/pkg/resource/aws/aws_s3_bucket_policy.go
@ -1,7 +1,11 @@
 // GENERATED, DO NOT EDIT THIS FILE
 package aws

-import "github.com/zclconf/go-cty/cty"
+import (
+	"github.com/cloudskiff/driftctl/pkg/helpers"
+	"github.com/cloudskiff/driftctl/pkg/resource"
+	"github.com/zclconf/go-cty/cty"
+)

 const AwsS3BucketPolicyResourceType = "aws_s3_bucket_policy"

@ -23,3 +27,18 @@ func (r *AwsS3BucketPolicy) TerraformType() string {
 func (r *AwsS3BucketPolicy) CtyValue() *cty.Value {
 	return r.CtyVal
 }
+
+func initAwsS3BucketPolicyMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) {
+	resourceSchemaRepository.UpdateSchema(AwsS3BucketPolicyResourceType, map[string]func(attributeSchema *resource.AttributeSchema){
+		"policy": func(attributeSchema *resource.AttributeSchema) {
+			attributeSchema.JsonString = true
+		},
+	})
+	resourceSchemaRepository.SetNormalizeFunc(AwsS3BucketPolicyResourceType, func(val *resource.Attributes) {
+		jsonString, err := helpers.NormalizeJsonString((*val)["policy"])
+		if err != nil {
+			return
+		}
+		val.SafeSet([]string{"policy"}, jsonString)
+	})
+}
--- a/pkg/resource/aws/metadatas.go
+++ b/pkg/resource/aws/metadatas.go
@ -14,4 +14,5 @@ func InitResourcesMetadata(resourceSchemaRepository resource.SchemaRepositoryInt
 	initAwsInstanceMetaData(resourceSchemaRepository)
 	initAwsEbsVolumeMetaData(resourceSchemaRepository)
 	initAwsS3BucketMetaData(resourceSchemaRepository)
+	initAwsS3BucketPolicyMetaData(resourceSchemaRepository)
 }
--- a/pkg/resource/resource.go
+++ b/pkg/resource/resource.go
@ -32,6 +32,11 @@ var refactoredResources = []string{
 	"aws_instance",
 	"aws_ebs_volume",
 	"aws_s3_bucket",
+	"aws_s3_bucket_policy",
+	"aws_s3_bucket_notification",
+	"aws_s3_bucket_metric",
+	"aws_s3_bucket_inventory",
+	"aws_s3_bucket_analytics_configuration",
 }

 func IsRefactoredResource(typ string) bool {