refactor: do not alter resources from state in middlewares

main
sundowndev 2021-03-30 20:07:08 +02:00
parent cfdb6801a9
commit f01227d35a
5 changed files with 61 additions and 21 deletions

View File

@ -19,9 +19,12 @@ func NewAwsIamPolicyAttachmentDefaults() AwsIamPolicyAttachmentDefaults {
}
func (m AwsIamPolicyAttachmentDefaults) Execute(remoteResources, resourcesFromState *[]resource.Resource) error {
newRemoteResources := make([]resource.Resource, 0)
for _, remoteResource := range *remoteResources {
// Ignore all resources other than iam policy attachment
if remoteResource.TerraformType() != aws.AwsIamPolicyAttachmentResourceType {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
@ -34,20 +37,29 @@ func (m AwsIamPolicyAttachmentDefaults) Execute(remoteResources, resourcesFromSt
}
if existInState {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
isIgnored := false
for _, id := range ignoredIamPolicyAttachmentIds {
if remoteResource.TerraformId() == id {
*resourcesFromState = append(*resourcesFromState, remoteResource)
isIgnored = true
}
}
if !isIgnored {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
logrus.WithFields(logrus.Fields{
"id": remoteResource.TerraformId(),
"type": remoteResource.TerraformType(),
}).Debug("Ignoring default iam policy attachment as it is not managed by IaC")
}
}
}
*remoteResources = newRemoteResources
return nil
}

View File

@ -21,9 +21,12 @@ func NewAwsIamRoleDefaults() AwsIamRoleDefaults {
}
func (m AwsIamRoleDefaults) Execute(remoteResources, resourcesFromState *[]resource.Resource) error {
newRemoteResources := make([]resource.Resource, 0)
for _, remoteResource := range *remoteResources {
// Ignore all resources other than iam role
if remoteResource.TerraformType() != aws.AwsIamRoleResourceType {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
@ -36,20 +39,29 @@ func (m AwsIamRoleDefaults) Execute(remoteResources, resourcesFromState *[]resou
}
if existInState {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
isIgnored := false
for _, id := range ignoredIamRoleIds {
if remoteResource.TerraformId() == id {
*resourcesFromState = append(*resourcesFromState, remoteResource)
isIgnored = true
}
}
if !isIgnored {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
logrus.WithFields(logrus.Fields{
"id": remoteResource.TerraformId(),
"type": remoteResource.TerraformType(),
}).Debug("Ignoring default iam role as it is not managed by IaC")
}
}
}).Debug("Ignoring default iam policy attachment as it is not managed by IaC")
}
*remoteResources = newRemoteResources
return nil
}

View File

@ -20,9 +20,12 @@ func NewAwsIamRolePolicyDefaults() AwsIamRolePolicyDefaults {
}
func (m AwsIamRolePolicyDefaults) Execute(remoteResources, resourcesFromState *[]resource.Resource) error {
newRemoteResources := make([]resource.Resource, 0)
for _, remoteResource := range *remoteResources {
// Ignore all resources other than role policy
if remoteResource.TerraformType() != aws.AwsIamRolePolicyResourceType {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
@ -35,20 +38,29 @@ func (m AwsIamRolePolicyDefaults) Execute(remoteResources, resourcesFromState *[
}
if existInState {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
isIgnored := false
for _, id := range ignoredIamRolePolicyIds {
if remoteResource.TerraformId() == id {
*resourcesFromState = append(*resourcesFromState, remoteResource)
isIgnored = true
}
}
if !isIgnored {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
logrus.WithFields(logrus.Fields{
"id": remoteResource.TerraformId(),
"type": remoteResource.TerraformType(),
}).Debug("Ignoring default iam role policy as it is not managed by IaC")
}
}
}
*remoteResources = newRemoteResources
return nil
}

View File

@ -16,9 +16,12 @@ func NewAwsSecurityGroupDefaults() AwsSecurityGroupDefaults {
}
func (m AwsSecurityGroupDefaults) Execute(remoteResources, resourcesFromState *[]resource.Resource) error {
newRemoteResources := make([]resource.Resource, 0)
for _, remoteResource := range *remoteResources {
// Ignore all resources other than iam role
if remoteResource.TerraformType() != aws.AwsSecurityGroupResourceType {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
@ -31,16 +34,17 @@ func (m AwsSecurityGroupDefaults) Execute(remoteResources, resourcesFromState *[
}
if existInState || *remoteResource.(*aws.AwsSecurityGroup).Name != "default" {
newRemoteResources = append(newRemoteResources, remoteResource)
continue
}
*resourcesFromState = append(*resourcesFromState, remoteResource)
logrus.WithFields(logrus.Fields{
"id": remoteResource.TerraformId(),
"type": remoteResource.TerraformType(),
}).Debug("Ignoring default aws security group as it is not managed by IaC")
}
*remoteResources = newRemoteResources
return nil
}

View File

@ -50,7 +50,7 @@ func TestAwsSecurityGroupDefaults_Execute(t *testing.T) {
diff.Changelog{
{
Type: "delete",
Path: []string{"1"},
Path: []string{"0"},
From: &aws.AwsSecurityGroup{
Id: "test",
Name: &dummySecurityGroupName,