From f6cfbd3cb42389419097b2361a0796962319fe42 Mon Sep 17 00:00:00 2001 From: William Beuil Date: Mon, 24 May 2021 17:19:06 +0200 Subject: [PATCH] Change signature of NormalizeFunc + fix security_group --- pkg/driftctl_test.go | 162 +++++------ .../terraform/state/terraform_state_reader.go | 7 +- .../vpc_security_group/result.golden.json | 25 -- .../result.golden.json | 275 +++++++++--------- .../vpc_security_group_default_test.go | 20 +- pkg/middlewares/vpc_security_group_rules.go | 63 ++-- .../vpc_security_group_rules_test.go | 38 +-- pkg/resource/aws/aws_ami.go | 3 +- .../aws/aws_cloudfront_distribution.go | 3 +- pkg/resource/aws/aws_db_instance.go | 3 +- pkg/resource/aws/aws_db_subnet_group.go | 3 +- .../aws/aws_default_security_group.go | 3 +- pkg/resource/aws/aws_default_subnet.go | 3 +- pkg/resource/aws/aws_dynamodb_table.go | 3 +- pkg/resource/aws/aws_ebs_snapshot.go | 3 +- pkg/resource/aws/aws_ebs_volume.go | 3 +- pkg/resource/aws/aws_ecr_repository.go | 3 +- pkg/resource/aws/aws_eip.go | 3 +- pkg/resource/aws/aws_iam_access_key.go | 3 +- pkg/resource/aws/aws_iam_policy.go | 3 +- pkg/resource/aws/aws_iam_policy_attachment.go | 3 +- pkg/resource/aws/aws_iam_role.go | 3 +- pkg/resource/aws/aws_iam_user.go | 3 +- pkg/resource/aws/aws_instance.go | 3 +- pkg/resource/aws/aws_key_pair.go | 3 +- pkg/resource/aws/aws_kms_alias.go | 3 +- pkg/resource/aws/aws_kms_key.go | 3 +- .../aws/aws_lambda_event_source_mapping.go | 3 +- pkg/resource/aws/aws_lambda_function.go | 3 +- pkg/resource/aws/aws_route.go | 3 +- pkg/resource/aws/aws_route53_record.go | 3 +- pkg/resource/aws/aws_route53_zone.go | 3 +- pkg/resource/aws/aws_s3_bucket.go | 3 +- pkg/resource/aws/aws_s3_bucket_policy.go | 3 +- pkg/resource/aws/aws_security_group.go | 3 +- pkg/resource/aws/aws_security_group_rule.go | 29 +- pkg/resource/aws/aws_sns_topic.go | 3 +- pkg/resource/aws/aws_sns_topic_policy.go | 3 +- .../aws/aws_sns_topic_subscription.go | 3 +- pkg/resource/aws/aws_sqs_queue_policy.go | 3 +- pkg/resource/aws/aws_subnet.go | 3 +- .../github/github_branch_protection.go | 3 +- pkg/resource/github/github_membership.go | 3 +- pkg/resource/github/github_repository.go | 3 +- pkg/resource/github/github_team.go | 3 +- pkg/resource/github/github_team_membership.go | 3 +- pkg/resource/resource.go | 21 +- pkg/resource/schemas.go | 6 +- pkg/scanner.go | 7 +- pkg/terraform/resource_factory.go | 14 +- 50 files changed, 403 insertions(+), 378 deletions(-) diff --git a/pkg/driftctl_test.go b/pkg/driftctl_test.go index 7b4fa896..0f1a76f7 100644 --- a/pkg/driftctl_test.go +++ b/pkg/driftctl_test.go @@ -1049,8 +1049,8 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 65535, + "from_port": float64(0), + "to_port": float64(65535), "self": true, "source_security_group_id": "sg-0254c038e32f25530", }, @@ -1063,10 +1063,10 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "egress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"0.0.0.0/0"}, - "ipv6_cidr_blocks": &[]string{"::/0"}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"0.0.0.0/0"}, + "ipv6_cidr_blocks": []interface{}{"::/0"}, }, }, &resource.AbstractResource{ @@ -1077,9 +1077,9 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"1.2.0.0/16", "5.6.7.0/24"}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"1.2.0.0/16", "5.6.7.0/24"}, }, }, &resource.AbstractResource{ @@ -1090,9 +1090,9 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 0, - "prefix_list_ids": &[]string{"pl-abb451c2"}, + "from_port": float64(0), + "to_port": float64(0), + "prefix_list_ids": []interface{}{"pl-abb451c2"}, }, }, &resource.AbstractResource{ @@ -1103,8 +1103,8 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 65535, + "from_port": float64(0), + "to_port": float64(65535), "source_security_group_id": "sg-9e0204ff", }, }, @@ -1118,8 +1118,8 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 65535, + "from_port": float64(0), + "to_port": float64(65535), "self": true, "source_security_group_id": "sg-0254c038e32f25530", }, @@ -1132,11 +1132,11 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "egress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"0.0.0.0/0"}, - "ipv6_cidr_blocks": &[]string{}, - "prefix_list_ids": &[]string{}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"0.0.0.0/0"}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }, }, &resource.AbstractResource{ @@ -1147,11 +1147,11 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "egress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{}, - "ipv6_cidr_blocks": &[]string{"::/0"}, - "prefix_list_ids": &[]string{}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{}, + "ipv6_cidr_blocks": []interface{}{"::/0"}, + "prefix_list_ids": []interface{}{}, }, }, &resource.AbstractResource{ @@ -1162,11 +1162,11 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"5.6.7.0/24"}, - "ipv6_cidr_blocks": &[]string{}, - "prefix_list_ids": &[]string{}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"5.6.7.0/24"}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }, }, &resource.AbstractResource{ @@ -1177,11 +1177,11 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"1.2.0.0/16"}, - "ipv6_cidr_blocks": &[]string{}, - "prefix_list_ids": &[]string{}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"1.2.0.0/16"}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }, }, &resource.AbstractResource{ @@ -1192,9 +1192,9 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 0, - "prefix_list_ids": &[]string{"pl-abb451c2"}, + "from_port": float64(0), + "to_port": float64(0), + "prefix_list_ids": []interface{}{"pl-abb451c2"}, }, }, &resource.AbstractResource{ @@ -1205,8 +1205,8 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 65535, + "from_port": float64(0), + "to_port": float64(65535), "source_security_group_id": "sg-9e0204ff", }, }, @@ -1220,13 +1220,13 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "egress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": []string{ + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{ "0.0.0.0/0", }, - "ipv6_cidr_blocks": []string{}, - "prefix_list_ids": []string{}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }, } factory.(*terraform.MockResourceFactory).On("CreateAbstractResource", "aws_security_group_rule", rule1.Id, @@ -1236,11 +1236,11 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "egress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"0.0.0.0/0"}, - "ipv6_cidr_blocks": &[]string{}, - "prefix_list_ids": &[]string{}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"0.0.0.0/0"}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }) })).Times(1).Return(&rule1, nil) @@ -1252,13 +1252,13 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "egress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": []string{}, - "ipv6_cidr_blocks": []string{ + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{}, + "ipv6_cidr_blocks": []interface{}{ "::/0", }, - "prefix_list_ids": []string{}, + "prefix_list_ids": []interface{}{}, }, } factory.(*terraform.MockResourceFactory).On("CreateAbstractResource", "aws_security_group_rule", rule2.Id, @@ -1268,11 +1268,11 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "egress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{}, - "ipv6_cidr_blocks": &[]string{"::/0"}, - "prefix_list_ids": &[]string{}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{}, + "ipv6_cidr_blocks": []interface{}{"::/0"}, + "prefix_list_ids": []interface{}{}, }) })).Times(1).Return(&rule2, nil) @@ -1284,13 +1284,13 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": []string{ + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{ "5.6.7.0/24", }, - "ipv6_cidr_blocks": []string{}, - "prefix_list_ids": []string{}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }, } factory.(*terraform.MockResourceFactory).On("CreateAbstractResource", "aws_security_group_rule", rule3.Id, @@ -1300,11 +1300,11 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"5.6.7.0/24"}, - "ipv6_cidr_blocks": &[]string{}, - "prefix_list_ids": &[]string{}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"5.6.7.0/24"}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }) })).Times(1).Return(&rule3, nil) @@ -1316,13 +1316,13 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": []string{ + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{ "1.2.0.0/16", }, - "ipv6_cidr_blocks": []string{}, - "prefix_list_ids": []string{}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }, } factory.(*terraform.MockResourceFactory).On("CreateAbstractResource", "aws_security_group_rule", rule4.Id, @@ -1332,11 +1332,11 @@ func TestDriftctlRun_Middlewares(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"1.2.0.0/16"}, - "ipv6_cidr_blocks": &[]string{}, - "prefix_list_ids": &[]string{}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"1.2.0.0/16"}, + "ipv6_cidr_blocks": []interface{}{}, + "prefix_list_ids": []interface{}{}, }) })).Times(1).Return(&rule4, nil) }, diff --git a/pkg/iac/terraform/state/terraform_state_reader.go b/pkg/iac/terraform/state/terraform_state_reader.go index 6856d30c..d52a02c3 100644 --- a/pkg/iac/terraform/state/terraform_state_reader.go +++ b/pkg/iac/terraform/state/terraform_state_reader.go @@ -182,15 +182,14 @@ func (r *TerraformStateReader) decode(values map[string][]cty.Value) ([]resource schema, exist := r.resourceSchemaRepository.GetSchema(res.TerraformType()) ctyAttr := resource.ToResourceAttributes(res.CtyValue()) ctyAttr.SanitizeDefaults() - if exist && schema.NormalizeFunc != nil { - schema.NormalizeFunc(ctyAttr) - } - newRes := &resource.AbstractResource{ Id: res.TerraformId(), Type: res.TerraformType(), Attrs: ctyAttr, } + if exist && schema.NormalizeFunc != nil { + schema.NormalizeFunc(newRes) + } results = append(results, newRes) continue } diff --git a/pkg/iac/terraform/state/test/vpc_security_group/result.golden.json b/pkg/iac/terraform/state/test/vpc_security_group/result.golden.json index bda863cd..ef62ce4b 100755 --- a/pkg/iac/terraform/state/test/vpc_security_group/result.golden.json +++ b/pkg/iac/terraform/state/test/vpc_security_group/result.golden.json @@ -5,35 +5,10 @@ "Attrs": { "arn": "arn:aws:ec2:eu-west-3:047081014315:security-group/sg-0254c038e32f25530", "description": "Managed by Terraform", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "Bar", - "from_port": 0, - "protocol": "-1", - "self": false, - "to_port": 0 - } - ], "id": "sg-0254c038e32f25530", - "ingress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "Foo", - "from_port": 0, - "protocol": "-1", - "self": false, - "to_port": 0 - } - ], "name": "foo", "name_prefix": "", "owner_id": "047081014315", - "revoke_rules_on_delete": false, "tags": { "Name": "Foo SG" }, diff --git a/pkg/iac/terraform/state/test/vpc_security_group_rule/result.golden.json b/pkg/iac/terraform/state/test/vpc_security_group_rule/result.golden.json index 7103d0bd..2b662421 100755 --- a/pkg/iac/terraform/state/test/vpc_security_group_rule/result.golden.json +++ b/pkg/iac/terraform/state/test/vpc_security_group_rule/result.golden.json @@ -1,143 +1,4 @@ [ - { - "Id": "sgrule-2990167998", - "Type": "aws_security_group_rule", - "Attrs": { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "Bar Full Open", - "from_port": 0, - "id": "sgrule-2990167998", - "ipv6_cidr_blocks": [ - "::/0" - ], - "protocol": "-1", - "security_group_id": "sg-06910b842af0d3a8f", - "self": false, - "to_port": 0, - "type": "egress" - } - }, - { - "Id": "sgrule-752281532", - "Type": "aws_security_group_rule", - "Attrs": { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "Bar Full Open", - "from_port": 0, - "id": "sgrule-752281532", - "protocol": "tcp", - "security_group_id": "sg-0d290f68e48de546b", - "self": false, - "to_port": 0, - "type": "egress" - } - }, - { - "Id": "sgrule-3602495974", - "Type": "aws_security_group_rule", - "Attrs": { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "Foo 1", - "from_port": 0, - "id": "sgrule-3602495974", - "protocol": "-1", - "security_group_id": "sg-0254c038e32f25530", - "self": false, - "to_port": 0, - "type": "ingress" - } - }, - { - "Id": "sgrule-294318973", - "Type": "aws_security_group_rule", - "Attrs": { - "cidr_blocks": [ - "1.2.0.0/16", - "5.6.7.0/24" - ], - "description": "Foo 5", - "from_port": 0, - "id": "sgrule-294318973", - "protocol": "-1", - "security_group_id": "sg-0254c038e32f25530", - "self": false, - "to_port": 0, - "type": "ingress" - } - }, - { - "Id": "sgrule-3970541193", - "Type": "aws_security_group_rule", - "Attrs": { - "description": "Test 1", - "from_port": 0, - "id": "sgrule-3970541193", - "protocol": "tcp", - "security_group_id": "sg-0254c038e32f25530", - "self": true, - "source_security_group_id": "sg-0254c038e32f25530", - "to_port": 65535, - "type": "ingress" - } - }, - { - "Id": "sgrule-1872529830", - "Type": "aws_security_group_rule", - "Attrs": { - "description": "", - "from_port": 0, - "id": "sgrule-1872529830", - "protocol": "icmp", - "security_group_id": "sg-0254c038e32f25530", - "self": true, - "source_security_group_id": "sg-0254c038e32f25530", - "to_port": 0, - "type": "ingress" - } - }, - { - "Id": "sgrule-894498715", - "Type": "aws_security_group_rule", - "Attrs": { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "Stream", - "from_port": 10, - "id": "sgrule-894498715", - "protocol": "5", - "security_group_id": "sg-0cc8b3c3c2851705a", - "self": false, - "to_port": 55, - "type": "egress" - } - }, - { - "Id": "sgrule-845917806", - "Type": "aws_security_group_rule", - "Attrs": { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "Bar Full Open", - "from_port": 0, - "id": "sgrule-845917806", - "ipv6_cidr_blocks": [ - "::/0" - ], - "protocol": "-1", - "security_group_id": "sg-0cc8b3c3c2851705a", - "self": false, - "to_port": 0, - "type": "egress" - } - }, { "Id": "sgrule-2471889226", "Type": "aws_security_group_rule", @@ -191,5 +52,141 @@ "to_port": 0, "type": "egress" } + }, + { + "Id": "sgrule-3970541193", + "Type": "aws_security_group_rule", + "Attrs": { + "description": "Test 1", + "from_port": 0, + "id": "sgrule-3970541193", + "protocol": "tcp", + "security_group_id": "sg-0254c038e32f25530", + "self": true, + "source_security_group_id": "sg-0254c038e32f25530", + "to_port": 65535, + "type": "ingress" + } + }, + { + "Id": "sgrule-1872529830", + "Type": "aws_security_group_rule", + "Attrs": { + "from_port": 0, + "id": "sgrule-1872529830", + "protocol": "icmp", + "security_group_id": "sg-0254c038e32f25530", + "self": true, + "source_security_group_id": "sg-0254c038e32f25530", + "to_port": 0, + "type": "ingress" + } + }, + { + "Id": "sgrule-845917806", + "Type": "aws_security_group_rule", + "Attrs": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Bar Full Open", + "from_port": 0, + "id": "sgrule-845917806", + "ipv6_cidr_blocks": [ + "::/0" + ], + "protocol": "-1", + "security_group_id": "sg-0cc8b3c3c2851705a", + "self": false, + "to_port": 0, + "type": "egress" + } + }, + { + "Id": "sgrule-2990167998", + "Type": "aws_security_group_rule", + "Attrs": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Bar Full Open", + "from_port": 0, + "id": "sgrule-2990167998", + "ipv6_cidr_blocks": [ + "::/0" + ], + "protocol": "-1", + "security_group_id": "sg-06910b842af0d3a8f", + "self": false, + "to_port": 0, + "type": "egress" + } + }, + { + "Id": "sgrule-3602495974", + "Type": "aws_security_group_rule", + "Attrs": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Foo 1", + "from_port": 0, + "id": "sgrule-3602495974", + "protocol": "-1", + "security_group_id": "sg-0254c038e32f25530", + "self": false, + "to_port": 0, + "type": "ingress" + } + }, + { + "Id": "sgrule-850043874", + "Type": "aws_security_group_rule", + "Attrs": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Stream", + "id": "sgrule-850043874", + "protocol": "5", + "security_group_id": "sg-0cc8b3c3c2851705a", + "self": false, + "type": "egress" + } + }, + { + "Id": "sgrule-294318973", + "Type": "aws_security_group_rule", + "Attrs": { + "cidr_blocks": [ + "1.2.0.0/16", + "5.6.7.0/24" + ], + "description": "Foo 5", + "from_port": 0, + "id": "sgrule-294318973", + "protocol": "-1", + "security_group_id": "sg-0254c038e32f25530", + "self": false, + "to_port": 0, + "type": "ingress" + } + }, + { + "Id": "sgrule-752281532", + "Type": "aws_security_group_rule", + "Attrs": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "Bar Full Open", + "from_port": 0, + "id": "sgrule-752281532", + "protocol": "tcp", + "security_group_id": "sg-0d290f68e48de546b", + "self": false, + "to_port": 0, + "type": "egress" + } } ] \ No newline at end of file diff --git a/pkg/middlewares/vpc_security_group_default_test.go b/pkg/middlewares/vpc_security_group_default_test.go index f22f32cb..c33fa516 100644 --- a/pkg/middlewares/vpc_security_group_default_test.go +++ b/pkg/middlewares/vpc_security_group_default_test.go @@ -3,7 +3,6 @@ package middlewares import ( "testing" - awssdk "github.com/aws/aws-sdk-go/aws" "github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource/aws" ) @@ -15,21 +14,21 @@ func TestDefaultVPCSecurityGroupShouldBeIgnored(t *testing.T) { Id: "sg-test", Type: aws.AwsSecurityGroupResourceType, Attrs: &resource.Attributes{ - "name": awssdk.String("test"), + "name": "test", }, }, &resource.AbstractResource{ Id: "sg-foo", Type: aws.AwsSecurityGroupResourceType, Attrs: &resource.Attributes{ - "name": awssdk.String("foo"), + "name": "foo", }, }, &resource.AbstractResource{ Id: "sg-default", Type: aws.AwsDefaultSecurityGroupResourceType, Attrs: &resource.Attributes{ - "name": awssdk.String("default"), + "name": "default", }, }, } @@ -38,7 +37,7 @@ func TestDefaultVPCSecurityGroupShouldBeIgnored(t *testing.T) { Id: "sg-bar", Type: aws.AwsSecurityGroupResourceType, Attrs: &resource.Attributes{ - "name": awssdk.String("bar"), + "name": "bar", }, }, } @@ -58,21 +57,21 @@ func TestDefaultVPCSecurityGroupShouldNotBeIgnoredWhenManaged(t *testing.T) { Id: "sg-test", Type: aws.AwsSecurityGroupResourceType, Attrs: &resource.Attributes{ - "name": awssdk.String("test"), + "name": "test", }, }, &resource.AbstractResource{ Id: "sg-foo", Type: aws.AwsSecurityGroupResourceType, Attrs: &resource.Attributes{ - "name": awssdk.String("foo"), + "name": "foo", }, }, &resource.AbstractResource{ Id: "sg-default", Type: aws.AwsDefaultSecurityGroupResourceType, Attrs: &resource.Attributes{ - "name": awssdk.String("default"), + "name": "default", }, }, } @@ -81,7 +80,7 @@ func TestDefaultVPCSecurityGroupShouldNotBeIgnoredWhenManaged(t *testing.T) { Id: "sg-default", Type: aws.AwsDefaultSecurityGroupResourceType, Attrs: &resource.Attributes{ - "name": awssdk.String("default"), + "name": "default", }, }, } @@ -93,8 +92,7 @@ func TestDefaultVPCSecurityGroupShouldNotBeIgnoredWhenManaged(t *testing.T) { t.Error("Default security group was ignored") } managedDefaultSecurityGroup := remoteResources[2].(*resource.AbstractResource) - name, _ := managedDefaultSecurityGroup.Attrs.Get("name") - if *name.(*string) != "default" { + if *managedDefaultSecurityGroup.Attrs.GetString("name") != "default" { t.Error("Default security group is ignored when it should not be") } } diff --git a/pkg/middlewares/vpc_security_group_rules.go b/pkg/middlewares/vpc_security_group_rules.go index 537009e4..79edc119 100644 --- a/pkg/middlewares/vpc_security_group_rules.go +++ b/pkg/middlewares/vpc_security_group_rules.go @@ -18,7 +18,7 @@ func NewVPCSecurityGroupRuleSanitizer(resourceFactory resource.ResourceFactory) } } -func (m VPCSecurityGroupRuleSanitizer) Execute(_, resourcesFromState *[]resource.Resource) error { +func (m VPCSecurityGroupRuleSanitizer) Execute(remoteResources, resourcesFromState *[]resource.Resource) error { newStateResources := make([]resource.Resource, 0) for _, stateResource := range *resourcesFromState { @@ -31,51 +31,55 @@ func (m VPCSecurityGroupRuleSanitizer) Execute(_, resourcesFromState *[]resource rule, _ := stateResource.(*resource.AbstractResource) if !shouldBeSplit(rule) { + rule.Attrs.SafeDelete([]string{"self"}) newStateResources = append(newStateResources, stateResource) continue } - if rule.Attrs.GetStringSlice("cidr_blocks") != nil && len(rule.Attrs.GetStringSlice("cidr_blocks")) > 0 { - for _, ipRange := range rule.Attrs.GetStringSlice("cidr_blocks") { + if rule.Attrs.GetSlice("cidr_blocks") != nil && len(rule.Attrs.GetSlice("cidr_blocks")) > 0 { + for _, ipRange := range rule.Attrs.GetSlice("cidr_blocks") { attrs := rule.Attrs.Copy() - attrs.Set("cidr_blocks", &[]string{ipRange}) - attrs.Set("ipv6_cidr_blocks", &[]string{}) - attrs.Set("prefix_list_ids", &[]string{}) + _ = attrs.SafeSet([]string{"cidr_blocks"}, []interface{}{ipRange}) + _ = attrs.SafeSet([]string{"ipv6_cidr_blocks"}, []interface{}{}) + _ = attrs.SafeSet([]string{"prefix_list_ids"}, []interface{}{}) res := m.createRule(attrs) logrus.WithFields(logrus.Fields{ "formerRuleId": rule.TerraformId(), "newRuleId": res.TerraformId(), }).Debug("Splitting aws_security_group_rule") + res.Attrs.SafeDelete([]string{"self"}) newStateResources = append(newStateResources, res) } } - if rule.Attrs.GetStringSlice("ipv6_cidr_blocks") != nil && len(rule.Attrs.GetStringSlice("ipv6_cidr_blocks")) > 0 { - for _, ipRange := range rule.Attrs.GetStringSlice("ipv6_cidr_blocks") { + if rule.Attrs.GetSlice("ipv6_cidr_blocks") != nil && len(rule.Attrs.GetSlice("ipv6_cidr_blocks")) > 0 { + for _, ipRange := range rule.Attrs.GetSlice("ipv6_cidr_blocks") { attrs := rule.Attrs.Copy() - attrs.Set("cidr_blocks", &[]string{}) - attrs.Set("ipv6_cidr_blocks", &[]string{ipRange}) - attrs.Set("prefix_list_ids", &[]string{}) + _ = attrs.SafeSet([]string{"cidr_blocks"}, []interface{}{}) + _ = attrs.SafeSet([]string{"ipv6_cidr_blocks"}, []interface{}{ipRange}) + _ = attrs.SafeSet([]string{"prefix_list_ids"}, []interface{}{}) res := m.createRule(attrs) logrus.WithFields(logrus.Fields{ "formerRuleId": rule.TerraformId(), "newRuleId": res.TerraformId(), }).Debug("Splitting aws_security_group_rule") + res.Attrs.SafeDelete([]string{"self"}) newStateResources = append(newStateResources, res) } } - if rule.Attrs.GetStringSlice("prefix_list_ids") != nil && len(rule.Attrs.GetStringSlice("prefix_list_ids")) > 0 { - for _, listId := range rule.Attrs.GetStringSlice("prefix_list_ids") { + if rule.Attrs.GetSlice("prefix_list_ids") != nil && len(rule.Attrs.GetSlice("prefix_list_ids")) > 0 { + for _, listId := range rule.Attrs.GetSlice("prefix_list_ids") { attrs := rule.Attrs.Copy() - attrs.Set("cidr_blocks", &[]string{}) - attrs.Set("ipv6_cidr_blocks", &[]string{}) - attrs.Set("prefix_list_ids", &[]string{listId}) + _ = attrs.SafeSet([]string{"cidr_blocks"}, []interface{}{}) + _ = attrs.SafeSet([]string{"ipv6_cidr_blocks"}, []interface{}{}) + _ = attrs.SafeSet([]string{"prefix_list_ids"}, []interface{}{listId}) res := m.createRule(attrs) logrus.WithFields(logrus.Fields{ "formerRuleId": rule.TerraformId(), "newRuleId": res.TerraformId(), }).Debug("Splitting aws_security_group_rule") + res.Attrs.SafeDelete([]string{"self"}) newStateResources = append(newStateResources, res) } } @@ -83,20 +87,29 @@ func (m VPCSecurityGroupRuleSanitizer) Execute(_, resourcesFromState *[]resource if (rule.Attrs.GetBool("self") != nil && *rule.Attrs.GetBool("self")) || (rule.Attrs.GetString("source_security_group_id") != nil && *rule.Attrs.GetString("source_security_group_id") != "") { attrs := rule.Attrs.Copy() - attrs.Set("cidr_blocks", &[]string{}) - attrs.Set("ipv6_cidr_blocks", &[]string{}) - attrs.Set("prefix_list_ids", &[]string{}) + _ = attrs.SafeSet([]string{"cidr_blocks"}, []interface{}{}) + _ = attrs.SafeSet([]string{"ipv6_cidr_blocks"}, []interface{}{}) + _ = attrs.SafeSet([]string{"prefix_list_ids"}, []interface{}{}) res := m.createRule(attrs) logrus.WithFields(logrus.Fields{ "formerRuleId": rule.TerraformId(), "newRuleId": res.TerraformId(), }).Debug("Splitting aws_security_group_rule") + res.Attrs.SafeDelete([]string{"self"}) newStateResources = append(newStateResources, res) } } *resourcesFromState = newStateResources + for _, res := range *remoteResources { + if res.TerraformType() != resourceaws.AwsSecurityGroupRuleResourceType { + continue + } + rule, _ := res.(*resource.AbstractResource) + rule.Attrs.SafeDelete([]string{"self"}) + } + return nil } @@ -122,16 +135,16 @@ func (m *VPCSecurityGroupRuleSanitizer) createRule(res *resource.Attributes) *re func shouldBeSplit(r *resource.AbstractResource) bool { var i int - if r.Attrs.GetStringSlice("cidr_blocks") != nil && len(r.Attrs.GetStringSlice("cidr_blocks")) > 0 { - i += len(r.Attrs.GetStringSlice("cidr_blocks")) + if r.Attrs.GetSlice("cidr_blocks") != nil && len(r.Attrs.GetSlice("cidr_blocks")) > 0 { + i += len(r.Attrs.GetSlice("cidr_blocks")) } - if r.Attrs.GetStringSlice("ipv6_cidr_blocks") != nil && len(r.Attrs.GetStringSlice("ipv6_cidr_blocks")) > 0 { - i += len(r.Attrs.GetStringSlice("ipv6_cidr_blocks")) + if r.Attrs.GetSlice("ipv6_cidr_blocks") != nil && len(r.Attrs.GetSlice("ipv6_cidr_blocks")) > 0 { + i += len(r.Attrs.GetSlice("ipv6_cidr_blocks")) } - if r.Attrs.GetStringSlice("prefix_list_ids") != nil && len(r.Attrs.GetStringSlice("prefix_list_ids")) > 0 { - i += len(r.Attrs.GetStringSlice("prefix_list_ids")) + if r.Attrs.GetSlice("prefix_list_ids") != nil && len(r.Attrs.GetSlice("prefix_list_ids")) > 0 { + i += len(r.Attrs.GetSlice("prefix_list_ids")) } if r.Attrs.GetBool("self") != nil && *r.Attrs.GetBool("self") || diff --git a/pkg/middlewares/vpc_security_group_rules_test.go b/pkg/middlewares/vpc_security_group_rules_test.go index d81a08d2..b31ca354 100644 --- a/pkg/middlewares/vpc_security_group_rules_test.go +++ b/pkg/middlewares/vpc_security_group_rules_test.go @@ -17,28 +17,28 @@ func TestVPCSecurityGroupRuleSanitizer(t *testing.T) { &resource.AbstractResource{ Id: "sgrule-1175318309", Type: aws.AwsSecurityGroupRuleResourceType, - Attrs: nil, + Attrs: &resource.Attributes{}, }, nil) factory.On("CreateAbstractResource", aws.AwsSecurityGroupRuleResourceType, "sgrule-2582518759", mock.Anything).Times(1).Return( &resource.AbstractResource{ Id: "sgrule-2582518759", Type: aws.AwsSecurityGroupRuleResourceType, - Attrs: nil, + Attrs: &resource.Attributes{}, }, nil) factory.On("CreateAbstractResource", aws.AwsSecurityGroupRuleResourceType, "sgrule-2165103420", mock.Anything).Times(1).Return( &resource.AbstractResource{ Id: "sgrule-2165103420", Type: aws.AwsSecurityGroupRuleResourceType, - Attrs: nil, + Attrs: &resource.Attributes{}, }, nil) factory.On("CreateAbstractResource", aws.AwsSecurityGroupRuleResourceType, "sgrule-350400929", mock.Anything).Times(1).Return( &resource.AbstractResource{ Id: "sgrule-350400929", Type: aws.AwsSecurityGroupRuleResourceType, - Attrs: nil, + Attrs: &resource.Attributes{}, }, nil) middleware := NewVPCSecurityGroupRuleSanitizer(factory) @@ -60,8 +60,8 @@ func TestVPCSecurityGroupRuleSanitizer(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 65535, + "from_port": float64(0), + "to_port": float64(65535), "self": true, "source_security_group_id": "sg-0254c038e32f25530", }, @@ -74,10 +74,10 @@ func TestVPCSecurityGroupRuleSanitizer(t *testing.T) { "type": "egress", "security_group_id": "sg-0cc8b3c3c2851705a", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"0.0.0.0/0"}, - "ipv6_cidr_blocks": &[]string{"::/0"}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"0.0.0.0/0"}, + "ipv6_cidr_blocks": []interface{}{"::/0"}, }, }, &resource.AbstractResource{ @@ -88,9 +88,9 @@ func TestVPCSecurityGroupRuleSanitizer(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "-1", - "from_port": 0, - "to_port": 0, - "cidr_blocks": &[]string{"1.2.0.0/16", "5.6.7.0/24"}, + "from_port": float64(0), + "to_port": float64(0), + "cidr_blocks": []interface{}{"1.2.0.0/16", "5.6.7.0/24"}, }, }, &resource.AbstractResource{ @@ -101,9 +101,9 @@ func TestVPCSecurityGroupRuleSanitizer(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 0, - "prefix_list_id": &[]string{"pl-abb451c2"}, + "from_port": float64(0), + "to_port": float64(0), + "prefix_list_id": []interface{}{"pl-abb451c2"}, }, }, &resource.AbstractResource{ @@ -114,9 +114,9 @@ func TestVPCSecurityGroupRuleSanitizer(t *testing.T) { "type": "ingress", "security_group_id": "sg-0254c038e32f25530", "protocol": "tcp", - "from_port": 0, - "to_port": 65535, - "prefix_list_id": &[]string{"sg-9e0204ff"}, + "from_port": float64(0), + "to_port": float64(65535), + "prefix_list_id": []interface{}{"sg-9e0204ff"}, }, }, } diff --git a/pkg/resource/aws/aws_ami.go b/pkg/resource/aws/aws_ami.go index 329ed3d7..75433e17 100644 --- a/pkg/resource/aws/aws_ami.go +++ b/pkg/resource/aws/aws_ami.go @@ -58,7 +58,8 @@ func (r *AwsAmi) CtyValue() *cty.Value { } func initAwsAmiMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsAmiResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsAmiResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) }) } diff --git a/pkg/resource/aws/aws_cloudfront_distribution.go b/pkg/resource/aws/aws_cloudfront_distribution.go index 5f4f77f3..775142ad 100644 --- a/pkg/resource/aws/aws_cloudfront_distribution.go +++ b/pkg/resource/aws/aws_cloudfront_distribution.go @@ -161,7 +161,8 @@ func (r *AwsCloudfrontDistribution) CtyValue() *cty.Value { } func initAwsCloudfrontDistributionMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsCloudfrontDistributionResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsCloudfrontDistributionResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"etag"}) val.SafeDelete([]string{"last_modified_time"}) val.SafeDelete([]string{"retain_on_delete"}) diff --git a/pkg/resource/aws/aws_db_instance.go b/pkg/resource/aws/aws_db_instance.go index 1bf01c3f..b79e1547 100644 --- a/pkg/resource/aws/aws_db_instance.go +++ b/pkg/resource/aws/aws_db_instance.go @@ -102,7 +102,8 @@ func (r *AwsDbInstance) CtyValue() *cty.Value { } func initAwsDbInstanceMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsDbInstanceResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsDbInstanceResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"delete_automated_backups"}) val.SafeDelete([]string{"final_snapshot_identifier"}) val.SafeDelete([]string{"latest_restorable_time"}) diff --git a/pkg/resource/aws/aws_db_subnet_group.go b/pkg/resource/aws/aws_db_subnet_group.go index d9a38b65..8fc24bbf 100644 --- a/pkg/resource/aws/aws_db_subnet_group.go +++ b/pkg/resource/aws/aws_db_subnet_group.go @@ -32,7 +32,8 @@ func (r *AwsDbSubnetGroup) CtyValue() *cty.Value { } func initAwsDbSubnetGroupMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsDbSubnetGroupResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsDbSubnetGroupResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"name_prefix"}) }) } diff --git a/pkg/resource/aws/aws_default_security_group.go b/pkg/resource/aws/aws_default_security_group.go index 878798ea..c86e3452 100644 --- a/pkg/resource/aws/aws_default_security_group.go +++ b/pkg/resource/aws/aws_default_security_group.go @@ -55,7 +55,8 @@ func (r *AwsDefaultSecurityGroup) CtyValue() *cty.Value { } func initAwsDefaultSecurityGroupMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsDefaultSecurityGroupResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsDefaultSecurityGroupResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"revoke_rules_on_delete"}) val.SafeDelete([]string{"ingress"}) val.SafeDelete([]string{"egress"}) diff --git a/pkg/resource/aws/aws_default_subnet.go b/pkg/resource/aws/aws_default_subnet.go index f288831b..9703f5ce 100644 --- a/pkg/resource/aws/aws_default_subnet.go +++ b/pkg/resource/aws/aws_default_subnet.go @@ -43,7 +43,8 @@ func (r *AwsDefaultSubnet) CtyValue() *cty.Value { } func initAwsDefaultSubnetMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsDefaultSubnetResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsDefaultSubnetResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) }) } diff --git a/pkg/resource/aws/aws_dynamodb_table.go b/pkg/resource/aws/aws_dynamodb_table.go index ffbe96cd..cc8ba7ab 100644 --- a/pkg/resource/aws/aws_dynamodb_table.go +++ b/pkg/resource/aws/aws_dynamodb_table.go @@ -76,7 +76,8 @@ func (r *AwsDynamodbTable) CtyValue() *cty.Value { } func initAwsDynamodbTableMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsDynamodbTableResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsDynamodbTableResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) }) } diff --git a/pkg/resource/aws/aws_ebs_snapshot.go b/pkg/resource/aws/aws_ebs_snapshot.go index fa5f410c..ad80a066 100644 --- a/pkg/resource/aws/aws_ebs_snapshot.go +++ b/pkg/resource/aws/aws_ebs_snapshot.go @@ -40,7 +40,8 @@ func (r *AwsEbsSnapshot) CtyValue() *cty.Value { } func initAwsEbsSnapshotMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsEbsSnapshotResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsEbsSnapshotResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) }) } diff --git a/pkg/resource/aws/aws_ebs_volume.go b/pkg/resource/aws/aws_ebs_volume.go index 18fed00b..b004c9ad 100644 --- a/pkg/resource/aws/aws_ebs_volume.go +++ b/pkg/resource/aws/aws_ebs_volume.go @@ -37,7 +37,8 @@ func (r *AwsEbsVolume) CtyValue() *cty.Value { } func initAwsEbsVolumeMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsEbsVolumeResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsEbsVolumeResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"arn"}) val.SafeDelete([]string{"outpost_arn"}) val.SafeDelete([]string{"snapshot_id"}) diff --git a/pkg/resource/aws/aws_ecr_repository.go b/pkg/resource/aws/aws_ecr_repository.go index cb1b53e9..2c61569e 100644 --- a/pkg/resource/aws/aws_ecr_repository.go +++ b/pkg/resource/aws/aws_ecr_repository.go @@ -42,7 +42,8 @@ func (r *AwsEcrRepository) CtyValue() *cty.Value { } func initAwsEcrRepositoryMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsEcrRepositoryResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsEcrRepositoryResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) }) } diff --git a/pkg/resource/aws/aws_eip.go b/pkg/resource/aws/aws_eip.go index 9f68b020..df2c22ff 100644 --- a/pkg/resource/aws/aws_eip.go +++ b/pkg/resource/aws/aws_eip.go @@ -47,7 +47,8 @@ func (r *AwsEip) CtyValue() *cty.Value { } func initAwsEipMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsEipResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsEipResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) }) } diff --git a/pkg/resource/aws/aws_iam_access_key.go b/pkg/resource/aws/aws_iam_access_key.go index 8dd7df40..b5246c54 100644 --- a/pkg/resource/aws/aws_iam_access_key.go +++ b/pkg/resource/aws/aws_iam_access_key.go @@ -33,7 +33,8 @@ func (r *AwsIamAccessKey) CtyValue() *cty.Value { } func initAwsIAMAccessKeyMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsIamAccessKeyResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsIamAccessKeyResourceType, func(res *resource.AbstractResource) { + val := res.Attrs // As we can't read secrets from aws API once access_key created we need to set // fields retrieved from state to nil to avoid drift // We can't detect drift if we cannot retrieve latest value from aws API for fields like secrets, passwords etc ... diff --git a/pkg/resource/aws/aws_iam_policy.go b/pkg/resource/aws/aws_iam_policy.go index c0985a99..e6d9fbdf 100644 --- a/pkg/resource/aws/aws_iam_policy.go +++ b/pkg/resource/aws/aws_iam_policy.go @@ -38,7 +38,8 @@ func initAwsIAMPolicyMetaData(resourceSchemaRepository resource.SchemaRepository attributeSchema.JsonString = true }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsIamPolicyResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsIamPolicyResourceType, func(res *resource.AbstractResource) { + val := res.Attrs jsonString, err := helpers.NormalizeJsonString((*val)["policy"]) if err == nil { val.SafeSet([]string{"policy"}, jsonString) diff --git a/pkg/resource/aws/aws_iam_policy_attachment.go b/pkg/resource/aws/aws_iam_policy_attachment.go index 47e6d9f5..542dc8c6 100644 --- a/pkg/resource/aws/aws_iam_policy_attachment.go +++ b/pkg/resource/aws/aws_iam_policy_attachment.go @@ -31,7 +31,8 @@ func (r *AwsIamPolicyAttachment) CtyValue() *cty.Value { } func initAwsIAMPolicyAttachmentMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsIamPolicyAttachmentResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsIamPolicyAttachmentResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"name"}) }) } diff --git a/pkg/resource/aws/aws_iam_role.go b/pkg/resource/aws/aws_iam_role.go index 3029f406..01dc8142 100644 --- a/pkg/resource/aws/aws_iam_role.go +++ b/pkg/resource/aws/aws_iam_role.go @@ -43,7 +43,8 @@ func initAwsIAMRoleMetaData(resourceSchemaRepository resource.SchemaRepositoryIn attributeSchema.JsonString = true }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsIamRoleResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsIamRoleResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"force_detach_policies"}) }) } diff --git a/pkg/resource/aws/aws_iam_user.go b/pkg/resource/aws/aws_iam_user.go index 6756ef28..8918988f 100644 --- a/pkg/resource/aws/aws_iam_user.go +++ b/pkg/resource/aws/aws_iam_user.go @@ -33,7 +33,8 @@ func (r *AwsIamUser) CtyValue() *cty.Value { } func initAwsIAMUserMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsIamUserResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsIamUserResourceType, func(res *resource.AbstractResource) { + val := res.Attrs permissionsBoundary, exist := val.Get("permissions_boundary") if exist && permissionsBoundary == "" { val.SafeDelete([]string{"permissions_boundary"}) diff --git a/pkg/resource/aws/aws_instance.go b/pkg/resource/aws/aws_instance.go index 3b2a98ce..c869e95c 100644 --- a/pkg/resource/aws/aws_instance.go +++ b/pkg/resource/aws/aws_instance.go @@ -107,7 +107,8 @@ func (r *AwsInstance) CtyValue() *cty.Value { } func initAwsInstanceMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsInstanceResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsInstanceResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) val.SafeDelete([]string{"instance_initiated_shutdown_behavior"}) }) diff --git a/pkg/resource/aws/aws_key_pair.go b/pkg/resource/aws/aws_key_pair.go index 344dffe8..ed2e3cc0 100644 --- a/pkg/resource/aws/aws_key_pair.go +++ b/pkg/resource/aws/aws_key_pair.go @@ -33,7 +33,8 @@ func (r *AwsKeyPair) CtyValue() *cty.Value { } func initAwsKeyPairMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsKeyPairResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsKeyPairResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"key_name_prefix"}) val.SafeDelete([]string{"public_key"}) }) diff --git a/pkg/resource/aws/aws_kms_alias.go b/pkg/resource/aws/aws_kms_alias.go index 2ef2e77f..ae262668 100644 --- a/pkg/resource/aws/aws_kms_alias.go +++ b/pkg/resource/aws/aws_kms_alias.go @@ -31,7 +31,8 @@ func (r *AwsKmsAlias) CtyValue() *cty.Value { } func initAwsKmsAliasMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsKmsAliasResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsKmsAliasResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"name"}) val.SafeDelete([]string{"name_prefix"}) }) diff --git a/pkg/resource/aws/aws_kms_key.go b/pkg/resource/aws/aws_kms_key.go index 0d3175fd..d042ea61 100644 --- a/pkg/resource/aws/aws_kms_key.go +++ b/pkg/resource/aws/aws_kms_key.go @@ -42,7 +42,8 @@ func initAwsKmsKeyMetaData(resourceSchemaRepository resource.SchemaRepositoryInt attributeSchema.JsonString = true }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsKmsKeyResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsKmsKeyResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"deletion_window_in_days"}) jsonString, err := helpers.NormalizeJsonString((*val)["policy"]) if err != nil { diff --git a/pkg/resource/aws/aws_lambda_event_source_mapping.go b/pkg/resource/aws/aws_lambda_event_source_mapping.go index e0d00871..8337a2bb 100644 --- a/pkg/resource/aws/aws_lambda_event_source_mapping.go +++ b/pkg/resource/aws/aws_lambda_event_source_mapping.go @@ -48,7 +48,8 @@ func (r *AwsLambdaEventSourceMapping) CtyValue() *cty.Value { } func initAwsLambdaEventSourceMappingMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsLambdaEventSourceMappingResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsLambdaEventSourceMappingResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"state_transition_reason"}) val.SafeDelete([]string{"state"}) val.SafeDelete([]string{"starting_position_timestamp"}) diff --git a/pkg/resource/aws/aws_lambda_function.go b/pkg/resource/aws/aws_lambda_function.go index 56b5a8e8..96b98bc9 100644 --- a/pkg/resource/aws/aws_lambda_function.go +++ b/pkg/resource/aws/aws_lambda_function.go @@ -80,7 +80,8 @@ func (r *AwsLambdaFunction) CtyValue() *cty.Value { } func initAwsLambdaFunctionMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsLambdaFunctionResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsLambdaFunctionResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) val.SafeDelete([]string{"publish"}) val.SafeDelete([]string{"last_modified"}) diff --git a/pkg/resource/aws/aws_route.go b/pkg/resource/aws/aws_route.go index f828cf6f..59cb4e99 100644 --- a/pkg/resource/aws/aws_route.go +++ b/pkg/resource/aws/aws_route.go @@ -46,7 +46,8 @@ func (r *AwsRoute) CtyValue() *cty.Value { } func initAwsRouteMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsRouteResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsRouteResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) val.DeleteIfDefault("vpc_endpoint_id") diff --git a/pkg/resource/aws/aws_route53_record.go b/pkg/resource/aws/aws_route53_record.go index 5d0ba38a..6772a60a 100644 --- a/pkg/resource/aws/aws_route53_record.go +++ b/pkg/resource/aws/aws_route53_record.go @@ -55,7 +55,8 @@ func (r *AwsRoute53Record) CtyValue() *cty.Value { } func initAwsRoute53RecordMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsRoute53RecordResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsRoute53RecordResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.DeleteIfDefault("health_check_id") val.DeleteIfDefault("set_identifier") val.DeleteIfDefault("ttl") diff --git a/pkg/resource/aws/aws_route53_zone.go b/pkg/resource/aws/aws_route53_zone.go index 282e6887..7988457a 100644 --- a/pkg/resource/aws/aws_route53_zone.go +++ b/pkg/resource/aws/aws_route53_zone.go @@ -37,7 +37,8 @@ func (r *AwsRoute53Zone) CtyValue() *cty.Value { } func initAwsRoute53ZoneMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsRoute53ZoneResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsRoute53ZoneResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"force_destroy"}) }) } diff --git a/pkg/resource/aws/aws_s3_bucket.go b/pkg/resource/aws/aws_s3_bucket.go index 1d81b115..5c0760f1 100644 --- a/pkg/resource/aws/aws_s3_bucket.go +++ b/pkg/resource/aws/aws_s3_bucket.go @@ -142,7 +142,8 @@ func initAwsS3BucketMetaData(resourceSchemaRepository resource.SchemaRepositoryI attributeSchema.JsonString = true }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsS3BucketResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsS3BucketResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"force_destroy"}) }) } diff --git a/pkg/resource/aws/aws_s3_bucket_policy.go b/pkg/resource/aws/aws_s3_bucket_policy.go index 4624c5d5..b463484e 100644 --- a/pkg/resource/aws/aws_s3_bucket_policy.go +++ b/pkg/resource/aws/aws_s3_bucket_policy.go @@ -34,7 +34,8 @@ func initAwsS3BucketPolicyMetaData(resourceSchemaRepository resource.SchemaRepos attributeSchema.JsonString = true }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsS3BucketPolicyResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsS3BucketPolicyResourceType, func(res *resource.AbstractResource) { + val := res.Attrs jsonString, err := helpers.NormalizeJsonString((*val)["policy"]) if err != nil { return diff --git a/pkg/resource/aws/aws_security_group.go b/pkg/resource/aws/aws_security_group.go index 20f2922e..aa0a7dcc 100644 --- a/pkg/resource/aws/aws_security_group.go +++ b/pkg/resource/aws/aws_security_group.go @@ -61,7 +61,8 @@ func (r *AwsSecurityGroup) CtyValue() *cty.Value { } func initAwsSecurityGroupMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsSecurityGroupResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsSecurityGroupResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"revoke_rules_on_delete"}) val.SafeDelete([]string{"timeouts"}) diff --git a/pkg/resource/aws/aws_security_group_rule.go b/pkg/resource/aws/aws_security_group_rule.go index 7231b942..24a6d288 100644 --- a/pkg/resource/aws/aws_security_group_rule.go +++ b/pkg/resource/aws/aws_security_group_rule.go @@ -53,20 +53,20 @@ func CreateSecurityGroupRuleIdHash(attrs *resource.Attributes) string { buf.WriteString(fmt.Sprintf("%s-", *attrs.GetString("protocol"))) buf.WriteString(fmt.Sprintf("%s-", *attrs.GetString("type"))) - if attrs.GetStringSlice("cidr_blocks") != nil { - for _, v := range attrs.GetStringSlice("cidr_blocks") { + if attrs.GetSlice("cidr_blocks") != nil { + for _, v := range attrs.GetSlice("cidr_blocks") { buf.WriteString(fmt.Sprintf("%s-", v)) } } - if attrs.GetStringSlice("ipv6_cidr_blocks") != nil { - for _, v := range attrs.GetStringSlice("ipv6_cidr_blocks") { + if attrs.GetSlice("ipv6_cidr_blocks") != nil { + for _, v := range attrs.GetSlice("ipv6_cidr_blocks") { buf.WriteString(fmt.Sprintf("%s-", v)) } } - if attrs.GetStringSlice("prefix_list_ids") != nil { - for _, v := range attrs.GetStringSlice("prefix_list_ids") { + if attrs.GetSlice("prefix_list_ids") != nil { + for _, v := range attrs.GetSlice("prefix_list_ids") { buf.WriteString(fmt.Sprintf("%s-", v)) } } @@ -85,17 +85,14 @@ func CreateSecurityGroupRuleIdHash(attrs *resource.Attributes) string { } func initAwsSecurityGroupRuleMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsDefaultSecurityGroupResourceType, func(val *resource.Attributes) { - val.SafeDelete([]string{"self"}) - if sgid := val.GetString("security_group_id"); sgid != nil && *sgid == "" { - val.SafeDelete([]string{"security_group_id"}) - } + resourceSchemaRepository.SetNormalizeFunc(AwsSecurityGroupRuleResourceType, func(res *resource.AbstractResource) { + val := res.Attrs + val.DeleteIfDefault("security_group_id") + val.DeleteIfDefault("source_security_group_id") // On first run, this field is set to null in state file and to "" after one refresh or apply // This ensure that if we find a nil value we dont drift - if desc := val.GetString("description"); desc != nil && *desc == "" { - val.SafeDelete([]string{"description"}) - } + val.DeleteIfDefault("description") // If protocol is all (e.g. -1), tcp, udp, icmp or icmpv6 then we leave the resource untouched // Else we delete the FromPort/ToPort and recreate the rule's id @@ -106,6 +103,8 @@ func initAwsSecurityGroupRuleMetaData(resourceSchemaRepository resource.SchemaRe val.SafeDelete([]string{"from_port"}) val.SafeDelete([]string{"to_port"}) - val.Set("id", CreateSecurityGroupRuleIdHash(val)) + id := CreateSecurityGroupRuleIdHash(val) + val.SafeSet([]string{"id"}, id) + res.Id = id }) } diff --git a/pkg/resource/aws/aws_sns_topic.go b/pkg/resource/aws/aws_sns_topic.go index 6251d6b3..021a9c24 100644 --- a/pkg/resource/aws/aws_sns_topic.go +++ b/pkg/resource/aws/aws_sns_topic.go @@ -55,7 +55,8 @@ func initSnsTopicMetaData(resourceSchemaRepository resource.SchemaRepositoryInte attributeSchema.JsonString = true }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsSnsTopicResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsSnsTopicResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.DeleteIfDefault("sqs_success_feedback_sample_rate") val.DeleteIfDefault("lambda_success_feedback_sample_rate") val.DeleteIfDefault("http_success_feedback_sample_rate") diff --git a/pkg/resource/aws/aws_sns_topic_policy.go b/pkg/resource/aws/aws_sns_topic_policy.go index 31b96ff2..4fcb3526 100644 --- a/pkg/resource/aws/aws_sns_topic_policy.go +++ b/pkg/resource/aws/aws_sns_topic_policy.go @@ -36,7 +36,8 @@ func initSnsTopicPolicyMetaData(resourceSchemaRepository resource.SchemaReposito }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsSnsTopicPolicyResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsSnsTopicPolicyResourceType, func(res *resource.AbstractResource) { + val := res.Attrs jsonString, err := helpers.NormalizeJsonString((*val)["policy"]) if err != nil { return diff --git a/pkg/resource/aws/aws_sns_topic_subscription.go b/pkg/resource/aws/aws_sns_topic_subscription.go index 7fbd012d..3c4945c3 100644 --- a/pkg/resource/aws/aws_sns_topic_subscription.go +++ b/pkg/resource/aws/aws_sns_topic_subscription.go @@ -46,7 +46,8 @@ func initSnsTopicSubscriptionMetaData(resourceSchemaRepository resource.SchemaRe }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsSnsTopicSubscriptionResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsSnsTopicSubscriptionResourceType, func(res *resource.AbstractResource) { + val := res.Attrs jsonString, err := helpers.NormalizeJsonString((*val)["delivery_policy"]) if err == nil { val.SafeSet([]string{"delivery_policy"}, jsonString) diff --git a/pkg/resource/aws/aws_sqs_queue_policy.go b/pkg/resource/aws/aws_sqs_queue_policy.go index 92d21268..9f011c97 100644 --- a/pkg/resource/aws/aws_sqs_queue_policy.go +++ b/pkg/resource/aws/aws_sqs_queue_policy.go @@ -35,7 +35,8 @@ func initAwsSqsQueuePolicyMetaData(resourceSchemaRepository resource.SchemaRepos attributeSchema.JsonString = true }, }) - resourceSchemaRepository.SetNormalizeFunc(AwsSqsQueuePolicyResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsSqsQueuePolicyResourceType, func(res *resource.AbstractResource) { + val := res.Attrs jsonString, err := helpers.NormalizeJsonString((*val)["policy"]) if err != nil { return diff --git a/pkg/resource/aws/aws_subnet.go b/pkg/resource/aws/aws_subnet.go index 0f03e551..1efd2a5e 100644 --- a/pkg/resource/aws/aws_subnet.go +++ b/pkg/resource/aws/aws_subnet.go @@ -43,7 +43,8 @@ func (r *AwsSubnet) CtyValue() *cty.Value { } func initAwsSubnetMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(AwsSubnetResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(AwsSubnetResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"timeouts"}) }) } diff --git a/pkg/resource/github/github_branch_protection.go b/pkg/resource/github/github_branch_protection.go index e74483b1..faf75963 100644 --- a/pkg/resource/github/github_branch_protection.go +++ b/pkg/resource/github/github_branch_protection.go @@ -43,7 +43,8 @@ func (r *GithubBranchProtection) CtyValue() *cty.Value { } func initGithubBranchProtectionMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(GithubBranchProtectionResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(GithubBranchProtectionResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"repository_id"}) // Terraform provider is always returning nil }) } diff --git a/pkg/resource/github/github_membership.go b/pkg/resource/github/github_membership.go index ea6a4902..164f2d97 100644 --- a/pkg/resource/github/github_membership.go +++ b/pkg/resource/github/github_membership.go @@ -29,7 +29,8 @@ func (r *GithubMembership) CtyValue() *cty.Value { } func initGithubMembershipMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(GithubMembershipResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(GithubMembershipResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"etag"}) }) } diff --git a/pkg/resource/github/github_repository.go b/pkg/resource/github/github_repository.go index b3bd53a2..22fcd1f4 100644 --- a/pkg/resource/github/github_repository.go +++ b/pkg/resource/github/github_repository.go @@ -71,7 +71,8 @@ func (r *GithubRepository) CtyValue() *cty.Value { } func initGithubRepositoryMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(GithubRepositoryResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(GithubRepositoryResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"auto_init"}) val.SafeDelete([]string{"etag"}) }) diff --git a/pkg/resource/github/github_team.go b/pkg/resource/github/github_team.go index 84429bf8..6de75723 100644 --- a/pkg/resource/github/github_team.go +++ b/pkg/resource/github/github_team.go @@ -36,7 +36,8 @@ func (r *GithubTeam) CtyValue() *cty.Value { } func initGithubTeamMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(GithubTeamResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(GithubTeamResourceType, func(res *resource.AbstractResource) { + val := res.Attrs if defaultMaintainer, exist := val.Get("create_default_maintainer"); !exist || defaultMaintainer == nil { (*val)["create_default_maintainer"] = false } diff --git a/pkg/resource/github/github_team_membership.go b/pkg/resource/github/github_team_membership.go index d314eb2a..cd6c3885 100644 --- a/pkg/resource/github/github_team_membership.go +++ b/pkg/resource/github/github_team_membership.go @@ -30,7 +30,8 @@ func (r *GithubTeamMembership) CtyValue() *cty.Value { } func initGithubTeamMembershipMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) { - resourceSchemaRepository.SetNormalizeFunc(GithubTeamMembershipResourceType, func(val *resource.Attributes) { + resourceSchemaRepository.SetNormalizeFunc(GithubTeamMembershipResourceType, func(res *resource.AbstractResource) { + val := res.Attrs val.SafeDelete([]string{"etag"}) }) } diff --git a/pkg/resource/resource.go b/pkg/resource/resource.go index ce24dadd..dd71e37e 100644 --- a/pkg/resource/resource.go +++ b/pkg/resource/resource.go @@ -186,7 +186,7 @@ func (a *Attributes) Copy() *Attributes { res := Attributes{} for key, value := range *a { - res.Set(key, value) + _ = res.SafeSet([]string{key}, value) } return &res @@ -202,7 +202,7 @@ func (a *Attributes) GetSlice(path string) []interface{} { if !exist { return nil } - return *val.(*[]interface{}) + return val.([]interface{}) } func (a *Attributes) GetString(path string) *string { @@ -219,7 +219,7 @@ func (a *Attributes) GetStringSlice(path string) []string { if !exist { return nil } - return *val.(*[]string) + return val.([]string) } func (a *Attributes) GetBool(path string) *bool { @@ -232,18 +232,23 @@ func (a *Attributes) GetBool(path string) *bool { } func (a *Attributes) GetInt(path string) *int { + val := a.GetFloat64(path) + if val == nil { + return nil + } + v := int(*val) + return &v +} + +func (a *Attributes) GetFloat64(path string) *float64 { val, exist := (*a)[path] if !exist { return nil } - v := val.(int) + v := val.(float64) return &v } -func (a *Attributes) Set(path string, value interface{}) { - (*a)[path] = value -} - func (a *Attributes) SafeDelete(path []string) { for i, key := range path { if i == len(path)-1 { diff --git a/pkg/resource/schemas.go b/pkg/resource/schemas.go index 052e4191..a7c7ec36 100644 --- a/pkg/resource/schemas.go +++ b/pkg/resource/schemas.go @@ -15,7 +15,7 @@ type AttributeSchema struct { type Schema struct { Attributes map[string]AttributeSchema - NormalizeFunc func(val *Attributes) + NormalizeFunc func(res *AbstractResource) } func (s *Schema) IsComputedField(path []string) bool { @@ -37,7 +37,7 @@ func (s *Schema) IsJsonStringField(path []string) bool { type SchemaRepositoryInterface interface { GetSchema(resourceType string) (*Schema, bool) UpdateSchema(typ string, schemasMutators map[string]func(attributeSchema *AttributeSchema)) - SetNormalizeFunc(typ string, normalizeFunc func(val *Attributes)) + SetNormalizeFunc(typ string, normalizeFunc func(res *AbstractResource)) } type SchemaRepository struct { @@ -101,7 +101,7 @@ func (r *SchemaRepository) UpdateSchema(typ string, schemasMutators map[string]f } } -func (r *SchemaRepository) SetNormalizeFunc(typ string, normalizeFunc func(val *Attributes)) { +func (r *SchemaRepository) SetNormalizeFunc(typ string, normalizeFunc func(res *AbstractResource)) { metadata, exist := r.GetSchema(typ) if !exist { logrus.WithFields(logrus.Fields{"type": typ}).Warning("Unable to set normalize func, no schema found") diff --git a/pkg/scanner.go b/pkg/scanner.go index 0b199831..2f9ae2db 100644 --- a/pkg/scanner.go +++ b/pkg/scanner.go @@ -63,15 +63,14 @@ loop: schema, exist := s.resourceSchemaRepository.GetSchema(res.TerraformType()) ctyAttr := resource.ToResourceAttributes(res.CtyValue()) ctyAttr.SanitizeDefaults() - if exist && schema.NormalizeFunc != nil { - schema.NormalizeFunc(ctyAttr) - } - newRes := &resource.AbstractResource{ Id: res.TerraformId(), Type: res.TerraformType(), Attrs: ctyAttr, } + if exist && schema.NormalizeFunc != nil { + schema.NormalizeFunc(newRes) + } results = append(results, newRes) continue } diff --git a/pkg/terraform/resource_factory.go b/pkg/terraform/resource_factory.go index 5404c9e7..8712cedd 100644 --- a/pkg/terraform/resource_factory.go +++ b/pkg/terraform/resource_factory.go @@ -54,14 +54,16 @@ func (r *TerraformResourceFactory) CreateAbstractResource(ty, id string, data ma attributes := resource.Attributes(data) attributes.SanitizeDefaults() - schema, exist := r.resourceSchemaRepository.(*resource.SchemaRepository).GetSchema(ty) - if exist && schema.NormalizeFunc != nil { - schema.NormalizeFunc(&attributes) - } - - return &resource.AbstractResource{ + res := resource.AbstractResource{ Id: id, Type: ty, Attrs: &attributes, } + + schema, exist := r.resourceSchemaRepository.(*resource.SchemaRepository).GetSchema(ty) + if exist && schema.NormalizeFunc != nil { + schema.NormalizeFunc(&res) + } + + return &res }