Skip to content

Commit

Permalink
schema update
Browse files Browse the repository at this point in the history
  • Loading branch information
@JamesWoolfenden
JamesWoolfenden committed Feb 4, 2025
1 parent 653377f commit 875587b
Show file tree
Hide file tree
Showing 142 changed files with 6,735 additions and 5,298 deletions.
55 changes: 37 additions & 18 deletions src/aws.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
"aws_api_gateway_documentation_part": awsApigatewayv2Api,
"aws_api_gateway_documentation_version": awsApigatewayv2Api,
"aws_api_gateway_domain_name": awsApigatewayv2Api,
"aws_api_gateway_domain_name_access_association": awsApiGatewayDomainNameAccessAssociation,
"aws_api_gateway_domain_name_access_association": awsAPIGatewayDomainNameAccessAssociation,
"aws_api_gateway_gateway_response": awsApigatewayv2Api,
"aws_api_gateway_integration": awsApigatewayv2Api,
"aws_api_gateway_integration_response": awsApigatewayv2Api,
Expand Down Expand Up @@ -112,15 +112,15 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
"aws_appstream_stack": awsAppstreamStack,
"aws_appstream_user": awsAppstreamUser,
"aws_appstream_user_stack_association": awsAppstreamUserStackAssociation,
"aws_appsync_api_cache": awsAppsyncApiCache,
"aws_appsync_api_key": awsAppsyncApiKey,
"aws_appsync_api_cache": awsAppsyncAPICache,
"aws_appsync_api_key": awsAppsyncAPIKey,
"aws_appsync_datasource": awsAppsyncDatasource,
"aws_appsync_domain_name": awsAppsyncDomainName,
"aws_appsync_domain_name_api_association": awsAppsyncDomainNameAPIAssociation,
"aws_appsync_function": awsAppsyncFunction,
"aws_appsync_graphql_api": awsAppsyncGraphAPI,
"aws_appsync_resolver": awsAppsyncResolver,
"aws_appsync_source_api_association": awsAppsyncSourceApiAssociation,
"aws_appsync_source_api_association": awsAppsyncSourceAPIAssociation,
"aws_appsync_type": awsAppsyncType,
"aws_athena_data_catalog": awsAthenaDataCatalog,
"aws_athena_database": awsAthenaDatabase,
Expand All @@ -134,7 +134,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
"aws_auditmanager_control": awsAuditmanagerControl,
"aws_auditmanager_framework": awsAuditmanagerFramework,
"aws_auditmanager_framework_share": awsAuditmanagerFrameworkShare,
"aws_auditmanager_organization_admin_account_registration": awsAuditmanagerOrganizationAdminAccountRegistration,
"aws_auditmanager_organization_admin_account_registration": awsAuditmanagerOrganizationAdminAccountRegistration, //nolint:lll
"aws_autoscaling_attachment": awsAutoscalingAttachment,
"aws_autoscaling_group": awsAutoscalingGroup,
"aws_autoscaling_group_tag": awsAutoscalingGroupTag,
Expand Down Expand Up @@ -1155,7 +1155,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
"aws_servicecatalogappregistry_attribute_group": awsServicecatalogappregistryAttributeGroup,
"aws_servicecatalogappregistry_attribute_group_association": awsServicecatalogappregistryAttributeGroupAssociation,
"aws_transfer_server": awsTransferServer,
"aws_transfer_ssh_key": awsTransferSshKey,
"aws_transfer_ssh_key": awsTransferSSHKey,
"aws_transfer_user": awsTransferUser,
"aws_vpc_block_public_access_exclusion": awsVpcBlockPublicAccessExclusion,
"aws_vpc_block_public_access_options": awsVpcBlockPublicAccessOptions,
Expand Down Expand Up @@ -1184,7 +1184,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
"aws_ssm_default_patch_baseline": awsSsmDefaultPatchBaseline,
"aws_ssm_service_setting": awsSsmServiceSetting,
"aws_ssmquicksetup_configuration_manager": awsSsmquicksetupConfigurationManager,
"aws_wafregional_web_acl_association": awsWafregionalWebAclAssociation,
"aws_wafregional_web_acl_association": awsWafregionalWebACLAssociation,
"aws_bedrockagent_agent_collaborator": awsBedrockagentAgentCollaborator,
"aws_bedrockagent_agent_knowledge_base_association": awsBedrockagentKnowledgeBaseAssociation,
"aws_cloudformation_stack_instances": awsCloudformationStackInstances,
Expand Down Expand Up @@ -1231,7 +1231,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
"aws_prometheus_workspace": awsPrometheusWorkspace,
"aws_rds_certificate": awsRdsCertificate,
"aws_rds_cluster_snapshot_copy": awsRdsClusterSnapshotCopy,
"aws_rds_custom_db_engine_version": awsRdsCustomDbEngineVersion,
"aws_rds_custom_db_engine_version": awsRdsCustomDBEngineVersion,
"aws_rds_export_task": awsRdsExportTask,
"aws_rds_reserved_instance": awsRdsReservedInstance,
"aws_dataexchange_data_set": awsDataexchangeDataSet,
Expand Down Expand Up @@ -1274,7 +1274,7 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
"aws_lightsail_lb_attachment": awsLightsailLbAttachment,
"aws_lightsail_lb_certificate": awsLightsailLbCertificate,
"aws_lightsail_lb_certificate_attachment": awsLightsailLbCertificateAttachment,
"aws_lightsail_lb_https_redirection_policy": awsLightsailLbHttpsRedirectionPolicy,
"aws_lightsail_lb_https_redirection_policy": awsLightsailLbHTTPSRedirectionPolicy,
"aws_lightsail_lb_stickiness_policy": awsLightsailLbStickinessPolicy,
"aws_dx_bgp_peer": awsDxBgpPeer,
"aws_dx_connection": awsDxConnection,
Expand Down Expand Up @@ -1311,10 +1311,11 @@ var tFLookup = map[string]interface{}{ //nolint:gochecknoglobals
"aws_opsworks_permission": awsOpsworksPermission,
"aws_opsworks_php_app_layer": awsOpsworksPhpAppLayer,
"aws_opsworks_rails_app_layer": awsOpsworksRailsAppLayer,
"aws_opsworks_rds_db_instance": awsOpsworksRdsDbInstance,
"aws_opsworks_rds_db_instance": awsOpsworksRdsDBInstance,
"aws_opsworks_stack": awsOpsworksStack,
"aws_opsworks_static_web_layer": awsOpsworksStaticWebLayer,
"aws_opsworks_user_profile": awsOpsworksUserProfile,
"aws_mskconnect_connector": awsMskconnectConnector,
}

// GetAWSPermissions for AWS resources.
Expand Down Expand Up @@ -1405,13 +1406,9 @@ func GetPermissionMap(raw []byte, attributes []string, resource string) ([]strin
return nil, &invalidJSONError{}
}

//zero length is perfectly valid if no permissions required
//if len(attributes) == 0 {
// return nil, &zeroLengthAttributesError{resource}
//}

var mappings []interface{}
err := json.Unmarshal(raw, &mappings)

if err != nil {
return nil, &unmarshallJSONError{err, resource}
}
Expand Down Expand Up @@ -1439,9 +1436,16 @@ func GetPermissionMap(raw []byte, attributes []string, resource string) ([]strin
for _, attribute := range attributes {
if resourceAttributes[attribute] != nil {
for _, entry := range resourceAttributes[attribute].([]interface{}) {
value, ok := entry.(string)

if !ok {
log.Error().Msg("failed to cast to string")
continue
}

found = append(
found,
entry.(string),
value,
)
}
}
Expand All @@ -1462,9 +1466,17 @@ const (
destroy = "destroy"
)

type parameterNilError struct {
parameter string
}

func (m *parameterNilError) Error() string {
return fmt.Sprintf("%s was nil", m.parameter)
}

func getActionPermissions(permissionMap map[string]interface{}, found []string) ([]string, error) {
if permissionMap == nil {
return nil, fmt.Errorf("permissionMap was nil")
return nil, &parameterNilError{parameter: "permissionMap"}
}

for _, action := range []string{apply, plan, modify, destroy} {
Expand All @@ -1477,7 +1489,14 @@ func getActionPermissions(permissionMap map[string]interface{}, found []string)
}

for _, entry := range temp {
found = append(found, entry.(string))
value, ok := entry.(string)
if !ok {
log.Error().Msg("failed to cast string")

continue
}

found = append(found, value)
}
}
}
Expand Down
8 changes: 4 additions & 4 deletions src/aws_datasource.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -394,7 +394,7 @@ var tFLookupDataAWS = map[string]interface{}{
"aws_organizations_organizational_unit": dataAwsOrganizationsOrganizationalUnit,
"aws_organizations_organizational_unit_child_accounts": dataAwsOrganizationsOrganizationalUnitChildsAccounts,
"aws_organizations_organizational_unit_descendant_accounts": dataAwsOrganizationsOrganizationalUnitDescendantAccounts,
"aws_organizations_organizational_unit_descendant_organizational_units": dataAwsOrganizationsOrganizationalUnitDescendantOrganizationalUnits,
"aws_organizations_organizational_unit_descendant_organizational_units": dataAwsOrganizationsOrganizationalUnitDescendantOrganizationalUnits, //nolint:lll
"aws_organizations_organizational_units": dataAwsOrganizationsOrganizationalUnits,
"aws_organizations_policies": dataAwsOrganizationsPolicies,
"aws_organizations_policies_for_target": dataAwsOrganizationsPoliciesForTarget,
Expand Down Expand Up @@ -449,7 +449,7 @@ var tFLookupDataAWS = map[string]interface{}{
"aws_route53_resolver_firewall_config": dataAwsRoute53ResolverFirewallConfig,
"aws_route53_resolver_firewall_domain_list": dataAwsRoute53ResolverFirewallDomainList,
"aws_route53_resolver_firewall_rule_group": dataAwsRoute53ResolverFirewallRuleGroup,
"aws_route53_resolver_firewall_rule_group_association": dataAwsRoute53ResolverFirewallGroupAssociation,
"aws_route53_resolver_firewall_rule_group_association": dataAwsRoute53ResolverFirewallGroupAssociation, //nolint:lll
"aws_route53_resolver_firewall_rules": dataAwsRoute53ResolverFirewallRules,
"aws_route53_resolver_query_log_config": dataAwsRoute53ResolverQueryLogConfig,
"aws_route53_resolver_rule": dataAwsRoute53ResolverRule,
Expand Down Expand Up @@ -479,7 +479,7 @@ var tFLookupDataAWS = map[string]interface{}{
"aws_secretsmanager_secrets": dataAwsSecretsmanagerSecrets,
"aws_security_group": dataAwsSecurityGroup,
"aws_security_groups": dataAwsSecurityGroup,
"aws_serverlessapplicationrepository_application": dataAwsServerlessapplicationrepositoryApplication,
"aws_serverlessapplicationrepository_application": dataAwsServerlessapplicationrepositoryApplication, //nolint:lll
"aws_service": placeholder,
"aws_service_discovery_dns_namespace": dataAwsServiceDiscoveryDNSNamespace,
"aws_service_discovery_http_namespace": dataAwsServiceDiscoveryHTTPNamespace,
Expand Down Expand Up @@ -530,7 +530,7 @@ var tFLookupDataAWS = map[string]interface{}{
"aws_ssoadmin_instances": dataAwsSsoadminInstances,
"aws_ssoadmin_permission_set": dataAwsSsoadminPermissionSet,
"aws_ssoadmin_permission_sets": dataAwsSsoadminPermissionSets,
"aws_ssoadmin_principal_application_assignments": dataAwsSsoadminPrincipalApplicationAssignments,
"aws_ssoadmin_principal_application_assignments": dataAwsSsoadminPrincipalApplicationAssignments, //nolint:lll
"aws_storagegateway_local_disk": placeholder,
"aws_subnet": dataAwsSubnetIDs,
"aws_subnet_ids": dataAwsSubnetIDs,
Expand Down
28 changes: 19 additions & 9 deletions src/azure_datasource_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,26 @@ func TestGetAZUREDataPermissions(t *testing.T) {
want []string
wantErr bool
}{
{name: "pass", args: args{
result: pike.ResourceV2{
TypeName: "data",
Name: "azurerm_resource_group",
ResourceName: "pike",
Provider: "azurerm",
Attributes: []string{"name", "location", "tags"},
{
name: "pass",
args: args{
result: pike.ResourceV2{
TypeName: "data",
Name: "azurerm_resource_group",
ResourceName: "pike",
Provider: "azurerm",
Attributes: []string{"name", "location", "tags"},
},
},
}, want: []string{"Microsoft.Resources/subscriptions/resourcegroups/read"}},
{name: "empty", wantErr: true},
want: []string{"Microsoft.Resources/subscriptions/resourcegroups/read"},
wantErr: false,
},
{
name: "empty",
args: args{},
want: nil,
wantErr: true,
},
{
name: "guff",
args: args{result: pike.ResourceV2{
Expand Down
3 changes: 3 additions & 0 deletions src/compare.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,7 @@ func (m *compareDifferenceError) Error() string {
func CompareIAMPolicy(policy string, oldPolicy string) (bool, error) {
differ := diff.New()
compare, err := differ.Compare([]byte(policy), []byte(oldPolicy))

if err != nil {
return false, &compareDifferenceError{err}
}
Expand All @@ -113,6 +114,7 @@ func (m *formatterError) Error() string {
func ShowDifferences(policy string, compare diff.Diff) (bool, error) {
var aJSON map[string]interface{}
err := json.Unmarshal([]byte(policy), &aJSON)

if err != nil {
return false, &marshallPolicyError{err}
}
Expand All @@ -124,6 +126,7 @@ func ShowDifferences(policy string, compare diff.Diff) (bool, error) {

myFormatter := formatter.NewAsciiFormatter(aJSON, myConfig)
diffString, err := myFormatter.Format(compare)

if err != nil {
return false, &formatterError{err}
}
Expand Down
4 changes: 2 additions & 2 deletions src/coverage/aws.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# todo aws

Resource percentage coverage 87.75
Resource percentage coverage 82.43
Datasource percentage coverage 100.00

./resource.ps1 aws_cognito_managed_user_pool_client
Expand Down Expand Up @@ -70,7 +70,7 @@ Datasource percentage coverage 100.00
./resource.ps1 aws_main_route_table_association
./resource.ps1 aws_memorydb_multi_region_cluster
./resource.ps1 aws_msk_single_scram_secret_association
./resource.ps1 aws_mskconnect_connector

./resource.ps1 aws_mskconnect_custom_plugin
./resource.ps1 aws_mskconnect_worker_configuration
./resource.ps1 aws_neptune_global_cluster
Expand Down
5 changes: 4 additions & 1 deletion src/coverage/coverage.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,7 @@ func coverageAzure() error {

target = Prepend + target
err := os.WriteFile("azure.md", []byte(target), 0o700)

if err != nil {
return &fileWriteError{err}
}
Expand Down Expand Up @@ -122,8 +123,10 @@ func coverageGcp() error {

target = Prepend + target
err := os.WriteFile("google.md", []byte(target), 0o700)

if err != nil {
return &fileWriteError{}

return &fileWriteError{err}
}

return nil
Expand Down
7 changes: 7 additions & 0 deletions src/data_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ func TestGetResources(t *testing.T) {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

got, err := pike.GetResources(tt.args.file, tt.args.dirName)

if (err != nil) != tt.wantErr {
Expand Down Expand Up @@ -382,11 +383,13 @@ func TestGetPermission(t *testing.T) {
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
got, err := pike.GetPermission(tt.args.result)

if (err != nil) != tt.wantErr {
t.Errorf("GetPermission() error = %v, wantErr %v", err, tt.wantErr)

return
}

if !reflect.DeepEqual(got, tt.want) {
t.Errorf("GetPermission() = %v, want %v", got, tt.want)
}
Expand Down Expand Up @@ -434,12 +437,15 @@ func TestGetResourceBlocks(t *testing.T) {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()

got, err := pike.GetResourceBlocks(tt.args.file)

if (err != nil) != tt.wantErr {
t.Errorf("GetResourceBlocks() error = %v, wantErr %v", err, tt.wantErr)

return
}

if !reflect.DeepEqual(got.SrcRange, tt.want) {
t.Errorf("GetResourceBlocks() = %v, want %v", got.SrcRange, tt.want)
}
Expand Down Expand Up @@ -542,6 +548,7 @@ func TestDetectBackend(t *testing.T) {

if (err != nil) != tt.wantErr {
t.Errorf("DetectBackend() error = %v, wantErr %v", err, tt.wantErr)

return
}

Expand Down
9 changes: 9 additions & 0 deletions src/error_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -382,6 +382,7 @@ func TestEmptyTypeNameError(t *testing.T) {
t.Run("implements error interface", func(t *testing.T) {
t.Parallel()
var err error = &emptyTypeNameError{} // Verify it satisfies error interface

if err == nil {
t.Error("emptyTypeNameError should implement error interface")
}
Expand Down Expand Up @@ -645,6 +646,7 @@ func TestDirectoryErrors(t *testing.T) {
t.Run("empty directory error", func(t *testing.T) {
err := &emptyDirectoryError{}
expected := "directory value cannot be an empty string"

if err.Error() != expected {
t.Errorf("expected %q, got %q", expected, err.Error())
}
Expand All @@ -653,6 +655,7 @@ func TestDirectoryErrors(t *testing.T) {
t.Run("directory not found error", func(t *testing.T) {
err := &directoryNotFoundError{directory: "/tmp/nonexistent"}
expected := "directory does not exist: /tmp/nonexistent"

if err.Error() != expected {
t.Errorf("expected %q, got %q", expected, err.Error())
}
Expand All @@ -663,12 +666,14 @@ func TestARNErrors(t *testing.T) {
t.Run("empty ARN error", func(t *testing.T) {
err := &arnEmptyError{}
expected := "ARN cannot be empty"

if err.Error() != expected {
t.Errorf("expected %q, got %q", expected, err.Error())
}
})

t.Run("invalid ARN error", func(t *testing.T) {
t.Parallel()
err := &invalidARNError{arn: "invalid:arn"}
expected := "invalid ARN: invalid:arn"

Expand All @@ -679,7 +684,9 @@ func TestARNErrors(t *testing.T) {
}

func TestAWSErrors(t *testing.T) {

t.Run("AWS config error", func(t *testing.T) {
t.Parallel()
err := &awsConfigError{err: &emptyNameError{}}
expected := "failed to load AWS config: Name cannot be empty"

Expand All @@ -689,6 +696,7 @@ func TestAWSErrors(t *testing.T) {
})

t.Run("get IAM version error", func(t *testing.T) {
t.Parallel()
err := &getIAMVersionError{err: &emptyNameError{}}
expected := "failed to get IAM version: Name cannot be empty"

Expand Down Expand Up @@ -727,6 +735,7 @@ func TestPolicyErrors(t *testing.T) {
})

t.Run("marshall policy error", func(t *testing.T) {
t.Parallel()
err := &marshallPolicyError{err: &emptyNameError{}}
expected := "failed to marshal policy: Name cannot be empty"

Expand Down
Loading

0 comments on commit 875587b

Please sign in to comment.